Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malwarebytes will not complete heuristic scan


  • Please log in to reply
11 replies to this topic

#1 schmichael

schmichael

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 07 September 2014 - 08:42 PM

Hello,

 

I have been trying to revive the family PC for about a week.  The machine is running Vista Basic.  It was so slow, noone in the house would use it anymore.  I became aware of the severity of the situation when my son couldn't print across the network to the attached printer. 

 

I did my usual protocol of ccleaner, delete unwanted unneeded files and applications, make sure windows updates were working, Security Essentials did a full scan,  and finally tried Malwarebytes.  (I also did a clean re-install multiple times) There were over 1000 detections but the scan would not complete.  I ran adwcleaner which also hung with a memory allocation error.  Running Emsisoft Antimalware found and removed a few more items. After this adwcleaner was able to complete but Malwarebytes still hangs on heuristics.  On one attempt after Malwarebytes detected about 400 items, I cancelled right before it hung.  I was able to clean the items it found or at least nothing is detected now but it still hangs on heuristics.

 

Thanks for any help you can offer.

 

Mike

 

 



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,214 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:14 AM

Posted 08 September 2014 - 07:32 PM

Hello schmichael

Please do these next.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 schmichael

schmichael
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 09 September 2014 - 07:42 PM

- I ran TFC (Temporary File Cleaner)

 

- I ran Minitoolbox here is the log:

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Angela (administrator) on 08-09-2014 at 22:29:17
Running from "C:\Users\Angela\Desktop"
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 14475 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Compact Wireless-G USB Network Adapter with SpeedBooster ver.2 = Wireless Network Connection 2 (Connected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=128 icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Angela-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home.network

Wireless LAN adapter Wireless Network Connection 2:

   Connection-specific DNS Suffix  . : home.network
   Description . . . . . . . . . . . : Compact Wireless-G USB Network Adapter with SpeedBooster ver.2
   Physical Address. . . . . . . . . : 00-25-9C-A1-4A-08
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a04d:d1b9:a306:24c0%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, September 08, 2014 10:22:35 PM
   Lease Expires . . . . . . . . . . : Monday, September 15, 2014 10:22:34 PM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 318776732
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-57-81-9F-00-19-21-FE-5A-DA
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
   Physical Address. . . . . . . . . : 00-19-21-FE-5A-DA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.home.network
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{34668BC0-E2EC-4524-BB51-0622B8A9C7E5}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    google.com.home.network
Address:  127.0.53.53

 

Pinging google.com [74.125.225.32] with 32 bytes of data:

Reply from 74.125.225.32: bytes=32 time=9ms TTL=55

Reply from 74.125.225.32: bytes=32 time=9ms TTL=55

 

Ping statistics for 74.125.225.32:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 9ms, Maximum = 9ms, Average = 9ms

Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    yahoo.com.home.network
Address:  127.0.53.53

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=51ms TTL=51

Reply from 98.139.183.24: bytes=32 time=41ms TTL=51

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 41ms, Maximum = 51ms, Average = 46ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 13 ...00 25 9c a1 4a 08 ...... Compact Wireless-G USB Network Adapter with SpeedBooster ver.2
  8 ...00 19 21 fe 5a da ...... Realtek RTL8139/810x Family Fast Ethernet NIC
  1 ........................... Software Loopback Interface 1
  9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 12 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 15 ...00 00 00 00 00 00 00 e0  isatap.home.network
 14 ...00 00 00 00 00 00 00 e0  isatap.{34668BC0-E2EC-4524-BB51-0622B8A9C7E5}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.11     25
         10.0.0.0    255.255.255.0         On-link         10.0.0.11    281
        10.0.0.11  255.255.255.255         On-link         10.0.0.11    281
       10.0.0.255  255.255.255.255         On-link         10.0.0.11    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.11    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.11    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    281 fe80::/64                On-link
 13    281 fe80::a04d:d1b9:a306:24c0/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/07/2014 02:39:03 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/07/2014 09:30:47 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/06/2014 07:20:28 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/06/2014 04:03:31 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a71cfec1-b4e6-4440-8c81-e10a4218f955}

Error: (09/03/2014 09:15:00 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/03/2014 08:29:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service SecureUpdate since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/03/2014 08:29:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service NMIndexingService since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/03/2014 08:28:45 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service SecureUpdate since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/03/2014 08:28:45 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service NMIndexingService since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/03/2014 08:28:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {eefa7782-c2be-4bb8-bd08-ed988b405de4}

System errors:
=============
Error: (09/08/2014 10:23:10 PM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer HP LaserJet 6P with shared resource name HP LaserJet 6P. Error 2114. The printer cannot be used by others on the network.

Error: (09/08/2014 10:17:04 PM) (Source: Service Control Manager) (User: )
Description: Advanced SystemCare Service 71

Error: (09/08/2014 06:57:32 PM) (Source: Service Control Manager) (User: )
Description: LiveUpdate1

Error: (09/07/2014 02:40:05 PM) (Source: Service Control Manager) (User: )
Description: aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
spldr
Wanarpv6

Error: (09/07/2014 02:40:05 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (09/07/2014 02:39:18 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/07/2014 02:39:06 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/07/2014 02:39:03 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/07/2014 02:38:54 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/07/2014 02:28:25 PM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer HP LaserJet 6P with shared resource name HP LaserJet 6P. Error 2114. The printer cannot be used by others on the network.

Microsoft Office Sessions:
=========================
Error: (03/26/2012 03:53:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 791953 seconds with 120 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2014-09-06 19:31:11.165
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-06 19:31:09.594
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-06 19:31:07.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-06 19:31:04.798
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-06 19:31:03.043
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-06 19:31:01.440
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-06 19:30:59.395
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-06 19:30:57.070
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-06 19:24:55.072
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-06 19:24:52.733
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
=========================== Installed Programs ============================
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Compact Wireless-G USB Network Adapter with SpeedBooster Driver - WUSB54GSC (HKLM\...\{65563451-00B6-458C-9F9A-03A7757355A6}) (Version: 1.0 - Linksys, A Division of Cisco.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Ultimate 2007 (HKLM\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
neroxml (Version: 1.0.0 - Nero AG) Hidden
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR)
NETGEAR WG111v3 wireless USB 2.0 adapter (Version: 1.01.10 - NETGEAR) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_HSF) (Version:  - )
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
TreeSize Free V3.1 (HKLM\...\TreeSize Free_is1) (Version: 3.1 - JAM Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Zune (Version: 04.02.0202.00 - Microsoft Corporation) Hidden
Zune Language Pack (DE) (Version: 04.02.0202.00 - Microsoft Corporation) Hidden
Zune Language Pack (ES) (Version: 04.02.0202.00 - Microsoft Corporation) Hidden
Zune Language Pack (FR) (Version: 04.02.0202.00 - Microsoft Corporation) Hidden
Zune Language Pack (IT) (Version: 04.02.0202.00 - Microsoft Corporation) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 54%
Total physical RAM: 2038.83 MB
Available physical RAM: 919.77 MB
Total Pagefile: 4327.7 MB
Available Pagefile: 3213.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1957.5 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:103.42 GB) (Free:48.87 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:8.37 GB) (Free:3.63 GB) NTFS

========================= Users: ========================================

User accounts for \\ANGELA-PC

Administrator            Angela                   Guest                   
Kids                     Mike                    

**** End of log ****



#4 schmichael

schmichael
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 09 September 2014 - 07:49 PM

I ran tdsskiller:

 

this is the log:

 

22:39:16.0703 0x0c00  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
22:39:28.0250 0x0c00  ============================================================
22:39:28.0250 0x0c00  Current date / time: 2014/09/08 22:39:28.0250
22:39:28.0250 0x0c00  SystemInfo:
22:39:28.0250 0x0c00 
22:39:28.0250 0x0c00  OS Version: 6.0.6002 ServicePack: 2.0
22:39:28.0250 0x0c00  Product type: Workstation
22:39:28.0250 0x0c00  ComputerName: ANGELA-PC
22:39:28.0250 0x0c00  UserName: Angela
22:39:28.0250 0x0c00  Windows directory: C:\Windows
22:39:28.0250 0x0c00  System windows directory: C:\Windows
22:39:28.0250 0x0c00  Processor architecture: Intel x86
22:39:28.0250 0x0c00  Number of processors: 1
22:39:28.0250 0x0c00  Page size: 0x1000
22:39:28.0250 0x0c00  Boot type: Normal boot
22:39:28.0250 0x0c00  ============================================================
22:39:29.0297 0x0c00  KLMD registered as C:\Windows\system32\drivers\53433876.sys
22:39:29.0500 0x0c00  System UUID: {C7635518-E42E-3C1F-A561-FBF45FD144C7}
22:39:30.0359 0x0c00  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:39:30.0391 0x0c00  ============================================================
22:39:30.0391 0x0c00  \Device\Harddisk0\DR0:
22:39:30.0391 0x0c00  MBR partitions:
22:39:30.0391 0x0c00  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x10BAF05
22:39:30.0391 0x0c00  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10BAF44, BlocksNum 0xCED946C
22:39:30.0391 0x0c00  ============================================================
22:39:30.0438 0x0c00  C: <-> \Device\Harddisk0\DR0\Partition2
22:39:30.0453 0x0c00  D: <-> \Device\Harddisk0\DR0\Partition1
22:39:30.0453 0x0c00  ============================================================
22:39:30.0453 0x0c00  Initialize success
22:39:30.0453 0x0c00  ============================================================
22:39:52.0203 0x07fc  ============================================================
22:39:52.0203 0x07fc  Scan started
22:39:52.0203 0x07fc  Mode: Manual;
22:39:52.0203 0x07fc  ============================================================
22:39:52.0203 0x07fc  KSN ping started
22:40:06.0453 0x07fc  KSN ping finished: true
22:40:06.0953 0x07fc  ================ Scan system memory ========================
22:40:06.0953 0x07fc  System memory - ok
22:40:06.0953 0x07fc  ================ Scan services =============================
22:40:07.0141 0x07fc  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
22:40:07.0156 0x07fc  ACPI - ok
22:40:07.0359 0x07fc  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:40:07.0375 0x07fc  AdobeFlashPlayerUpdateSvc - ok
22:40:07.0453 0x07fc  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:40:07.0484 0x07fc  adp94xx - ok
22:40:07.0516 0x07fc  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:40:07.0531 0x07fc  adpahci - ok
22:40:07.0563 0x07fc  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
22:40:07.0563 0x07fc  adpu160m - ok
22:40:07.0594 0x07fc  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:40:07.0594 0x07fc  adpu320 - ok
22:40:07.0734 0x07fc  [ CAC04FF26BD3D6521BE79B5B4EB2E53A, 35E48845D5C2D638130B8BD4E953C709C81B0B3AE1C89372A01484D0CC8094A3 ] AdvancedSystemCareService7 C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
22:40:07.0766 0x07fc  AdvancedSystemCareService7 - ok
22:40:07.0797 0x07fc  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:40:07.0797 0x07fc  AeLookupSvc - ok
22:40:07.0875 0x07fc  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
22:40:07.0891 0x07fc  AFD - ok
22:40:07.0922 0x07fc  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:40:07.0938 0x07fc  agp440 - ok
22:40:07.0969 0x07fc  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
22:40:07.0969 0x07fc  aic78xx - ok
22:40:08.0016 0x07fc  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
22:40:08.0016 0x07fc  ALG - ok
22:40:08.0047 0x07fc  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:40:08.0047 0x07fc  aliide - ok
22:40:08.0078 0x07fc  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:40:08.0078 0x07fc  amdagp - ok
22:40:08.0109 0x07fc  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:40:08.0109 0x07fc  amdide - ok
22:40:08.0125 0x07fc  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
22:40:08.0141 0x07fc  AmdK7 - ok
22:40:08.0156 0x07fc  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:40:08.0156 0x07fc  AmdK8 - ok
22:40:08.0203 0x07fc  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
22:40:08.0203 0x07fc  Appinfo - ok
22:40:08.0250 0x07fc  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
22:40:08.0250 0x07fc  arc - ok
22:40:08.0313 0x07fc  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:40:08.0313 0x07fc  arcsas - ok
22:40:08.0453 0x07fc  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:40:08.0469 0x07fc  aspnet_state - ok
22:40:08.0531 0x07fc  [ 3BFBB5DAE801CB893B8B46345FED6437, 2C2B71C1294585265D4871E74F17541500CA20DE34AC516F2A906DD81964C833 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
22:40:08.0547 0x07fc  aswHwid - ok
22:40:08.0578 0x07fc  [ C3014C735F450FE822C97FFBB0627113, 1CCFE845AED1757B8C1F52D310933076FF1EC197D82E499DB4592B09D66137B0 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
22:40:08.0609 0x07fc  aswMonFlt - ok
22:40:08.0625 0x07fc  [ D6C9024F5D14843D33ADA8A6A10A1BE1, D40022D0A360FD4010D3D5D452BBC4CE9EE68224DEAB9584626E6F435E128857 ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
22:40:08.0641 0x07fc  aswRdr - ok
22:40:08.0672 0x07fc  [ B7750AF7EDFD95674EB7CA92BCDD3358, A097577004F3CF71E2F9465F02B073D39926D7DEE2E2A9516D888158A5CB19E9 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
22:40:08.0672 0x07fc  aswRvrt - ok
22:40:08.0734 0x07fc  [ 51FDE588D860857A97E4C4B560E40C9B, 8A3AC3E55249DAE6CCD95593989F8B100D5C4712A16681A36E5D0F2F08BD57AA ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
22:40:08.0766 0x07fc  aswSnx - ok
22:40:08.0828 0x07fc  [ 1AEB8CDB797666AF709A291B47AE81E0, 12AC4DBC6338BA5E5C04B449FF8362E7EC8EBFCA675C4F21BE847DFDCAE8F7C9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
22:40:08.0844 0x07fc  aswSP - ok
22:40:08.0859 0x07fc  [ 26C51C289E39E8EE0F12B8B06B71E436, 81382FC3E836698432EE832A166F09251CC9164B17584E90F73037A1FA54E4F7 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
22:40:08.0859 0x07fc  aswTdi - ok
22:40:08.0922 0x07fc  [ 90BEE0170D70D6744CEF2355EEAF8086, 8F9FF53F529B854934020E2F8163605DC794FF48464D3D4439BAAF70ECE8E963 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
22:40:08.0922 0x07fc  aswVmm - ok
22:40:08.0953 0x07fc  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:40:08.0969 0x07fc  AsyncMac - ok
22:40:09.0000 0x07fc  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
22:40:09.0000 0x07fc  atapi - ok
22:40:09.0047 0x07fc  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:40:09.0063 0x07fc  AudioEndpointBuilder - ok
22:40:09.0078 0x07fc  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:40:09.0078 0x07fc  Audiosrv - ok
22:40:09.0156 0x07fc  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:40:09.0156 0x07fc  avast! Antivirus - ok
22:40:09.0188 0x07fc  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:40:09.0188 0x07fc  Beep - ok
22:40:09.0234 0x07fc  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
22:40:09.0266 0x07fc  BFE - ok
22:40:09.0328 0x07fc  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
22:40:09.0359 0x07fc  BITS - ok
22:40:09.0375 0x07fc  blbdrive - ok
22:40:09.0406 0x07fc  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:40:09.0406 0x07fc  bowser - ok
22:40:09.0438 0x07fc  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
22:40:09.0438 0x07fc  BrFiltLo - ok
22:40:09.0469 0x07fc  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
22:40:09.0469 0x07fc  BrFiltUp - ok
22:40:09.0516 0x07fc  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
22:40:09.0516 0x07fc  Browser - ok
22:40:09.0547 0x07fc  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
22:40:09.0547 0x07fc  Brserid - ok
22:40:09.0578 0x07fc  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
22:40:09.0594 0x07fc  BrSerWdm - ok
22:40:09.0625 0x07fc  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
22:40:09.0625 0x07fc  BrUsbMdm - ok
22:40:09.0641 0x07fc  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
22:40:09.0641 0x07fc  BrUsbSer - ok
22:40:09.0656 0x07fc  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:40:09.0656 0x07fc  BTHMODEM - ok
22:40:09.0750 0x07fc  catchme - ok
22:40:09.0797 0x07fc  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:40:09.0797 0x07fc  cdfs - ok
22:40:09.0828 0x07fc  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:40:09.0844 0x07fc  cdrom - ok
22:40:09.0875 0x07fc  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
22:40:09.0875 0x07fc  CertPropSvc - ok
22:40:09.0906 0x07fc  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:40:09.0906 0x07fc  circlass - ok
22:40:09.0969 0x07fc  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
22:40:09.0969 0x07fc  CLFS - ok
22:40:10.0047 0x07fc  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:40:10.0063 0x07fc  clr_optimization_v2.0.50727_32 - ok
22:40:10.0109 0x07fc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:40:10.0109 0x07fc  clr_optimization_v4.0.30319_32 - ok
22:40:10.0172 0x07fc  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:40:10.0172 0x07fc  cmdide - ok
22:40:10.0203 0x07fc  [ 82B8C91D327CFECF76CB58716F7D4997, 6F06A4BC44B170BB28BF464E9BB5216D39D11CB8D442570B575A741B032EAEE6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:40:10.0203 0x07fc  Compbatt - ok
22:40:10.0234 0x07fc  COMSysApp - ok
22:40:10.0266 0x07fc  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:40:10.0266 0x07fc  crcdisk - ok
22:40:10.0328 0x07fc  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
22:40:10.0328 0x07fc  Crusoe - ok
22:40:10.0422 0x07fc  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:40:10.0422 0x07fc  CryptSvc - ok
22:40:10.0484 0x07fc  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:40:10.0500 0x07fc  DcomLaunch - ok
22:40:10.0578 0x07fc  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:40:10.0578 0x07fc  DfsC - ok
22:40:10.0766 0x07fc  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
22:40:10.0859 0x07fc  DFSR - ok
22:40:10.0938 0x07fc  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
22:40:10.0953 0x07fc  Dhcp - ok
22:40:10.0969 0x07fc  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
22:40:10.0969 0x07fc  disk - ok
22:40:11.0000 0x07fc  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:40:11.0016 0x07fc  Dnscache - ok
22:40:11.0047 0x07fc  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
22:40:11.0063 0x07fc  dot3svc - ok
22:40:11.0109 0x07fc  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
22:40:11.0125 0x07fc  DPS - ok
22:40:11.0156 0x07fc  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:40:11.0156 0x07fc  drmkaud - ok
22:40:11.0234 0x07fc  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:40:11.0250 0x07fc  DXGKrnl - ok
22:40:11.0297 0x07fc  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
22:40:11.0313 0x07fc  E1G60 - ok
22:40:11.0344 0x07fc  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
22:40:11.0375 0x07fc  EapHost - ok
22:40:11.0406 0x07fc  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
22:40:11.0406 0x07fc  Ecache - ok
22:40:11.0516 0x07fc  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:40:11.0531 0x07fc  elxstor - ok
22:40:11.0656 0x07fc  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
22:40:11.0672 0x07fc  EMDMgmt - ok
22:40:11.0750 0x07fc  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
22:40:11.0766 0x07fc  EventSystem - ok
22:40:11.0828 0x07fc  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:40:11.0859 0x07fc  exfat - ok
22:40:11.0906 0x07fc  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:40:11.0906 0x07fc  fastfat - ok
22:40:11.0953 0x07fc  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:40:11.0953 0x07fc  fdc - ok
22:40:12.0016 0x07fc  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
22:40:12.0031 0x07fc  fdPHost - ok
22:40:12.0094 0x07fc  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:40:12.0094 0x07fc  FDResPub - ok
22:40:12.0141 0x07fc  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:40:12.0141 0x07fc  FileInfo - ok
22:40:12.0188 0x07fc  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:40:12.0188 0x07fc  Filetrace - ok
22:40:12.0234 0x07fc  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:40:12.0250 0x07fc  flpydisk - ok
22:40:12.0281 0x07fc  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:40:12.0297 0x07fc  FltMgr - ok
22:40:12.0422 0x07fc  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
22:40:12.0469 0x07fc  FontCache - ok
22:40:12.0578 0x07fc  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:40:12.0578 0x07fc  FontCache3.0.0.0 - ok
22:40:12.0625 0x07fc  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:40:12.0625 0x07fc  Fs_Rec - ok
22:40:12.0656 0x07fc  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:40:12.0656 0x07fc  gagp30kx - ok
22:40:12.0688 0x07fc  [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:40:12.0688 0x07fc  GEARAspiWDM - ok
22:40:12.0766 0x07fc  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
22:40:12.0781 0x07fc  gpsvc - ok
22:40:12.0844 0x07fc  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:40:12.0844 0x07fc  gupdate - ok
22:40:12.0859 0x07fc  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:40:12.0875 0x07fc  gupdatem - ok
22:40:12.0922 0x07fc  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:40:12.0938 0x07fc  HdAudAddService - ok
22:40:13.0000 0x07fc  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:40:13.0016 0x07fc  HDAudBus - ok
22:40:13.0063 0x07fc  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:40:13.0063 0x07fc  HidBth - ok
22:40:13.0094 0x07fc  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:40:13.0094 0x07fc  HidIr - ok
22:40:13.0141 0x07fc  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
22:40:13.0156 0x07fc  hidserv - ok
22:40:13.0172 0x07fc  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:40:13.0188 0x07fc  HidUsb - ok
22:40:13.0219 0x07fc  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:40:13.0219 0x07fc  hkmsvc - ok
22:40:13.0250 0x07fc  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
22:40:13.0250 0x07fc  HpCISSs - ok
22:40:13.0328 0x07fc  [ 1882827F41DEE51C70E24C567C35BFB5, C3508BDB045F0CB2205733D9F0CF7A2BEE03C4E4A8690B7D305EBEE887E588C6 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:40:13.0359 0x07fc  HSF_DPV - ok
22:40:13.0391 0x07fc  [ 5F60F0AD32D43B9AB9AC9373117D8E54, 33F3E7F65AE133336887C08047C9F64AE515EB5166656FBBBD06DE0A819945FE ] HSXHWBS2        C:\Windows\system32\DRIVERS\HSXHWBS2.sys
22:40:13.0391 0x07fc  HSXHWBS2 - ok
22:40:13.0453 0x07fc  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:40:13.0469 0x07fc  HTTP - ok
22:40:13.0500 0x07fc  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
22:40:13.0500 0x07fc  i2omp - ok
22:40:13.0531 0x07fc  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:40:13.0531 0x07fc  i8042prt - ok
22:40:13.0656 0x07fc  [ 9378D57E2B96C0A185D844770AD49948, AED244DDF125C867091D0A926B275EC1C60C89844C69595B1D1FC586F60F118A ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
22:40:13.0766 0x07fc  ialm - ok
22:40:13.0813 0x07fc  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
22:40:13.0813 0x07fc  iaStorV - ok
22:40:13.0906 0x07fc  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:40:13.0953 0x07fc  idsvc - ok
22:40:14.0109 0x07fc  [ 9378D57E2B96C0A185D844770AD49948, AED244DDF125C867091D0A926B275EC1C60C89844C69595B1D1FC586F60F118A ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
22:40:14.0156 0x07fc  igfx - ok
22:40:14.0297 0x07fc  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:40:14.0297 0x07fc  iirsp - ok
22:40:14.0375 0x07fc  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:40:14.0391 0x07fc  IKEEXT - ok
22:40:14.0438 0x07fc  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
22:40:14.0438 0x07fc  intelide - ok
22:40:14.0469 0x07fc  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:40:14.0469 0x07fc  intelppm - ok
22:40:14.0516 0x07fc  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:40:14.0516 0x07fc  IPBusEnum - ok
22:40:14.0563 0x07fc  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:40:14.0563 0x07fc  IpFilterDriver - ok
22:40:14.0609 0x07fc  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:40:14.0609 0x07fc  iphlpsvc - ok
22:40:14.0625 0x07fc  IpInIp - ok
22:40:14.0656 0x07fc  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
22:40:14.0656 0x07fc  IPMIDRV - ok
22:40:14.0703 0x07fc  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
22:40:14.0703 0x07fc  IPNAT - ok
22:40:14.0750 0x07fc  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:40:14.0750 0x07fc  IRENUM - ok
22:40:14.0781 0x07fc  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:40:14.0781 0x07fc  isapnp - ok
22:40:14.0828 0x07fc  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
22:40:14.0828 0x07fc  iScsiPrt - ok
22:40:14.0859 0x07fc  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
22:40:14.0859 0x07fc  iteatapi - ok
22:40:14.0891 0x07fc  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
22:40:14.0891 0x07fc  iteraid - ok
22:40:14.0922 0x07fc  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:40:14.0922 0x07fc  kbdclass - ok
22:40:14.0953 0x07fc  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:40:14.0953 0x07fc  kbdhid - ok
22:40:15.0000 0x07fc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
22:40:15.0000 0x07fc  KeyIso - ok
22:40:15.0063 0x07fc  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:40:15.0078 0x07fc  KSecDD - ok
22:40:15.0125 0x07fc  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:40:15.0141 0x07fc  KtmRm - ok
22:40:15.0203 0x07fc  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
22:40:15.0203 0x07fc  LanmanServer - ok
22:40:15.0250 0x07fc  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:40:15.0266 0x07fc  LanmanWorkstation - ok
22:40:15.0422 0x07fc  [ D69FDDADA5CF0097966C4F52C2E6FEBA, 35FA7E4658AFCCE293F31E66B695D45D31A0ADF4C837DA1C801F7577B73754AC ] LiveUpdateSvc   C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
22:40:15.0469 0x07fc  LiveUpdateSvc - ok
22:40:15.0531 0x07fc  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:40:15.0531 0x07fc  lltdio - ok
22:40:15.0578 0x07fc  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:40:15.0578 0x07fc  lltdsvc - ok
22:40:15.0625 0x07fc  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:40:15.0625 0x07fc  lmhosts - ok
22:40:15.0672 0x07fc  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:40:15.0672 0x07fc  LSI_FC - ok
22:40:15.0750 0x07fc  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:40:15.0750 0x07fc  LSI_SAS - ok
22:40:15.0828 0x07fc  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:40:15.0828 0x07fc  LSI_SCSI - ok
22:40:15.0859 0x07fc  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:40:15.0859 0x07fc  luafv - ok
22:40:15.0969 0x07fc  [ EA6FC4074EB53342249CCE7DAE9F3A85, A1DE06E53B779D66EC0CA08E390C7D0561AEDDA321EA6C34E8ED8C7DDE372CCD ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
22:40:15.0969 0x07fc  mbamchameleon - ok
22:40:16.0016 0x07fc  [ 6802E1A143C49D7BDAB0BF952E5A231C, C17AC5A2E5D2A82C7579C2AC799EE8CC1ACACE18CA87054EC8F8ACDB208F5A81 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
22:40:16.0031 0x07fc  MBAMSwissArmy - ok
22:40:16.0078 0x07fc  [ 8FD868E32459ECE2A1BB0169F513D31E, F28E47FBEC8EC8424FFFB359668E0FEEA66A69E9D737D75472934FAC39770390 ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
22:40:16.0078 0x07fc  mcdbus - ok
22:40:16.0109 0x07fc  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:40:16.0109 0x07fc  mdmxsdk - ok
22:40:16.0156 0x07fc  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:40:16.0156 0x07fc  megasas - ok
22:40:16.0172 0x07fc  MEMSWEEP2 - ok
22:40:16.0188 0x07fc  mferkdk - ok
22:40:16.0297 0x07fc  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:40:16.0297 0x07fc  Microsoft Office Groove Audit Service - ok
22:40:16.0344 0x07fc  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
22:40:16.0344 0x07fc  MMCSS - ok
22:40:16.0391 0x07fc  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
22:40:16.0391 0x07fc  Modem - ok
22:40:16.0422 0x07fc  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:40:16.0422 0x07fc  monitor - ok
22:40:16.0453 0x07fc  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:40:16.0453 0x07fc  mouclass - ok
22:40:16.0484 0x07fc  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:40:16.0484 0x07fc  mouhid - ok
22:40:16.0516 0x07fc  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
22:40:16.0516 0x07fc  MountMgr - ok
22:40:16.0547 0x07fc  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:40:16.0547 0x07fc  mpio - ok
22:40:16.0594 0x07fc  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:40:16.0594 0x07fc  mpsdrv - ok
22:40:16.0641 0x07fc  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:40:16.0656 0x07fc  MpsSvc - ok
22:40:16.0672 0x07fc  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
22:40:16.0688 0x07fc  Mraid35x - ok
22:40:16.0719 0x07fc  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:40:16.0719 0x07fc  MRxDAV - ok
22:40:16.0766 0x07fc  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:40:16.0766 0x07fc  mrxsmb - ok
22:40:16.0797 0x07fc  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:40:16.0813 0x07fc  mrxsmb10 - ok
22:40:16.0844 0x07fc  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:40:16.0844 0x07fc  mrxsmb20 - ok
22:40:16.0875 0x07fc  [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:40:16.0875 0x07fc  msahci - ok
22:40:16.0906 0x07fc  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:40:16.0906 0x07fc  msdsm - ok
22:40:16.0938 0x07fc  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
22:40:16.0938 0x07fc  MSDTC - ok
22:40:16.0984 0x07fc  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:40:17.0000 0x07fc  Msfs - ok
22:40:17.0031 0x07fc  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:40:17.0031 0x07fc  msisadrv - ok
22:40:17.0078 0x07fc  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:40:17.0078 0x07fc  MSiSCSI - ok
22:40:17.0094 0x07fc  msiserver - ok
22:40:17.0141 0x07fc  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:40:17.0141 0x07fc  MSKSSRV - ok
22:40:17.0188 0x07fc  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:40:17.0188 0x07fc  MSPCLOCK - ok
22:40:17.0219 0x07fc  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:40:17.0219 0x07fc  MSPQM - ok
22:40:17.0266 0x07fc  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:40:17.0266 0x07fc  MsRPC - ok
22:40:17.0313 0x07fc  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:40:17.0313 0x07fc  mssmbios - ok
22:40:17.0328 0x07fc  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:40:17.0328 0x07fc  MSTEE - ok
22:40:17.0359 0x07fc  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:40:17.0375 0x07fc  Mup - ok
22:40:17.0406 0x07fc  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
22:40:17.0422 0x07fc  napagent - ok
22:40:17.0469 0x07fc  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:40:17.0469 0x07fc  NativeWifiP - ok
22:40:17.0516 0x07fc  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:40:17.0531 0x07fc  NDIS - ok
22:40:17.0578 0x07fc  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:40:17.0578 0x07fc  NdisTapi - ok
22:40:17.0625 0x07fc  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:40:17.0625 0x07fc  Ndisuio - ok
22:40:17.0656 0x07fc  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:40:17.0656 0x07fc  NdisWan - ok
22:40:17.0703 0x07fc  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:40:17.0703 0x07fc  NDProxy - ok
22:40:17.0734 0x07fc  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:40:17.0734 0x07fc  NetBIOS - ok
22:40:17.0781 0x07fc  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
22:40:17.0781 0x07fc  netbt - ok
22:40:17.0813 0x07fc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
22:40:17.0828 0x07fc  Netlogon - ok
22:40:17.0875 0x07fc  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
22:40:17.0891 0x07fc  Netman - ok
22:40:17.0938 0x07fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:40:17.0938 0x07fc  NetMsmqActivator - ok
22:40:17.0953 0x07fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:40:17.0969 0x07fc  NetPipeActivator - ok
22:40:18.0016 0x07fc  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
22:40:18.0031 0x07fc  netprofm - ok
22:40:18.0047 0x07fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:40:18.0063 0x07fc  NetTcpActivator - ok
22:40:18.0078 0x07fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:40:18.0078 0x07fc  NetTcpPortSharing - ok
22:40:18.0125 0x07fc  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:40:18.0125 0x07fc  nfrd960 - ok
22:40:18.0156 0x07fc  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:40:18.0156 0x07fc  NlaSvc - ok
22:40:18.0203 0x07fc  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:40:18.0219 0x07fc  Npfs - ok
22:40:18.0250 0x07fc  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
22:40:18.0250 0x07fc  nsi - ok
22:40:18.0281 0x07fc  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:40:18.0281 0x07fc  nsiproxy - ok
22:40:18.0391 0x07fc  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:40:18.0453 0x07fc  Ntfs - ok
22:40:18.0484 0x07fc  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
22:40:18.0500 0x07fc  ntrigdigi - ok
22:40:18.0516 0x07fc  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
22:40:18.0516 0x07fc  Null - ok
22:40:18.0547 0x07fc  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:40:18.0547 0x07fc  nvraid - ok
22:40:18.0578 0x07fc  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:40:18.0578 0x07fc  nvstor - ok
22:40:18.0609 0x07fc  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:40:18.0609 0x07fc  nv_agp - ok
22:40:18.0625 0x07fc  NwlnkFlt - ok
22:40:18.0641 0x07fc  NwlnkFwd - ok
22:40:18.0719 0x07fc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:40:18.0750 0x07fc  odserv - ok
22:40:18.0781 0x07fc  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:40:18.0781 0x07fc  ohci1394 - ok
22:40:18.0813 0x07fc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:40:18.0828 0x07fc  ose - ok
22:40:18.0891 0x07fc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
22:40:18.0922 0x07fc  p2pimsvc - ok
22:40:18.0953 0x07fc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:40:18.0969 0x07fc  p2psvc - ok
22:40:19.0016 0x07fc  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:40:19.0016 0x07fc  Parport - ok
22:40:19.0063 0x07fc  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:40:19.0063 0x07fc  partmgr - ok
22:40:19.0094 0x07fc  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
22:40:19.0094 0x07fc  Parvdm - ok
22:40:19.0125 0x07fc  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:40:19.0141 0x07fc  PcaSvc - ok
22:40:19.0188 0x07fc  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
22:40:19.0188 0x07fc  pci - ok
22:40:19.0234 0x07fc  [ 3B1901E401473E03EB8C874271E50C26, 3C7931F419E29FDD0155D8D05D97289430A2852FCB3DBAD1B338FE2241458E72 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:40:19.0234 0x07fc  pciide - ok
22:40:19.0266 0x07fc  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:40:19.0281 0x07fc  pcmcia - ok
22:40:19.0344 0x07fc  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:40:19.0391 0x07fc  PEAUTH - ok
22:40:19.0516 0x07fc  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
22:40:19.0594 0x07fc  pla - ok
22:40:19.0656 0x07fc  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:40:19.0656 0x07fc  PlugPlay - ok
22:40:19.0719 0x07fc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
22:40:19.0734 0x07fc  PNRPAutoReg - ok
22:40:19.0781 0x07fc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
22:40:19.0797 0x07fc  PNRPsvc - ok
22:40:19.0844 0x07fc  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:40:19.0875 0x07fc  PolicyAgent - ok
22:40:19.0906 0x07fc  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:40:19.0906 0x07fc  PptpMiniport - ok
22:40:19.0938 0x07fc  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
22:40:19.0938 0x07fc  Processor - ok
22:40:19.0969 0x07fc  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
22:40:19.0984 0x07fc  ProfSvc - ok
22:40:20.0000 0x07fc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
22:40:20.0000 0x07fc  ProtectedStorage - ok
22:40:20.0047 0x07fc  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
22:40:20.0047 0x07fc  PSched - ok
22:40:20.0109 0x07fc  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:40:20.0156 0x07fc  ql2300 - ok
22:40:20.0188 0x07fc  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:40:20.0203 0x07fc  ql40xx - ok
22:40:20.0250 0x07fc  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
22:40:20.0266 0x07fc  QWAVE - ok
22:40:20.0359 0x07fc  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:40:20.0359 0x07fc  QWAVEdrv - ok
22:40:20.0422 0x07fc  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:40:20.0422 0x07fc  RasAcd - ok
22:40:20.0469 0x07fc  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
22:40:20.0484 0x07fc  RasAuto - ok
22:40:20.0547 0x07fc  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:40:20.0547 0x07fc  Rasl2tp - ok
22:40:20.0594 0x07fc  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
22:40:20.0609 0x07fc  RasMan - ok
22:40:20.0641 0x07fc  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:40:20.0656 0x07fc  RasPppoe - ok
22:40:20.0672 0x07fc  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:40:20.0672 0x07fc  RasSstp - ok
22:40:20.0703 0x07fc  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:40:20.0719 0x07fc  rdbss - ok
22:40:20.0750 0x07fc  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:40:20.0750 0x07fc  RDPCDD - ok
22:40:20.0813 0x07fc  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
22:40:20.0828 0x07fc  rdpdr - ok
22:40:20.0844 0x07fc  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:40:20.0844 0x07fc  RDPENCDD - ok
22:40:20.0891 0x07fc  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:40:20.0891 0x07fc  RDPWD - ok
22:40:20.0938 0x07fc  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:40:20.0938 0x07fc  RemoteAccess - ok
22:40:20.0984 0x07fc  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:40:20.0984 0x07fc  RemoteRegistry - ok
22:40:21.0016 0x07fc  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
22:40:21.0016 0x07fc  RpcLocator - ok
22:40:21.0125 0x07fc  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
22:40:21.0156 0x07fc  RpcSs - ok
22:40:21.0203 0x07fc  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:40:21.0203 0x07fc  rspndr - ok
22:40:21.0266 0x07fc  [ 5C5612756B380BCEDBF566A780FF9AFE, 3889B162F96B298E5C570EC265B82D60CA4F11E87EF3594893B94578CAF927D9 ] RTL8023xp       C:\Windows\system32\DRIVERS\Rtnicxp.sys
22:40:21.0266 0x07fc  RTL8023xp - ok
22:40:21.0328 0x07fc  [ D5D2E9F785FDA3C1E021FDE9F218C7F5, AAD1A1ACF9812CA6BEA8E945DAC5BFA46588888EBCF2FF79FC26A13420F53635 ] RTL8187B        C:\Windows\system32\DRIVERS\wg111v3.sys
22:40:21.0344 0x07fc  RTL8187B - ok
22:40:21.0391 0x07fc  [ 0D60B8C10A2C5E8DD620B3FDEB1CDA64, CC7BBB3B177559190E425F33E00CDA153C87B47AFAA8330361BC6ADA26B2C97B ] RtlProt         C:\Windows\system32\DRIVERS\rtlprot.sys
22:40:21.0391 0x07fc  RtlProt - ok
22:40:21.0406 0x07fc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
22:40:21.0406 0x07fc  SamSs - ok
22:40:21.0453 0x07fc  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:40:21.0453 0x07fc  sbp2port - ok
22:40:21.0500 0x07fc  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:40:21.0500 0x07fc  SCardSvr - ok
22:40:21.0563 0x07fc  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
22:40:21.0594 0x07fc  Schedule - ok
22:40:21.0609 0x07fc  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:40:21.0609 0x07fc  SCPolicySvc - ok
22:40:21.0656 0x07fc  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:40:21.0672 0x07fc  SDRSVC - ok
22:40:21.0688 0x07fc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:40:21.0688 0x07fc  secdrv - ok
22:40:21.0734 0x07fc  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
22:40:21.0750 0x07fc  seclogon - ok
22:40:21.0781 0x07fc  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
22:40:21.0797 0x07fc  SENS - ok
22:40:21.0813 0x07fc  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:40:21.0828 0x07fc  Serenum - ok
22:40:21.0859 0x07fc  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:40:21.0875 0x07fc  Serial - ok
22:40:21.0906 0x07fc  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:40:21.0906 0x07fc  sermouse - ok
22:40:21.0969 0x07fc  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:40:21.0984 0x07fc  SessionEnv - ok
22:40:22.0016 0x07fc  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:40:22.0016 0x07fc  sffdisk - ok
22:40:22.0063 0x07fc  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:40:22.0063 0x07fc  sffp_mmc - ok
22:40:22.0078 0x07fc  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:40:22.0078 0x07fc  sffp_sd - ok
22:40:22.0109 0x07fc  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:40:22.0109 0x07fc  sfloppy - ok
22:40:22.0172 0x07fc  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:40:22.0188 0x07fc  SharedAccess - ok
22:40:22.0234 0x07fc  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:40:22.0250 0x07fc  ShellHWDetection - ok
22:40:22.0266 0x07fc  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:40:22.0266 0x07fc  sisagp - ok
22:40:22.0297 0x07fc  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
22:40:22.0297 0x07fc  SiSRaid2 - ok
22:40:22.0328 0x07fc  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:40:22.0328 0x07fc  SiSRaid4 - ok
22:40:22.0500 0x07fc  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
22:40:22.0625 0x07fc  slsvc - ok
22:40:22.0688 0x07fc  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
22:40:22.0703 0x07fc  SLUINotify - ok
22:40:22.0750 0x07fc  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:40:22.0750 0x07fc  Smb - ok
22:40:22.0813 0x07fc  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:40:22.0813 0x07fc  SNMPTRAP - ok
22:40:22.0844 0x07fc  SNPSTD3 - ok
22:40:22.0875 0x07fc  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:40:22.0875 0x07fc  spldr - ok
22:40:22.0922 0x07fc  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
22:40:22.0922 0x07fc  Spooler - ok
22:40:22.0969 0x07fc  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:40:22.0984 0x07fc  srv - ok
22:40:23.0031 0x07fc  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:40:23.0031 0x07fc  srv2 - ok
22:40:23.0063 0x07fc  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:40:23.0078 0x07fc  srvnet - ok
22:40:23.0125 0x07fc  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:40:23.0125 0x07fc  SSDPSRV - ok
22:40:23.0172 0x07fc  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:40:23.0172 0x07fc  SstpSvc - ok
22:40:23.0234 0x07fc  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
22:40:23.0250 0x07fc  stisvc - ok
22:40:23.0281 0x07fc  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:40:23.0281 0x07fc  swenum - ok
22:40:23.0328 0x07fc  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
22:40:23.0344 0x07fc  swprv - ok
22:40:23.0391 0x07fc  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
22:40:23.0391 0x07fc  Symc8xx - ok
22:40:23.0438 0x07fc  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
22:40:23.0438 0x07fc  Sym_hi - ok
22:40:23.0469 0x07fc  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
22:40:23.0469 0x07fc  Sym_u3 - ok
22:40:23.0531 0x07fc  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
22:40:23.0578 0x07fc  SysMain - ok
22:40:23.0609 0x07fc  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:40:23.0609 0x07fc  TabletInputService - ok
22:40:23.0656 0x07fc  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:40:23.0672 0x07fc  TapiSrv - ok
22:40:23.0719 0x07fc  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
22:40:23.0734 0x07fc  TBS - ok
22:40:23.0828 0x07fc  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:40:23.0859 0x07fc  Tcpip - ok
22:40:23.0922 0x07fc  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
22:40:23.0938 0x07fc  Tcpip6 - ok
22:40:24.0000 0x07fc  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:40:24.0000 0x07fc  tcpipreg - ok
22:40:24.0031 0x07fc  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:40:24.0031 0x07fc  TDPIPE - ok
22:40:24.0078 0x07fc  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:40:24.0078 0x07fc  TDTCP - ok
22:40:24.0109 0x07fc  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:40:24.0109 0x07fc  tdx - ok
22:40:24.0141 0x07fc  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:40:24.0141 0x07fc  TermDD - ok
22:40:24.0203 0x07fc  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
22:40:24.0219 0x07fc  TermService - ok
22:40:24.0250 0x07fc  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
22:40:24.0266 0x07fc  Themes - ok
22:40:24.0297 0x07fc  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
22:40:24.0297 0x07fc  THREADORDER - ok
22:40:24.0344 0x07fc  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
22:40:24.0344 0x07fc  TrkWks - ok
22:40:24.0406 0x07fc  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:40:24.0406 0x07fc  TrustedInstaller - ok
22:40:24.0438 0x07fc  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:40:24.0453 0x07fc  tssecsrv - ok
22:40:24.0484 0x07fc  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
22:40:24.0484 0x07fc  tunmp - ok
22:40:24.0516 0x07fc  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:40:24.0516 0x07fc  tunnel - ok
22:40:24.0547 0x07fc  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:40:24.0547 0x07fc  uagp35 - ok
22:40:24.0594 0x07fc  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:40:24.0594 0x07fc  udfs - ok
22:40:24.0656 0x07fc  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:40:24.0656 0x07fc  UI0Detect - ok
22:40:24.0688 0x07fc  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:40:24.0688 0x07fc  uliagpkx - ok
22:40:24.0750 0x07fc  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
22:40:24.0750 0x07fc  uliahci - ok
22:40:24.0781 0x07fc  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
22:40:24.0781 0x07fc  UlSata - ok
22:40:24.0813 0x07fc  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
22:40:24.0813 0x07fc  ulsata2 - ok
22:40:24.0859 0x07fc  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:40:24.0875 0x07fc  umbus - ok
22:40:24.0922 0x07fc  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
22:40:24.0938 0x07fc  upnphost - ok
22:40:24.0953 0x07fc  USBAAPL - ok
22:40:24.0984 0x07fc  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:40:24.0984 0x07fc  usbaudio - ok
22:40:25.0031 0x07fc  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:40:25.0031 0x07fc  usbccgp - ok
22:40:25.0063 0x07fc  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:40:25.0063 0x07fc  usbcir - ok
22:40:25.0109 0x07fc  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:40:25.0109 0x07fc  usbehci - ok
22:40:25.0141 0x07fc  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:40:25.0141 0x07fc  usbhub - ok
22:40:25.0172 0x07fc  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:40:25.0172 0x07fc  usbohci - ok
22:40:25.0219 0x07fc  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:40:25.0219 0x07fc  usbprint - ok
22:40:25.0266 0x07fc  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:40:25.0266 0x07fc  usbscan - ok
22:40:25.0297 0x07fc  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:40:25.0313 0x07fc  USBSTOR - ok
22:40:25.0328 0x07fc  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:40:25.0328 0x07fc  usbuhci - ok
22:40:25.0391 0x07fc  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:40:25.0391 0x07fc  usbvideo - ok
22:40:25.0422 0x07fc  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
22:40:25.0438 0x07fc  UxSms - ok
22:40:25.0500 0x07fc  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
22:40:25.0516 0x07fc  vds - ok
22:40:25.0563 0x07fc  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:40:25.0563 0x07fc  vga - ok
22:40:25.0609 0x07fc  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:40:25.0609 0x07fc  VgaSave - ok
22:40:25.0641 0x07fc  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:40:25.0656 0x07fc  viaagp - ok
22:40:25.0672 0x07fc  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
22:40:25.0688 0x07fc  ViaC7 - ok
22:40:25.0703 0x07fc  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:40:25.0719 0x07fc  viaide - ok
22:40:25.0750 0x07fc  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:40:25.0750 0x07fc  volmgr - ok
22:40:25.0797 0x07fc  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:40:25.0813 0x07fc  volmgrx - ok
22:40:25.0875 0x07fc  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:40:25.0891 0x07fc  volsnap - ok
22:40:25.0922 0x07fc  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:40:25.0922 0x07fc  vsmraid - ok
22:40:26.0000 0x07fc  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
22:40:26.0047 0x07fc  VSS - ok
22:40:26.0078 0x07fc  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
22:40:26.0109 0x07fc  W32Time - ok
22:40:26.0141 0x07fc  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:40:26.0141 0x07fc  WacomPen - ok
22:40:26.0172 0x07fc  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
22:40:26.0188 0x07fc  Wanarp - ok
22:40:26.0188 0x07fc  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:40:26.0203 0x07fc  Wanarpv6 - ok
22:40:26.0250 0x07fc  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:40:26.0266 0x07fc  wcncsvc - ok
22:40:26.0297 0x07fc  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:40:26.0313 0x07fc  WcsPlugInService - ok
22:40:26.0344 0x07fc  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
22:40:26.0344 0x07fc  Wd - ok
22:40:26.0406 0x07fc  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:40:26.0422 0x07fc  Wdf01000 - ok
22:40:26.0469 0x07fc  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:40:26.0469 0x07fc  WdiServiceHost - ok
22:40:26.0516 0x07fc  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:40:26.0516 0x07fc  WdiSystemHost - ok
22:40:26.0625 0x07fc  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
22:40:26.0641 0x07fc  WebClient - ok
22:40:26.0688 0x07fc  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:40:26.0703 0x07fc  Wecsvc - ok
22:40:26.0781 0x07fc  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:40:26.0781 0x07fc  wercplsupport - ok
22:40:26.0844 0x07fc  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:40:26.0859 0x07fc  WerSvc - ok
22:40:26.0922 0x07fc  [ E096FFB754F1E45AE1BDDAC1275AE2C5, DB88308520805EB9EE1FC70C057C75A1928DBAB00F8DDE7908FE79B964259CB3 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:40:26.0953 0x07fc  winachsf - ok
22:40:27.0016 0x07fc  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:40:27.0031 0x07fc  WinDefend - ok
22:40:27.0063 0x07fc  WinHttpAutoProxySvc - ok
22:40:27.0125 0x07fc  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:40:27.0125 0x07fc  Winmgmt - ok
22:40:27.0203 0x07fc  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:40:27.0266 0x07fc  WinRM - ok
22:40:27.0344 0x07fc  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
22:40:27.0359 0x07fc  WinUSB - ok
22:40:27.0406 0x07fc  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:40:27.0438 0x07fc  Wlansvc - ok
22:40:27.0484 0x07fc  [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:40:27.0484 0x07fc  WmiAcpi - ok
22:40:27.0531 0x07fc  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:40:27.0547 0x07fc  wmiApSrv - ok
22:40:27.0641 0x07fc  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:40:27.0672 0x07fc  WMPNetworkSvc - ok
22:40:27.0734 0x07fc  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:40:27.0750 0x07fc  WPCSvc - ok
22:40:27.0797 0x07fc  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:40:27.0813 0x07fc  WPDBusEnum - ok
22:40:27.0844 0x07fc  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
22:40:27.0844 0x07fc  WpdUsb - ok
22:40:27.0938 0x07fc  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:40:27.0969 0x07fc  WPFFontCache_v0400 - ok
22:40:28.0016 0x07fc  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:40:28.0016 0x07fc  ws2ifsl - ok
22:40:28.0047 0x07fc  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
22:40:28.0063 0x07fc  wscsvc - ok
22:40:28.0078 0x07fc  WSearch - ok
22:40:28.0234 0x07fc  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:40:28.0281 0x07fc  wuauserv - ok
22:40:28.0344 0x07fc  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:40:28.0344 0x07fc  WudfPf - ok
22:40:28.0406 0x07fc  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:40:28.0406 0x07fc  WUDFRd - ok
22:40:28.0469 0x07fc  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:40:28.0469 0x07fc  wudfsvc - ok
22:40:28.0531 0x07fc  [ E8B87696DCFE32CB5C8D3D4F9DCB1D95, C4350EF58DBD60B1E2AF86EECAED37B16F6B78A006B545A849DBC9E5AC17AB89 ] WUSB54GSCv2.NTx86 C:\Windows\system32\DRIVERS\WUSB54GSCV2_X86.sys
22:40:28.0531 0x07fc  WUSB54GSCv2.NTx86 - ok
22:40:28.0563 0x07fc  [ E3FCF2870B5D7979B3BF10E98A71C847, 0B7A3CAC1C93708E8D6F2C714D70D5F515F08DD71F50957213BBA7BBC29C0F45 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
22:40:28.0563 0x07fc  XAudio - ok
22:40:28.0625 0x07fc  [ 96DB5621857E1FDDD1AA60733748BF17, 4FD6E314CFE62F447603B81C71AAD3CB7199A88F1D40B142A334903DBD515ADF ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
22:40:28.0641 0x07fc  XAudioService - ok
22:40:28.0703 0x07fc  [ B10CC66B7947BB1A2A24FF563BF36021, 4967FE3E505450915101C730DCB189DB11D9BA483E6E762B6543543F027C750F ] ZuneWlanCfgSvc  c:\Windows\system32\ZuneWlanCfgSvc.exe
22:40:28.0734 0x07fc  ZuneWlanCfgSvc - ok
22:40:28.0766 0x07fc  ================ Scan global ===============================
22:40:28.0813 0x07fc  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
22:40:28.0844 0x07fc  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
22:40:28.0891 0x07fc  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
22:40:28.0938 0x07fc  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
22:40:28.0953 0x07fc  [ Global ] - ok
22:40:28.0953 0x07fc  ================ Scan MBR ==================================
22:40:28.0984 0x07fc  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:40:29.0313 0x07fc  \Device\Harddisk0\DR0 - ok
22:40:29.0313 0x07fc  ================ Scan VBR ==================================
22:40:29.0313 0x07fc  [ 32D358C3D3BB1D0F1CA2084033737900 ] \Device\Harddisk0\DR0\Partition1
22:40:29.0344 0x07fc  \Device\Harddisk0\DR0\Partition1 - ok
22:40:29.0359 0x07fc  [ 349B45780C639754BD29017292FBBF45 ] \Device\Harddisk0\DR0\Partition2
22:40:29.0391 0x07fc  \Device\Harddisk0\DR0\Partition2 - ok
22:40:29.0391 0x07fc  ================ Scan generic autorun ======================
22:40:29.0453 0x07fc  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
22:40:29.0469 0x07fc  Windows Defender - ok
22:40:29.0547 0x07fc  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
22:40:29.0547 0x07fc  GrooveMonitor - ok
22:40:29.0609 0x07fc  [ 7F7B42B1BA42242116F5B277A063FE2E, BFB7657EE55F97B0ADB16AD8FB8545910301C63832801927B4955148744E6556 ] C:\Windows\system32\igfxtray.exe
22:40:29.0609 0x07fc  IgfxTray - ok
22:40:29.0641 0x07fc  [ 5F529FBB095CBC9F14BB1E97A7A6B547, A69BD52B70AB2564417C9A5C78472EDF457EDBDF5B8BEC3367B765A482C65EC0 ] C:\Windows\system32\hkcmd.exe
22:40:29.0641 0x07fc  HotKeysCmds - ok
22:40:29.0672 0x07fc  [ D8A33AF26E4143F7A892009890BB6F64, 4570A1B45A264D141DC919C94E5D8DD0D0D224D418ADE23385BFD787F095BEBF ] C:\Windows\system32\igfxpers.exe
22:40:29.0672 0x07fc  Persistence - ok
22:40:29.0750 0x07fc  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
22:40:29.0750 0x07fc  SunJavaUpdateSched - ok
22:40:29.0969 0x07fc  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
22:40:30.0109 0x07fc  AvastUI.exe - ok
22:40:30.0203 0x07fc  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
22:40:30.0203 0x07fc  WMPNSCFG - ok
22:40:30.0469 0x07fc  [ 82BBF2E5350D13A944839886A88F122A, EC5B99D51AA67B75C4A0CD51F61FBDFB7DF9F03B2E342D6ACB65C88872A176CA ] C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
22:40:30.0516 0x07fc  Advanced SystemCare 7 - ok
22:40:30.0625 0x07fc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
22:40:30.0688 0x07fc  Sidebar - ok
22:40:30.0703 0x07fc  WindowsWelcomeCenter - ok
22:40:30.0859 0x07fc  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Users\Kids\AppData\Local\Google\Update\GoogleUpdate.exe
22:40:30.0859 0x07fc  Google Update - ok
22:40:30.0859 0x07fc  BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
22:40:30.0938 0x07fc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
22:40:30.0984 0x07fc  Sidebar - ok
22:40:31.0000 0x07fc  WindowsWelcomeCenter - ok
22:40:31.0000 0x07fc  BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
22:40:31.0016 0x07fc  Skype - ok
22:40:31.0031 0x07fc  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
22:40:31.0047 0x07fc  WMPNSCFG - ok
22:40:31.0156 0x07fc  [ 82BBF2E5350D13A944839886A88F122A, EC5B99D51AA67B75C4A0CD51F61FBDFB7DF9F03B2E342D6ACB65C88872A176CA ] C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
22:40:31.0234 0x07fc  Advanced SystemCare 7 - ok
22:40:31.0250 0x07fc  Waiting for KSN requests completion. In queue: 328
22:40:32.0250 0x07fc  Waiting for KSN requests completion. In queue: 13
22:40:33.0250 0x07fc  Waiting for KSN requests completion. In queue: 13
22:40:34.0297 0x07fc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
22:40:34.0313 0x07fc  Win FW state via NFP2: enabled
22:40:36.0563 0x07fc  ============================================================
22:40:36.0563 0x07fc  Scan finished
22:40:36.0563 0x07fc  ============================================================
22:40:36.0578 0x0424  Detected object count: 0
22:40:36.0578 0x0424  Actual detected object count: 0

 


Edited by schmichael, 09 September 2014 - 07:51 PM.


#5 schmichael

schmichael
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 09 September 2014 - 07:54 PM

I ran JRT and ESET (ESET found nothing so no log) here is JRT.txt:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista ™ Home Basic x86
Ran by Angela on Mon 09/08/2014 at 22:49:04.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 09/08/2014 at 22:55:27.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,214 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:14 AM

Posted 10 September 2014 - 01:07 PM

Did you uninstall Malwarebytes? I do not see it.

Download 51a46ae42d560-malwarebytes_anti_malware.MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
  • If no threats were found, click View detailed log.
    • Click Export and save the log as a .txt file on your Desktop or another location.
  • If the scan detected any threats, click Apply Actions.
    • To complete any actions taken you will be prompted to restart your computer...click on Yes.
    • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
    • Check the box next to Scan Log. Choose the most current scan and click View.
    • Click Export and save the log as a .txt file on your Desktop or another location.
Providing the MalwareBytes' Anti-Malware log file
  • Attach the log file you just saved to your next reply for further review.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 schmichael

schmichael
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 10 September 2014 - 09:00 PM

Yes, I removed malwarebytes and re-installed it more than once using the removal tool from malwarebytes.org.

 

I am currently running the scan.  When it completes (fingers crossed), I will post the results.

 

If it hangs on heuristics again, I will screenshot it and attach that, unless there is anything else I should do in that event.

 

 

10:44 pm seems to be hung (objects scanned is same number as 9:30pm) will leave running overnight.  


Edited by schmichael, 10 September 2014 - 10:46 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,214 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:14 AM

Posted 10 September 2014 - 09:06 PM

No , lets see .. Is it FRee or Paid MBAM?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 schmichael

schmichael
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 10 September 2014 - 11:04 PM

I have always used the free version.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,214 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:14 AM

Posted 11 September 2014 - 11:54 AM

Ok,  I guess its not hanging anymore..


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 schmichael

schmichael
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 11 September 2014 - 05:32 PM

Actually it is still hanging.( 20+ hours) I am trying to see how to attach a file for the screenshot.


Edited by schmichael, 11 September 2014 - 05:33 PM.


#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:14 AM

Posted 11 September 2014 - 07:31 PM

Actually it is still hanging.( 20+ hours) I am trying to see how to attach a file for the screenshot.

For any issues with Malwarebytes Anti-Malware 2.0 the development team recommend you start a new topic in the Malwarebytes Anti-Malware Help Forum and report them there.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users