Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus or something else...


  • This topic is locked This topic is locked
14 replies to this topic

#1 nigel_66

nigel_66

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 10 October 2014 - 09:07 AM

My laptop crashed about 2-3 weeks ago and required a new hard drive and OS installed by a local computer repair guy. Laptop had been working fine up until 2 days ago when it all of a sudden started running slow and wouldn't allow me to log in to programs such as Dropbox, Hearthstone (error "we couldn't launch this game because your operating system wouldn't let us write to the registry...") and Skype. I also got an error message when opening Google Chrome saying there was an error loading my profile etc. Chrome was also really slow to open and doesn't run very well now. I foolishly didn't re install AVG anti virus after the new hard drive was installed, when I installed AVG this morning I did remove one Trojan Horse threat. What do I do?!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 10 October 2014 - 11:39 AM

Hi nigel, best thing is to run a few malware scans and see.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 nigel_66

nigel_66
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 11 October 2014 - 01:41 AM

Thanks for your help. 
 
MiniToolBox results:
MiniToolBox by Farbar  Version: 21-07-2014
Ran by user (administrator) on 11-10-2014 at 12:46:10
Running from "C:\Users\user\Downloads"
Microsoft Windows 7 Home Premium   (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Qualcomm Atheros AR9002WB-1NG Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : user-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 74-2F-68-E5-F2-3A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Qualcomm Atheros AR9002WB-1NG Wireless Network Adapter
   Physical Address. . . . . . . . . : 74-2F-68-E4-A9-14
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c06b:3464:76f2:e4c2%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, 10 October 2014 8:43:32 PM
   Lease Expires . . . . . . . . . . : Sunday, 12 October 2014 12:45:03 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 309604200
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-B4-B8-B8-54-04-A6-4E-E4-55
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 54-04-A6-4E-E4-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:384d:36f0:86d3:e4e6(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::384d:36f0:86d3:e4e6%14(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{D4106387-CA11-472F-A66E-E91D668E8D3C}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  NB604N.home
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2404:6800:4006:805::1005
 74.125.237.169
 74.125.237.174
 74.125.237.160
 74.125.237.161
 74.125.237.162
 74.125.237.163
 74.125.237.164
 74.125.237.165
 74.125.237.166
 74.125.237.167
 74.125.237.168
 
 
Pinging google.com [74.125.237.169] with 32 bytes of data:
Reply from 74.125.237.169: bytes=32 time=30ms TTL=57
Reply from 74.125.237.169: bytes=32 time=28ms TTL=56
 
Ping statistics for 74.125.237.169:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 30ms, Average = 29ms
Server:  NB604N.home
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=207ms TTL=51
Reply from 206.190.36.45: bytes=32 time=206ms TTL=51
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 206ms, Maximum = 207ms, Average = 206ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...74 2f 68 e5 f2 3a ......Bluetooth Device (Personal Area Network)
 13...74 2f 68 e4 a9 14 ......Qualcomm Atheros AR9002WB-1NG Wireless Network Adapter
 11...54 04 a6 4e e4 55 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.6     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.6    281
      192.168.1.6  255.255.255.255         On-link       192.168.1.6    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.6    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.6    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.6    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:9d38:6ab8:384d:36f0:86d3:e4e6/128
                                    On-link
 13    281 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::384d:36f0:86d3:e4e6/128
                                    On-link
 13    281 fe80::c06b:3464:76f2:e4c2/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/11/2014 00:44:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20199664
 
Error: (10/11/2014 00:44:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20199664
 
Error: (10/11/2014 00:44:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/11/2014 00:44:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20198635
 
Error: (10/11/2014 00:44:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20198635
 
Error: (10/11/2014 00:44:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/11/2014 00:44:57 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1744) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (10/11/2014 00:44:57 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1744) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (10/11/2014 00:44:57 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1744) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (10/11/2014 00:44:57 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1744) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
 
System errors:
=============
Error: (10/10/2014 02:02:43 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 0.0.0.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/10/2014 02:02:39 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update the engine.
 
New Engine Version: 
 
Previous Engine Version: 
 
Engine Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Error Code: %NT AUTHORITY601
 
Error description: %NT AUTHORITY602
 
Error: (10/10/2014 02:02:39 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 
 
Update Source: %NT AUTHORITY15
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/10/2014 02:02:17 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.185.2682.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/09/2014 00:14:11 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 0.0.0.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/09/2014 00:14:07 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update the engine.
 
New Engine Version: 
 
Previous Engine Version: 
 
Engine Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Error Code: %NT AUTHORITY601
 
Error description: %NT AUTHORITY602
 
Error: (10/09/2014 00:14:07 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 
 
Update Source: %NT AUTHORITY15
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/09/2014 00:13:41 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.185.2575.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/08/2014 11:53:54 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
 
Error: (10/07/2014 11:34:42 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 0.0.0.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
 
Microsoft Office Sessions:
=========================
Error: (10/11/2014 00:44:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20199664
 
Error: (10/11/2014 00:44:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20199664
 
Error: (10/11/2014 00:44:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/11/2014 00:44:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20198635
 
Error: (10/11/2014 00:44:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20198635
 
Error: (10/11/2014 00:44:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/11/2014 00:44:57 PM) (Source: ESENT)(User: )
Description: wuaueng.dll1744SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (10/11/2014 00:44:57 PM) (Source: ESENT)(User: )
Description: wuaueng.dll1744SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (10/11/2014 00:44:57 PM) (Source: ESENT)(User: )
Description: wuaueng.dll1744SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (10/11/2014 00:44:57 PM) (Source: ESENT)(User: )
Description: wuaueng.dll1744SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
 
 
=========================== Installed Programs ============================
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4181 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - )
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
f.lux (HKCU\...\Flux) (Version:  - )
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Fresco Logic USB3.0 Host Controller (HKLM\...\{B1E301A1-C2B4-4B0B-AF31-C71F8A53DCDA}) (Version: 3.0.119.1 - Fresco Logic Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Miro (HKLM-x32\...\Miro) (Version: 6.0 - Participatory Culture Foundation)
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
RockMelt (HKCU\...\RockMelt) (Version: 0.16.91.483 - RockMelt, Inc.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 15%
Total physical RAM: 16361.15 MB
Available physical RAM: 13856.73 MB
Total Pagefile: 32720.45 MB
Available Pagefile: 29884.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.04 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:698.54 GB) (Free:532.22 GB) NTFS
3 Drive e: (SDATA1) (Fixed) (Total:349.3 GB) (Free:49.39 GB) NTFS
4 Drive f: (SDATA2) (Fixed) (Total:349.33 GB) (Free:349.22 GB) NTFS
6 Drive h: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:175.97 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\USER-PC
 
Administrator            Guest                    user                     
 
 
**** End of log ****
 
TDSSKiller Report:
12:49:04.0118 0x5264  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:49:13.0888 0x5264  ============================================================
12:49:13.0888 0x5264  Current date / time: 2014/10/11 12:49:13.0888
12:49:13.0888 0x5264  SystemInfo:
12:49:13.0902 0x5264  
12:49:13.0902 0x5264  OS Version: 6.1.7600 ServicePack: 0.0
12:49:13.0902 0x5264  Product type: Workstation
12:49:13.0902 0x5264  ComputerName: USER-PC
12:49:13.0902 0x5264  UserName: user
12:49:13.0902 0x5264  Windows directory: C:\Windows
12:49:13.0902 0x5264  System windows directory: C:\Windows
12:49:13.0902 0x5264  Running under WOW64
12:49:13.0902 0x5264  Processor architecture: Intel x64
12:49:13.0902 0x5264  Number of processors: 8
12:49:13.0902 0x5264  Page size: 0x1000
12:49:13.0902 0x5264  Boot type: Normal boot
12:49:13.0902 0x5264  ============================================================
12:49:16.0900 0x5264  KLMD registered as C:\Windows\system32\drivers\38722571.sys
12:49:17.0556 0x5264  System UUID: {581DB369-9302-ACD4-53B6-35804C387243}
12:49:18.0337 0x5264  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:49:18.0693 0x5264  Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:49:18.0775 0x5264  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:49:18.0777 0x5264  ============================================================
12:49:18.0777 0x5264  \Device\Harddisk0\DR0:
12:49:18.0777 0x5264  MBR partitions:
12:49:18.0777 0x5264  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:49:18.0777 0x5264  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000
12:49:18.0777 0x5264  \Device\Harddisk1\DR1:
12:49:18.0778 0x5264  MBR partitions:
12:49:18.0778 0x5264  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2BA9C000
12:49:18.0778 0x5264  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x2BA9C800, BlocksNum 0x2BAA9EF0
12:49:18.0778 0x5264  \Device\Harddisk2\DR2:
12:49:18.0778 0x5264  MBR partitions:
12:49:18.0778 0x5264  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747059C1
12:49:18.0778 0x5264  ============================================================
12:49:18.0807 0x5264  C: <-> \Device\Harddisk0\DR0\Partition2
12:49:18.0819 0x5264  E: <-> \Device\Harddisk1\DR1\Partition1
12:49:18.0853 0x5264  F: <-> \Device\Harddisk1\DR1\Partition2
12:49:18.0866 0x5264  G: <-> \Device\Harddisk2\DR2\Partition1
12:49:18.0871 0x5264  H: <-> \Device\Harddisk2\DR2\Partition1
12:49:18.0871 0x5264  ============================================================
12:49:18.0871 0x5264  Initialize success
12:49:18.0871 0x5264  ============================================================
12:49:20.0896 0x4dc0  ============================================================
12:49:20.0896 0x4dc0  Scan started
12:49:20.0896 0x4dc0  Mode: Manual; 
12:49:20.0896 0x4dc0  ============================================================
12:49:20.0896 0x4dc0  KSN ping started
12:49:23.0882 0x4dc0  KSN ping finished: true
12:49:25.0965 0x4dc0  ================ Scan system memory ========================
12:49:25.0965 0x4dc0  System memory - ok
12:49:25.0966 0x4dc0  ================ Scan services =============================
12:49:26.0135 0x4dc0  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
12:49:26.0167 0x4dc0  1394ohci - ok
12:49:26.0217 0x4dc0  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
12:49:26.0224 0x4dc0  ACPI - ok
12:49:26.0261 0x4dc0  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
12:49:26.0269 0x4dc0  AcpiPmi - ok
12:49:26.0350 0x4dc0  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:49:26.0355 0x4dc0  AdobeARMservice - ok
12:49:26.0403 0x4dc0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:49:26.0425 0x4dc0  adp94xx - ok
12:49:26.0464 0x4dc0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:49:26.0480 0x4dc0  adpahci - ok
12:49:26.0508 0x4dc0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:49:26.0521 0x4dc0  adpu320 - ok
12:49:26.0550 0x4dc0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:49:26.0553 0x4dc0  AeLookupSvc - ok
12:49:26.0601 0x4dc0  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD             C:\Windows\system32\drivers\afd.sys
12:49:26.0612 0x4dc0  AFD - ok
12:49:26.0647 0x4dc0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
12:49:26.0656 0x4dc0  agp440 - ok
12:49:26.0690 0x4dc0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:49:26.0692 0x4dc0  ALG - ok
12:49:26.0715 0x4dc0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
12:49:26.0723 0x4dc0  aliide - ok
12:49:26.0746 0x4dc0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
12:49:26.0754 0x4dc0  amdide - ok
12:49:26.0771 0x4dc0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:49:26.0780 0x4dc0  AmdK8 - ok
12:49:26.0783 0x4dc0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:49:26.0792 0x4dc0  AmdPPM - ok
12:49:26.0834 0x4dc0  [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
12:49:26.0845 0x4dc0  amdsata - ok
12:49:26.0858 0x4dc0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:49:26.0872 0x4dc0  amdsbs - ok
12:49:26.0894 0x4dc0  [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
12:49:26.0895 0x4dc0  amdxata - ok
12:49:26.0939 0x4dc0  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
12:49:26.0948 0x4dc0  AppID - ok
12:49:26.0977 0x4dc0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:49:26.0979 0x4dc0  AppIDSvc - ok
12:49:26.0999 0x4dc0  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
12:49:27.0001 0x4dc0  Appinfo - ok
12:49:27.0083 0x4dc0  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:49:27.0088 0x4dc0  Apple Mobile Device - ok
12:49:27.0126 0x4dc0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:49:27.0140 0x4dc0  arc - ok
12:49:27.0194 0x4dc0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:49:27.0224 0x4dc0  arcsas - ok
12:49:27.0250 0x4dc0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:49:27.0251 0x4dc0  AsyncMac - ok
12:49:27.0289 0x4dc0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
12:49:27.0292 0x4dc0  atapi - ok
12:49:27.0334 0x4dc0  [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
12:49:27.0362 0x4dc0  AthBTPort - ok
12:49:27.0434 0x4dc0  [ 4C4A576818EA028257C624AE36FF7A03, 951521E0531D943EF55737EE99BBCBD6CC6ABC50530985D774EEBE8564166EDB ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
12:49:27.0438 0x4dc0  Atheros Bt&Wlan Coex Agent - ok
12:49:27.0449 0x4dc0  [ 21753130331188C4B474E1D3B396E629, F0FBE5F3281121DEF634F8273A2F43C5ADE538D9F280D6C9560D212B8B027A38 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
12:49:27.0451 0x4dc0  AtherosSvc - ok
12:49:27.0614 0x4dc0  [ 00CA27E2FBC78ABDC8F6332FCB855C4E, F0CFA787429092B017CFCFBF6D1DAA61B9B2C0FEC6B01321F4E1082A9FF1AC17 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
12:49:27.0777 0x4dc0  athr - ok
12:49:27.0833 0x4dc0  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:49:27.0849 0x4dc0  AudioEndpointBuilder - ok
12:49:27.0866 0x4dc0  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:49:27.0878 0x4dc0  AudioSrv - ok
12:49:27.0935 0x4dc0  [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
12:49:27.0939 0x4dc0  Avgdiska - ok
12:49:28.0127 0x4dc0  [ 4187E691A71B65955CA3DB9FBA31031C, CD765BBE166C457E08981A910D468886981508543E348FB8BA25941B7FB392FA ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
12:49:28.0234 0x4dc0  AVGIDSAgent - ok
12:49:28.0273 0x4dc0  [ 22FED6781A6DFC61E99D2BF6260B7F18, 3A37F2FB8264B25491B15B76E1A2DC9570121328F05C2750D0A052FFD125398A ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
12:49:28.0278 0x4dc0  AVGIDSDriver - ok
12:49:28.0294 0x4dc0  [ 17C34C4B42C8B2EFCF2C065178BF4806, CB28BEE44B7A821EE728EFFD1B1882B57E417292A3A5377F3A98F16B0AF14DC7 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
12:49:28.0298 0x4dc0  AVGIDSHA - ok
12:49:28.0336 0x4dc0  [ 48A1BF0F360743C821C04C68FCC3CAC7, E2C760AEB88F3921885761652C5092F630F86C56AADB9A96254E6032A3FEDC8A ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
12:49:28.0341 0x4dc0  Avgldx64 - ok
12:49:28.0376 0x4dc0  [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
12:49:28.0382 0x4dc0  Avgloga - ok
12:49:28.0399 0x4dc0  [ E498AFD92C3DA81209463866BDA7C932, C40767F6BC6F9D10396B969CF38CFC3FC9C9E411CFA9EBA8E8AB3E95AD5E9D27 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
12:49:28.0402 0x4dc0  Avgmfx64 - ok
12:49:28.0449 0x4dc0  [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
12:49:28.0451 0x4dc0  Avgrkx64 - ok
12:49:28.0467 0x4dc0  [ 74D2F0CCDB47D99AF624DD6355AD698C, DDB89041351DBCD26DE1402CE3AF34EEE464CE17F69A7E472B8C6ECCE9970873 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
12:49:28.0481 0x4dc0  Avgtdia - ok
12:49:28.0505 0x4dc0  [ 3218AA21B739C1C338DC8A555A66B755, 389E09C2CB51524B985B53D81289BCFB1E9DB89C70650C6D5D276391E2B56BCB ] avgwd           C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
12:49:28.0512 0x4dc0  avgwd - ok
12:49:28.0555 0x4dc0  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:49:28.0558 0x4dc0  AxInstSV - ok
12:49:28.0606 0x4dc0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:49:28.0623 0x4dc0  b06bdrv - ok
12:49:28.0650 0x4dc0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:49:28.0663 0x4dc0  b57nd60a - ok
12:49:28.0698 0x4dc0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:49:28.0701 0x4dc0  BDESVC - ok
12:49:28.0717 0x4dc0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:49:28.0723 0x4dc0  Beep - ok
12:49:28.0781 0x4dc0  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
12:49:28.0796 0x4dc0  BFE - ok
12:49:28.0851 0x4dc0  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
12:49:28.0869 0x4dc0  BITS - ok
12:49:28.0897 0x4dc0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:49:28.0905 0x4dc0  blbdrive - ok
12:49:29.0067 0x4dc0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:49:29.0084 0x4dc0  Bonjour Service - ok
12:49:29.0129 0x4dc0  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:49:29.0131 0x4dc0  bowser - ok
12:49:29.0165 0x4dc0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:49:29.0173 0x4dc0  BrFiltLo - ok
12:49:29.0187 0x4dc0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:49:29.0194 0x4dc0  BrFiltUp - ok
12:49:29.0223 0x4dc0  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
12:49:29.0226 0x4dc0  Browser - ok
12:49:29.0265 0x4dc0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:49:29.0278 0x4dc0  Brserid - ok
12:49:29.0281 0x4dc0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:49:29.0289 0x4dc0  BrSerWdm - ok
12:49:29.0345 0x4dc0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:49:29.0362 0x4dc0  BrUsbMdm - ok
12:49:29.0407 0x4dc0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:49:29.0528 0x4dc0  BrUsbSer - ok
12:49:29.0588 0x4dc0  [ FE70889A85C57A9268101B2DB0474509, 9E957390A52BE4E5642724FEC06A201682F93DD1C6F2C00A5F57351460CF5AE0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
12:49:29.0620 0x4dc0  BTATH_A2DP - ok
12:49:29.0662 0x4dc0  [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
12:49:29.0663 0x4dc0  BTATH_BUS - ok
12:49:29.0713 0x4dc0  [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
12:49:29.0745 0x4dc0  BTATH_HCRP - ok
12:49:29.0770 0x4dc0  [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
12:49:29.0792 0x4dc0  BTATH_LWFLT - ok
12:49:29.0806 0x4dc0  [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
12:49:29.0821 0x4dc0  BTATH_RCP - ok
12:49:29.0875 0x4dc0  [ 1BFC6F6B627B93C9FF1E1D9347046EE1, 6AB5CB5CB7156BBFDF2A5882C03CECB8F4E223A9322A7D3C744336F1B5B9A33C ] Btcsrusb        C:\Windows\system32\Drivers\btcusb.sys
12:49:29.0932 0x4dc0  Btcsrusb - ok
12:49:30.0009 0x4dc0  [ A14FE7859C08665A489CD7AB1AFF39F5, 26A486A3B817D6F2682B3A528330992CB3D22EC551B406A821A5DE464A14CD9E ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
12:49:30.0021 0x4dc0  BtFilter - ok
12:49:30.0064 0x4dc0  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
12:49:30.0066 0x4dc0  BthEnum - ok
12:49:30.0080 0x4dc0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:49:30.0089 0x4dc0  BTHMODEM - ok
12:49:30.0102 0x4dc0  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:49:30.0105 0x4dc0  BthPan - ok
12:49:30.0148 0x4dc0  [ A51FA9D0E85D5ADABEF72E67F386309C, 4F6F44D5E3A43239B50BCA75CBAA48FE40097E2AFF9360E1956F41ED52BD8183 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:49:30.0159 0x4dc0  BTHPORT - ok
12:49:30.0207 0x4dc0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:49:30.0215 0x4dc0  bthserv - ok
12:49:30.0237 0x4dc0  [ F740B9A16B2C06700F2130E19986BF3B, 92158FD1B3706DE068F077ACA9A25F5479EF282E8B81F5A2FF8A66CBB5F80FCF ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:49:30.0239 0x4dc0  BTHUSB - ok
12:49:30.0262 0x4dc0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:49:30.0272 0x4dc0  cdfs - ok
12:49:30.0310 0x4dc0  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:49:30.0323 0x4dc0  cdrom - ok
12:49:30.0363 0x4dc0  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:49:30.0366 0x4dc0  CertPropSvc - ok
12:49:30.0386 0x4dc0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:49:30.0396 0x4dc0  circlass - ok
12:49:30.0421 0x4dc0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:49:30.0431 0x4dc0  CLFS - ok
12:49:30.0506 0x4dc0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:49:30.0532 0x4dc0  clr_optimization_v2.0.50727_32 - ok
12:49:30.0553 0x4dc0  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:49:30.0565 0x4dc0  clr_optimization_v2.0.50727_64 - ok
12:49:30.0603 0x4dc0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:49:30.0611 0x4dc0  CmBatt - ok
12:49:30.0618 0x4dc0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
12:49:30.0626 0x4dc0  cmdide - ok
12:49:30.0646 0x4dc0  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:49:30.0656 0x4dc0  CNG - ok
12:49:30.0688 0x4dc0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:49:30.0689 0x4dc0  Compbatt - ok
12:49:30.0707 0x4dc0  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:49:30.0715 0x4dc0  CompositeBus - ok
12:49:30.0731 0x4dc0  COMSysApp - ok
12:49:30.0747 0x4dc0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:49:30.0755 0x4dc0  crcdisk - ok
12:49:30.0804 0x4dc0  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:49:30.0808 0x4dc0  CryptSvc - ok
12:49:30.0852 0x4dc0  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:49:30.0863 0x4dc0  DcomLaunch - ok
12:49:30.0886 0x4dc0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:49:30.0892 0x4dc0  defragsvc - ok
12:49:30.0919 0x4dc0  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:49:30.0921 0x4dc0  DfsC - ok
12:49:30.0974 0x4dc0  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:49:30.0980 0x4dc0  Dhcp - ok
12:49:31.0047 0x4dc0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:49:31.0052 0x4dc0  discache - ok
12:49:31.0091 0x4dc0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:49:31.0093 0x4dc0  Disk - ok
12:49:31.0136 0x4dc0  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:49:31.0141 0x4dc0  Dnscache - ok
12:49:31.0169 0x4dc0  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:49:31.0177 0x4dc0  dot3svc - ok
12:49:31.0232 0x4dc0  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
12:49:31.0237 0x4dc0  DPS - ok
12:49:31.0270 0x4dc0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:49:31.0279 0x4dc0  drmkaud - ok
12:49:31.0325 0x4dc0  [ EBCE0B0924835F635F620D19F0529DCE, 15BF803765373264390879FCA86C6D89C92DAFD0B1A36DEFA78EF01EBA2F9C26 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:49:31.0345 0x4dc0  DXGKrnl - ok
12:49:31.0383 0x4dc0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:49:31.0386 0x4dc0  EapHost - ok
12:49:31.0514 0x4dc0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:49:31.0649 0x4dc0  ebdrv - ok
12:49:31.0685 0x4dc0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
12:49:31.0687 0x4dc0  EFS - ok
12:49:31.0754 0x4dc0  [ 3D69FAE60EDE442E004611A4EE4DB44C, 480D3F7604C9A70570BBFFF3CA0FABA216805BB38D4F8A73BB50996B547D8017 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:49:31.0768 0x4dc0  ehRecvr - ok
12:49:31.0779 0x4dc0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:49:31.0782 0x4dc0  ehSched - ok
12:49:31.0827 0x4dc0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:49:31.0847 0x4dc0  elxstor - ok
12:49:31.0860 0x4dc0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
12:49:31.0868 0x4dc0  ErrDev - ok
12:49:31.0921 0x4dc0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:49:31.0929 0x4dc0  EventSystem - ok
12:49:31.0943 0x4dc0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:49:31.0955 0x4dc0  exfat - ok
12:49:31.0985 0x4dc0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:49:31.0999 0x4dc0  fastfat - ok
12:49:32.0042 0x4dc0  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
12:49:32.0056 0x4dc0  Fax - ok
12:49:32.0078 0x4dc0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:49:32.0085 0x4dc0  fdc - ok
12:49:32.0102 0x4dc0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:49:32.0103 0x4dc0  fdPHost - ok
12:49:32.0118 0x4dc0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:49:32.0120 0x4dc0  FDResPub - ok
12:49:32.0141 0x4dc0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:49:32.0143 0x4dc0  FileInfo - ok
12:49:32.0156 0x4dc0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:49:32.0157 0x4dc0  Filetrace - ok
12:49:32.0171 0x4dc0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:49:32.0177 0x4dc0  flpydisk - ok
12:49:32.0204 0x4dc0  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:49:32.0210 0x4dc0  FltMgr - ok
12:49:32.0263 0x4dc0  [ 7DE8A770487FC4B5E3A168AD97E1D370, C60414C793AF00D93D2E579CDAD5BD188421725CDCDDB6552DEF32DD5AC65C90 ] FLxHCIc         C:\Windows\system32\DRIVERS\FLxHCIc.sys
12:49:32.0289 0x4dc0  FLxHCIc - ok
12:49:32.0319 0x4dc0  [ 2D54A3319FC955029E4B371CDC088FF4, 19BD3AE7183852DC6DF42BDF0B941BB3AA7F01C25A9D94C07F3D168A7C8732AB ] FLxHCIh         C:\Windows\system32\DRIVERS\FLxHCIh.sys
12:49:32.0327 0x4dc0  FLxHCIh - ok
12:49:32.0382 0x4dc0  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache       C:\Windows\system32\FntCache.dll
12:49:32.0405 0x4dc0  FontCache - ok
12:49:32.0444 0x4dc0  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:49:32.0474 0x4dc0  FontCache3.0.0.0 - ok
12:49:32.0504 0x4dc0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:49:32.0506 0x4dc0  FsDepends - ok
12:49:32.0518 0x4dc0  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:49:32.0520 0x4dc0  Fs_Rec - ok
12:49:32.0546 0x4dc0  [ AE87BA80D0EC3B57126ED2CDC15B24ED, 7E0EA3CDB78054D9A4E3B5142305943F2914536D80B8FC363414C8838D51D56C ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:49:32.0551 0x4dc0  fvevol - ok
12:49:32.0587 0x4dc0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:49:32.0598 0x4dc0  gagp30kx - ok
12:49:32.0629 0x4dc0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:49:32.0652 0x4dc0  GEARAspiWDM - ok
12:49:32.0695 0x4dc0  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:49:32.0711 0x4dc0  gpsvc - ok
12:49:32.0752 0x4dc0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:49:32.0755 0x4dc0  gupdate - ok
12:49:32.0759 0x4dc0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:49:32.0761 0x4dc0  gupdatem - ok
12:49:32.0799 0x4dc0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:49:32.0807 0x4dc0  hcw85cir - ok
12:49:32.0852 0x4dc0  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:49:32.0868 0x4dc0  HdAudAddService - ok
12:49:32.0889 0x4dc0  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:49:32.0892 0x4dc0  HDAudBus - ok
12:49:32.0906 0x4dc0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:49:32.0914 0x4dc0  HidBatt - ok
12:49:32.0924 0x4dc0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:49:32.0936 0x4dc0  HidBth - ok
12:49:32.0945 0x4dc0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:49:32.0953 0x4dc0  HidIr - ok
12:49:32.0981 0x4dc0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:49:32.0983 0x4dc0  hidserv - ok
12:49:33.0033 0x4dc0  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:49:33.0034 0x4dc0  HidUsb - ok
12:49:33.0055 0x4dc0  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:49:33.0058 0x4dc0  hkmsvc - ok
12:49:33.0087 0x4dc0  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:49:33.0093 0x4dc0  HomeGroupListener - ok
12:49:33.0141 0x4dc0  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:49:33.0146 0x4dc0  HomeGroupProvider - ok
12:49:33.0180 0x4dc0  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
12:49:33.0189 0x4dc0  HpSAMD - ok
12:49:33.0215 0x4dc0  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:49:33.0230 0x4dc0  HTTP - ok
12:49:33.0243 0x4dc0  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:49:33.0244 0x4dc0  hwpolicy - ok
12:49:33.0258 0x4dc0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:49:33.0269 0x4dc0  i8042prt - ok
12:49:33.0310 0x4dc0  [ 7775AEAF5FA32274FAF07FAF2E5E4B87, DA6780B4F796E590882328F3A868CF9972E61DFC7F8F2A3F83FC06D0496B13E4 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
12:49:33.0321 0x4dc0  iaStorA - ok
12:49:33.0341 0x4dc0  [ 5111A200402C56E57A12D22C41F7B630, 53ED5A09AA6F5B07ED63107DB0827CA9CCFB5067F28C11F957112A82D6C6B87D ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
12:49:33.0342 0x4dc0  iaStorF - ok
12:49:33.0391 0x4dc0  [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
12:49:33.0407 0x4dc0  iaStorV - ok
12:49:33.0466 0x4dc0  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:49:33.0505 0x4dc0  idsvc - ok
12:49:33.0530 0x4dc0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:49:33.0539 0x4dc0  iirsp - ok
12:49:33.0639 0x4dc0  [ CE1EE31FFF730CA975A5535D8A71AF61, A1808EB92EC2444F9309C93F5724A7A374F4B983862829BF9B076C8D3B2427DE ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
12:49:33.0642 0x4dc0  IJPLMSVC - ok
12:49:33.0685 0x4dc0  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
12:49:33.0703 0x4dc0  IKEEXT - ok
12:49:33.0866 0x4dc0  [ FA2B7507CD49908B2260949E52F8B9FE, 0EA0B3B25A3B668CA18313E34138DADA5C9835E476A1BFC56588B946DF0A92E0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:49:33.0974 0x4dc0  IntcAzAudAddService - ok
12:49:34.0001 0x4dc0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
12:49:34.0009 0x4dc0  intelide - ok
12:49:34.0033 0x4dc0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:49:34.0035 0x4dc0  intelppm - ok
12:49:34.0061 0x4dc0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:49:34.0065 0x4dc0  IPBusEnum - ok
12:49:34.0075 0x4dc0  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:49:34.0084 0x4dc0  IpFilterDriver - ok
12:49:34.0118 0x4dc0  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:49:34.0131 0x4dc0  iphlpsvc - ok
12:49:34.0155 0x4dc0  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:49:34.0164 0x4dc0  IPMIDRV - ok
12:49:34.0178 0x4dc0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:49:34.0189 0x4dc0  IPNAT - ok
12:49:34.0244 0x4dc0  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:49:34.0257 0x4dc0  iPod Service - ok
12:49:34.0290 0x4dc0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:49:34.0292 0x4dc0  IRENUM - ok
12:49:34.0302 0x4dc0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
12:49:34.0309 0x4dc0  isapnp - ok
12:49:34.0329 0x4dc0  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:49:34.0342 0x4dc0  iScsiPrt - ok
12:49:34.0390 0x4dc0  [ 68CF5515B176527523ED379915350AE3, C69C7B69ECAE290A27F0D3DF6C989CDA667A0C4807216D3C0390EECFC4108D16 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:49:34.0391 0x4dc0  iusb3hcs - ok
12:49:34.0426 0x4dc0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:49:34.0437 0x4dc0  kbdclass - ok
12:49:34.0456 0x4dc0  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:49:34.0465 0x4dc0  kbdhid - ok
12:49:34.0474 0x4dc0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
12:49:34.0475 0x4dc0  KeyIso - ok
12:49:34.0505 0x4dc0  [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:49:34.0508 0x4dc0  KSecDD - ok
12:49:34.0513 0x4dc0  [ A8C63880EF6F4D3FEC7B616B9C060215, 036AE3ABBF991F5748C5C46E1DF62FBBC832BCDBF8C1B6E3C22A22A3703BBBCA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:49:34.0516 0x4dc0  KSecPkg - ok
12:49:34.0563 0x4dc0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:49:34.0648 0x4dc0  ksthunk - ok
12:49:34.0687 0x4dc0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:49:34.0792 0x4dc0  KtmRm - ok
12:49:34.0827 0x4dc0  [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:49:34.0833 0x4dc0  LanmanServer - ok
12:49:34.0845 0x4dc0  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:49:34.0849 0x4dc0  LanmanWorkstation - ok
12:49:34.0884 0x4dc0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:49:34.0886 0x4dc0  lltdio - ok
12:49:34.0916 0x4dc0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:49:34.0929 0x4dc0  lltdsvc - ok
12:49:34.0946 0x4dc0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:49:34.0947 0x4dc0  lmhosts - ok
12:49:34.0976 0x4dc0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:49:34.0986 0x4dc0  LSI_FC - ok
12:49:34.0999 0x4dc0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:49:35.0010 0x4dc0  LSI_SAS - ok
12:49:35.0023 0x4dc0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:49:35.0034 0x4dc0  LSI_SAS2 - ok
12:49:35.0050 0x4dc0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:49:35.0061 0x4dc0  LSI_SCSI - ok
12:49:35.0094 0x4dc0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:49:35.0097 0x4dc0  luafv - ok
12:49:35.0130 0x4dc0  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
12:49:35.0138 0x4dc0  MBfilt - ok
12:49:35.0159 0x4dc0  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:49:35.0168 0x4dc0  Mcx2Svc - ok
12:49:35.0190 0x4dc0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:49:35.0199 0x4dc0  megasas - ok
12:49:35.0223 0x4dc0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:49:35.0238 0x4dc0  MegaSR - ok
12:49:35.0277 0x4dc0  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:49:35.0279 0x4dc0  MEIx64 - ok
12:49:35.0348 0x4dc0  Microsoft SharePoint Workspace Audit Service - ok
12:49:35.0368 0x4dc0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:49:35.0370 0x4dc0  MMCSS - ok
12:49:35.0389 0x4dc0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:49:35.0399 0x4dc0  Modem - ok
12:49:35.0417 0x4dc0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:49:35.0418 0x4dc0  monitor - ok
12:49:35.0442 0x4dc0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:49:35.0451 0x4dc0  mouclass - ok
12:49:35.0473 0x4dc0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:49:35.0475 0x4dc0  mouhid - ok
12:49:35.0503 0x4dc0  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:49:35.0506 0x4dc0  mountmgr - ok
12:49:35.0552 0x4dc0  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
12:49:35.0561 0x4dc0  MpFilter - ok
12:49:35.0586 0x4dc0  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
12:49:35.0604 0x4dc0  mpio - ok
12:49:35.0633 0x4dc0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:49:35.0636 0x4dc0  mpsdrv - ok
12:49:35.0679 0x4dc0  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:49:35.0696 0x4dc0  MpsSvc - ok
12:49:35.0727 0x4dc0  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:49:35.0739 0x4dc0  MRxDAV - ok
12:49:35.0752 0x4dc0  [ 767A4C3BCF9410C286CED15A2DB17108, D9EA9EF7D4048081B132B804E0AE5A60A58FA6B25B7F5B87D5D7E354B2D94C79 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:49:35.0756 0x4dc0  mrxsmb - ok
12:49:35.0773 0x4dc0  [ 920EE0FF995FCFDEB08C41605A959E1C, 977195011912166F7C7E209D90B973E3F507B5297504AF9B6797FA8D1051534C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:49:35.0780 0x4dc0  mrxsmb10 - ok
12:49:35.0791 0x4dc0  [ 740D7EA9D72C981510A5292CF6ADC941, C55C2F73410C008F829D194EF072721A8D7945BCC48458982D2409761908E7AE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:49:35.0794 0x4dc0  mrxsmb20 - ok
12:49:35.0810 0x4dc0  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
12:49:35.0811 0x4dc0  msahci - ok
12:49:35.0829 0x4dc0  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
12:49:35.0841 0x4dc0  msdsm - ok
12:49:35.0856 0x4dc0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:49:35.0869 0x4dc0  MSDTC - ok
12:49:35.0881 0x4dc0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:49:35.0882 0x4dc0  Msfs - ok
12:49:35.0906 0x4dc0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:49:35.0908 0x4dc0  mshidkmdf - ok
12:49:35.0918 0x4dc0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
12:49:35.0919 0x4dc0  msisadrv - ok
12:49:35.0942 0x4dc0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:49:35.0951 0x4dc0  MSiSCSI - ok
12:49:35.0953 0x4dc0  msiserver - ok
12:49:35.0975 0x4dc0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:49:35.0982 0x4dc0  MSKSSRV - ok
12:49:36.0040 0x4dc0  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:49:36.0041 0x4dc0  MsMpSvc - ok
12:49:36.0062 0x4dc0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:49:36.0070 0x4dc0  MSPCLOCK - ok
12:49:36.0090 0x4dc0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:49:36.0098 0x4dc0  MSPQM - ok
12:49:36.0135 0x4dc0  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:49:36.0143 0x4dc0  MsRPC - ok
12:49:36.0176 0x4dc0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:49:36.0177 0x4dc0  mssmbios - ok
12:49:36.0229 0x4dc0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:49:36.0237 0x4dc0  MSTEE - ok
12:49:36.0250 0x4dc0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:49:36.0257 0x4dc0  MTConfig - ok
12:49:36.0306 0x4dc0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:49:36.0308 0x4dc0  Mup - ok
12:49:36.0350 0x4dc0  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
12:49:36.0360 0x4dc0  napagent - ok
12:49:36.0406 0x4dc0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:49:36.0412 0x4dc0  NativeWifiP - ok
12:49:36.0470 0x4dc0  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:49:36.0488 0x4dc0  NDIS - ok
12:49:36.0527 0x4dc0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:49:36.0536 0x4dc0  NdisCap - ok
12:49:36.0561 0x4dc0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:49:36.0569 0x4dc0  NdisTapi - ok
12:49:36.0592 0x4dc0  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:49:36.0595 0x4dc0  Ndisuio - ok
12:49:36.0615 0x4dc0  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:49:36.0626 0x4dc0  NdisWan - ok
12:49:36.0639 0x4dc0  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:49:36.0648 0x4dc0  NDProxy - ok
12:49:36.0679 0x4dc0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:49:36.0681 0x4dc0  NetBIOS - ok
12:49:36.0699 0x4dc0  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:49:36.0705 0x4dc0  NetBT - ok
12:49:36.0718 0x4dc0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
12:49:36.0719 0x4dc0  Netlogon - ok
12:49:36.0745 0x4dc0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:49:36.0753 0x4dc0  Netman - ok
12:49:36.0776 0x4dc0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:49:36.0786 0x4dc0  netprofm - ok
12:49:36.0833 0x4dc0  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:49:36.0979 0x4dc0  NetTcpPortSharing - ok
12:49:37.0025 0x4dc0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:49:37.0035 0x4dc0  nfrd960 - ok
12:49:37.0050 0x4dc0  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:49:37.0062 0x4dc0  NisDrv - ok
12:49:37.0106 0x4dc0  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
12:49:37.0114 0x4dc0  NisSrv - ok
12:49:37.0144 0x4dc0  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:49:37.0151 0x4dc0  NlaSvc - ok
12:49:37.0181 0x4dc0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:49:37.0182 0x4dc0  Npfs - ok
12:49:37.0213 0x4dc0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:49:37.0215 0x4dc0  nsi - ok
12:49:37.0225 0x4dc0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:49:37.0227 0x4dc0  nsiproxy - ok
12:49:37.0297 0x4dc0  [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:49:37.0329 0x4dc0  Ntfs - ok
12:49:37.0338 0x4dc0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:49:37.0345 0x4dc0  Null - ok
12:49:37.0401 0x4dc0  [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:49:37.0413 0x4dc0  NVHDA - ok
12:49:37.0844 0x4dc0  [ F554291C0A11F5B713B54C5886D4AA31, 65B7DF4BB3DFF616DC2C863988E30F901E14221C00E2A99A2079E19D91D93BAE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:49:38.0229 0x4dc0  nvlddmkm - ok
12:49:38.0274 0x4dc0  [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
12:49:38.0285 0x4dc0  nvraid - ok
12:49:38.0291 0x4dc0  [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
12:49:38.0303 0x4dc0  nvstor - ok
12:49:38.0387 0x4dc0  [ 8E99BF264C1F20934A67E91BC9F4FB20, 89AA8823B751F4CEF4E862F1270E7EFDA81A6E5D9C5F72625CBF83C70B312353 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:49:38.0407 0x4dc0  nvsvc - ok
12:49:38.0434 0x4dc0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
12:49:38.0445 0x4dc0  nv_agp - ok
12:49:38.0460 0x4dc0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
12:49:38.0470 0x4dc0  ohci1394 - ok
12:49:38.0524 0x4dc0  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:49:38.0528 0x4dc0  ose64 - ok
12:49:38.0803 0x4dc0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:49:38.0970 0x4dc0  osppsvc - ok
12:49:39.0028 0x4dc0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:49:39.0036 0x4dc0  p2pimsvc - ok
12:49:39.0063 0x4dc0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:49:39.0073 0x4dc0  p2psvc - ok
12:49:39.0094 0x4dc0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:49:39.0104 0x4dc0  Parport - ok
12:49:39.0122 0x4dc0  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:49:39.0124 0x4dc0  partmgr - ok
12:49:39.0144 0x4dc0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:49:39.0149 0x4dc0  PcaSvc - ok
12:49:39.0162 0x4dc0  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
12:49:39.0167 0x4dc0  pci - ok
12:49:39.0175 0x4dc0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
12:49:39.0183 0x4dc0  pciide - ok
12:49:39.0203 0x4dc0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:49:39.0216 0x4dc0  pcmcia - ok
12:49:39.0228 0x4dc0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:49:39.0230 0x4dc0  pcw - ok
12:49:39.0255 0x4dc0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:49:39.0268 0x4dc0  PEAUTH - ok
12:49:39.0349 0x4dc0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:49:39.0351 0x4dc0  PerfHost - ok
12:49:39.0427 0x4dc0  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
12:49:39.0454 0x4dc0  pla - ok
12:49:39.0483 0x4dc0  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:49:39.0493 0x4dc0  PlugPlay - ok
12:49:39.0513 0x4dc0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:49:39.0515 0x4dc0  PNRPAutoReg - ok
12:49:39.0539 0x4dc0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:49:39.0545 0x4dc0  PNRPsvc - ok
12:49:39.0594 0x4dc0  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:49:39.0610 0x4dc0  PolicyAgent - ok
12:49:39.0637 0x4dc0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:49:39.0641 0x4dc0  Power - ok
12:49:39.0671 0x4dc0  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:49:39.0682 0x4dc0  PptpMiniport - ok
12:49:39.0697 0x4dc0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:49:39.0706 0x4dc0  Processor - ok
12:49:39.0739 0x4dc0  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
12:49:39.0744 0x4dc0  ProfSvc - ok
12:49:39.0763 0x4dc0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:49:39.0765 0x4dc0  ProtectedStorage - ok
12:49:39.0836 0x4dc0  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:49:39.0840 0x4dc0  Psched - ok
12:49:39.0913 0x4dc0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:49:39.0959 0x4dc0  ql2300 - ok
12:49:39.0970 0x4dc0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:49:39.0983 0x4dc0  ql40xx - ok
12:49:40.0008 0x4dc0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:49:40.0014 0x4dc0  QWAVE - ok
12:49:40.0038 0x4dc0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:49:40.0040 0x4dc0  QWAVEdrv - ok
12:49:40.0055 0x4dc0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:49:40.0067 0x4dc0  RasAcd - ok
12:49:40.0125 0x4dc0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:49:40.0135 0x4dc0  RasAgileVpn - ok
12:49:40.0162 0x4dc0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:49:40.0166 0x4dc0  RasAuto - ok
12:49:40.0198 0x4dc0  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:49:40.0349 0x4dc0  Rasl2tp - ok
12:49:40.0383 0x4dc0  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
12:49:40.0441 0x4dc0  RasMan - ok
12:49:40.0477 0x4dc0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:49:40.0487 0x4dc0  RasPppoe - ok
12:49:40.0507 0x4dc0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:49:40.0516 0x4dc0  RasSstp - ok
12:49:40.0524 0x4dc0  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:49:40.0531 0x4dc0  rdbss - ok
12:49:40.0561 0x4dc0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:49:40.0569 0x4dc0  rdpbus - ok
12:49:40.0577 0x4dc0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:49:40.0578 0x4dc0  RDPCDD - ok
12:49:40.0603 0x4dc0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:49:40.0604 0x4dc0  RDPENCDD - ok
12:49:40.0608 0x4dc0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:49:40.0609 0x4dc0  RDPREFMP - ok
12:49:40.0623 0x4dc0  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:49:40.0635 0x4dc0  RDPWD - ok
12:49:40.0661 0x4dc0  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:49:40.0666 0x4dc0  rdyboost - ok
12:49:40.0700 0x4dc0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:49:40.0703 0x4dc0  RemoteAccess - ok
12:49:40.0729 0x4dc0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:49:40.0734 0x4dc0  RemoteRegistry - ok
12:49:40.0780 0x4dc0  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:49:40.0784 0x4dc0  RFCOMM - ok
12:49:40.0796 0x4dc0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:49:40.0799 0x4dc0  RpcEptMapper - ok
12:49:40.0820 0x4dc0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:49:40.0821 0x4dc0  RpcLocator - ok
12:49:40.0853 0x4dc0  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
12:49:40.0862 0x4dc0  RpcSs - ok
12:49:40.0894 0x4dc0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:49:40.0896 0x4dc0  rspndr - ok
12:49:40.0940 0x4dc0  [ 28B356BAB74470786867BF4DC261E17C, 92030573D97224FF9BE6CCEBFFDE71EC3F845A1A4D19DA599A6E93CC215FBB0E ] RSUSBVSTOR      C:\Windows\system32\Drivers\RtsUVStor.sys
12:49:40.0962 0x4dc0  RSUSBVSTOR - ok
12:49:41.0008 0x4dc0  [ FABCD0B9CA0A2DC84805DCC199439046, A68B68456C2D82F1592D7C55D3A0E8539E19D29258F880D350654D0CFB515837 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:49:41.0033 0x4dc0  RTL8167 - ok
12:49:41.0063 0x4dc0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
12:49:41.0065 0x4dc0  SamSs - ok
12:49:41.0081 0x4dc0  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
12:49:41.0092 0x4dc0  sbp2port - ok
12:49:41.0125 0x4dc0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:49:41.0131 0x4dc0  SCardSvr - ok
12:49:41.0165 0x4dc0  [ B2F50286DC82B93C013E3FC57BA1A956, DCE74B47A493FA0F17B2DF970A852038793CD8A61AA2D2000C249273C2EC554A ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
12:49:41.0206 0x4dc0  SCDEmu - ok
12:49:41.0240 0x4dc0  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:49:41.0242 0x4dc0  scfilter - ok
12:49:41.0300 0x4dc0  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule        C:\Windows\system32\schedsvc.dll
12:49:41.0322 0x4dc0  Schedule - ok
12:49:41.0342 0x4dc0  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:49:41.0343 0x4dc0  SCPolicySvc - ok
12:49:41.0379 0x4dc0  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:49:41.0385 0x4dc0  SDRSVC - ok
12:49:41.0414 0x4dc0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:49:41.0415 0x4dc0  secdrv - ok
12:49:41.0431 0x4dc0  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
12:49:41.0433 0x4dc0  seclogon - ok
12:49:41.0451 0x4dc0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:49:41.0454 0x4dc0  SENS - ok
12:49:41.0473 0x4dc0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:49:41.0475 0x4dc0  SensrSvc - ok
12:49:41.0500 0x4dc0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:49:41.0507 0x4dc0  Serenum - ok
12:49:41.0535 0x4dc0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:49:41.0544 0x4dc0  Serial - ok
12:49:41.0571 0x4dc0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:49:41.0579 0x4dc0  sermouse - ok
12:49:41.0611 0x4dc0  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:49:41.0615 0x4dc0  SessionEnv - ok
12:49:41.0641 0x4dc0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
12:49:41.0647 0x4dc0  sffdisk - ok
12:49:41.0650 0x4dc0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:49:41.0657 0x4dc0  sffp_mmc - ok
12:49:41.0667 0x4dc0  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
12:49:41.0674 0x4dc0  sffp_sd - ok
12:49:41.0693 0x4dc0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:49:41.0701 0x4dc0  sfloppy - ok
12:49:41.0725 0x4dc0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:49:41.0733 0x4dc0  SharedAccess - ok
12:49:41.0774 0x4dc0  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:49:41.0782 0x4dc0  ShellHWDetection - ok
12:49:41.0819 0x4dc0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:49:41.0828 0x4dc0  SiSRaid2 - ok
12:49:41.0842 0x4dc0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:49:41.0852 0x4dc0  SiSRaid4 - ok
12:49:41.0894 0x4dc0  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:49:41.0901 0x4dc0  SkypeUpdate - ok
12:49:41.0937 0x4dc0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:49:41.0947 0x4dc0  Smb - ok
12:49:41.0989 0x4dc0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:49:41.0991 0x4dc0  SNMPTRAP - ok
12:49:42.0013 0x4dc0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:49:42.0014 0x4dc0  spldr - ok
12:49:42.0042 0x4dc0  [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler         C:\Windows\System32\spoolsv.exe
12:49:42.0054 0x4dc0  Spooler - ok
12:49:42.0186 0x4dc0  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
12:49:42.0298 0x4dc0  sppsvc - ok
12:49:42.0318 0x4dc0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:49:42.0321 0x4dc0  sppuinotify - ok
12:49:42.0361 0x4dc0  [ 43067A65522EAEC33D31A12D6FA8E3F4, 244CE66A10B34DC756962D0A164B34B98D89AB41B64C7AAF1F31E8642D8B013B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:49:42.0371 0x4dc0  srv - ok
12:49:42.0382 0x4dc0  [ 03715CF9C30B563DA35FC5F2B8F7B8E0, 694EE380955AAD3E21DD72D2656141017E113EC726E5CBE856EF4D7E4FE10387 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:49:42.0390 0x4dc0  srv2 - ok
12:49:42.0396 0x4dc0  [ FBD09635227A8026C0F7790F604343C6, 582D40DD57D33BF79642E6DF069E82187EF79978B7192D669FD21678B0D8A9C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:49:42.0400 0x4dc0  srvnet - ok
12:49:42.0420 0x4dc0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:49:42.0425 0x4dc0  SSDPSRV - ok
12:49:42.0429 0x4dc0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:49:42.0432 0x4dc0  SstpSvc - ok
12:49:42.0449 0x4dc0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:49:42.0457 0x4dc0  stexstor - ok
12:49:42.0506 0x4dc0  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
12:49:42.0519 0x4dc0  stisvc - ok
12:49:42.0535 0x4dc0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:49:42.0544 0x4dc0  swenum - ok
12:49:42.0575 0x4dc0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:49:42.0587 0x4dc0  swprv - ok
12:49:42.0670 0x4dc0  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
12:49:42.0705 0x4dc0  SysMain - ok
12:49:42.0720 0x4dc0  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:49:42.0724 0x4dc0  TabletInputService - ok
12:49:42.0764 0x4dc0  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:49:42.0772 0x4dc0  TapiSrv - ok
12:49:42.0793 0x4dc0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:49:42.0797 0x4dc0  TBS - ok
12:49:42.0887 0x4dc0  [ 90A2D722CF64D911879D6C4A4F802A4D, 2D825BC1FD73315BF51F36CAEF6A8EFE9042A4C260151C6351064260CF699194 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:49:42.0923 0x4dc0  Tcpip - ok
12:49:42.0964 0x4dc0  [ 90A2D722CF64D911879D6C4A4F802A4D, 2D825BC1FD73315BF51F36CAEF6A8EFE9042A4C260151C6351064260CF699194 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:49:42.0997 0x4dc0  TCPIP6 - ok
12:49:43.0017 0x4dc0  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:49:43.0019 0x4dc0  tcpipreg - ok
12:49:43.0047 0x4dc0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:49:43.0054 0x4dc0  TDPIPE - ok
12:49:43.0063 0x4dc0  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:49:43.0071 0x4dc0  TDTCP - ok
12:49:43.0083 0x4dc0  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:49:43.0093 0x4dc0  tdx - ok
12:49:43.0106 0x4dc0  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:49:43.0116 0x4dc0  TermDD - ok
12:49:43.0169 0x4dc0  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
12:49:43.0184 0x4dc0  TermService - ok
12:49:43.0205 0x4dc0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:49:43.0208 0x4dc0  Themes - ok
12:49:43.0224 0x4dc0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:49:43.0226 0x4dc0  THREADORDER - ok
12:49:43.0256 0x4dc0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:49:43.0260 0x4dc0  TrkWks - ok
12:49:43.0314 0x4dc0  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:49:43.0318 0x4dc0  TrustedInstaller - ok
12:49:43.0347 0x4dc0  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:49:43.0349 0x4dc0  tssecsrv - ok
12:49:43.0373 0x4dc0  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:49:43.0383 0x4dc0  tunnel - ok
12:49:43.0404 0x4dc0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:49:43.0414 0x4dc0  uagp35 - ok
12:49:43.0437 0x4dc0  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:49:43.0451 0x4dc0  udfs - ok
12:49:43.0471 0x4dc0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:49:43.0474 0x4dc0  UI0Detect - ok
12:49:43.0516 0x4dc0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
12:49:43.0526 0x4dc0  uliagpkx - ok
12:49:43.0552 0x4dc0  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:49:43.0560 0x4dc0  umbus - ok
12:49:43.0573 0x4dc0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:49:43.0581 0x4dc0  UmPass - ok
12:49:43.0621 0x4dc0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:49:43.0629 0x4dc0  upnphost - ok
12:49:43.0646 0x4dc0  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:49:43.0649 0x4dc0  usbccgp - ok
12:49:43.0672 0x4dc0  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
12:49:43.0682 0x4dc0  usbcir - ok
12:49:43.0696 0x4dc0  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:49:43.0704 0x4dc0  usbehci - ok
12:49:43.0754 0x4dc0  [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:49:43.0760 0x4dc0  usbhub - ok
12:49:43.0770 0x4dc0  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:49:43.0778 0x4dc0  usbohci - ok
12:49:43.0813 0x4dc0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:49:43.0821 0x4dc0  usbprint - ok
12:49:43.0861 0x4dc0  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:49:43.0871 0x4dc0  usbscan - ok
12:49:43.0884 0x4dc0  [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:49:43.0886 0x4dc0  USBSTOR - ok
12:49:43.0904 0x4dc0  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:49:43.0911 0x4dc0  usbuhci - ok
12:49:43.0939 0x4dc0  [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:49:43.0943 0x4dc0  usbvideo - ok
12:49:43.0963 0x4dc0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:49:43.0966 0x4dc0  UxSms - ok
12:49:43.0974 0x4dc0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
12:49:43.0976 0x4dc0  VaultSvc - ok
12:49:44.0003 0x4dc0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
12:49:44.0005 0x4dc0  vdrvroot - ok
12:49:44.0035 0x4dc0  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
12:49:44.0047 0x4dc0  vds - ok
12:49:44.0083 0x4dc0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:49:44.0091 0x4dc0  vga - ok
12:49:44.0109 0x4dc0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:49:44.0117 0x4dc0  VgaSave - ok
12:49:44.0123 0x4dc0  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
12:49:44.0138 0x4dc0  vhdmp - ok
12:49:44.0146 0x4dc0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
12:49:44.0154 0x4dc0  viaide - ok
12:49:44.0181 0x4dc0  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
12:49:44.0184 0x4dc0  volmgr - ok
12:49:44.0193 0x4dc0  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:49:44.0201 0x4dc0  volmgrx - ok
12:49:44.0209 0x4dc0  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
12:49:44.0215 0x4dc0  volsnap - ok
12:49:44.0235 0x4dc0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:49:44.0246 0x4dc0  vsmraid - ok
12:49:44.0316 0x4dc0  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
12:49:44.0348 0x4dc0  VSS - ok
12:49:44.0377 0x4dc0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:49:44.0384 0x4dc0  vwifibus - ok
12:49:44.0394 0x4dc0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:49:44.0404 0x4dc0  vwififlt - ok
12:49:44.0430 0x4dc0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:49:44.0439 0x4dc0  W32Time - ok
12:49:44.0457 0x4dc0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:49:44.0466 0x4dc0  WacomPen - ok
12:49:44.0498 0x4dc0  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:49:44.0508 0x4dc0  WANARP - ok
12:49:44.0511 0x4dc0  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:49:44.0513 0x4dc0  Wanarpv6 - ok
12:49:44.0580 0x4dc0  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
12:49:44.0610 0x4dc0  wbengine - ok
12:49:44.0628 0x4dc0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:49:44.0635 0x4dc0  WbioSrvc - ok
12:49:44.0645 0x4dc0  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:49:44.0654 0x4dc0  wcncsvc - ok
12:49:44.0682 0x4dc0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:49:44.0685 0x4dc0  WcsPlugInService - ok
12:49:44.0709 0x4dc0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:49:44.0717 0x4dc0  Wd - ok
12:49:44.0750 0x4dc0  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:49:44.0764 0x4dc0  Wdf01000 - ok
12:49:44.0778 0x4dc0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:49:44.0782 0x4dc0  WdiServiceHost - ok
12:49:44.0786 0x4dc0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:49:44.0789 0x4dc0  WdiSystemHost - ok
12:49:44.0822 0x4dc0  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll
12:49:44.0861 0x4dc0  WebClient - ok
12:49:44.0916 0x4dc0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:49:44.0967 0x4dc0  Wecsvc - ok
12:49:45.0077 0x4dc0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:49:45.0136 0x4dc0  wercplsupport - ok
12:49:45.0167 0x4dc0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:49:45.0170 0x4dc0  WerSvc - ok
12:49:45.0203 0x4dc0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:49:45.0211 0x4dc0  WfpLwf - ok
12:49:45.0224 0x4dc0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:49:45.0235 0x4dc0  WIMMount - ok
12:49:45.0261 0x4dc0  WinDefend - ok
12:49:45.0264 0x4dc0  WinHttpAutoProxySvc - ok
12:49:45.0368 0x4dc0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:49:45.0377 0x4dc0  Winmgmt - ok
12:49:45.0468 0x4dc0  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:49:45.0509 0x4dc0  WinRM - ok
12:49:45.0549 0x4dc0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:49:45.0568 0x4dc0  Wlansvc - ok
12:49:45.0595 0x4dc0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:49:45.0596 0x4dc0  WmiAcpi - ok
12:49:45.0627 0x4dc0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:49:45.0632 0x4dc0  wmiApSrv - ok
12:49:45.0653 0x4dc0  WMPNetworkSvc - ok
12:49:45.0692 0x4dc0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:49:45.0694 0x4dc0  WPCSvc - ok
12:49:45.0714 0x4dc0  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:49:45.0718 0x4dc0  WPDBusEnum - ok
12:49:45.0740 0x4dc0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:49:45.0741 0x4dc0  ws2ifsl - ok
12:49:45.0756 0x4dc0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:49:45.0759 0x4dc0  wscsvc - ok
12:49:45.0762 0x4dc0  WSearch - ok
12:49:45.0838 0x4dc0  [ 38340204A2D0228F1E87740FC5E554A7, 57181ED34E73DD17B590803C770A086C57754F229C6F587637B8FBB5D6519603 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:49:45.0886 0x4dc0  wuauserv - ok
12:49:45.0897 0x4dc0  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:49:45.0901 0x4dc0  WudfPf - ok
12:49:45.0919 0x4dc0  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:49:45.0932 0x4dc0  WUDFRd - ok
12:49:45.0954 0x4dc0  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:49:45.0957 0x4dc0  wudfsvc - ok
12:49:45.0976 0x4dc0  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:49:45.0982 0x4dc0  WwanSvc - ok
12:49:46.0012 0x4dc0  ================ Scan global ===============================
12:49:46.0026 0x4dc0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:49:46.0075 0x4dc0  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
12:49:46.0097 0x4dc0  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
12:49:46.0128 0x4dc0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:49:46.0157 0x4dc0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:49:46.0167 0x4dc0  [ Global ] - ok
12:49:46.0168 0x4dc0  ================ Scan MBR ==================================
12:49:46.0183 0x4dc0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:49:46.0359 0x4dc0  \Device\Harddisk0\DR0 - ok
12:49:46.0668 0x4dc0  [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk1\DR1
12:49:46.0739 0x4dc0  \Device\Harddisk1\DR1 - ok
12:49:46.0742 0x4dc0  [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk2\DR2
12:49:46.0931 0x4dc0  \Device\Harddisk2\DR2 - ok
12:49:46.0931 0x4dc0  ================ Scan VBR ==================================
12:49:46.0960 0x4dc0  [ 5494561F50A42815AFB433F6C4F26E79 ] \Device\Harddisk0\DR0\Partition1
12:49:46.0961 0x4dc0  \Device\Harddisk0\DR0\Partition1 - ok
12:49:46.0974 0x4dc0  [ E6D7B240D44E009122152E22747D6A24 ] \Device\Harddisk0\DR0\Partition2
12:49:46.0975 0x4dc0  \Device\Harddisk0\DR0\Partition2 - ok
12:49:46.0977 0x4dc0  [ 0F575F966C9C24D4F8A7013CBA2172BD ] \Device\Harddisk1\DR1\Partition1
12:49:46.0978 0x4dc0  \Device\Harddisk1\DR1\Partition1 - ok
12:49:46.0980 0x4dc0  [ 1C05BDFB0CE1CA53B0A82A8A70ED29F0 ] \Device\Harddisk1\DR1\Partition2
12:49:46.0981 0x4dc0  \Device\Harddisk1\DR1\Partition2 - ok
12:49:46.0984 0x4dc0  [ 0E92B815F8A5ACDDD1657BEDF83C8E91 ] \Device\Harddisk2\DR2\Partition1
12:49:47.0028 0x4dc0  \Device\Harddisk2\DR2\Partition1 - ok
12:49:47.0029 0x4dc0  ================ Scan generic autorun ======================
12:49:47.0492 0x4dc0  [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:49:47.0876 0x4dc0  RTHDVCPL - ok
12:49:47.0949 0x4dc0  [ FA33A21EE03B324DD4D2D9D75710CAF6, 57132E1850F74138F6E27766AC01C3BE8DF7A16D7C064CF7E09AB2A8300F35EE ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
12:49:47.0951 0x4dc0  BCSSync - ok
12:49:48.0016 0x4dc0  [ A5299DCA34A86268F3A635CDCF6E8F57, FCBC168BD4465340BDC4E1589C7C5EFEED9AB711200036247EB951C71ED39538 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
12:49:48.0028 0x4dc0  AtherosBtStack - ok
12:49:48.0043 0x4dc0  [ A1D17BD52F1A2E387EEE1C6543AC2671, AC33526CD009790C2EC229F1F87C8B7BDCEF12A281953CC92B124014B00361B1 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
12:49:48.0051 0x4dc0  AthBtTray - ok
12:49:48.0147 0x4dc0  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
12:49:48.0173 0x4dc0  MSC - ok
12:49:48.0293 0x4dc0  [ 5858DE874168C5F0AEA7A353DD520D48, DB77AF431227AEBD92C6E40AC723435E83DCF4620B7366D4FA6D9ACB500AA6EA ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
12:49:48.0388 0x4dc0  CanonMyPrinter - ok
12:49:48.0455 0x4dc0  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:49:48.0475 0x4dc0  Adobe ARM - ok
12:49:48.0518 0x4dc0  [ DFAA68C2445C2A659AA122358E1219BA, 2F0A0CF114E4F6457534BA3484C8BB5EC7C71AA3A495B20DFE9D9C40506C2B5C ] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
12:49:48.0519 0x4dc0  FLxHCIm - ok
12:49:48.0574 0x4dc0  [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
12:49:48.0577 0x4dc0  iTunesHelper - ok
12:49:48.0711 0x4dc0  [ 00AB2B491C7037BB219BEB26FAD34C72, 95EDBBE07EB85EEE1376252AA975BAA61235C80FC03036357BD4786E5D6B9703 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
12:49:48.0742 0x4dc0  CanonSolutionMenuEx - ok
12:49:48.0822 0x4dc0  [ 5110C1C1FB6F35490D04A01E29F07959, B868C1B855DC1D98CE5FFA5C1F4E90CB556A4006C2AF7F204CC4CCFA12749540 ] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
12:49:48.0829 0x4dc0  PWRISOVM.EXE - ok
12:49:48.0989 0x4dc0  [ B36DFFCD2B20AF39223847D691B49357, 3639DAE0C9A31A7D1997EFB21679514BEF267F4F1735EB39230058B8B2198D32 ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
12:49:49.0073 0x4dc0  AVG_UI - ok
12:49:49.0162 0x4dc0  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:49:49.0201 0x4dc0  Sidebar - ok
12:49:49.0231 0x4dc0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:49:49.0242 0x4dc0  mctadmin - ok
12:49:49.0285 0x4dc0  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:49:49.0305 0x4dc0  Sidebar - ok
12:49:49.0310 0x4dc0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:49:49.0312 0x4dc0  mctadmin - ok
12:49:49.0524 0x4dc0  [ 5B522E61A39D2237F21CFB4A9612FF14, 70676002A6438BE281F1EBAA86E32BF68928E2A753BA2B3821CB2C9DA2069EB6 ] C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
12:49:49.0548 0x4dc0  Spotify Web Helper - ok
12:49:49.0565 0x4dc0  Skype - ok
12:49:49.0655 0x4dc0  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\user\AppData\Local\FluxSoftware\Flux\flux.exe
12:49:49.0676 0x4dc0  f.lux - ok
12:49:49.0677 0x4dc0  Waiting for KSN requests completion. In queue: 71
12:49:50.0677 0x4dc0  Waiting for KSN requests completion. In queue: 71
12:49:51.0677 0x4dc0  Waiting for KSN requests completion. In queue: 71
12:49:52.0705 0x4dc0  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
12:49:52.0815 0x4dc0  AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5315 ), 0x41000 ( enabled : updated )
12:49:52.0838 0x4dc0  Win FW state via NFP2: enabled
12:49:55.0524 0x4dc0  ============================================================
12:49:55.0524 0x4dc0  Scan finished
12:49:55.0524 0x4dc0  ============================================================
12:49:55.0544 0x4e50  Detected object count: 0
12:49:55.0544 0x4e50  Actual detected object count: 0
 
ADW Report:
# AdwCleaner v3.311 - Report created 11/10/2014 at 12:59:05
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : user - USER-PC
# Running from : C:\Users\user\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\UpdateStar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.16385
 
 
-\\ Google Chrome v38.0.2125.101
 
[ File : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1083 octets] - [11/10/2014 12:55:17]
AdwCleaner[S0].txt - [966 octets] - [11/10/2014 12:59:05]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1025 octets] ##########
 
Junkware Report:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Home Premium x64
Ran by user on Sat 11/10/2014 at 13:03:33.94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 11/10/2014 at 13:06:12.99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
ESETScan Report:
C:\Users\user\Downloads\cbsidlm-cbsi134-Free_MP4_to_WMV_Converter-ORG-75898999.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\user\Downloads\FFSetup3.1.1.0 (1).exe a variant of Win32/Hao123.A potentially unwanted application deleted - quarantined
C:\Users\user\Downloads\Miro_setup.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
G:\Movies\Age Of The Dragons {2011}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Black Swan\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Burke And Hare\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Cougars Inc {2011}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Dirty Movie {2011}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Due Date {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Fair Game {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Gullivers Travels {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Harry Potter And The Deathly Hallows Part One\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\How Do You Know {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\It's Kind Of A Funny Story {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Legend Of The BoneKnapper Dragon {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Life As We Know It {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Little Fockers {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Morning Glory {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\S.W.A.T Firefight {2011}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\The Chaperone {2011}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\The Chronicles Of Narnia The Voyage Of The Dawn Treader {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\The Extra Man {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\The Green Hornet {2011}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\The Next Three Days {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\The Social Network {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\The Speed Of Thought {2011}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\The Warriors Way  {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\TRON Legacy {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Unstoppable {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Wall Street Money Never Sleeps {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Welcome to the Rileys\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
G:\Movies\Yogi Bear {2010}\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 11 October 2014 - 07:46 PM

You have 2 AV's running and one has to be stopped,,, Open Microsoft Security Essentials -> click "Settings" tab -> select "Real time protection" -> uncheck the box "Turn on real-time protection" (recommended).

Wherever you are getting those movies from appears to give them with malware.

Let's run MBAM....


Malwarebytes Anti-Malware Free and Malwarebytes Chameleon

----------
  • Download Malwarebytes Anti-Malware Free and save it to your desktop
  • Double click the desktop icon, click Run, then OK
  • Click Next
  • Select I accept the agreement then continue to click Next then finally click Install
  • Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
  • If you are notified the Database is out of date click Update Now
  • Click Scan Now >>
----------
  • Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
  • Click Start (Start, Search, All files and folders for Windows XP) then type mbam
  • Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com

----------
  • When completed click the down arrow on Export Log and select Text file (*.txt)
  • Save the file to your desktop as MBAM
  • Click Apply Actions then restart your computer if requested
  • Copy and past the contents of MBAM.txt in your reply

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 nigel_66

nigel_66
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 11 October 2014 - 08:23 PM

The movies were on a recently plugged in external hard drive (not from when the problems started). I had to use this to save files to as my computer wouldn't allow me to save to My Documents. 

 

Malwarebytes Report:

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/10/2014
Scan Time: 12:08:02 PM
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.10.12.01
Rootkit Database: v2014.10.11.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x64
File System: NTFS
User: user
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 304777
Time Elapsed: 8 min, 8 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.OpenCandy, C:\Users\user\Downloads\FreemakeVideoConverterSetup.exe, , [2aa7b75c225a16203b2ce04112ef7e82], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#6 nigel_66

nigel_66
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 14 October 2014 - 06:21 AM

Bump?



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 14 October 2014 - 02:02 PM

hi was waiting a report on how it's working after hose.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 nigel_66

nigel_66
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 14 October 2014 - 08:02 PM

Sorry what's hose? Last report you asked me to post was the malwarebytes report...



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 15 October 2014 - 07:23 PM

After Those scans


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 nigel_66

nigel_66
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 16 October 2014 - 07:15 AM

Sorry but I already replied?

 

Malwarebytes Report:

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/10/2014
Scan Time: 12:08:02 PM
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.10.12.01
Rootkit Database: v2014.10.11.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x64
File System: NTFS
User: user
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 304777
Time Elapsed: 8 min, 8 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.OpenCandy, C:\Users\user\Downloads\FreemakeVideoConverterSetup.exe, , [2aa7b75c225a16203b2ce04112ef7e82], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 16 October 2014 - 04:02 PM

Lets see if it's just file corruption.. See how it is after this...

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk, then restart your computer.

1406373241-3-o.png


Once the above is done, go to Step 4 and allow it to run System File Check by clicking on the Do It button.

1406373250-4-o.png


Go to Step 5 and under"System Restore" click on Create button.

1406373259-5-o.png


Go to Start Repairs tab and click the Start button.

1406373267-start1-o.png


Leave the check marks as they are.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start Repairs button.

1406373275-start2-o.png


After the repair finished, you may be prompted to restart the computer. Please allow it to do so.

Please post the Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 nigel_66

nigel_66
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 19 October 2014 - 06:44 AM

I was unable to complete the repair. This is the log file I have:

 

Microsoft Windows [Version 6.1.7600]
Copyright © 2009 Microsoft Corporation.  All rights reserved.
 
C:\Users\user\Downloads>CD /D C:\
 
C:\>chkdsk C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
 
WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.
 
CHKDSK is verifying files (stage 1 of 3)...
 0 percent complete. (0 of 799744 file records processed)     
 0 percent complete. (6657 of 799744 file records processed)     
 0 percent complete. (11265 of 799744 file records processed)     
 0 percent complete. (18177 of 799744 file records processed)     
 0 percent complete. (27137 of 799744 file records processed)     
 0 percent complete. (34049 of 799744 file records processed)     
 0 percent complete. (46849 of 799744 file records processed)     
 0 percent complete. (59166 of 799744 file records processed)     
 0 percent complete. (72961 of 799744 file records processed)     
 1 percent complete. (79975 of 799744 file records processed)     
 1 percent complete. (89601 of 799744 file records processed)     
 1 percent complete. (101633 of 799744 file records processed)     
 1 percent complete. (117249 of 799744 file records processed)     
 1 percent complete. (131592 of 799744 file records processed)     
 1 percent complete. (144385 of 799744 file records processed)     
 1 percent complete. (153345 of 799744 file records processed)     
 2 percent complete. (159949 of 799744 file records processed)     
 2 percent complete. (165377 of 799744 file records processed)     
 2 percent complete. (172248 of 799744 file records processed)     
 2 percent complete. (182243 of 799744 file records processed)     
 2 percent complete. (190209 of 799744 file records processed)     
 2 percent complete. (196097 of 799744 file records processed)     
 2 percent complete. (203009 of 799744 file records processed)     
 2 percent complete. (210945 of 799744 file records processed)     
 2 percent complete. (218881 of 799744 file records processed)     
 2 percent complete. (225774 of 799744 file records processed)     
 2 percent complete. (232449 of 799744 file records processed)     
 2 percent complete. (237872 of 799744 file records processed)     
 3 percent complete. (239924 of 799744 file records processed)     
 3 percent complete. (247297 of 799744 file records processed)     
 3 percent complete. (259073 of 799744 file records processed)     
 3 percent complete. (271873 of 799744 file records processed)     
 3 percent complete. (281854 of 799744 file records processed)     
 3 percent complete. (290817 of 799744 file records processed)     
 3 percent complete. (299701 of 799744 file records processed)     
 3 percent complete. (310529 of 799744 file records processed)     
 4 percent complete. (319898 of 799744 file records processed)     
 4 percent complete. (333057 of 799744 file records processed)     
 4 percent complete. (341505 of 799744 file records processed)     
 4 percent complete. (353281 of 799744 file records processed)     
 4 percent complete. (365313 of 799744 file records processed)     
 4 percent complete. (375553 of 799744 file records processed)     
 4 percent complete. (385025 of 799744 file records processed)     
 4 percent complete. (392705 of 799744 file records processed)     
 5 percent complete. (399872 of 799744 file records processed)     
 5 percent complete. (406273 of 799744 file records processed)     
 5 percent complete. (413185 of 799744 file records processed)     
 5 percent complete. (416513 of 799744 file records processed)     
 5 percent complete. (419329 of 799744 file records processed)     
 5 percent complete. (422913 of 799744 file records processed)     
 5 percent complete. (425473 of 799744 file records processed)     
 5 percent complete. (427521 of 799744 file records processed)     
 5 percent complete. (436993 of 799744 file records processed)     
 5 percent complete. (444161 of 799744 file records processed)     
 5 percent complete. (449281 of 799744 file records processed)     
 5 percent complete. (451585 of 799744 file records processed)     
 5 percent complete. (456449 of 799744 file records processed)     
 5 percent complete. (458753 of 799744 file records processed)     
 5 percent complete. (461313 of 799744 file records processed)     
 5 percent complete. (463361 of 799744 file records processed)     
 5 percent complete. (466945 of 799744 file records processed)     
 5 percent complete. (468481 of 799744 file records processed)     
 5 percent complete. (474632 of 799744 file records processed)     
 6 percent complete. (479847 of 799744 file records processed)     
 6 percent complete. (485889 of 799744 file records processed)     
 6 percent complete. (486913 of 799744 file records processed)     
 6 percent complete. (488961 of 799744 file records processed)     
 6 percent complete. (490497 of 799744 file records processed)     
 6 percent complete. (493313 of 799744 file records processed)     
 6 percent complete. (496897 of 799744 file records processed)     
 6 percent complete. (502785 of 799744 file records processed)     
 6 percent complete. (514049 of 799744 file records processed)     
 6 percent complete. (517889 of 799744 file records processed)     
 6 percent complete. (524289 of 799744 file records processed)     
 6 percent complete. (529409 of 799744 file records processed)     
 6 percent complete. (535553 of 799744 file records processed)     
 6 percent complete. (540929 of 799744 file records processed)     
 6 percent complete. (544513 of 799744 file records processed)     
 6 percent complete. (550401 of 799744 file records processed)     
 6 percent complete. (555777 of 799744 file records processed)     
 7 percent complete. (559821 of 799744 file records processed)     
 7 percent complete. (565249 of 799744 file records processed)     
 7 percent complete. (569857 of 799744 file records processed)     
 7 percent complete. (573953 of 799744 file records processed)     
 7 percent complete. (579329 of 799744 file records processed)     
 7 percent complete. (585729 of 799744 file records processed)     
 7 percent complete. (598529 of 799744 file records processed)     
 7 percent complete. (606465 of 799744 file records processed)     
 7 percent complete. (610817 of 799744 file records processed)     
 7 percent complete. (621825 of 799744 file records processed)     
 7 percent complete. (635293 of 799744 file records processed)     
 8 percent complete. (639796 of 799744 file records processed)     
 8 percent complete. (654081 of 799744 file records processed)     
 8 percent complete. (661761 of 799744 file records processed)     
 8 percent complete. (670209 of 799744 file records processed)     
 8 percent complete. (675073 of 799744 file records processed)     
 8 percent complete. (684033 of 799744 file records processed)     
 8 percent complete. (692225 of 799744 file records processed)     
 8 percent complete. (702209 of 799744 file records processed)     
 8 percent complete. (708609 of 799744 file records processed)     
 9 percent complete. (719770 of 799744 file records processed)     
 9 percent complete. (735745 of 799744 file records processed)     
 9 percent complete. (745473 of 799744 file records processed)     
 9 percent complete. (751873 of 799744 file records processed)     
 9 percent complete. (762369 of 799744 file records processed)     
 9 percent complete. (768001 of 799744 file records processed)     
 9 percent complete. (775425 of 799744 file records processed)     
 9 percent complete. (786177 of 799744 file records processed)     
 9 percent complete. (797697 of 799744 file records processed)     
Attribute record (128, "") from file record segment 798555
is corrupt.
  799744 file records processed.                                         
 
File verification completed.
  99 large file records processed.                                   
 
 
Errors found.  CHKDSK cannot continue in read-only mode.
 
C:\>

I received the following error message when running the repair on tweaking.com:

 

The current repair has failed to start 4 times.
Something is keeping the repair from running.
Please post in the Tweaking.com forums for support.


#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 19 October 2014 - 06:40 PM

Hello, appears we need a deeper look in here. Please make a new topic with the DDS log in the Guide and that repair log.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 nigel_66

nigel_66
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 20 October 2014 - 06:56 AM

Thanks. Have made new post and awaiting reply now!



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 20 October 2014 - 01:28 PM

Thank you


New topic
http://www.bleepingcomputer.com/forums/t/552627/second-post-still-no-idea-whats-wrong/#entry3511015

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 5 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users