Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Childs laptop playing up / go slow after removing some adware


  • Please log in to reply
9 replies to this topic

#1 Bag McDamage

Bag McDamage

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:34 AM

Posted 10 December 2014 - 04:47 AM

Hi

After attempting to remove some adware with Malwarebytes (succesfully), the laptop is extraordinarily slow

 

Its a laptop with Windows 7 that was maitained by the school, and systems restore point was turned off. Once turned off then back on, task manager shows a huge amount of processes running that aren't...such as 4 chrome sessions. 

 

Even after closing these down, they start back up, on start up.

 

Can you please help?

Thanks

Mark

 

 

Hoep this is a helpful starting point after reading a similar post opened today...

 

1) I downloaded the latest mini tool box and checkmark the following checkboxes:

  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Then I clicked Go and pasted the content below.
 
2) Also I took a Snapshot using Speccy. The result is at http://speccy.piriform.com/results/SeXkxsaAUzum1a4xY5JmUUm

 

MiniToolBox by Farbar  Version: 30-11-2014

Ran by RYANLM12 (administrator) on 10-12-2014 at 20:28:19
Running from "D:\ryanlm12\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/10/2014 08:03:59 PM) (Source: ESENT) (User: )
Description: taskhost (1268) WebCacheLocal: An attempt to open the file "C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/10/2014 08:03:49 PM) (Source: ESENT) (User: )
Description: taskhost (1268) WebCacheLocal: An attempt to open the file "C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/10/2014 08:03:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2014 08:01:44 PM) (Source: Sophos Message Router) (User: NT AUTHORITY)
Description: DNS lookup failure trying to resolve the following addresses: LHAV01,LHAV01.lowtherhall.vic.edu.au.%%3
 
Error: (12/10/2014 07:51:41 PM) (Source: ESENT) (User: )
Description: taskhost (3604) WebCacheLocal: An attempt to open the file "C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/10/2014 07:51:31 PM) (Source: ESENT) (User: )
Description: taskhost (3604) WebCacheLocal: An attempt to open the file "C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/10/2014 07:50:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2014 07:49:32 PM) (Source: Sophos Message Router) (User: NT AUTHORITY)
Description: DNS lookup failure trying to resolve the following addresses: LHAV01,LHAV01.lowtherhall.vic.edu.au.%%3
 
Error: (12/10/2014 07:43:59 PM) (Source: ESENT) (User: )
Description: taskhost (3316) WebCacheLocal: An attempt to open the file "C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/10/2014 07:43:48 PM) (Source: ESENT) (User: )
Description: taskhost (3316) WebCacheLocal: An attempt to open the file "C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
 
System errors:
=============
Error: (12/10/2014 08:03:37 PM) (Source: Microsoft-Windows-GroupPolicy) (User: LOWTHER)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (12/10/2014 08:01:40 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (12/10/2014 08:01:36 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LOWTHER due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
Error: (12/10/2014 07:51:19 PM) (Source: Microsoft-Windows-GroupPolicy) (User: LOWTHER)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (12/10/2014 07:49:28 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (12/10/2014 07:49:24 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LOWTHER due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
Error: (12/10/2014 07:34:08 PM) (Source: Microsoft-Windows-GroupPolicy) (User: LOWTHER)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (12/10/2014 07:32:05 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (12/10/2014 07:32:02 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LOWTHER due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
Error: (12/10/2014 06:14:17 PM) (Source: NetBT) (User: )
Description: A duplicate name has been detected on the TCP network.  The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.
 
 
Microsoft Office Sessions:
=========================
Error: (12/10/2014 08:03:59 PM) (Source: ESENT)(User: )
Description: taskhost1268WebCacheLocal: C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (12/10/2014 08:03:49 PM) (Source: ESENT)(User: )
Description: taskhost1268WebCacheLocal: C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (12/10/2014 08:03:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2014 08:01:44 PM) (Source: Sophos Message Router)(User: NT AUTHORITY)
Description: LHAV01,LHAV01.lowtherhall.vic.edu.au
 
Error: (12/10/2014 07:51:41 PM) (Source: ESENT)(User: )
Description: taskhost3604WebCacheLocal: C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (12/10/2014 07:51:31 PM) (Source: ESENT)(User: )
Description: taskhost3604WebCacheLocal: C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (12/10/2014 07:50:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2014 07:49:32 PM) (Source: Sophos Message Router)(User: NT AUTHORITY)
Description: LHAV01,LHAV01.lowtherhall.vic.edu.au
 
Error: (12/10/2014 07:43:59 PM) (Source: ESENT)(User: )
Description: taskhost3316WebCacheLocal: C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (12/10/2014 07:43:48 PM) (Source: ESENT)(User: )
Description: taskhost3316WebCacheLocal: C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
 
 
=========================== Installed Programs ============================
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Anytime USB Charge Utility (HKLM\...\{039E0487-E1D2-4760-91B9-0F8D8C376E05}) (Version: 1.00.00.001 - FUJITSU LIMITED)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Audio Recorder for Free 2010 v12.8.2 (HKLM\...\Audio Recorder for Free_is1) (Version:  - Copyright© 2005-2010 AudioToolMedia Software.)
AuthenTec Fingerprint Software (HKLM\...\{6B99AF03-2668-4572-BD3D-8C7A5D103065}) (Version: 8.5.1.28 - AuthenTec, Inc.)
Auto Rotation Utility (HKLM\...\InstallShield_{8F98F2BE-6825-4C2E-B742-5ED51819B80E}) (Version: 1.00.10.003 - FUJITSU LIMITED)
Auto Rotation Utility (Version: 1.00.10.003 - FUJITSU LIMITED) Hidden
Battery Utility (HKLM\...\{2CB72D13-3C04-46F2-A3B1-B63317F92B32}) (Version: 3.00.14.004 - FUJITSU LIMITED)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
ClickView Player (HKLM\...\{86D2B15A-CF12-4EBD-89B9-F1F9D32277A2}) (Version: 3.0.0.21 - ClickView)
Crocodile ICT 605 (HKLM\...\{3D7C603F-3E4D-4980-9493-2118721C50F2}) (Version: 1.00.0605 - Crocodile Clips)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3904 - CyberLink Corp.)
CyberLink YouCam (Version: 3.1.3904 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{28857979-5507-4C10-A922-FF709A19D38C}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
FJ Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52019.0 - Sonix)
FormatFactory 2.70 (HKLM\...\FormatFactory) (Version: 2.70 - Free Time)
Fujitsu Button Utilities (HKLM\...\{207E8B60-07D2-4B7F-97FE-0DA448606861}) (Version: 7.04.1116.2010 - Fujitsu America, Inc.)
Fujitsu Display Manager (HKLM\...\InstallShield_{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - FUJITSU LIMITED)
Fujitsu Display Manager (Version: 7.00.20.203 - FUJITSU LIMITED) Hidden
Fujitsu Hotkey Utility (HKLM\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM\...\InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.01.001 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 3.00.01.001 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.2.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.4.2.0 - FUJITSU LIMITED) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM\...\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
Google SketchUp 8 (HKLM\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
InfraRecorder (HKLM\...\InfraRecorder) (Version:  - Christian Kindahl)
InkSeine (HKLM\...\{421C5049-5831-4B50-B884-548B8EDCFFDA}) (Version: 1.2.1720 - Microsoft Research)
Inspiration 9 IE (HKLM\...\Inspiration 9 IE) (Version:  - )
Inspiration 9 PDF Driver (novaPDF 7.0 printer) (HKLM\...\Inspiration 9 PDF Driver_is1) (Version:  - Softland)
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2287 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
ISD Tablet (HKLM\...\ISD Tablet Driver) (Version: 7.0.2-17 - Wacom Technology Corp.)
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.290 - Oracle)
Kahootz 3 (HKLM\...\{E11D42F0-845A-4238-914B-491DAE6FB5C8}) (Version: 1.1.1 - The Australian Children's Television Foundation)
KeePass Password Safe 2.16 (HKLM\...\KeePassPasswordSafe2_is1) (Version:  - Dominik Reichl)
K-Lite Codec Pack 7.8.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 7.8.0 - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60831.0 - Microsoft Corporation)
Microsoft Small Basic v1.0 (HKLM\...\{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 7.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 7.0.1 (x86 en-US)) (Version: 7.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM\...\InstallShield_{16155BB8-8BC5-4E0B-AA41-B3A08545494D}) (Version: 3.1.00.18 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.1.00.18 - O2Micro International LTD.) Hidden
Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}) (Version: 3.58.0 - dotPDN LLC)
Pearson Bookshelf version 2.0 (HKLM\...\{D799CF50-72B0-473C-B5C3-D601A221B91A}_is1) (Version: 2.0 - Pearson Australia)
Photo Story 3 for Windows (HKLM\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
Pointing Device Utility (HKLM\...\InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}) (Version: 1.0.1.0 - FUJITSU LIMITED)
Pointing Device Utility (Version: 1.0.1.0 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM\...\{E330A608-195F-4C39-8B95-9AAC2C97CD99}) (Version: 32.00.10.029 - FUJITSU LIMITED)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RapidTyping (HKLM\...\RapidTyping) (Version: 4.1 - RapidTyping Software)
Real Alternative 2.0.2 (HKLM\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6263 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Creator LJ (HKLM\...\{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}) (Version: 12.1.4.8 - Roxio)
Roxio Creator LJ (Version: 1.0.511 - Roxio) Hidden
Roxio Creator LJ (Version: 5.0.0 - Roxio) Hidden
Security Panel Application for Supervisor (HKLM\...\InstallShield_{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.5.1.0 - FUJITSU LIMITED)
Security Panel Application for Supervisor (Version: 2.5.1.0 - FUJITSU LIMITED) Hidden
Sketchpad (HKLM\...\Sketchpad) (Version:  - )
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sophos Anti-Virus (HKLM\...\{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}) (Version: 10.0.12 - Sophos Limited)
Sophos AutoUpdate (HKLM\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.4.81 - Sophos Limited)
Sophos Remote Management System (HKLM\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector (KB2583935) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EDF9874C-9E37-4110-9FC3-094247E114DF}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector (KB2583935) (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{64FDCC43-8AD0-46F0-BF53-0CC27D816202}) (Version:  - Microsoft)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows Driver Package - Fujitsu America, Inc. (FjBtnDrv) HIDClass  (08/27/2009 4.2.0827.2009) (HKLM\...\F02860D720F53C6FCD75A013226E3E82F54FAB68) (Version: 08/27/2009 4.2.0827.2009 - Fujitsu America, Inc.)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XMedia Recode 3.0.3.4 (HKLM\...\XMedia Recode) (Version: 3.0.3.4 - Sebastian Dörfler)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 44%
Total physical RAM: 3241.17 MB
Available physical RAM: 1799.17 MB
Total Pagefile: 6480.63 MB
Available Pagefile: 4936.88 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.38 MB
 
========================= Partitions: =====================================
 
1 Drive c: (SYSTEM) (Fixed) (Total:48.73 GB) (Free:21.81 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:70.41 GB) (Free:14.3 GB) NTFS
4 Drive f: () (Removable) (Total:3.74 GB) (Free:3.74 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\NBRYANLM12
 
Administrator            Guest                    SophosSAUNBRYANLM120     
 
 
**** End of log ****

Edited by hamluis, 10 December 2014 - 10:09 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:34 PM

Posted 10 December 2014 - 08:04 PM

Hi, lets run these... and MINItoolbox again ...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Bag McDamage

Bag McDamage
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:34 AM

Posted 11 December 2014 - 05:55 AM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by RYANLM12 (administrator) on 11-12-2014 at 19:53:36
Running from "D:\ryanlm12\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
54.225.95.126 hjjjegfhiceggepdokloeepnhlfnedkk
 
========================= IP Configuration: ================================
 
Intel® Centrino® Advanced-N 6205 = Wireless Network Connection (Connected)
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : NBRYANLM12
   Primary Dns Suffix  . . . . . . . : lowtherhall.vic.edu.au
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lowtherhall.vic.edu.au
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : CC-AF-78-E4-51-92
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 08-11-96-1B-D9-31
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
   Physical Address. . . . . . . . . : 08-11-96-1B-D9-30
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::fc3f:4669:495f:946d%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.13(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, 11 December 2014 7:49:06 PM
   Lease Expires . . . . . . . . . . : Friday, 12 December 2014 7:49:06 PM
   Default Gateway . . . . . . . . . : 10.0.0.138
   DHCP Server . . . . . . . . . . . : 10.0.0.138
   DHCPv6 IAID . . . . . . . . . . . : 403181974
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-1E-62-C7-8C-73-6E-FF-BA-2B
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
   Physical Address. . . . . . . . . : 8C-73-6E-FF-BA-2B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{68D330A2-C6F9-4AAE-BA19-369A5001678D}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:28d8:3d27:8c44:e0b(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::28d8:3d27:8c44:e0b%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{109F3295-937A-47FD-BF0F-C3B14548682E}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{9D1CC047-D937-4141-BBAF-D3B11EB4E9F7}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{8405EAAD-7FDA-41EF-87A4-FFCE4E2402AA}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    google.com
Addresses:  2404:6800:4006:800::2000
 74.125.204.139
 74.125.204.138
 74.125.204.100
 74.125.204.102
 74.125.204.113
 74.125.204.101
 
 
Pinging google.com [173.194.72.113] with 32 bytes of data:
Reply from 173.194.72.113: bytes=32 time=175ms TTL=49
Reply from 173.194.72.113: bytes=32 time=192ms TTL=49
 
Ping statistics for 173.194.72.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 175ms, Maximum = 192ms, Average = 183ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=290ms TTL=48
Reply from 98.139.183.24: bytes=32 time=289ms TTL=48
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 289ms, Maximum = 290ms, Average = 289ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...cc af 78 e4 51 92 ......Bluetooth Device (Personal Area Network)
 14...08 11 96 1b d9 31 ......Microsoft Virtual WiFi Miniport Adapter
 13...08 11 96 1b d9 30 ......Intel® Centrino® Advanced-N 6205
 11...8c 73 6e ff ba 2b ......Intel® 82579LM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       10.0.0.138        10.0.0.13     25
         10.0.0.0    255.255.255.0         On-link         10.0.0.13    281
        10.0.0.13  255.255.255.255         On-link         10.0.0.13    281
       10.0.0.255  255.255.255.255         On-link         10.0.0.13    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.13    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.13    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6abd:28d8:3d27:8c44:e0b/128
                                    On-link
 13    281 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::28d8:3d27:8c44:e0b/128
                                    On-link
 13    281 fe80::fc3f:4669:495f:946d/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 10 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/11/2014 07:48:15 PM) (Source: Sophos Message Router) (User: NT AUTHORITY)
Description: The network identity (also known as the Interoperable Object Reference or IOR) of the local computer is invalid.%%3
 
Error: (12/11/2014 04:18:48 PM) (Source: Sophos Message Router) (User: NT AUTHORITY)
Description: The network identity (also known as the Interoperable Object Reference or IOR) of the local computer is invalid.%%3
 
Error: (12/11/2014 01:50:34 PM) (Source: ESENT) (User: )
Description: taskhost (1268) WebCacheLocal: An attempt to open the file "C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/11/2014 01:50:24 PM) (Source: ESENT) (User: )
Description: taskhost (1268) WebCacheLocal: An attempt to open the file "C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/11/2014 01:50:20 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.17280 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1218
 
Start Time: 01d014ed2d4a46d9
 
Termination Time: 10
 
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
 
Report Id:
 
Error: (12/11/2014 01:49:02 PM) (Source: Sophos Message Router) (User: NT AUTHORITY)
Description: The network identity (also known as the Interoperable Object Reference or IOR) of the local computer is invalid.%%3
 
Error: (12/10/2014 09:18:33 PM) (Source: Sophos Message Router) (User: NT AUTHORITY)
Description: The network identity (also known as the Interoperable Object Reference or IOR) of the local computer is invalid.%%3
 
Error: (12/10/2014 08:03:59 PM) (Source: ESENT) (User: )
Description: taskhost (1268) WebCacheLocal: An attempt to open the file "C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/10/2014 08:03:49 PM) (Source: ESENT) (User: )
Description: taskhost (1268) WebCacheLocal: An attempt to open the file "C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/10/2014 08:03:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (12/11/2014 07:47:55 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LOWTHER due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
Error: (12/11/2014 02:01:09 PM) (Source: DCOM) (User: )
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}
 
Error: (12/11/2014 01:49:02 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LOWTHER due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
Error: (12/11/2014 03:33:27 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LOWTHER due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
Error: (12/10/2014 08:31:55 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error: (12/10/2014 08:03:37 PM) (Source: Microsoft-Windows-GroupPolicy) (User: LOWTHER)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (12/10/2014 08:01:40 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (12/10/2014 08:01:36 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LOWTHER due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
Error: (12/10/2014 07:51:19 PM) (Source: Microsoft-Windows-GroupPolicy) (User: LOWTHER)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (12/10/2014 07:49:28 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
 
Microsoft Office Sessions:
=========================
Error: (12/11/2014 07:48:15 PM) (Source: Sophos Message Router)(User: NT AUTHORITY)
Description: 
 
Error: (12/11/2014 04:18:48 PM) (Source: Sophos Message Router)(User: NT AUTHORITY)
Description: 
 
Error: (12/11/2014 01:50:34 PM) (Source: ESENT)(User: )
Description: taskhost1268WebCacheLocal: C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (12/11/2014 01:50:24 PM) (Source: ESENT)(User: )
Description: taskhost1268WebCacheLocal: C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (12/11/2014 01:50:20 PM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.17280121801d014ed2d4a46d910C:\Program Files\Internet Explorer\iexplore.exe
 
Error: (12/11/2014 01:49:02 PM) (Source: Sophos Message Router)(User: NT AUTHORITY)
Description: 
 
Error: (12/10/2014 09:18:33 PM) (Source: Sophos Message Router)(User: NT AUTHORITY)
Description: 
 
Error: (12/10/2014 08:03:59 PM) (Source: ESENT)(User: )
Description: taskhost1268WebCacheLocal: C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (12/10/2014 08:03:49 PM) (Source: ESENT)(User: )
Description: taskhost1268WebCacheLocal: C:\Users\ryanlm12\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (12/10/2014 08:03:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
 
=========================== Installed Programs ============================
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Anytime USB Charge Utility (HKLM\...\{039E0487-E1D2-4760-91B9-0F8D8C376E05}) (Version: 1.00.00.001 - FUJITSU LIMITED)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Audio Recorder for Free 2010 v12.8.2 (HKLM\...\Audio Recorder for Free_is1) (Version:  - Copyright© 2005-2010 AudioToolMedia Software.)
AuthenTec Fingerprint Software (HKLM\...\{6B99AF03-2668-4572-BD3D-8C7A5D103065}) (Version: 8.5.1.28 - AuthenTec, Inc.)
Auto Rotation Utility (HKLM\...\InstallShield_{8F98F2BE-6825-4C2E-B742-5ED51819B80E}) (Version: 1.00.10.003 - FUJITSU LIMITED)
Auto Rotation Utility (Version: 1.00.10.003 - FUJITSU LIMITED) Hidden
Battery Utility (HKLM\...\{2CB72D13-3C04-46F2-A3B1-B63317F92B32}) (Version: 3.00.14.004 - FUJITSU LIMITED)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
ClickView Player (HKLM\...\{86D2B15A-CF12-4EBD-89B9-F1F9D32277A2}) (Version: 3.0.0.21 - ClickView)
Crocodile ICT 605 (HKLM\...\{3D7C603F-3E4D-4980-9493-2118721C50F2}) (Version: 1.00.0605 - Crocodile Clips)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3904 - CyberLink Corp.)
CyberLink YouCam (Version: 3.1.3904 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{28857979-5507-4C10-A922-FF709A19D38C}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
FJ Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52019.0 - Sonix)
FormatFactory 2.70 (HKLM\...\FormatFactory) (Version: 2.70 - Free Time)
Fujitsu Button Utilities (HKLM\...\{207E8B60-07D2-4B7F-97FE-0DA448606861}) (Version: 7.04.1116.2010 - Fujitsu America, Inc.)
Fujitsu Display Manager (HKLM\...\InstallShield_{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - FUJITSU LIMITED)
Fujitsu Display Manager (Version: 7.00.20.203 - FUJITSU LIMITED) Hidden
Fujitsu Hotkey Utility (HKLM\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM\...\InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.01.001 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 3.00.01.001 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.2.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.4.2.0 - FUJITSU LIMITED) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM\...\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
Google SketchUp 8 (HKLM\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
InfraRecorder (HKLM\...\InfraRecorder) (Version:  - Christian Kindahl)
InkSeine (HKLM\...\{421C5049-5831-4B50-B884-548B8EDCFFDA}) (Version: 1.2.1720 - Microsoft Research)
Inspiration 9 IE (HKLM\...\Inspiration 9 IE) (Version:  - )
Inspiration 9 PDF Driver (novaPDF 7.0 printer) (HKLM\...\Inspiration 9 PDF Driver_is1) (Version:  - Softland)
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2287 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
ISD Tablet (HKLM\...\ISD Tablet Driver) (Version: 7.0.2-17 - Wacom Technology Corp.)
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.290 - Oracle)
Kahootz 3 (HKLM\...\{E11D42F0-845A-4238-914B-491DAE6FB5C8}) (Version: 1.1.1 - The Australian Children's Television Foundation)
KeePass Password Safe 2.16 (HKLM\...\KeePassPasswordSafe2_is1) (Version:  - Dominik Reichl)
K-Lite Codec Pack 7.8.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 7.8.0 - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60831.0 - Microsoft Corporation)
Microsoft Small Basic v1.0 (HKLM\...\{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 7.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 7.0.1 (x86 en-US)) (Version: 7.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM\...\InstallShield_{16155BB8-8BC5-4E0B-AA41-B3A08545494D}) (Version: 3.1.00.18 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.1.00.18 - O2Micro International LTD.) Hidden
Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}) (Version: 3.58.0 - dotPDN LLC)
Pearson Bookshelf version 2.0 (HKLM\...\{D799CF50-72B0-473C-B5C3-D601A221B91A}_is1) (Version: 2.0 - Pearson Australia)
Photo Story 3 for Windows (HKLM\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
Pointing Device Utility (HKLM\...\InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}) (Version: 1.0.1.0 - FUJITSU LIMITED)
Pointing Device Utility (Version: 1.0.1.0 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM\...\{E330A608-195F-4C39-8B95-9AAC2C97CD99}) (Version: 32.00.10.029 - FUJITSU LIMITED)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RapidTyping (HKLM\...\RapidTyping) (Version: 4.1 - RapidTyping Software)
Real Alternative 2.0.2 (HKLM\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6263 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Creator LJ (HKLM\...\{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}) (Version: 12.1.4.8 - Roxio)
Roxio Creator LJ (Version: 1.0.511 - Roxio) Hidden
Roxio Creator LJ (Version: 5.0.0 - Roxio) Hidden
Security Panel Application for Supervisor (HKLM\...\InstallShield_{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.5.1.0 - FUJITSU LIMITED)
Security Panel Application for Supervisor (Version: 2.5.1.0 - FUJITSU LIMITED) Hidden
Sketchpad (HKLM\...\Sketchpad) (Version:  - )
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sophos Anti-Virus (HKLM\...\{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}) (Version: 10.0.12 - Sophos Limited)
Sophos AutoUpdate (HKLM\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.4.81 - Sophos Limited)
Sophos Remote Management System (HKLM\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector (KB2583935) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EDF9874C-9E37-4110-9FC3-094247E114DF}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector (KB2583935) (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{64FDCC43-8AD0-46F0-BF53-0CC27D816202}) (Version:  - Microsoft)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows Driver Package - Fujitsu America, Inc. (FjBtnDrv) HIDClass  (08/27/2009 4.2.0827.2009) (HKLM\...\F02860D720F53C6FCD75A013226E3E82F54FAB68) (Version: 08/27/2009 4.2.0827.2009 - Fujitsu America, Inc.)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XMedia Recode 3.0.3.4 (HKLM\...\XMedia Recode) (Version: 3.0.3.4 - Sebastian Dörfler)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 46%
Total physical RAM: 3241.17 MB
Available physical RAM: 1719.42 MB
Total Pagefile: 6480.63 MB
Available Pagefile: 4641.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.55 MB
 
========================= Partitions: =====================================
 
1 Drive c: (SYSTEM) (Fixed) (Total:48.73 GB) (Free:21.76 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:70.41 GB) (Free:14.3 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\NBRYANLM12
 
Administrator            Guest                    SophosSAUNBRYANLM120     
 
 
**** End of log ****
 
20:06:27.0230 0x0ff8  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
20:06:53.0253 0x0ff8  ============================================================
20:06:53.0253 0x0ff8  Current date / time: 2014/12/11 20:06:53.0253
20:06:53.0253 0x0ff8  SystemInfo:
20:06:53.0253 0x0ff8  
20:06:53.0253 0x0ff8  OS Version: 6.1.7601 ServicePack: 1.0
20:06:53.0253 0x0ff8  Product type: Workstation
20:06:53.0253 0x0ff8  ComputerName: NBRYANLM12
20:06:53.0253 0x0ff8  UserName: RYANLM12
20:06:53.0253 0x0ff8  Windows directory: C:\Windows
20:06:53.0253 0x0ff8  System windows directory: C:\Windows
20:06:53.0253 0x0ff8  Processor architecture: Intel x86
20:06:53.0253 0x0ff8  Number of processors: 4
20:06:53.0253 0x0ff8  Page size: 0x1000
20:06:53.0253 0x0ff8  Boot type: Normal boot
20:06:53.0253 0x0ff8  ============================================================
20:06:54.0263 0x0ff8  KLMD registered as C:\Windows\system32\drivers\80765841.sys
20:06:54.0353 0x0ff8  System UUID: {06E6C89C-02A4-62F7-48E9-CB2F0AAA84C2}
20:06:54.0723 0x0ff8  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:06:54.0723 0x0ff8  Drive \Device\Harddisk1\DR5 - Size: 0xEFBFFE00 ( 3.75 Gb ), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:06:54.0723 0x0ff8  ============================================================
20:06:54.0723 0x0ff8  \Device\Harddisk0\DR0:
20:06:54.0723 0x0ff8  MBR partitions:
20:06:54.0723 0x0ff8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:06:54.0723 0x0ff8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6176000
20:06:54.0723 0x0ff8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x61A8800, BlocksNum 0x8CD3000
20:06:54.0723 0x0ff8  \Device\Harddisk1\DR5:
20:06:54.0723 0x0ff8  MBR partitions:
20:06:54.0723 0x0ff8  \Device\Harddisk1\DR5\Partition1: MBR, Type 0xB, StartLBA 0x26, BlocksNum 0x779FC2
20:06:54.0723 0x0ff8  ============================================================
20:06:54.0723 0x0ff8  C: <-> \Device\Harddisk0\DR0\Partition2
20:06:54.0723 0x0ff8  D: <-> \Device\Harddisk0\DR0\Partition3
20:06:54.0723 0x0ff8  ============================================================
20:06:54.0723 0x0ff8  Initialize success
20:06:54.0723 0x0ff8  ============================================================
20:07:17.0209 0x1a44  ============================================================
20:07:17.0209 0x1a44  Scan started
20:07:17.0209 0x1a44  Mode: Manual; 
20:07:17.0209 0x1a44  ============================================================
20:07:17.0209 0x1a44  KSN ping started
20:07:20.0849 0x1a44  KSN ping finished: true
20:07:21.0079 0x1a44  ================ Scan system memory ========================
20:07:21.0079 0x1a44  System memory - ok
20:07:21.0079 0x1a44  ================ Scan services =============================
20:07:21.0119 0x1a44  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:07:21.0149 0x1a44  1394ohci - ok
20:07:21.0169 0x1a44  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:07:21.0179 0x1a44  ACPI - ok
20:07:21.0179 0x1a44  [ 79D6B28027C398B728CE7CD0570248B0, 2BB31BFF659BA864D5C64170EF0B5C4A9A1DE5700DA42028A85847C91DCEE676 ] acpials         C:\Windows\system32\DRIVERS\acpials.sys
20:07:21.0199 0x1a44  acpials - ok
20:07:21.0199 0x1a44  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:07:21.0219 0x1a44  AcpiPmi - ok
20:07:21.0219 0x1a44  [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:07:21.0249 0x1a44  AdobeARMservice - ok
20:07:21.0269 0x1a44  [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:07:21.0269 0x1a44  AdobeFlashPlayerUpdateSvc - ok
20:07:21.0279 0x1a44  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:07:21.0309 0x1a44  adp94xx - ok
20:07:21.0319 0x1a44  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:07:21.0349 0x1a44  adpahci - ok
20:07:21.0359 0x1a44  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:07:21.0389 0x1a44  adpu320 - ok
20:07:21.0399 0x1a44  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:07:21.0409 0x1a44  AeLookupSvc - ok
20:07:21.0419 0x1a44  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
20:07:21.0439 0x1a44  AFD - ok
20:07:21.0449 0x1a44  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
20:07:21.0449 0x1a44  agp440 - ok
20:07:21.0459 0x1a44  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:07:21.0479 0x1a44  aic78xx - ok
20:07:21.0489 0x1a44  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
20:07:21.0489 0x1a44  ALG - ok
20:07:21.0489 0x1a44  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:07:21.0509 0x1a44  aliide - ok
20:07:21.0509 0x1a44  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:07:21.0529 0x1a44  amdagp - ok
20:07:21.0529 0x1a44  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:07:21.0549 0x1a44  amdide - ok
20:07:21.0549 0x1a44  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:07:21.0579 0x1a44  AmdK8 - ok
20:07:21.0579 0x1a44  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:07:21.0609 0x1a44  AmdPPM - ok
20:07:21.0609 0x1a44  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:07:21.0629 0x1a44  amdsata - ok
20:07:21.0629 0x1a44  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:07:21.0649 0x1a44  amdsbs - ok
20:07:21.0649 0x1a44  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:07:21.0669 0x1a44  amdxata - ok
20:07:21.0669 0x1a44  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
20:07:21.0689 0x1a44  AppID - ok
20:07:21.0689 0x1a44  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:07:21.0699 0x1a44  AppIDSvc - ok
20:07:21.0699 0x1a44  [ FB1959012294D6AD43E5304DF65E3C26, CFE906B07FF71A178CF9C254B056C6F5A303DDC511F0E4E1E75808F1D5326495 ] Appinfo         C:\Windows\System32\appinfo.dll
20:07:21.0719 0x1a44  Appinfo - ok
20:07:21.0719 0x1a44  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:07:21.0739 0x1a44  Apple Mobile Device - ok
20:07:21.0749 0x1a44  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:07:21.0759 0x1a44  AppMgmt - ok
20:07:21.0759 0x1a44  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
20:07:21.0789 0x1a44  arc - ok
20:07:21.0799 0x1a44  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:07:21.0809 0x1a44  arcsas - ok
20:07:21.0819 0x1a44  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:07:21.0829 0x1a44  AsyncMac - ok
20:07:21.0839 0x1a44  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:07:21.0839 0x1a44  atapi - ok
20:07:21.0869 0x1a44  [ 76BAB0C824E2D05B940C4DD40A9B08BF, 237C60123F5AFF06C20757E2791C0CA383DE094DB634C239E375639B1B923844 ] athr            C:\Windows\system32\DRIVERS\athr.sys
20:07:21.0909 0x1a44  athr - ok
20:07:21.0929 0x1a44  [ 350612BBB93D9660F735C5B1B12B8F8D, B028848AE93AE870C6ECB5C6F5C5995B18B1D85EB808803A2FD5109C62B5C082 ] ATSwpWDF        C:\Windows\system32\Drivers\ATSwpWDF.sys
20:07:21.0989 0x1a44  ATSwpWDF - ok
20:07:22.0009 0x1a44  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:07:22.0019 0x1a44  AudioEndpointBuilder - ok
20:07:22.0039 0x1a44  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:07:22.0039 0x1a44  Audiosrv - ok
20:07:22.0059 0x1a44  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:07:22.0069 0x1a44  AxInstSV - ok
20:07:22.0089 0x1a44  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
20:07:22.0109 0x1a44  b06bdrv - ok
20:07:22.0119 0x1a44  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
20:07:22.0139 0x1a44  b57nd60x - ok
20:07:22.0149 0x1a44  [ 3EED6B9C8FB41FCE2EA47147AC683186, 8327640C9755C80BF7BAD53C2C611E4E1D1064C9D09EDA10E608B1A387C77547 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
20:07:22.0209 0x1a44  bcbtums - ok
20:07:22.0219 0x1a44  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
20:07:22.0230 0x1a44  BDESVC - ok
20:07:22.0230 0x1a44  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:07:22.0230 0x1a44  Beep - ok
20:07:22.0250 0x1a44  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
20:07:22.0280 0x1a44  BFE - ok
20:07:22.0290 0x1a44  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
20:07:22.0310 0x1a44  BITS - ok
20:07:22.0310 0x1a44  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:07:22.0330 0x1a44  blbdrive - ok
20:07:22.0340 0x1a44  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:07:22.0410 0x1a44  Bonjour Service - ok
20:07:22.0410 0x1a44  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:07:22.0420 0x1a44  bowser - ok
20:07:22.0430 0x1a44  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:07:22.0440 0x1a44  BrFiltLo - ok
20:07:22.0450 0x1a44  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:07:22.0460 0x1a44  BrFiltUp - ok
20:07:22.0470 0x1a44  [ 6E11F33D14D020F58D5E02E4D67DFA19, 9563E4E8CE769B7619745F6F6DE618389A1595785023BF1F295AD8301B27F0AF ] Browser         C:\Windows\System32\browser.dll
20:07:22.0470 0x1a44  Browser - ok
20:07:22.0480 0x1a44  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:07:22.0510 0x1a44  Brserid - ok
20:07:22.0510 0x1a44  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:07:22.0540 0x1a44  BrSerWdm - ok
20:07:22.0540 0x1a44  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:07:22.0550 0x1a44  BrUsbMdm - ok
20:07:22.0560 0x1a44  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:07:22.0570 0x1a44  BrUsbSer - ok
20:07:22.0580 0x1a44  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
20:07:22.0590 0x1a44  BthEnum - ok
20:07:22.0590 0x1a44  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:07:22.0610 0x1a44  BTHMODEM - ok
20:07:22.0610 0x1a44  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:07:22.0620 0x1a44  BthPan - ok
20:07:22.0640 0x1a44  [ C2FBF6D271D9A94D839C416BF186EAD9, 492F8344BD2E354C3525E1E535A1BAAAC17A38EE01868B986AC112E33B3B2A66 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
20:07:22.0650 0x1a44  BTHPORT - ok
20:07:22.0650 0x1a44  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
20:07:22.0660 0x1a44  bthserv - ok
20:07:22.0660 0x1a44  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:07:22.0670 0x1a44  BTHUSB - ok
20:07:22.0680 0x1a44  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:07:22.0680 0x1a44  cdfs - ok
20:07:22.0690 0x1a44  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
20:07:22.0690 0x1a44  cdrom - ok
20:07:22.0700 0x1a44  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:07:22.0710 0x1a44  CertPropSvc - ok
20:07:22.0720 0x1a44  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:07:22.0730 0x1a44  circlass - ok
20:07:22.0740 0x1a44  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
20:07:22.0760 0x1a44  CLFS - ok
20:07:22.0770 0x1a44  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:07:22.0810 0x1a44  clr_optimization_v2.0.50727_32 - ok
20:07:22.0820 0x1a44  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:07:22.0900 0x1a44  clr_optimization_v4.0.30319_32 - ok
20:07:22.0910 0x1a44  [ 125C828BF3673406DFD642D7BEE8434F, 0D35DFFC1B7958E5C44F8ABCAFBF965D41AB431E7829568F391B6F771523B243 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
20:07:22.0920 0x1a44  clwvd - ok
20:07:22.0930 0x1a44  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
20:07:22.0940 0x1a44  CmBatt - ok
20:07:22.0940 0x1a44  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:07:22.0960 0x1a44  cmdide - ok
20:07:22.0970 0x1a44  [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:07:23.0000 0x1a44  CNG - ok
20:07:23.0000 0x1a44  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:07:23.0010 0x1a44  Compbatt - ok
20:07:23.0020 0x1a44  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:07:23.0030 0x1a44  CompositeBus - ok
20:07:23.0030 0x1a44  COMSysApp - ok
20:07:23.0040 0x1a44  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:07:23.0040 0x1a44  crcdisk - ok
20:07:23.0050 0x1a44  [ A585BEBF7D054BD9618EDA0922D5484A, 340DF730E88F8B6A4EF542F620EBA2A720546AFAB4DFFA00F066B7610A1026C5 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:07:23.0050 0x1a44  CryptSvc - ok
20:07:23.0070 0x1a44  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
20:07:23.0080 0x1a44  CSC - ok
20:07:23.0090 0x1a44  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
20:07:23.0120 0x1a44  CscService - ok
20:07:23.0130 0x1a44  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:07:23.0140 0x1a44  DcomLaunch - ok
20:07:23.0150 0x1a44  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
20:07:23.0170 0x1a44  defragsvc - ok
20:07:23.0170 0x1a44  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:07:23.0180 0x1a44  DfsC - ok
20:07:23.0190 0x1a44  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:07:23.0190 0x1a44  Dhcp - ok
20:07:23.0200 0x1a44  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
20:07:23.0210 0x1a44  discache - ok
20:07:23.0220 0x1a44  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
20:07:23.0220 0x1a44  Disk - ok
20:07:23.0220 0x1a44  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
20:07:23.0240 0x1a44  dmvsc - ok
20:07:23.0240 0x1a44  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:07:23.0250 0x1a44  Dnscache - ok
20:07:23.0260 0x1a44  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:07:23.0260 0x1a44  dot3svc - ok
20:07:23.0270 0x1a44  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
20:07:23.0290 0x1a44  DPS - ok
20:07:23.0290 0x1a44  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:07:23.0300 0x1a44  drmkaud - ok
20:07:23.0320 0x1a44  [ 23F5D28378A160352BA8F817BD8C71CB, 11BF7B7E6276C28EFF74B8AF89B493CBB89B394D2A091708EDA15DA5C342FF19 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:07:23.0350 0x1a44  DXGKrnl - ok
20:07:23.0360 0x1a44  [ 890A46FB3D58667BE559CEE1A0252049, CF87882E75BE9B59C6263C4F5F40F55178290184BEEC3E9113CCCE29E549EAA3 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c6232.sys
20:07:23.0380 0x1a44  e1cexpress - ok
20:07:23.0390 0x1a44  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
20:07:23.0390 0x1a44  EapHost - ok
20:07:23.0460 0x1a44  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
20:07:23.0548 0x1a44  ebdrv - ok
20:07:23.0548 0x1a44  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS             C:\Windows\System32\lsass.exe
20:07:23.0568 0x1a44  EFS - ok
20:07:23.0578 0x1a44  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:07:23.0928 0x1a44  ehRecvr - ok
20:07:23.0938 0x1a44  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
20:07:23.0958 0x1a44  ehSched - ok
20:07:23.0978 0x1a44  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:07:23.0998 0x1a44  elxstor - ok
20:07:24.0008 0x1a44  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:07:24.0018 0x1a44  ErrDev - ok
20:07:24.0028 0x1a44  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
20:07:24.0038 0x1a44  EventSystem - ok
20:07:24.0048 0x1a44  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:07:24.0058 0x1a44  exfat - ok
20:07:24.0068 0x1a44  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:07:24.0068 0x1a44  fastfat - ok
20:07:24.0088 0x1a44  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
20:07:24.0118 0x1a44  Fax - ok
20:07:24.0128 0x1a44  [ 22EC3B0EA37CDF4355AE627004F3103C, 35012F3F41E4074F72D197C69C2AC222306C4A8CF1F9CB127EAC4766B0DE7DDB ] FBIOSDRV        C:\Windows\system32\Drivers\FBIOSDRV.sys
20:07:24.0138 0x1a44  FBIOSDRV - ok
20:07:24.0148 0x1a44  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
20:07:24.0148 0x1a44  fdc - ok
20:07:24.0148 0x1a44  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
20:07:24.0158 0x1a44  fdPHost - ok
20:07:24.0168 0x1a44  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:07:24.0178 0x1a44  FDResPub - ok
20:07:24.0178 0x1a44  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:07:24.0188 0x1a44  FileInfo - ok
20:07:24.0188 0x1a44  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:07:24.0198 0x1a44  Filetrace - ok
20:07:24.0208 0x1a44  [ B8AE6D633BC076D936C545103A40040E, E67C070A631CE7D0FA8247C5702924DD40F5F8DB1EFEEF53FA483F9F3BE0AA08 ] Fjbtndrv        C:\Windows\system32\drivers\FjBtnDrv.sys
20:07:24.0218 0x1a44  Fjbtndrv - ok
20:07:24.0228 0x1a44  [ 98BEA1A2FE06CB83F81A957143A98A56, 7CCE0052A9F0906AD1B664AB540C2ABA8921D88DFCDCB051B7D7DBEDB2B878E8 ] FJGSDisk        C:\Windows\system32\DRIVERS\FJGSDisk.sys
20:07:24.0238 0x1a44  FJGSDisk - ok
20:07:24.0238 0x1a44  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:07:24.0248 0x1a44  flpydisk - ok
20:07:24.0248 0x1a44  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:07:24.0258 0x1a44  FltMgr - ok
20:07:24.0278 0x1a44  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
20:07:24.0318 0x1a44  FontCache - ok
20:07:24.0328 0x1a44  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:07:24.0348 0x1a44  FontCache3.0.0.0 - ok
20:07:24.0358 0x1a44  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:07:24.0368 0x1a44  FsDepends - ok
20:07:24.0368 0x1a44  [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:07:24.0378 0x1a44  Fs_Rec - ok
20:07:24.0378 0x1a44  [ 49E588AC7D2B57F057756A91C6F36D25, 618E2CB3704C5F2681FA0FDA3ED701789DCC5322063B0EDFB3DA1272485E18A9 ] FUJ02B1         C:\Windows\system32\drivers\FUJ02B1.sys
20:07:24.0388 0x1a44  FUJ02B1 - ok
20:07:24.0398 0x1a44  [ D45474A7E5E2F35150C29A3193747884, B97D8A769D2315E493CF3A161AE0BFA51127E81B5125F4936DE42747BC6A0C7F ] FUJ02E3         C:\Windows\system32\drivers\FUJ02E3.sys
20:07:24.0408 0x1a44  FUJ02E3 - ok
20:07:24.0418 0x1a44  [ DEFB5AD49FD5890929B8195314296540, E72CFB7A395B98E085C4E7F6771D86B883A0E9F675E166C8E71FB8496B3EFF22 ] FUJ02E3Service  C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
20:07:24.0458 0x1a44  FUJ02E3Service - ok
20:07:24.0468 0x1a44  [ 8A73E79089B282100B9393B644CB853B, 844DC5AADFABBD050B967904B796BA06BFD64C9112616EA26229D084F8B3AD41 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:07:24.0488 0x1a44  fvevol - ok
20:07:24.0488 0x1a44  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:07:24.0508 0x1a44  gagp30kx - ok
20:07:24.0508 0x1a44  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:07:24.0528 0x1a44  GEARAspiWDM - ok
20:07:24.0538 0x1a44  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:07:24.0568 0x1a44  gpsvc - ok
20:07:24.0578 0x1a44  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:07:24.0608 0x1a44  gupdate - ok
20:07:24.0618 0x1a44  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:07:24.0618 0x1a44  gupdatem - ok
20:07:24.0618 0x1a44  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:07:24.0628 0x1a44  hcw85cir - ok
20:07:24.0648 0x1a44  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:07:24.0668 0x1a44  HdAudAddService - ok
20:07:24.0678 0x1a44  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:07:24.0678 0x1a44  HDAudBus - ok
20:07:24.0678 0x1a44  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:07:24.0698 0x1a44  HidBatt - ok
20:07:24.0698 0x1a44  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:07:24.0718 0x1a44  HidBth - ok
20:07:24.0718 0x1a44  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:07:24.0728 0x1a44  HidIr - ok
20:07:24.0738 0x1a44  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
20:07:24.0738 0x1a44  hidserv - ok
20:07:24.0738 0x1a44  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:07:24.0748 0x1a44  HidUsb - ok
20:07:24.0748 0x1a44  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:07:24.0758 0x1a44  hkmsvc - ok
20:07:24.0758 0x1a44  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:07:24.0778 0x1a44  HomeGroupListener - ok
20:07:24.0788 0x1a44  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:07:24.0798 0x1a44  HomeGroupProvider - ok
20:07:24.0798 0x1a44  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:07:24.0838 0x1a44  HpSAMD - ok
20:07:24.0848 0x1a44  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:07:24.0858 0x1a44  HTTP - ok
20:07:24.0868 0x1a44  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:07:24.0878 0x1a44  hwpolicy - ok
20:07:24.0888 0x1a44  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:07:24.0888 0x1a44  i8042prt - ok
20:07:24.0908 0x1a44  [ F989555F1662581032CCE1578A8FF28E, 5F9EF3ED3A9517C7E7D816D4440DCCBA108C1A272D1A12EE09E2F396B24D5ED6 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
20:07:24.0908 0x1a44  iaStor - ok
20:07:24.0928 0x1a44  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:07:24.0952 0x1a44  iaStorV - ok
20:07:24.0976 0x1a44  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:07:25.0056 0x1a44  idsvc - ok
20:07:25.0056 0x1a44  IEEtwCollectorService - ok
20:07:25.0326 0x1a44  [ 52DD6384F2F202088CD95C8F7652C9CE, EDFD19E7D1110DCC40AD43EF7566BF941BD53D041A5C8CA3407CAD82EE95B12A ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
20:07:25.0626 0x1a44  igfx - ok
20:07:25.0646 0x1a44  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:07:25.0666 0x1a44  iirsp - ok
20:07:25.0686 0x1a44  [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:07:25.0716 0x1a44  IKEEXT - ok
20:07:25.0796 0x1a44  [ A67EAA3C6F6B5F414BE3E498199D8C20, CFFC29DC2A5058B86601F840399DC0C14ECC53BB117CDCC8B19F17777E71A216 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:07:25.0916 0x1a44  IntcAzAudAddService - ok
20:07:25.0926 0x1a44  [ 5576AD2F0039D2BCCCA3567FC0BF981C, 4C782738B211B236DBDD0066BA0EDBA04E6BC5A97EF3227F2C7DAD7EBABF4C73 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:07:25.0946 0x1a44  IntcDAud - ok
20:07:25.0946 0x1a44  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:07:25.0946 0x1a44  intelide - ok
20:07:25.0956 0x1a44  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\drivers\intelppm.sys
20:07:25.0956 0x1a44  intelppm - ok
20:07:25.0966 0x1a44  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:07:25.0976 0x1a44  IPBusEnum - ok
20:07:25.0976 0x1a44  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:07:25.0996 0x1a44  IpFilterDriver - ok
20:07:26.0006 0x1a44  [ 4D65A07B795D6674312F879D09AA7663, 8D72FE0B51A6FF71F85D2602DB3AE91C8749F70869B6789552F047BA81411EDA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:07:26.0036 0x1a44  iphlpsvc - ok
20:07:26.0036 0x1a44  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:07:26.0056 0x1a44  IPMIDRV - ok
20:07:26.0056 0x1a44  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:07:26.0066 0x1a44  IPNAT - ok
20:07:26.0076 0x1a44  [ 10F97E4666133FF3E66EE7F31551536E, 9BB1BE505EC0195A4740C214FD9DA744A5D98B9114E7517ABB575F752ED59EEE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:07:26.0106 0x1a44  iPod Service - ok
20:07:26.0116 0x1a44  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:07:26.0126 0x1a44  IRENUM - ok
20:07:26.0126 0x1a44  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:07:26.0136 0x1a44  isapnp - ok
20:07:26.0146 0x1a44  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:07:26.0156 0x1a44  iScsiPrt - ok
20:07:26.0166 0x1a44  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
20:07:26.0166 0x1a44  kbdclass - ok
20:07:26.0176 0x1a44  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:07:26.0186 0x1a44  kbdhid - ok
20:07:26.0186 0x1a44  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso          C:\Windows\system32\lsass.exe
20:07:26.0196 0x1a44  KeyIso - ok
20:07:26.0196 0x1a44  [ 1E0D65F7FFEB4E99B2EEC1CCB5754CC8, FE56EA89A4D7751EAB089C58514A824FBEDB44065CF3132B897AC613E211B46B ] KR10I           C:\Windows\system32\DRIVERS\KR10I.sys
20:07:26.0296 0x1a44  KR10I - ok
20:07:26.0296 0x1a44  [ 412CEA1AA78CC02A447F5C9E62B32FF1, E06859E2CE2AFA3CE521851F8810778ED1748B812E601A58786605096AACEA81 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:07:26.0296 0x1a44  KSecDD - ok
20:07:26.0306 0x1a44  [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:07:26.0326 0x1a44  KSecPkg - ok
20:07:26.0336 0x1a44  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:07:26.0356 0x1a44  KtmRm - ok
20:07:26.0366 0x1a44  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:07:26.0366 0x1a44  LanmanServer - ok
20:07:26.0376 0x1a44  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:07:26.0386 0x1a44  LanmanWorkstation - ok
20:07:26.0386 0x1a44  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:07:26.0396 0x1a44  lltdio - ok
20:07:26.0396 0x1a44  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:07:26.0416 0x1a44  lltdsvc - ok
20:07:26.0426 0x1a44  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:07:26.0426 0x1a44  lmhosts - ok
20:07:26.0436 0x1a44  [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS             C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:07:26.0736 0x1a44  LMS - ok
20:07:26.0746 0x1a44  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:07:26.0756 0x1a44  LSI_FC - ok
20:07:26.0766 0x1a44  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:07:26.0796 0x1a44  LSI_SAS - ok
20:07:26.0796 0x1a44  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:07:26.0826 0x1a44  LSI_SAS2 - ok
20:07:26.0836 0x1a44  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:07:26.0866 0x1a44  LSI_SCSI - ok
20:07:26.0866 0x1a44  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:07:26.0876 0x1a44  luafv - ok
20:07:26.0876 0x1a44  MBAMSwissArmy - ok
20:07:26.0886 0x1a44  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:07:26.0896 0x1a44  Mcx2Svc - ok
20:07:26.0906 0x1a44  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:07:26.0916 0x1a44  megasas - ok
20:07:26.0926 0x1a44  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:07:26.0956 0x1a44  MegaSR - ok
20:07:26.0956 0x1a44  [ D86AC00883B9C98B570E7643AAF8E554, 4B4BDC01DC20F820A9D1E1B8E875B6445F9B920F0AB1E115ADD9651A368911C4 ] MEI             C:\Windows\system32\drivers\HECI.sys
20:07:27.0026 0x1a44  MEI - ok
20:07:27.0036 0x1a44  Microsoft SharePoint Workspace Audit Service - ok
20:07:27.0036 0x1a44  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
20:07:27.0056 0x1a44  MMCSS - ok
20:07:27.0056 0x1a44  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
20:07:27.0066 0x1a44  Modem - ok
20:07:27.0066 0x1a44  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:07:27.0086 0x1a44  monitor - ok
20:07:27.0086 0x1a44  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:07:27.0086 0x1a44  mouclass - ok
20:07:27.0096 0x1a44  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:07:27.0096 0x1a44  mouhid - ok
20:07:27.0106 0x1a44  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:07:27.0106 0x1a44  mountmgr - ok
20:07:27.0116 0x1a44  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:07:27.0126 0x1a44  mpio - ok
20:07:27.0137 0x1a44  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:07:27.0147 0x1a44  mpsdrv - ok
20:07:27.0167 0x1a44  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:07:27.0187 0x1a44  MpsSvc - ok
20:07:27.0197 0x1a44  [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:07:27.0197 0x1a44  MRxDAV - ok
20:07:27.0207 0x1a44  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:07:27.0227 0x1a44  mrxsmb - ok
20:07:27.0237 0x1a44  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:07:27.0247 0x1a44  mrxsmb10 - ok
20:07:27.0258 0x1a44  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:07:27.0268 0x1a44  mrxsmb20 - ok
20:07:27.0278 0x1a44  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:07:27.0288 0x1a44  msahci - ok
20:07:27.0298 0x1a44  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:07:27.0308 0x1a44  msdsm - ok
20:07:27.0318 0x1a44  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
20:07:27.0318 0x1a44  MSDTC - ok
20:07:27.0328 0x1a44  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:07:27.0328 0x1a44  Msfs - ok
20:07:27.0338 0x1a44  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:07:27.0348 0x1a44  mshidkmdf - ok
20:07:27.0358 0x1a44  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:07:27.0358 0x1a44  msisadrv - ok
20:07:27.0358 0x1a44  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:07:27.0378 0x1a44  MSiSCSI - ok
20:07:27.0378 0x1a44  msiserver - ok
20:07:27.0388 0x1a44  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:07:27.0398 0x1a44  MSKSSRV - ok
20:07:27.0408 0x1a44  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:07:27.0418 0x1a44  MSPCLOCK - ok
20:07:27.0428 0x1a44  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:07:27.0438 0x1a44  MSPQM - ok
20:07:27.0448 0x1a44  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:07:27.0468 0x1a44  MsRPC - ok
20:07:27.0468 0x1a44  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:07:27.0478 0x1a44  mssmbios - ok
20:07:27.0478 0x1a44  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:07:27.0488 0x1a44  MSTEE - ok
20:07:27.0498 0x1a44  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:07:27.0508 0x1a44  MTConfig - ok
20:07:27.0518 0x1a44  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:07:27.0518 0x1a44  Mup - ok
20:07:27.0528 0x1a44  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
20:07:27.0538 0x1a44  napagent - ok
20:07:27.0548 0x1a44  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:07:27.0568 0x1a44  NativeWifiP - ok
20:07:27.0588 0x1a44  [ 3723262737D90F58059CEDA7373B0387, DB743B219D8BB3E05AD70FFC8FB726534E55C6D8F3A05CE61E6C6B2FCBEF0414 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:07:27.0608 0x1a44  NDIS - ok
20:07:27.0608 0x1a44  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:07:27.0618 0x1a44  NdisCap - ok
20:07:27.0628 0x1a44  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:07:27.0628 0x1a44  NdisTapi - ok
20:07:27.0628 0x1a44  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:07:27.0638 0x1a44  Ndisuio - ok
20:07:27.0638 0x1a44  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:07:27.0648 0x1a44  NdisWan - ok
20:07:27.0648 0x1a44  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:07:27.0648 0x1a44  NDProxy - ok
20:07:27.0658 0x1a44  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:07:27.0658 0x1a44  NetBIOS - ok
20:07:27.0668 0x1a44  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:07:27.0678 0x1a44  NetBT - ok
20:07:27.0678 0x1a44  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon        C:\Windows\system32\lsass.exe
20:07:27.0678 0x1a44  Netlogon - ok
20:07:27.0688 0x1a44  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
20:07:27.0698 0x1a44  Netman - ok
20:07:27.0708 0x1a44  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
20:07:27.0718 0x1a44  netprofm - ok
20:07:27.0728 0x1a44  [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:07:27.0778 0x1a44  NetTcpPortSharing - ok
20:07:27.0968 0x1a44  [ A389AD6A9D456B50449DBD28877801CC, 582493385ADFAE85DCCB6B7A603EC30CC9DB3C7E0EBFF4CDA579029C9FE87928 ] NETwNs32        C:\Windows\system32\DRIVERS\NETwNs32.sys
20:07:28.0148 0x1a44  NETwNs32 - ok
20:07:28.0158 0x1a44  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:07:28.0168 0x1a44  nfrd960 - ok
20:07:28.0178 0x1a44  [ 912084381D30D8B89EC4E293053F4710, 99B8CD043DF531D4B9725ED167F63CED220608B2FED3EE8250C217D15762DFD7 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:07:28.0198 0x1a44  NlaSvc - ok
20:07:28.0208 0x1a44  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:07:28.0208 0x1a44  Npfs - ok
20:07:28.0208 0x1a44  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
20:07:28.0228 0x1a44  nsi - ok
20:07:28.0228 0x1a44  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:07:28.0228 0x1a44  nsiproxy - ok
20:07:28.0268 0x1a44  [ 81189C3D7763838E55C397759D49007A, 680800947511E5E4EB09D915C70E7BB25AB29584F1928BB51D9586D32CDBAAA3 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:07:28.0298 0x1a44  Ntfs - ok
20:07:28.0298 0x1a44  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
20:07:28.0298 0x1a44  Null - ok
20:07:28.0308 0x1a44  [ F0CBF252811BC5FC49E7ECCA3EE9519F, 769DE13260C056A5102FCE0FF97DD8371A826376516149C890C64BEF32EAD01B ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
20:07:28.0328 0x1a44  nusb3hub - ok
20:07:28.0338 0x1a44  [ BDC5FF9B669B5475E3A6E47E5608205C, 98644F5D6190765D318871466B224F1E7F51670FD1DCE6C858863C4C856511A4 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
20:07:28.0358 0x1a44  nusb3xhc - ok
20:07:28.0368 0x1a44  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:07:28.0378 0x1a44  nvraid - ok
20:07:28.0388 0x1a44  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:07:28.0418 0x1a44  nvstor - ok
20:07:28.0418 0x1a44  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:07:28.0438 0x1a44  nv_agp - ok
20:07:28.0438 0x1a44  [ 4E37455DB16AEC75862B1D0BC35B589E, F60FCE0C3E6C1559B0A8E0A032AFD30216E1DE2142E8E4C181C43DB6C4B5A443 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
20:07:28.0488 0x1a44  O2FLASH - ok
20:07:28.0488 0x1a44  [ 5F63917FCC257ED11E828230BE594194, 25CE216077DF06F00FB3EE996A4833868670EC4ACC66DFF1BDAF5830D83F7218 ] O2MDFRDR        C:\Windows\system32\drivers\O2MDFw7.sys
20:07:28.0508 0x1a44  O2MDFRDR - ok
20:07:28.0518 0x1a44  [ FDC901900D9B1B671B3388C3023BD2EA, 890AA5F358615E198DFE093E9C867E35999F9F4428B1A18DA8C5E753CFCC6C30 ] O2MDRRDR        C:\Windows\system32\drivers\O2MDRw7.sys
20:07:28.0538 0x1a44  O2MDRRDR - ok
20:07:28.0548 0x1a44  [ E8046E8596892F35EE26FE6171CE2C56, BF040681A2B20498EC3E94E68DE3291BF77B8E9C616C4BDF63EC20E0A81C1380 ] O2SDJRDR        C:\Windows\system32\drivers\o2sdjw7.sys
20:07:28.0578 0x1a44  O2SDJRDR - ok
20:07:28.0578 0x1a44  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:07:28.0608 0x1a44  ohci1394 - ok
20:07:28.0608 0x1a44  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:07:28.0638 0x1a44  ose - ok
20:07:28.0748 0x1a44  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:07:28.0998 0x1a44  osppsvc - ok
20:07:29.0008 0x1a44  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:07:29.0028 0x1a44  p2pimsvc - ok
20:07:29.0038 0x1a44  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:07:29.0058 0x1a44  p2psvc - ok
20:07:29.0058 0x1a44  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
20:07:29.0058 0x1a44  Parport - ok
20:07:29.0068 0x1a44  [ BF8F6AF06DA75B336F07E23AEF97D93B, 2F2C4314872732550A112BFF2F803484D4A3D697F0D69D352350CE208FD8A1A4 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:07:29.0068 0x1a44  partmgr - ok
20:07:29.0078 0x1a44  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:07:29.0078 0x1a44  Parvdm - ok
20:07:29.0088 0x1a44  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:07:29.0108 0x1a44  PcaSvc - ok
20:07:29.0108 0x1a44  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
20:07:29.0118 0x1a44  pci - ok
20:07:29.0118 0x1a44  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:07:29.0128 0x1a44  pciide - ok
20:07:29.0128 0x1a44  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:07:29.0148 0x1a44  pcmcia - ok
20:07:29.0158 0x1a44  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:07:29.0168 0x1a44  pcw - ok
20:07:29.0188 0x1a44  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:07:29.0198 0x1a44  PEAUTH - ok
20:07:29.0228 0x1a44  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
20:07:29.0268 0x1a44  PeerDistSvc - ok
20:07:29.0308 0x1a44  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
20:07:29.0358 0x1a44  pla - ok
20:07:29.0368 0x1a44  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:07:29.0378 0x1a44  PlugPlay - ok
20:07:29.0388 0x1a44  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:07:29.0398 0x1a44  PNRPAutoReg - ok
20:07:29.0408 0x1a44  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:07:29.0418 0x1a44  PNRPsvc - ok
20:07:29.0428 0x1a44  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:07:29.0438 0x1a44  PolicyAgent - ok
20:07:29.0448 0x1a44  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
20:07:29.0628 0x1a44  Power - ok
20:07:29.0638 0x1a44  [ AEA6984F3DD10A76552480D46CF17EBD, 3EA7F8BE8B5E5370D919D3E1A3528A0CE871F285E72110DDCF26D103A00A7189 ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe
20:07:31.0088 0x1a44  PowerSavingUtilityService - ok
20:07:31.0108 0x1a44  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:07:31.0118 0x1a44  PptpMiniport - ok
20:07:31.0208 0x1a44  [ 7B90821B8384201C706A19ABE901B72D, A5D9F3B398FCC3067817834EFDB529606393C3502CAAF1BD231BF11426EE92B6 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll
20:07:31.0278 0x1a44  PrintNotify - ok
20:07:31.0288 0x1a44  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
20:07:31.0308 0x1a44  Processor - ok
20:07:31.0308 0x1a44  [ 43CA4CCC22D52FB58E8988F0198851D0, DF67BD70D9D82677AE61244B4E54677A5008A7F5EB531DF2A7E7D33F1658EA78 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:07:31.0328 0x1a44  ProfSvc - ok
20:07:31.0328 0x1a44  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:07:31.0328 0x1a44  ProtectedStorage - ok
20:07:31.0338 0x1a44  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:07:31.0348 0x1a44  Psched - ok
20:07:31.0348 0x1a44  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
20:07:31.0368 0x1a44  PxHelp20 - ok
20:07:31.0408 0x1a44  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:07:31.0458 0x1a44  ql2300 - ok
20:07:31.0458 0x1a44  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:07:31.0488 0x1a44  ql40xx - ok
20:07:31.0498 0x1a44  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
20:07:31.0518 0x1a44  QWAVE - ok
20:07:31.0518 0x1a44  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:07:31.0538 0x1a44  QWAVEdrv - ok
20:07:31.0538 0x1a44  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:07:31.0538 0x1a44  RasAcd - ok
20:07:31.0548 0x1a44  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:07:31.0558 0x1a44  RasAgileVpn - ok
20:07:31.0558 0x1a44  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
20:07:31.0568 0x1a44  RasAuto - ok
20:07:31.0568 0x1a44  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:07:31.0578 0x1a44  Rasl2tp - ok
20:07:31.0588 0x1a44  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
20:07:31.0602 0x1a44  RasMan - ok
20:07:31.0608 0x1a44  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:07:31.0610 0x1a44  RasPppoe - ok
20:07:31.0610 0x1a44  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:07:31.0630 0x1a44  RasSstp - ok
20:07:31.0640 0x1a44  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:07:31.0640 0x1a44  rdbss - ok
20:07:31.0650 0x1a44  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
20:07:31.0660 0x1a44  rdpbus - ok
20:07:31.0660 0x1a44  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:07:31.0660 0x1a44  RDPCDD - ok
20:07:31.0670 0x1a44  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:07:31.0680 0x1a44  RDPDR - ok
20:07:31.0680 0x1a44  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:07:31.0690 0x1a44  RDPENCDD - ok
20:07:31.0690 0x1a44  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:07:31.0710 0x1a44  RDPREFMP - ok
20:07:31.0710 0x1a44  [ 288B06960D78428FF89E811632684E20, 82FB13C2749637E172381C9C205080921A45453191B6246C5D3FE946A06D17F5 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:07:31.0720 0x1a44  RDPWD - ok
20:07:31.0730 0x1a44  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:07:31.0750 0x1a44  rdyboost - ok
20:07:31.0750 0x1a44  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:07:31.0760 0x1a44  RemoteAccess - ok
20:07:31.0760 0x1a44  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:07:31.0770 0x1a44  RemoteRegistry - ok
20:07:31.0780 0x1a44  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:07:31.0790 0x1a44  RFCOMM - ok
20:07:31.0790 0x1a44  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:07:31.0810 0x1a44  RpcEptMapper - ok
20:07:31.0810 0x1a44  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
20:07:31.0820 0x1a44  RpcLocator - ok
20:07:31.0830 0x1a44  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
20:07:31.0830 0x1a44  RpcSs - ok
20:07:31.0840 0x1a44  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:07:31.0840 0x1a44  rspndr - ok
20:07:31.0850 0x1a44  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
20:07:31.0860 0x1a44  s3cap - ok
20:07:31.0870 0x1a44  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs           C:\Windows\system32\lsass.exe
20:07:31.0870 0x1a44  SamSs - ok
20:07:31.0890 0x1a44  [ 987704F962C0C4FD00A6A46492F5F26A, 9967F9A8776047EA8222A16291234AC3D8FC3D3EA2998BC1E2F7D2E8FCD104E8 ] SAVAdminService C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
20:07:31.0890 0x1a44  SAVAdminService - ok
20:07:31.0900 0x1a44  [ E2C05310219E327E232291543C348B73, 2CB630161E4E619C567EF24CD190B7CCD119F166B555234E52A7C32755B4A589 ] SAVOnAccess     C:\Windows\system32\DRIVERS\savonaccess.sys
20:07:31.0910 0x1a44  SAVOnAccess - ok
20:07:31.0910 0x1a44  [ 1B7CD145B1760EC6FA0D7F07FF44C612, CC62258627911EDFE9DA8611B59DB12EF5DB2B3CE38791CD81F8A8EAFE8F6A29 ] SAVService      C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
20:07:31.0940 0x1a44  SAVService - ok
20:07:31.0950 0x1a44  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:07:31.0960 0x1a44  sbp2port - ok
20:07:31.0970 0x1a44  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:07:31.0980 0x1a44  SCardSvr - ok
20:07:31.0990 0x1a44  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:07:32.0000 0x1a44  scfilter - ok
20:07:32.0020 0x1a44  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
20:07:32.0040 0x1a44  Schedule - ok
20:07:32.0050 0x1a44  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:07:32.0050 0x1a44  SCPolicySvc - ok
20:07:32.0060 0x1a44  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:07:32.0070 0x1a44  sdbus - ok
20:07:32.0070 0x1a44  [ 4F21774E1259A546B992D9EAACDFD778, DEE10A0BDDE0388C10904AE810774930EF116CC9FA053AE61E73F5AD9D972A8A ] sdcfilter       C:\Windows\system32\DRIVERS\sdcfilter.sys
20:07:32.0100 0x1a44  sdcfilter - ok
20:07:32.0110 0x1a44  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:07:32.0130 0x1a44  SDRSVC - ok
20:07:32.0130 0x1a44  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:07:32.0140 0x1a44  secdrv - ok
20:07:32.0150 0x1a44  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
20:07:32.0150 0x1a44  seclogon - ok
20:07:32.0160 0x1a44  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
20:07:32.0160 0x1a44  SENS - ok
20:07:32.0170 0x1a44  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:07:32.0180 0x1a44  SensrSvc - ok
20:07:32.0180 0x1a44  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:07:32.0180 0x1a44  Serenum - ok
20:07:32.0190 0x1a44  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
20:07:32.0190 0x1a44  Serial - ok
20:07:32.0200 0x1a44  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:07:32.0210 0x1a44  sermouse - ok
20:07:32.0220 0x1a44  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:07:32.0230 0x1a44  SessionEnv - ok
20:07:32.0230 0x1a44  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:07:32.0240 0x1a44  sffdisk - ok
20:07:32.0250 0x1a44  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:07:32.0260 0x1a44  sffp_mmc - ok
20:07:32.0260 0x1a44  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:07:32.0270 0x1a44  sffp_sd - ok
20:07:32.0281 0x1a44  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:07:32.0281 0x1a44  sfloppy - ok
20:07:32.0291 0x1a44  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:07:32.0301 0x1a44  SharedAccess - ok
20:07:32.0311 0x1a44  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:07:32.0321 0x1a44  ShellHWDetection - ok
20:07:32.0321 0x1a44  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:07:32.0341 0x1a44  sisagp - ok
20:07:32.0341 0x1a44  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:07:32.0361 0x1a44  SiSRaid2 - ok
20:07:32.0361 0x1a44  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:07:32.0381 0x1a44  SiSRaid4 - ok
20:07:32.0381 0x1a44  [ E407A8EEA2FD4BF560C05C0EBF1793B3, A28E90F3D22687D27C02CA4E1C08DFDE8A2553E7D0FD1F3FA3187E2C69C4C7E1 ] SKMScan         C:\Windows\system32\DRIVERS\skmscan.sys
20:07:32.0391 0x1a44  SKMScan - ok
20:07:32.0401 0x1a44  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
20:07:32.0441 0x1a44  SkypeUpdate - ok
20:07:32.0441 0x1a44  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:07:32.0451 0x1a44  Smb - ok
20:07:32.0451 0x1a44  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:07:32.0471 0x1a44  SNMPTRAP - ok
20:07:32.0511 0x1a44  [ F6651FA59961409FA5AB5A3618724AFE, 450E97536A1B3E91C0E570B6118F9AE5EA709D6834B400FCECD56CB714050F7B ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
20:07:32.0591 0x1a44  SNP2UVC - ok
20:07:32.0611 0x1a44  [ 3068CF091B4334B998380E9C877F5549, 1A4BA13184FFF45D479A28C1A71E1CF5CA5C7C5FAD84DAD87BF921EFDD2EB935 ] Sophos Agent    C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
20:07:32.0641 0x1a44  Sophos Agent - ok
20:07:32.0661 0x1a44  [ D9F13BBDFB1997FD10B9733131F8EE63, B829D9050E9073FE9A30F6F5E7D79E7A8FBDC0CE1238E994F5D6EA87497A56FC ] Sophos AutoUpdate Service C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
20:07:32.0681 0x1a44  Sophos AutoUpdate Service - ok
20:07:32.0711 0x1a44  [ 1C3D8A4B93A97E3C46B3D01F6F321DC4, D5B7488A57B81BD474D4D9EBC9A594E5BE952684E6DCB9416736917D6471A949 ] Sophos Message Router C:\Program Files\Sophos\Remote Management System\RouterNT.exe
20:07:32.0771 0x1a44  Sophos Message Router - ok
20:07:32.0781 0x1a44  [ BD03374253F79CE7A716A870DC85BD84, 668FD4879FE0C2ECD535A042A4F63491966429F2A3B71057615B91CADD4611FA ] Sophos Web Control Service C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
20:07:32.0781 0x1a44  Sophos Web Control Service - ok
20:07:32.0791 0x1a44  [ F2B7BD04146B3E6A895A1919E1F5DA89, D5A46DC11C9193C1BF69464EF62A6C741F53B79A88C1795530D7246F85F92D8B ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
20:07:32.0791 0x1a44  SophosBootDriver - ok
20:07:32.0801 0x1a44  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:07:32.0811 0x1a44  spldr - ok
20:07:32.0821 0x1a44  [ 866A43013535DC8587C258E43579C764, B2BE846B5167A2ECD1E30C69A81385FCC6EAE6033394D08458A5583D311C4D82 ] Spooler         C:\Windows\System32\spoolsv.exe
20:07:32.0831 0x1a44  Spooler - ok
20:07:32.0911 0x1a44  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
20:07:33.0071 0x1a44  sppsvc - ok
20:07:33.0081 0x1a44  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:07:33.0091 0x1a44  sppuinotify - ok
20:07:33.0101 0x1a44  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:07:33.0111 0x1a44  srv - ok
20:07:33.0121 0x1a44  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:07:33.0141 0x1a44  srv2 - ok
20:07:33.0151 0x1a44  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:07:33.0161 0x1a44  srvnet - ok
20:07:33.0171 0x1a44  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:07:33.0181 0x1a44  SSDPSRV - ok
20:07:33.0181 0x1a44  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:07:33.0201 0x1a44  SstpSvc - ok
20:07:33.0201 0x1a44  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:07:33.0221 0x1a44  stexstor - ok
20:07:33.0231 0x1a44  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
20:07:33.0251 0x1a44  StiSvc - ok
20:07:33.0251 0x1a44  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
20:07:33.0271 0x1a44  storflt - ok
20:07:33.0281 0x1a44  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
20:07:33.0291 0x1a44  StorSvc - ok
20:07:33.0291 0x1a44  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:07:33.0311 0x1a44  storvsc - ok
20:07:33.0311 0x1a44  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:07:33.0311 0x1a44  swenum - ok
20:07:33.0381 0x1a44  [ B3379659D773BFDD3B631F5FEE2FF2B3, AA53EE515BE2821CC30B35BFC18283627E7B8CEE4CDB2C33209B06AA75DA74A6 ] swi_service     C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
20:07:33.0681 0x1a44  swi_service - ok
20:07:33.0721 0x1a44  [ BD8684D96EB9436EB145A6E03D693A45, 61CE612370189F022B59A18869946BF4E1AC515BA2F784FBBAB65F23A4B3640B ] swi_update      C:\ProgramData\Sophos\Web Intelligence\swi_update.exe
20:07:33.0791 0x1a44  swi_update - ok
20:07:33.0801 0x1a44  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
20:07:33.0811 0x1a44  swprv - ok
20:07:33.0841 0x1a44  [ 6944C0884AB8445433DE0DC03F48137A, F5F5404B9EEE6EF55916E543AD0B9C8B8A1648F8F0983F01ED05593E9EF59F76 ] SynTP           C:\Windows\system32\drivers\SynTP.sys
20:07:33.0921 0x1a44  SynTP - ok
20:07:33.0951 0x1a44  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
20:07:33.0991 0x1a44  SysMain - ok
20:07:34.0001 0x1a44  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
20:07:34.0011 0x1a44  TabletInputService - ok
20:07:34.0121 0x1a44  [ F07D2284D4A5B5A0370E04C86BD83D88, EF93B783D0D344079A0D74D2781DD12E8E14390BA42E0AAA8D02A35EABE8C850 ] TabletServiceISD C:\Program Files\Tablet\ISD\ISD_Tablet.exe
20:07:34.0281 0x1a44  TabletServiceISD - ok
20:07:34.0301 0x1a44  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:07:34.0311 0x1a44  TapiSrv - ok
20:07:34.0311 0x1a44  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
20:07:34.0331 0x1a44  TBS - ok
20:07:34.0361 0x1a44  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:07:34.0391 0x1a44  Tcpip - ok
20:07:34.0421 0x1a44  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:07:34.0441 0x1a44  TCPIP6 - ok
20:07:34.0451 0x1a44  [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:07:34.0451 0x1a44  tcpipreg - ok
20:07:34.0461 0x1a44  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:07:34.0471 0x1a44  TDPIPE - ok
20:07:34.0471 0x1a44  [ 2C10395BAA4847F83042813C515CC289, CBC058AE2EB6AA5905F9D2EF52573E1C06330462952E6D6E7083F8DB2C441E3E ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:07:34.0481 0x1a44  TDTCP - ok
20:07:34.0481 0x1a44  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:07:34.0491 0x1a44  tdx - ok
20:07:34.0491 0x1a44  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:07:34.0501 0x1a44  TermDD - ok
20:07:34.0511 0x1a44  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
20:07:34.0531 0x1a44  TermService - ok
20:07:34.0531 0x1a44  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
20:07:34.0541 0x1a44  Themes - ok
20:07:34.0551 0x1a44  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:07:34.0551 0x1a44  THREADORDER - ok
20:07:34.0561 0x1a44  [ 9A287C3E3B064C292F864AFF4615C8F9, 28E1C5F3548CF690238D8AB46653EFED7CEAA1957CC75660557356A31EC76DD6 ] TouchServiceISD C:\Program Files\Tablet\ISD\ISD_TouchService.exe
20:07:34.0591 0x1a44  TouchServiceISD - ok
20:07:34.0591 0x1a44  [ 5AD05191DC8B444A7BA4D79B76C42A30, 6166E939A5A240388EBA5AF7FF335DC413F2BBCF74C2E1D310F4BE2A5454A610 ] TPM             C:\Windows\system32\drivers\tpm.sys
20:07:34.0611 0x1a44  TPM - ok
20:07:34.0611 0x1a44  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
20:07:34.0621 0x1a44  TrkWks - ok
20:07:34.0631 0x1a44  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:07:34.0731 0x1a44  TrustedInstaller - ok
20:07:34.0741 0x1a44  [ 254BB140EEE3C59D6114C1A86B636877, EE09D62E90407A40278F2136F640DAB16A4E2BF57D4FB6E05F92CA9CC9CF57C0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:07:34.0751 0x1a44  tssecsrv - ok
20:07:34.0751 0x1a44  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:07:34.0771 0x1a44  TsUsbFlt - ok
20:07:34.0781 0x1a44  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:07:34.0801 0x1a44  TsUsbGD - ok
20:07:34.0801 0x1a44  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:07:34.0821 0x1a44  tunnel - ok
20:07:34.0821 0x1a44  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:07:34.0831 0x1a44  uagp35 - ok
20:07:34.0841 0x1a44  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:07:34.0861 0x1a44  udfs - ok
20:07:34.0871 0x1a44  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:07:34.0891 0x1a44  UI0Detect - ok
20:07:34.0901 0x1a44  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:07:34.0911 0x1a44  uliagpkx - ok
20:07:34.0921 0x1a44  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:07:34.0931 0x1a44  umbus - ok
20:07:34.0931 0x1a44  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:07:34.0941 0x1a44  UmPass - ok
20:07:34.0951 0x1a44  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:07:34.0971 0x1a44  UmRdpService - ok
20:07:35.0041 0x1a44  [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS             C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:07:35.0301 0x1a44  UNS - ok
20:07:35.0311 0x1a44  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
20:07:35.0321 0x1a44  upnphost - ok
20:07:35.0331 0x1a44  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:07:35.0341 0x1a44  USBAAPL - ok
20:07:35.0351 0x1a44  [ 4663AD7F61519E88687393BFCB154E4C, 40813F0122F85D8CF868D8349256AEC1ECDE046D57E90669918D02641213A729 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
20:07:35.0351 0x1a44  usbccgp - ok
20:07:35.0361 0x1a44  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:07:35.0371 0x1a44  usbcir - ok
20:07:35.0381 0x1a44  [ F92DE757E4B7CE9C07C5E65423F3AE3B, B3FDEE4A8F1C7EC12405D99ACABC3E633FA4ED08D2A2AA871526ED7927A35A91 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:07:35.0381 0x1a44  usbehci - ok
20:07:35.0391 0x1a44  [ 57CA3E7C775C22C62927A41838E10938, DB9D2C4CAD729AC7D98DCE5636CAA25F239FF71C86FDBD4AD807F8E37C183A9B ] usbhub          C:\Windows\system32\drivers\usbhub.sys
20:07:35.0391 0x1a44  usbhub - ok
20:07:35.0401 0x1a44  [ E185D44FAC515A18D9DEDDC23C2CDF44, EF69D0253CC8F1D29929FD5E74F18737ECF5D238874B6E1505E2EAEE66D9D987 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:07:35.0411 0x1a44  usbohci - ok
20:07:35.0411 0x1a44  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:07:35.0421 0x1a44  usbprint - ok
20:07:35.0431 0x1a44  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:07:35.0431 0x1a44  USBSTOR - ok
20:07:35.0441 0x1a44  [ 68DF884CF41CDADA664BEB01DAF67E3D, 142781FE2FF93B269D8FA11D4C3F60967552A867E94533D94EF1C2D777A67872 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:07:35.0441 0x1a44  usbuhci - ok
20:07:35.0451 0x1a44  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2, F9B72DE82078FDB5551D48988190F46EECA9B99655C591B7865FEA1AFB31F637 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:07:35.0471 0x1a44  usbvideo - ok
20:07:35.0471 0x1a44  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
20:07:35.0491 0x1a44  UxSms - ok
20:07:35.0491 0x1a44  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc        C:\Windows\system32\lsass.exe
20:07:35.0491 0x1a44  VaultSvc - ok
20:07:35.0501 0x1a44  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:07:35.0511 0x1a44  vdrvroot - ok
20:07:35.0521 0x1a44  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
20:07:35.0561 0x1a44  vds - ok
20:07:35.0561 0x1a44  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:07:35.0581 0x1a44  vga - ok
20:07:35.0581 0x1a44  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:07:35.0581 0x1a44  VgaSave - ok
20:07:35.0591 0x1a44  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:07:35.0611 0x1a44  vhdmp - ok
20:07:35.0611 0x1a44  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:07:35.0631 0x1a44  viaagp - ok
20:07:35.0631 0x1a44  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:07:35.0661 0x1a44  ViaC7 - ok
20:07:35.0661 0x1a44  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:07:35.0671 0x1a44  viaide - ok
20:07:35.0681 0x1a44  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:07:35.0711 0x1a44  vmbus - ok
20:07:35.0711 0x1a44  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
20:07:35.0731 0x1a44  VMBusHID - ok
20:07:35.0731 0x1a44  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:07:35.0741 0x1a44  volmgr - ok
20:07:35.0751 0x1a44  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:07:35.0761 0x1a44  volmgrx - ok
20:07:35.0771 0x1a44  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:07:35.0771 0x1a44  volsnap - ok
20:07:35.0781 0x1a44  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:07:35.0801 0x1a44  vsmraid - ok
20:07:35.0821 0x1a44  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
20:07:35.0851 0x1a44  VSS - ok
20:07:35.0851 0x1a44  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:07:35.0871 0x1a44  vwifibus - ok
20:07:35.0871 0x1a44  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:07:35.0881 0x1a44  vwififlt - ok
20:07:35.0891 0x1a44  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:07:35.0901 0x1a44  vwifimp - ok
20:07:35.0911 0x1a44  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
20:07:35.0921 0x1a44  W32Time - ok
20:07:35.0931 0x1a44  [ 369784E6265417C87C345C4A8481EC2C, 80D49BFE27B935392CE566FEA7A8246F0FE5E2AF02F74E0B99E35D45FA5404FE ] wacomhidfilter  C:\Windows\system32\drivers\wacomhidfilter.sys
20:07:35.0941 0x1a44  wacomhidfilter - ok
20:07:35.0951 0x1a44  [ 427A8BC96F16C40DF81C2D2F4EDD32DD, C65B089140D4A7218FC5B6EEDCCE498DF1F71BBE375762C9092FAC02CAE1CEC7 ] wacommousefilter C:\Windows\system32\drivers\wacommousefilter.sys
20:07:35.0961 0x1a44  wacommousefilter - ok
20:07:35.0961 0x1a44  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:07:35.0981 0x1a44  WacomPen - ok
20:07:35.0981 0x1a44  [ 846B58EA44BF8C92E4B59F4E2252C4C0, C5803CB7F2D584D4C9E648E05355063C47197949F1B4085F38000733BB18BEA9 ] wacomvhid       C:\Windows\system32\drivers\wacomvhid.sys
20:07:36.0001 0x1a44  wacomvhid - ok
20:07:36.0001 0x1a44  [ C497C0A80BAD225244B1CA6C86FA3463, 4AF546FC117EDAD3CFFAC3C22205DC9F5E410D3A3C4D11AAFD4D8251541CFE46 ] wacomvthid      C:\Windows\system32\drivers\WacomVTHid.sys
20:07:36.0021 0x1a44  wacomvthid - ok
20:07:36.0021 0x1a44  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:07:36.0031 0x1a44  WANARP - ok
20:07:36.0031 0x1a44  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:07:36.0031 0x1a44  Wanarpv6 - ok
20:07:36.0071 0x1a44  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:07:36.0131 0x1a44  WatAdminSvc - ok
20:07:36.0161 0x1a44  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
20:07:36.0211 0x1a44  wbengine - ok
20:07:36.0211 0x1a44  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:07:36.0231 0x1a44  WbioSrvc - ok
20:07:36.0241 0x1a44  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:07:36.0261 0x1a44  wcncsvc - ok
20:07:36.0261 0x1a44  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:07:36.0281 0x1a44  WcsPlugInService - ok
20:07:36.0281 0x1a44  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
20:07:36.0291 0x1a44  Wd - ok
20:07:36.0311 0x1a44  [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:07:36.0331 0x1a44  Wdf01000 - ok
20:07:36.0341 0x1a44  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:07:36.0341 0x1a44  WdiServiceHost - ok
20:07:36.0351 0x1a44  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:07:36.0351 0x1a44  WdiSystemHost - ok
20:07:36.0361 0x1a44  [ 6D13939B0E56273550E89E12588E7785, 8DE4B4B6FD79E77F8184CCAF85DD6617749DDC36574FD9C4357C1377D2C29945 ] wdkmd           C:\Windows\system32\DRIVERS\WDKMD.sys
20:07:36.0371 0x1a44  wdkmd - ok
20:07:36.0381 0x1a44  [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient       C:\Windows\System32\webclnt.dll
20:07:36.0391 0x1a44  WebClient - ok
20:07:36.0391 0x1a44  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:07:36.0411 0x1a44  Wecsvc - ok
20:07:36.0421 0x1a44  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:07:36.0431 0x1a44  wercplsupport - ok
20:07:36.0441 0x1a44  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
20:07:36.0441 0x1a44  WerSvc - ok
20:07:36.0441 0x1a44  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:07:36.0461 0x1a44  WfpLwf - ok
20:07:36.0461 0x1a44  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:07:36.0471 0x1a44  WIMMount - ok
20:07:36.0491 0x1a44  [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:07:36.0521 0x1a44  WinDefend - ok
20:07:36.0531 0x1a44  WinHttpAutoProxySvc - ok
20:07:36.0541 0x1a44  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:07:36.0561 0x1a44  Winmgmt - ok
20:07:36.0591 0x1a44  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
20:07:36.0631 0x1a44  WinRM - ok
20:07:36.0641 0x1a44  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:07:36.0661 0x1a44  WinUsb - ok
20:07:36.0681 0x1a44  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:07:36.0711 0x1a44  Wlansvc - ok
20:07:36.0751 0x1a44  [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:07:36.0821 0x1a44  wlidsvc - ok
20:07:36.0831 0x1a44  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:07:36.0841 0x1a44  WmiAcpi - ok
20:07:36.0851 0x1a44  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:07:36.0961 0x1a44  wmiApSrv - ok
20:07:36.0991 0x1a44  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:07:37.0041 0x1a44  WMPNetworkSvc - ok
20:07:37.0041 0x1a44  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:07:37.0051 0x1a44  WPCSvc - ok
20:07:37.0061 0x1a44  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:07:37.0061 0x1a44  WPDBusEnum - ok
20:07:37.0071 0x1a44  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:07:37.0071 0x1a44  ws2ifsl - ok
20:07:37.0081 0x1a44  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:07:37.0081 0x1a44  wscsvc - ok
20:07:37.0081 0x1a44  WSearch - ok
20:07:37.0131 0x1a44  [ 3026418A50C5B4761BEFA632CEDB7406, 45C3B17793570B93D69037FD35C069390312B14E778852E7630C8DC63F02DDE8 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:07:37.0181 0x1a44  wuauserv - ok
20:07:37.0191 0x1a44  [ E714A1C0354636837E20CCBF00888EE7, 0E31F0DB0AA318E3B0DACD26C0D3B11519B42F2A996AE580BE67FA8B3C42C436 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:07:37.0201 0x1a44  WudfPf - ok
20:07:37.0211 0x1a44  [ 1023EE888C9B47178C5293ED5336AB69, 62221C80C3F719A585266247482A64F7CB2F5EF69AFA8FA07D563CA2B0A37561 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:07:37.0231 0x1a44  WUDFRd - ok
20:07:37.0231 0x1a44  [ 8D1E1E529A2C9E9B6A85B55A345F7629, 64B637CFE2AF58A4F7CE6D8C3D603F8EFD527500F7137E0A37840313C712CA93 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:07:37.0251 0x1a44  wudfsvc - ok
20:07:37.0261 0x1a44  [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:07:37.0271 0x1a44  WwanSvc - ok
20:07:37.0291 0x1a44  [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
20:07:37.0312 0x1a44  yukonw7 - ok
20:07:37.0322 0x1a44  ================ Scan global ===============================
20:07:37.0322 0x1a44  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
20:07:37.0332 0x1a44  [ 48CB4FDBCAAEAC7BCE2F5941545FF071, B10D33F21A8DD82FF908AA6EB4134663C3A846F0EF990CA878AEE1C4B186811A ] C:\Windows\system32\winsrv.dll
20:07:37.0352 0x1a44  [ 48CB4FDBCAAEAC7BCE2F5941545FF071, B10D33F21A8DD82FF908AA6EB4134663C3A846F0EF990CA878AEE1C4B186811A ] C:\Windows\system32\winsrv.dll
20:07:37.0362 0x1a44  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
20:07:37.0382 0x1a44  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
20:07:37.0442 0x1a44  [ Global ] - ok
20:07:37.0442 0x1a44  ================ Scan MBR ==================================
20:07:37.0442 0x1a44  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:07:37.0532 0x1a44  \Device\Harddisk0\DR0 - ok
20:07:37.0542 0x1a44  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR5
20:07:37.0552 0x1a44  \Device\Harddisk1\DR5 - ok
20:07:37.0552 0x1a44  ================ Scan VBR ==================================
20:07:37.0552 0x1a44  [ 0C20EE6CD85E6CB77D52F9550906571D ] \Device\Harddisk0\DR0\Partition1
20:07:37.0552 0x1a44  \Device\Harddisk0\DR0\Partition1 - ok
20:07:37.0562 0x1a44  [ 49897087BC98C83ADB77557A0142B26D ] \Device\Harddisk0\DR0\Partition2
20:07:37.0562 0x1a44  \Device\Harddisk0\DR0\Partition2 - ok
20:07:37.0562 0x1a44  [ FBC9996FC5481B6861B6066962BF44BC ] \Device\Harddisk0\DR0\Partition3
20:07:37.0562 0x1a44  \Device\Harddisk0\DR0\Partition3 - ok
20:07:37.0572 0x1a44  [ 0A9CEBD5648EC159D61BA185E81E82E5 ] \Device\Harddisk1\DR5\Partition1
20:07:37.0572 0x1a44  \Device\Harddisk1\DR5\Partition1 - ok
20:07:37.0572 0x1a44  ================ Scan generic autorun ======================
20:07:37.0572 0x1a44  [ DEFB5AD49FD5890929B8195314296540, E72CFB7A395B98E085C4E7F6771D86B883A0E9F675E166C8E71FB8496B3EFF22 ] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
20:07:37.0572 0x1a44  LoadFUJ02E3 - ok
20:07:37.0582 0x1a44  [ DEBF34BCF45FC4764CFF6F4CEBD1E03C, BD82FBC62B14181BD6714D797CA0869AD5E2D8F69D05EAEF295BB069730A9289 ] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
20:07:37.0602 0x1a44  IndicatorUtility - ok
20:07:37.0632 0x1a44  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:07:37.0692 0x1a44  Sidebar - ok
20:07:37.0702 0x1a44  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:07:37.0882 0x1a44  mctadmin - ok
20:07:37.0912 0x1a44  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:07:37.0932 0x1a44  Sidebar - ok
20:07:37.0942 0x1a44  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:07:37.0942 0x1a44  mctadmin - ok
20:07:37.0942 0x1a44  Skype - ok
20:07:37.0942 0x1a44  Google Update - ok
20:07:37.0952 0x1a44  Waiting for KSN requests completion. In queue: 318
20:07:38.0952 0x1a44  Waiting for KSN requests completion. In queue: 318
20:07:39.0952 0x1a44  Waiting for KSN requests completion. In queue: 318
20:07:40.0882 0x23ac  Object required for P2P: [ 6944C0884AB8445433DE0DC03F48137A ] SynTP
20:07:40.0952 0x1a44  Waiting for KSN requests completion. In queue: 109
20:07:41.0952 0x1a44  Waiting for KSN requests completion. In queue: 94
20:07:42.0954 0x1a44  Waiting for KSN requests completion. In queue: 94
20:07:43.0954 0x1a44  Waiting for KSN requests completion. In queue: 94
20:07:44.0954 0x1a44  Waiting for KSN requests completion. In queue: 94
20:07:45.0954 0x1a44  Waiting for KSN requests completion. In queue: 94
20:07:46.0954 0x1a44  Waiting for KSN requests completion. In queue: 94
20:07:47.0956 0x1a44  Waiting for KSN requests completion. In queue: 94
20:07:48.0956 0x1a44  Waiting for KSN requests completion. In queue: 94
20:07:49.0956 0x1a44  Waiting for KSN requests completion. In queue: 94
20:07:50.0956 0x1a44  Waiting for KSN requests completion. In queue: 94
20:07:51.0236 0x23ac  Object send P2P result: true
20:07:51.0976 0x1a44  AV detected via SS2: Sophos Anti-Virus, C:\Program Files\Sophos\Sophos Anti-Virus\WSCClient.exe ( 10.0.12.0 ), 0x51000 ( enabled : updated )
20:07:51.0996 0x1a44  Win FW state via NFP2: enabled
20:07:55.0368 0x1a44  ============================================================
20:07:55.0368 0x1a44  Scan finished
20:07:55.0368 0x1a44  ============================================================
20:07:55.0378 0x0478  Detected object count: 0
20:07:55.0378 0x0478  Actual detected object count: 0
 
 
# AdwCleaner v4.105 - Report created 11/12/2014 at 20:23:38
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : RYANLM12 - NBRYANLM12
# Running from : D:\ryanlm12\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\c2f5c8e47c6a1d10
Folder Deleted : D:\ryanlm12\Documents\Mobogenie
File Deleted : C:\END
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : Chrome Launcher
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BlockAndSurf]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\VuuPC
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
 
-\\ Mozilla Firefox v7.0.1 (en-US)
 
[pnldoj81.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "vi-view");
[pnldoj81.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "vi-view");
 
-\\ Google Chrome v39.0.2171.71
 
[C:\Users\ryanlm12\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://myhome.vi-view.com/web/?type=ds&ts=1406281824&from=ild&uid=TOSHIBAXTHNSFC128GBSJ_71IS101MTQOZ101MTQOZ&q={searchTerms}
[C:\Users\ryanlm12\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://myhome.vi-view.com/web/?type=ds&ts=1406281824&from=ild&uid=TOSHIBAXTHNSFC128GBSJ_71IS101MTQOZ101MTQOZ&q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [3391 octets] - [11/12/2014 20:15:14]
AdwCleaner[R1].txt - [3451 octets] - [11/12/2014 20:21:37]
AdwCleaner[S0].txt - [3198 octets] - [11/12/2014 20:23:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3258 octets] ##########
 
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Professional x86
Ran by RYANLM12 on Sun 07/12/2014 at 18:05:50.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1735659346-1175276922-1054369306-15883\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASMANCS
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Windows\System32\Tasks\chrome launcher"
Successfully deleted: [File] "C:\Users\ryanlm12\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\ryanlm12\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\ProgramData\SaveClicker
Successfully deleted: [Folder] "C:\Users\ryanlm12\Local Settings\Application Data\globalupdate"
Successfully deleted: [Folder] "C:\Program Files\005"
Successfully deleted: [Folder] "C:\Program Files\bench"
Successfully deleted: [Folder] "C:\Program Files\globalupdate"
Successfully deleted: [Folder] "C:\Program Files\predm"
Successfully deleted: [Folder] "C:\Program Files\techsnab"
Successfully deleted: [Empty Folder] C:\Users\ryanlm12\appdata\local\{0C539403-6785-4AB6-98D5-19CAC62EEC9E}
Successfully deleted: [Empty Folder] C:\Users\ryanlm12\appdata\local\{4635823F-4BAC-402C-A979-A54E316DDA09}
Successfully deleted: [Empty Folder] C:\Users\ryanlm12\appdata\local\{92AA60F6-EDE4-4F10-A718-0FB4C45C2A4B}
Successfully deleted: [Empty Folder] C:\Users\ryanlm12\appdata\local\{D24C359F-0C70-43FA-AAF9-598883AE4632}
 
 
 
~~~ FireFox
 
Successfully deleted: [Folder] C:\Users\ryanlm12\AppData\Roaming\mozilla\firefox\profiles\pnldoj81.default\extensions\staged
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 07/12/2014 at 18:08:13.72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#4 Bag McDamage

Bag McDamage
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:34 AM

Posted 11 December 2014 - 05:56 AM

C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\ryanlm12\AppData\Local\Temp\gmf4gacl.tgz.exe multiple threats cleaned by deleting - quarantined
C:\Users\ryanlm12\AppData\Local\Temp\GPUpd54379E161.exe a variant of Win32/Techsnab.A potentially unwanted application deleted - quarantined
C:\Users\ryanlm12\AppData\Local\Temp\Temp1_BBC Music - God Only Knows-Cd Especial 2014 Ao Vivo (MP3).zip\BBC Music - God Only Knows-Cd Especial 2014 Ao Vivo (MP3).exe a variant of Win32/Spy.Bancos.AAK trojan deleted - quarantined
C:\Users\SophosSAUNBRYANLM120\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\SophosSAUNBRYANLM120\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\SophosSAUNBRYANLM120\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\SophosSAUNBRYANLM120\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\SophosSAUNBRYANLM120\AppData\Local\Torch\User Data\Default\Extensions\mojhfdgfnegepnioamfpkefgoafmglde\2.1\mHcCfUH.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
D:\ryanlm12\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\iLivid\Helper.dll a variant of Win32/Toolbar.SearchSuite.W potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3JU2TFCO\rizzle-kicks-lets-skip-to-the-good-bit[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
D:\ryanlm12\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62BXZU0G\rizzle-kicks-skip-to-the-good-bit[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
D:\ryanlm12\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.5.zip a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk a variant of Android/Mobserv.A potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Mozilla\Firefox\Profiles\pnldoj81.default\Cache\9\FE\6C93Ed01 a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\1Extension.crx Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\BrowserHelper.exe a variant of MSIL/Toolbar.Linkury.A potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll a variant of Win32/Toolbar.Linkury.F potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessEntities.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductUninstaller.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettings.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll MSIL/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll MSIL/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\SnapDo.exe a variant of Win32/Toolbar.Linkury.A potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_16.dll Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_17.dll Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_18.dll Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_19.dll Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Temp\conduitinstaller.exe Win32/Toolbar.Conduit.S potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Temp\Installer.exe a variant of Win32/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
D:\ryanlm12\AppData\Local\Temp\jar_cache161012754379521301.tmp Java/Exploit.Agent.NKZ trojan cleaned by deleting - quarantined
D:\ryanlm12\AppData\Local\Temp\jar_cache9180568342161333565.tmp Java/Exploit.CVE-2013-0422.DC trojan cleaned by deleting - quarantined
D:\ryanlm12\AppData\Local\Temp\mpsetup.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted - quarantined
D:\ryanlm12\Downloads\CheatEngine63.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
D:\ryanlm12\Downloads\mozilla firefox setup.exe a variant of Win32/Soft32Downloader.D potentially unwanted application deleted - quarantined
D:\ryanlm12\Downloads\SoftonicDownloader_for_evernote.exe Win32/SoftonicDownloader.E potentially unwanted application deleted - quarantined
D:\ryanlm12\Downloads\SoftonicDownloader_for_picasa.exe Win32/SoftonicDownloader.E potentially unwanted application deleted - quarantined
D:\ryanlm12\Downloads\spsetup126.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:34 PM

Posted 11 December 2014 - 11:50 PM

Hello,.reset the Hosts file back to the default by clicking the FIX-IT button.


Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
- Kaspersky Lab report: Evaluating the threat level of software vulnerabilities
- Microsoft: Unprecedented Wave of Java Exploitation
- Ghosts of Java Haunt Users

Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 8 and save it to your desktop.
  • Under "Java Platform, Standard Edition"...click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select (click on) the download link for your operating system (Windows x86 Offline: jre-8u25-windows-i586.exe or Windows x64: jre-8u25-windows-x64.exe) and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7/8 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-8u25-windows-i586.exe (or jre-8u25-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7/8 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it. The McAfee Security Scan Plus may be installed unless you uncheck the McAfee installation box when updating Java.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Bag McDamage

Bag McDamage
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:34 AM

Posted 12 December 2014 - 03:51 AM

Hi, these steps are completed.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:34 PM

Posted 12 December 2014 - 01:17 PM

Ok two more steps and should be done.

Download 51a46ae42d560-malwarebytes_anti_malware.MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.
    Finally....
    Empty your temp folders using TFC (Temporary File Cleaner)
    • Please download TFC by Old Timer and save it to your desktop.
      alternate download link
    • Save any unsaved work. (TFC will close ALL open programs including your browser!)
    • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
    • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
    • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Bag McDamage

Bag McDamage
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:34 AM

Posted 12 December 2014 - 04:04 PM

Hi

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 13/12/2014
Scan Time: 7:39:22 AM
Logfile: malwarebytesexport.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.12.12.08
Rootkit Database: v2014.12.08.03
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: RYANLM12
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 390073
Time Elapsed: 6 min, 29 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:34 PM

Posted 12 December 2014 - 09:36 PM

Did you also do TFC?

Looks like it is Good to go.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Bag McDamage

Bag McDamage
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:34 AM

Posted 12 December 2014 - 11:01 PM

thank you very much, response time definitely not really sluggish like it was. I'll monitor for a while and see how it goes.

 

Yes did TFC too, no reboot was required

 

Most grateful, Merry Christmas. 


Edited by Bag McDamage, 12 December 2014 - 11:02 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users