Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IRP Hook keeps coming back after removal


  • This topic is locked This topic is locked
22 replies to this topic

#1 Iholly

Iholly

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 05 January 2015 - 03:47 PM

Hi I am not an expert on computers and such... For five days now I have been having this problem there are four viruses my Avg security network detects. After I remove the viruses Avg requires me to restart the computer. I do that, run another scan the viruses seems to be gone, a hour or two later my computer acts a tad slow so i would run another scan and bam: the exact same virus is back!

I did a system restore point early this morning before I went to bed the virus seem to be gone but at 2 p.m my time it had came back again, I did what Avg asked me to do and it is removed but I have a feeling it is going to come back again like it was doing recently... I've also used malwarebyte to find the problem but it is not detecting any viruses like avg is doing. I've also went into safe mode before considering to do a system restore point... That did not seem to have not gotten rid of the problem sadly. 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16384
Run by Hitomi at 15:19:52 on 2015-01-05
Microsoft Windows 8  6.2.9200.0.936.86.1033.18.12241.8303 [GMT -5:00]
.
AV: AVG Internet Security 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
C:\Windows\system32\viakaraokesrv.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SynptSync64.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Synaptics\SynTP\AsusNewUI35.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Users\Hitomi\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Users\Hitomi\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus13.msn.com
uDefault_Page_URL = hxxp://asus13.msn.com
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AgentForAndroid Class: {50F4150A-48B2-417A-BE4C-C83F580FB904} - C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3188\npQQPhoneManagerExt.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
uRun: [Akamai NetSession Interface] "C:\Users\Hitomi\AppData\Local\Akamai\netsession_win.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [ROGNB] "C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
StartupFolder: C:\Users\Hitomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serveur.exe.old
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
mPolicies-System: DisableCAD = dword:1
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Trusted Zone: aeriagames.com
Trusted Zone: aeriagames.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4010E159-5589-4A51-AE8B-AF7ED76F912B} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4010E159-5589-4A51-AE8B-AF7ED76F912B}\84F4D454D213244323 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{4010E159-5589-4A51-AE8B-AF7ED76F912B}\84F4D454D244733323 : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"
x64-Run: [SynAsusGestureAPIMgr] C:\Program Files (x86)\Synaptics\SynTP\SynAsusGestureAPIMgr.exe
x64-Run: [AsusNewUI] C:\Program Files (x86)\Synaptics\SynTP\AsusNewUI35.exe /hidegui
x64-Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-mPolicies-System: DisableCAD = dword:1
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\Drivers\avgidsha.sys [2014-6-18 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\Drivers\avgloga.sys [2014-7-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\Drivers\avgmfx64.sys [2014-10-5 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\Drivers\avgrkx64.sys [2014-6-18 31512]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-5 645952]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\Drivers\avgdiska.sys [2014-6-18 153368]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\Drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\Drivers\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\Drivers\avgldx64.sys [2014-8-28 243480]
R1 Avgwfpa;AVG Firewall Driver;C:\Windows\System32\Drivers\avgwfpa.sys [2014-9-24 277784]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-4-13 277120]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-8-31 216192]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-9 1486664]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-9 3488784]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-9 298080]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 FanChkService;Fan Filter Checker Service;C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe [2012-1-20 45696]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-12-27 129856]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-12-27 166720]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\Drivers\LMIRfsDriver.sys [2013-8-27 72216]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-28 382824]
R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-14 5419792]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-12-27 365376]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-10-1 27792]
R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-8-31 323584]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\Drivers\AiCharger.sys [2012-7-24 17152]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2012-12-27 88728]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2012-12-27 344216]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2012-12-27 114840]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2012-12-27 33944]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2012-12-27 178840]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2012-12-27 76952]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2012-12-27 135832]
R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2012-12-27 575128]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2012-10-1 21152]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2012-10-1 110744]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\Drivers\MBAMSwissArmy.sys [2014-10-25 129752]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-10-1 43832]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\Drivers\viahduaa.sys [2012-10-1 2201744]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\Windows\System32\Drivers\avgboota.sys [2013-9-4 20496]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/12/27 10:34:13;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2012-5-23 243728]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 CEDRIVER60;CEDRIVER60;C:\Program Files (x86)\Cheat Engine 6.2\dbk64.sys [2014-10-28 62752]
S3 Origin Client Service;Origin Client Service;D:\Origin\OriginClientService.exe [2014-9-15 1903472]
S3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
S3 TesSafe;TesSafe;C:\Windows\System32\TesSafe.sys [2013-12-11 884712]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== Created Last 30 ================
.
2014-12-25 04:10:53 -------- d-----w- C:\Users\Hitomi\AppData\Local\BNSUpdater
2014-12-20 19:49:54 -------- d-----w- C:\Program Files (x86)\Blade&Soul
2014-12-15 22:54:08 -------- d-----w- C:\FeralHeart
2014-12-07 14:18:11 -------- d-----w- C:\ProgramData\Avg_Update_1014av
.
==================== Find3M  ====================
.
2015-01-05 19:46:35 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-01-05 19:40:56 401 ----a-w- C:\Users\Hitomi\AppData\Roaming\sp_data.sys
2014-11-21 11:14:26 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-21 11:14:12 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 11:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-10-30 02:35:16 263960 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
.
============= FINISH: 15:25:14.28 ===============

 

Attached Files



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 06 January 2015 - 04:58 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Iholly

Iholly
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 06 January 2015 - 06:28 AM

Hello! I am a bit confused about the "<>" symbol I am going to guess it is code system? If so, I hope I am doing this correctly.



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-01-2015
Ran by Hitomi (administrator) on KAIRI on 06-01-2015 06:00:29
Running from C:\Users\Hitomi\Desktop
Loaded Profiles: UpdatusUser & Hitomi (Available profiles: UpdatusUser & Hitomi & Administrator & Guest)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SynptSync64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Synaptics\SynTP\AsusNewUI35.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Akamai Technologies, Inc.) C:\Users\Hitomi\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Akamai Technologies, Inc.) C:\Users\Hitomi\AppData\Local\Akamai\netsession_win.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-31] ()
HKLM\...\Run: [SynAsusGestureAPIMgr] => C:\Program Files\Synaptics\SynTP\SynAsusGestureAPIMgr.exe [736568 2012-09-16] (Synaptics)
HKLM\...\Run: [AsusNewUI] => C:\Program Files\Synaptics\SynTP\AsusNewUI35.exe [1367864 2012-09-16] ()
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5256336 2012-07-11] (VIA)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-22] (cyberlink)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [466944 2011-09-19] ()
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-27] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3841068046-171854313-2015753983-1002\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3841068046-171854313-2015753983-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Hitomi\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3841068046-171854313-2015753983-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [21864 2012-08-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit.dll [20328 2012-08-28] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Hitomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serveur.exe.old ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3841068046-171854313-2015753983-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-3841068046-171854313-2015753983-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
URLSearchHook: [S-1-5-21-3841068046-171854313-2015753983-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\S-1-5-21-3841068046-171854313-2015753983-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3841068046-171854313-2015753983-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: AgentForAndroid Class -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3188\npQQPhoneManagerExt.dll (腾讯公司)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3188\npQQPhoneManagerExt.dll (腾讯公司)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: Default -> hxxp://mysearch.avg.com/?cid={B38987BA-CB22-46D2-9040-56CED0A61A90}&mid=17a1567cc6dd47d39dcfbd389ffb620f-7d4743e94ba506e2311a88a8fc7a39dee28a9445&lang=en&ds=hk018&pr=sa&d=2013-06-08 23:08:25&v=15.2.0.5&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Hitomi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Hitomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-23]
CHR Extension: (Google Drive) - C:\Users\Hitomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hitomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Hitomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-23]
CHR Extension: (Google Search) - C:\Users\Hitomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-23]
CHR Extension: (AdBlock) - C:\Users\Hitomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-14]
CHR Extension: (Sword art online 1680*1050) - C:\Users\Hitomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\naahhamgejajaifamghhhjaeiipmbcod [2013-08-23]
CHR Extension: (Google Wallet) - C:\Users\Hitomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Hitomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros Commnucations)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 FanChkService; C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe [45696 2012-01-20] (ASUSTek Computer Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [1903472 2015-01-02] (Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-07-06] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-31] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.2\dbk64.sys [62752 2012-06-26] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
S4 LMIRfsClientNP; No ImagePath
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-16] (Synaptics Incorporated)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [884712 2014-03-12] (TENCENT)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
U0 msahci; No ImagePath
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 06:00 - 2015-01-06 06:00 - 00019380 _____ () C:\Users\Hitomi\Desktop\FRST.txt
2015-01-06 06:00 - 2015-01-06 06:00 - 00000000 ____D () C:\FRST
2015-01-06 05:57 - 2015-01-06 05:58 - 02123776 _____ (Farbar) C:\Users\Hitomi\Desktop\FRST64.exe
2015-01-05 15:25 - 2015-01-05 15:27 - 00016311 _____ () C:\Users\Hitomi\Desktop\dds.txt
2015-01-05 15:25 - 2015-01-05 15:27 - 00007521 _____ () C:\Users\Hitomi\Desktop\attach.txt
2015-01-05 15:18 - 2015-01-05 15:18 - 00688992 ____R (Swearware) C:\Users\Hitomi\Desktop\dds.com
2015-01-01 03:40 - 2015-01-01 03:40 - 06446671 _____ () C:\Users\Hitomi\Desktop\ELA_Asked_Hair39F.package
2014-12-24 23:10 - 2014-12-24 23:10 - 00001016 _____ () C:\Users\Hitomi\Desktop\Blade&Soul.lnk
2014-12-24 23:10 - 2014-12-24 23:10 - 00000000 ____D () C:\Users\Hitomi\AppData\Local\BNSUpdater
2014-12-20 14:49 - 2015-01-05 03:39 - 00000000 ____D () C:\Program Files (x86)\Blade&Soul
2014-12-20 14:49 - 2014-12-24 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blade&Soul
2014-12-20 14:49 - 2014-12-19 23:44 - 05134814 _____ (PlayBNS (c) 2014 ) C:\Users\Hitomi\Desktop\PlayBNSUpdater.exe
2014-12-20 14:48 - 2014-12-20 14:48 - 05109861 _____ () C:\Users\Hitomi\Desktop\PlayBNSUpdater.zip
2014-12-17 16:40 - 2014-12-17 16:46 - 00000000 ____D () C:\Users\Hitomi\Documents\Vindictus
2014-12-17 16:23 - 2014-12-17 16:23 - 00000716 _____ () C:\Users\Public\Desktop\Vindictus.lnk
2014-12-17 15:08 - 2014-12-17 15:08 - 02500904 _____ () C:\Users\Hitomi\Desktop\Vindictus_Downloader.exe
2014-12-16 21:27 - 2014-12-16 21:27 - 00002184 _____ () C:\Users\Hitomi\AppData\Local\recently-used.xbel
2014-12-16 21:26 - 2011-07-17 02:31 - 00000599 _____ () C:\Users\Hitomi\Desktop\Read me!.txt
2014-12-16 11:21 - 2014-12-16 11:21 - 00129646 _____ () C:\Users\Hitomi\Desktop\Suzon.zip
2014-12-15 17:54 - 2015-01-05 03:40 - 00000000 ____D () C:\FeralHeart
2014-12-15 17:54 - 2014-12-15 17:54 - 00000632 _____ () C:\Users\Public\Desktop\FeralHeart.lnk
2014-12-15 17:54 - 2014-12-15 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FeralHeart
2014-12-15 17:13 - 2014-12-16 16:35 - 00318531 _____ () C:\Users\Hitomi\Desktop\part of the world of hyrule.xcf
2014-12-14 11:23 - 2014-12-14 11:23 - 03664719 _____ () C:\Users\Hitomi\Desktop\1418490512cb23ea32bfe1733d1659ef.zip
2014-12-14 11:21 - 2014-12-14 11:21 - 00221277 _____ () C:\Users\Hitomi\Desktop\1Z_dress_snowflake_pulli_miniweiß.package
2014-12-14 11:19 - 2014-12-14 11:19 - 00136621 _____ () C:\Users\Hitomi\Desktop\NataliS_Good luck bracelet FT-FA.package
2014-12-14 00:27 - 2014-12-14 00:27 - 00000973 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-12-14 00:27 - 2014-12-14 00:27 - 00000961 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2014-12-13 15:57 - 2014-12-13 15:57 - 04972689 _____ () C:\Users\Hitomi\Desktop\1274089.zip
2014-12-13 15:54 - 2014-12-13 15:54 - 23853702 _____ () C:\Users\Hitomi\Desktop\Stealthic Eden (Hair).package
2014-12-13 15:52 - 2014-12-13 15:52 - 04608468 _____ () C:\Users\Hitomi\Desktop\B-flysims-hair-100-sims4.zip
2014-12-11 17:00 - 2014-12-11 17:00 - 06153585 _____ () C:\Users\Hitomi\Desktop\1274099.zip
2014-12-10 20:34 - 2014-12-10 20:42 - 04477820 _____ () C:\Users\Hitomi\Desktop\Ela25Raon07_jennisims.zip
2014-12-07 09:18 - 2014-12-07 09:18 - 00002440 _____ () C:\Windows\System32\Tasks\1014avUpdateInfo
2014-12-07 09:18 - 2014-12-07 09:18 - 00000340 _____ () C:\Windows\Tasks\1014avUpdateInfo.job
2014-12-07 09:18 - 2014-12-07 09:18 - 00000000 ____D () C:\ProgramData\Avg_Update_1014av

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 06:00 - 2013-08-23 11:57 - 00000000 ____D () C:\Users\Hitomi\AppData\Roaming\Skype
2015-01-06 06:00 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\sru
2015-01-06 05:34 - 2013-08-23 01:32 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 04:55 - 2013-08-24 04:05 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-06 03:33 - 2012-12-27 13:35 - 01699576 _____ () C:\Windows\WindowsUpdate.log
2015-01-05 20:34 - 2013-08-23 01:32 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 18:14 - 2013-08-23 01:39 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3841068046-171854313-2015753983-1002
2015-01-05 14:46 - 2014-10-25 01:10 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 14:40 - 2013-12-07 13:10 - 00247790 _____ () C:\Windows\PFRO.log
2015-01-05 14:40 - 2013-08-22 21:43 - 00000401 _____ () C:\Users\Hitomi\AppData\Roaming\sp_data.sys
2015-01-05 14:40 - 2012-12-27 13:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-05 14:40 - 2012-07-26 02:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-05 14:39 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-05 03:41 - 2014-11-03 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2015-01-05 03:41 - 2014-09-03 16:41 - 00000000 ____D () C:\ProgramData\Origin
2015-01-05 03:41 - 2014-09-03 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-01-05 03:41 - 2014-06-08 17:32 - 00000000 ____D () C:\Users\Guest
2015-01-05 03:41 - 2013-12-17 00:18 - 00000000 ____D () C:\Users\Hitomi\AppData\Local\Akamai
2015-01-05 03:41 - 2013-08-22 21:44 - 00000000 ____D () C:\Program Files (x86)\Trillian
2015-01-05 03:41 - 2012-12-27 13:32 - 00000000 ____D () C:\ProgramData\P4G
2015-01-05 03:41 - 2012-12-27 13:31 - 00000000 ____D () C:\ProgramData\Atheros
2015-01-05 03:41 - 2012-08-01 20:23 - 00000000 ____D () C:\Users\Administrator
2015-01-05 03:40 - 2013-08-31 06:42 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-05 03:40 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\registration
2015-01-05 03:39 - 2014-06-02 07:24 - 00000000 ____D () C:\Program Files (x86)\EsoEurope_EN
2015-01-05 00:44 - 2013-08-22 21:36 - 00000000 ____D () C:\Users\Hitomi
2015-01-03 01:40 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-25 10:42 - 2013-08-23 19:27 - 00000000 ____D () C:\Users\Hitomi\AppData\Local\CrashDumps
2014-12-24 23:10 - 2013-08-25 20:32 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-20 20:05 - 2014-10-25 01:10 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-20 20:05 - 2014-10-25 01:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-20 20:05 - 2014-10-25 01:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-20 20:02 - 2013-08-22 21:35 - 00286784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-18 11:22 - 2013-08-23 11:57 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-18 11:22 - 2013-08-23 11:57 - 00000000 ____D () C:\ProgramData\Skype
2014-12-17 16:23 - 2013-08-23 02:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-12-17 16:23 - 2013-08-23 02:35 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-12-17 15:08 - 2013-11-01 19:41 - 00001790 _____ () C:\console.log
2014-12-17 01:33 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-12-16 21:27 - 2013-08-03 16:40 - 00000000 ____D () C:\Users\Hitomi\.gimp-2.8
2014-12-15 17:13 - 2013-09-13 19:02 - 00000000 ____D () C:\Users\Hitomi\AppData\Local\gtk-2.0
2014-12-14 00:28 - 2014-01-18 03:48 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-12-08 16:14 - 2014-12-03 09:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

Files to move or delete:
====================
C:\ProgramData\DT0001.dat
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\Hitomi\AppData\Local\Temp\atcMedia2811417894509.exe
C:\Users\Hitomi\AppData\Local\Temp\atcMedia6051417894439.exe
C:\Users\Hitomi\AppData\Local\Temp\bdfilters.dll
C:\Users\Hitomi\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Hitomi\AppData\Local\Temp\hcuninstaller_20140522_202848_7920.exe
C:\Users\Hitomi\AppData\Local\Temp\NGM.exe
C:\Users\Hitomi\AppData\Local\Temp\NGMDll.dll
C:\Users\Hitomi\AppData\Local\Temp\NGMResource.dll
C:\Users\Hitomi\AppData\Local\Temp\NGMSetup.exe
C:\Users\Hitomi\AppData\Local\Temp\Protect4a647d98.dll
C:\Users\Hitomi\AppData\Local\Temp\Protectf51f1960.dll
C:\Users\Hitomi\AppData\Local\Temp\setup.exe
C:\Users\Hitomi\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Hitomi\AppData\Local\Temp\toExtract.exe
C:\Users\Hitomi\AppData\Local\Temp\TXPltSafeInit.dll
C:\Users\Hitomi\AppData\Local\Temp\unicows.dll
C:\Users\Hitomi\AppData\Local\Temp\uninstall7209.exe
C:\Users\Hitomi\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-03 04:26

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-01-2015
Ran by Hitomi at 2015-01-06 06:08:03
Running from C:\Users\Hitomi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3841068046-171854313-2015753983-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.8.142.61628 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.8.142.61628 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Fan Filter Checker (HKLM-x32\...\{2B0E8920-47D0-4F4D-BE03-76397409B837}) (Version: 1.0.0001 - ASUS)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.7 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.018 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.4134 - DsNET Corp)
aTube Catcher version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
FeralHeart version 1.13 (HKLM-x32\...\{EAD29228-1A50-4178-B1EA-E1D83FC691F0}_is1) (Version: 1.13 - Kovuworks)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MKV Converter Studio V2.4.8 (HKLM-x32\...\{D7AC932D-297F-46C8-9834-FA23854CC150}_is1) (Version: 2.4.8 - Apowersoft)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA 3D Vision Driver 306.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.14 - NVIDIA Corporation)
NVIDIA Graphics Driver 306.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.14 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.208 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic Foundry Preset Manager 1.0 (HKLM-x32\...\{7266C898-F9CB-4122-9452-2AA1DACE245E}) (Version: 1.0.73 - Sonic Foundry)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.11.7 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.24.20 - Electronic Arts Inc.)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Vegas Pro 12.0 (64-bit) (HKLM\...\{7963F870-6575-11E2-A4D9-F04DA23A5C58}) (Version: 12.0.486 - Sony)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Vindictus (HKLM-x32\...\Vindictus) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

24-12-2014 23:10:18 Installed Microsoft Visual C++ 2005 Redistributable
03-01-2015 17:59:40 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 00:26 - 2013-09-05 00:09 - 00000914 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 support.apowersoft.com
127.0.0.1 www.apowersoft.com
127.0.0.1 apowersoft.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {009DE8BC-5634-4520-B051-1D9C0BDFF886} - System32\Tasks\BtvStack => C:\Program
Task: {092A21D4-11C1-4410-BD06-B43B5596625A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-23] (Google Inc.)
Task: {14B72470-B915-46E2-B7C4-1621B8CBF57D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {22F7237E-5234-49EC-B83A-E05C3AE29CC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-23] (Google Inc.)
Task: {318D3A14-3A61-4A22-8248-5CE664CD73B4} - System32\Tasks\{C05DF7D0-BAA3-43AB-B956-FFD149B2F36E} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe"
Task: {4CB54E31-3790-45C5-BD94-D4507BA72907} - System32\Tasks\{872AE8C0-6A7B-4449-8F1A-03E15B7C1D94} => Chrome.exe http://ui.skype.com/ui/0/6.16.0.105/en/abandoninstall?page=tsBing
Task: {685A85F3-97AB-4C96-AAF1-2EF6A387A2A6} - System32\Tasks\BtTray => C:\Program
Task: {B169713F-FBA0-428C-A8B4-8AF8D9E6A95A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-16] (Synaptics Incorporated)
Task: {B9F68F00-DEEA-4F96-AFA3-D9735B9D0750} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {BBF463BF-38C9-49D8-9332-787AB3653229} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D2D143DD-A5AB-4C06-AA7B-738E5B2042E4} - System32\Tasks\1014avUpdateInfo => C:\ProgramData\Avg_Update_1014av\1014av_AVG-Secure-Search-Update.exe [2014-09-23] ()
Task: {FAB3AAAC-F5C8-496C-B9C1-70E55EA6AFDA} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\1014avUpdateInfo.job => C:\ProgramData\Avg_Update_1014av\1014av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-08-31 19:44 - 2012-08-31 19:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-24 20:26 - 2012-08-24 20:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-10-01 21:51 - 2012-09-16 22:13 - 01367864 _____ () C:\Program Files\Synaptics\SynTP\AsusNewUI35.exe
2012-12-27 13:24 - 2012-07-11 02:51 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-12-27 13:24 - 2012-07-11 02:51 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-12-27 13:34 - 2011-09-19 13:40 - 00466944 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2012-09-11 17:01 - 2012-09-11 17:01 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-08-23 01:45 - 2012-05-25 06:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-12-11 19:36 - 2014-12-05 20:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 19:36 - 2014-12-05 20:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 19:36 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 19:36 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2012-12-27 13:23 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McOobeSv => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2

========================= Accounts: ==========================

Administrator (S-1-5-21-3841068046-171854313-2015753983-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3841068046-171854313-2015753983-501 - Limited - Disabled) => C:\Users\Guest
Hitomi (S-1-5-21-3841068046-171854313-2015753983-1002 - Administrator - Enabled) => C:\Users\Hitomi
HomeGroupUser$ (S-1-5-21-3841068046-171854313-2015753983-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3841068046-171854313-2015753983-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2015 08:38:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Vindictus.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1ec4

Start Time: 01d0293caf2ad819

Termination Time: 279

Application Path: D:\Vindictus\en-US\Vindictus.exe

Report Id: a99f8b87-9544-11e4-bedf-6c71d91f8bfc

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/05/2015 06:04:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Vindictus.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: a10

Start Time: 01d02929c840a171

Termination Time: 133

Application Path: D:\Vindictus\en-US\Vindictus.exe

Report Id: 2c5055b1-952f-11e4-bedf-6c71d91f8bfc

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/05/2015 01:00:01 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1920) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\SRU\SRU0340A.log.

Error: (01/04/2015 09:44:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 6.2.9200.16420, time stamp: 0x505a9a4e
Faulting module name: ntdll.dll, version: 6.2.9200.16420, time stamp: 0x505ab405
Exception code: 0xc0000005
Fault offset: 0x0000000000001069
Faulting process id: 0x30c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Faulting package full name: svchost.exe4
Faulting package-relative application ID: svchost.exe5

Error: (01/04/2015 07:56:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Vindictus.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fcc

Start Time: 01d0285f4f639398

Termination Time: 138

Application Path: D:\Vindictus\en-US\Vindictus.exe

Report Id: 9e5acfbc-9475-11e4-bee0-6c71d91f8bfc

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/04/2015 03:23:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Vindictus.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6e0

Start Time: 01d028382371030a

Termination Time: 76

Application Path: D:\Vindictus\en-US\Vindictus.exe

Report Id: 929c1bb1-944f-11e4-bedf-6c71d91f8bfc

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/03/2015 11:56:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Vindictus.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6c4

Start Time: 01d027b5b551800e

Termination Time: 135

Application Path: D:\Vindictus\en-US\Vindictus.exe

Report Id: 14b6533e-93ce-11e4-bedf-6c71d91f8bfc

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/03/2015 04:02:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Vindictus.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1280

Start Time: 01d02796b578349e

Termination Time: 43

Application Path: D:\Vindictus\en-US\Vindictus.exe

Report Id: e304a237-938b-11e4-bedf-6c71d91f8bfc

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/03/2015 01:39:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Vindictus.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 19d8

Start Time: 01d0270185a894ff

Termination Time: 280

Application Path: D:\Vindictus\en-US\Vindictus.exe

Report Id: 41d751a4-9313-11e4-bedf-6c71d91f8bfc

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/01/2015 09:02:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Vindictus.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b54

Start Time: 01d025e179cd38d3

Termination Time: 125

Application Path: D:\Vindictus\en-US\Vindictus.exe

Report Id: 5ab50c4a-9223-11e4-bedd-6c71d91f8bfc

Faulting package full name: 

Faulting package-relative application ID:


System errors:
=============
Error: (01/05/2015 02:40:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error: 
%%3

Error: (01/05/2015 00:44:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error: 
%%3

Error: (01/04/2015 09:45:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error: 
%%3

Error: (01/04/2015 09:44:33 PM) (Source: DCOM) (EventID: 10005) (User: Kairi)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/04/2015 09:39:58 PM) (Source: DCOM) (EventID: 10005) (User: Kairi)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/04/2015 09:38:29 PM) (Source: DCOM) (EventID: 10005) (User: Kairi)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/04/2015 09:38:24 PM) (Source: DCOM) (EventID: 10005) (User: Kairi)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/04/2015 09:29:58 PM) (Source: DCOM) (EventID: 10005) (User: Kairi)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/04/2015 09:19:58 PM) (Source: DCOM) (EventID: 10005) (User: Kairi)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/04/2015 09:09:58 PM) (Source: DCOM) (EventID: 10005) (User: Kairi)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}


Microsoft Office Sessions:
=========================
Error: (01/05/2015 08:38:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Vindictus.exe1.0.0.11ec401d0293caf2ad819279D:\Vindictus\en-US\Vindictus.exea99f8b87-9544-11e4-bedf-6c71d91f8bfc

Error: (01/05/2015 06:04:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Vindictus.exe1.0.0.1a1001d02929c840a171133D:\Vindictus\en-US\Vindictus.exe2c5055b1-952f-11e4-bedf-6c71d91f8bfc

Error: (01/05/2015 01:00:01 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1920SRUJet: C:\Windows\system32\SRU\SRU0340A.log-1811 (0xfffff8ed)

Error: (01/04/2015 09:44:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe6.2.9200.16420505a9a4entdll.dll6.2.9200.16420505ab405c0000005000000000000106930c01d0288441c836d2C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllcc27e659-9484-11e4-bee3-08606e12bf76

Error: (01/04/2015 07:56:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Vindictus.exe1.0.0.1fcc01d0285f4f639398138D:\Vindictus\en-US\Vindictus.exe9e5acfbc-9475-11e4-bee0-6c71d91f8bfc

Error: (01/04/2015 03:23:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Vindictus.exe1.0.0.16e001d028382371030a76D:\Vindictus\en-US\Vindictus.exe929c1bb1-944f-11e4-bedf-6c71d91f8bfc

Error: (01/03/2015 11:56:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Vindictus.exe1.0.0.16c401d027b5b551800e135D:\Vindictus\en-US\Vindictus.exe14b6533e-93ce-11e4-bedf-6c71d91f8bfc

Error: (01/03/2015 04:02:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Vindictus.exe1.0.0.1128001d02796b578349e43D:\Vindictus\en-US\Vindictus.exee304a237-938b-11e4-bedf-6c71d91f8bfc

Error: (01/03/2015 01:39:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Vindictus.exe1.0.0.119d801d0270185a894ff280D:\Vindictus\en-US\Vindictus.exe41d751a4-9313-11e4-bedf-6c71d91f8bfc

Error: (01/01/2015 09:02:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Vindictus.exe1.0.0.11b5401d025e179cd38d3125D:\Vindictus\en-US\Vindictus.exe5ab50c4a-9223-11e4-bedd-6c71d91f8bfc


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 33%
Total physical RAM: 12240.98 MB
Available physical RAM: 8170.74 MB
Total Pagefile: 19664.98 MB
Available Pagefile: 15155.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.7 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:2.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:233.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A3362226)

Partition: GPT Partition Type.

==================== End Of Log ============================

The Gmer program has given me an error when opening the file: "C:\\Windows\system32\config\system: The process cannot access the file because it is being use by another process."  Should I press "Ok" and continue?  



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 06 January 2015 - 06:49 AM

Yes, please proceed


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 Iholly

Iholly
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 06 January 2015 - 12:39 PM

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-01-06 12:29:36
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003d ST9500325AS rev.0003SDM1 465.76GB
Running: xznubshn.exe; Driver: C:\Users\Hitomi\AppData\Local\Temp\pxloqpob.sys


---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [40:1704]  fffff960008735e8

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                    unknown MBR code

---- EOF - GMER 2.1 ----

The program still give me more errors, something dealing with "using/running process?" I cannot really describe due to closing down the browser. Should I have also closed everything running in the hidden task bar as well?



#6 Iholly

Iholly
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 07 January 2015 - 11:08 AM

Here is the last step you have asked me to do, Avg had restarted my computer to do updates on it when I was shutting my computer down.

 

11:02:52.0258 0x1ae0  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
11:02:52.0258 0x1ae0  UEFI system
11:03:18.0450 0x1ae0  ============================================================
11:03:18.0450 0x1ae0  Current date / time: 2015/01/07 11:03:18.0450
11:03:18.0450 0x1ae0  SystemInfo:
11:03:18.0450 0x1ae0  
11:03:18.0450 0x1ae0  OS Version: 6.2.9200 ServicePack: 0.0
11:03:18.0450 0x1ae0  Product type: Workstation
11:03:18.0450 0x1ae0  ComputerName: KAIRI
11:03:18.0450 0x1ae0  UserName: Hitomi
11:03:18.0450 0x1ae0  Windows directory: C:\Windows
11:03:18.0450 0x1ae0  System windows directory: C:\Windows
11:03:18.0450 0x1ae0  Running under WOW64
11:03:18.0450 0x1ae0  Processor architecture: Intel x64
11:03:18.0450 0x1ae0  Number of processors: 8
11:03:18.0450 0x1ae0  Page size: 0x1000
11:03:18.0450 0x1ae0  Boot type: Normal boot
11:03:18.0450 0x1ae0  ============================================================
11:03:19.0148 0x1ae0  KLMD registered as C:\Windows\system32\drivers\07817887.sys
11:03:19.0540 0x1ae0  System UUID: {10FA668B-9B65-120D-1893-3928FBA14CA9}
11:03:19.0946 0x1ae0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:03:19.0946 0x1ae0  ============================================================
11:03:19.0946 0x1ae0  \Device\Harddisk0\DR0:
11:03:19.0946 0x1ae0  GPT partitions:
11:03:19.0946 0x1ae0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {1911A6CF-3FB3-482E-A90C-ADF7EC2C1936}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
11:03:19.0946 0x1ae0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DA68FAD7-B4A8-4234-84D1-1E8656D17D2A}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000
11:03:19.0946 0x1ae0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {B2D0EA0C-64C2-4535-BF3C-6ACF8653AB2A}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000
11:03:19.0946 0x1ae0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AF029779-E09A-4A94-88C3-333D9F956017}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x1749C000
11:03:19.0946 0x1ae0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {30A505E4-FE71-4789-B286-CD6486F3B475}, Name: Basic data partition, StartLBA 0x17734800, BlocksNum 0x2044C800
11:03:19.0946 0x1ae0  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {AF4E95D7-E18B-444B-AEF5-0E5C637BA81D}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000
11:03:19.0946 0x1ae0  MBR partitions:
11:03:19.0946 0x1ae0  ============================================================
11:03:19.0962 0x1ae0  C: <-> \Device\Harddisk0\DR0\Partition4
11:03:20.0060 0x1ae0  D: <-> \Device\Harddisk0\DR0\Partition5
11:03:20.0060 0x1ae0  ============================================================
11:03:20.0060 0x1ae0  Initialize success
11:03:20.0060 0x1ae0  ============================================================
11:03:30.0793 0x1ab0  ============================================================
11:03:30.0793 0x1ab0  Scan started
11:03:30.0793 0x1ab0  Mode: Manual; 
11:03:30.0793 0x1ab0  ============================================================
11:03:30.0793 0x1ab0  KSN ping started
11:03:33.0225 0x1ab0  KSN ping finished: true
11:03:34.0230 0x1ab0  ================ Scan system memory ========================
11:03:34.0230 0x1ab0  System memory - ok
11:03:34.0230 0x1ab0  ================ Scan services =============================
11:03:34.0418 0x1ab0  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
11:03:34.0433 0x1ab0  1394ohci - ok
11:03:34.0465 0x1ab0  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
11:03:34.0465 0x1ab0  3ware - ok
11:03:34.0496 0x1ab0  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:03:34.0512 0x1ab0  ACPI - ok
11:03:34.0527 0x1ab0  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
11:03:34.0527 0x1ab0  acpiex - ok
11:03:34.0543 0x1ab0  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
11:03:34.0558 0x1ab0  acpipagr - ok
11:03:34.0592 0x1ab0  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
11:03:34.0602 0x1ab0  AcpiPmi - ok
11:03:34.0613 0x1ab0  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
11:03:34.0622 0x1ab0  acpitime - ok
11:03:34.0669 0x1ab0  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:03:34.0679 0x1ab0  adp94xx - ok
11:03:34.0692 0x1ab0  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:03:34.0692 0x1ab0  adpahci - ok
11:03:34.0708 0x1ab0  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:03:34.0724 0x1ab0  adpu320 - ok
11:03:34.0755 0x1ab0  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:03:34.0755 0x1ab0  AeLookupSvc - ok
11:03:34.0786 0x1ab0  [ 9E975BDC89C83900B2C534C4E1B018F8, 5413577284FDD7840915CC29C3DD78E514F0E6227384636695CF8B46FAA541DC ] AFD             C:\Windows\system32\drivers\afd.sys
11:03:34.0817 0x1ab0  AFD - ok
11:03:34.0864 0x1ab0  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
11:03:34.0958 0x1ab0  AgereSoftModem - ok
11:03:34.0989 0x1ab0  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:03:34.0989 0x1ab0  agp440 - ok
11:03:35.0020 0x1ab0  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
11:03:35.0020 0x1ab0  AiCharger - ok
11:03:35.0067 0x1ab0  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
11:03:35.0067 0x1ab0  ALG - ok
11:03:35.0114 0x1ab0  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
11:03:35.0114 0x1ab0  AllUserInstallAgent - ok
11:03:35.0161 0x1ab0  [ FB88D16B55F788EEB7590584FE2D8F1A, 96DDFF3D0139FC268E43C5CB2F1455BC1EAD99883453933B4B639166AAB0ED38 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
11:03:35.0239 0x1ab0  AmdK8 - ok
11:03:35.0286 0x1ab0  [ 81402FF3373CE4DF77D5C874E369A985, 83F2091A6D97314CD3216176365ABD1D0FB74686BA457022712DE8F355AD1D90 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
11:03:35.0302 0x1ab0  AmdPPM - ok
11:03:35.0317 0x1ab0  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:03:35.0317 0x1ab0  amdsata - ok
11:03:35.0333 0x1ab0  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:03:35.0349 0x1ab0  amdsbs - ok
11:03:35.0349 0x1ab0  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:03:35.0364 0x1ab0  amdxata - ok
11:03:35.0380 0x1ab0  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
11:03:35.0395 0x1ab0  AppID - ok
11:03:35.0427 0x1ab0  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:03:35.0427 0x1ab0  AppIDSvc - ok
11:03:35.0442 0x1ab0  [ D64C4AFEE8277F35EF729A2B924666B0, 543AA2B2CD09820437646CFE01AFDBA6B764AA588E663759DEB93CB4F25E09D7 ] Appinfo         C:\Windows\System32\appinfo.dll
11:03:35.0442 0x1ab0  Appinfo - ok
11:03:35.0458 0x1ab0  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
11:03:35.0474 0x1ab0  arc - ok
11:03:35.0489 0x1ab0  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:03:35.0489 0x1ab0  arcsas - ok
11:03:35.0583 0x1ab0  [ D01D1B40EEF27F64B45165CE0ACDE6CD, E6A9200A66806A2477D5D846D9B48A7087DBC6E99892213E99AB4F030ECB04FE ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
11:03:35.0583 0x1ab0  ASLDRService - ok
11:03:35.0614 0x1ab0  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
11:03:35.0614 0x1ab0  ASMMAP64 - ok
11:03:35.0630 0x1ab0  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
11:03:35.0645 0x1ab0  ASUS InstantOn - ok
11:03:35.0661 0x1ab0  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:03:35.0661 0x1ab0  AsyncMac - ok
11:03:35.0692 0x1ab0  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:03:35.0692 0x1ab0  atapi - ok
11:03:35.0724 0x1ab0  [ 4885C14A6AB6969B5773A42DA0BA3DA4, E317E1E299543FBD9853C71E1CF8019343B6234B9AAF56ABF48C41BB7743490B ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
11:03:35.0724 0x1ab0  AthBTPort - ok
11:03:35.0770 0x1ab0  [ 0DA0112D92371C0E9B3A15ED31CC3EF4, D27B13119A9E9B8547A199C8D19F5FADE5F9436DF7045525759BECC96403D7BF ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:03:35.0770 0x1ab0  AtherosSvc - ok
11:03:35.0864 0x1ab0  [ F17ABC4AA1FE4989E812858261414FE5, 6C24F7F498AB7D02DF35E1FD7621C29E81BD4C774F37AAC04A49B35A930775A2 ] athr            C:\Windows\system32\DRIVERS\athw8x.sys
11:03:36.0005 0x1ab0  athr - ok
11:03:36.0036 0x1ab0  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
11:03:36.0036 0x1ab0  ATKGFNEXSrv - ok
11:03:36.0052 0x1ab0  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
11:03:36.0052 0x1ab0  ATKWMIACPIIO - ok
11:03:36.0067 0x1ab0  [ 8A814F4CBF6AA28A8F0212592824C927, 9688BA88E744B231CC13F28CE40AE64AA121F943BADE4D0BA5A83487AF6C01CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
11:03:36.0083 0x1ab0  AudioEndpointBuilder - ok
11:03:36.0113 0x1ab0  [ 01E8E96251900BCEFAB34FBC1FCEB552, 63D4B17967545586BEFD76FCB507AFDE3F7454CAADAE1EDE615D81204AF275CE ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:03:36.0132 0x1ab0  Audiosrv - ok
11:03:36.0164 0x1ab0  [ 4EB2E8EE8BA47B58E08B67139C31CB41, 196F759A2BC3E978C3FDB1E37E0D40D56D43CB0004D5333E787CD4727A46F06C ] Avgboota        C:\Windows\system32\DRIVERS\avgboota.sys
11:03:36.0164 0x1ab0  Avgboota - ok
11:03:36.0179 0x1ab0  [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
11:03:36.0179 0x1ab0  Avgdiska - ok
11:03:36.0242 0x1ab0  [ CA10D51653068DB6A0ADEEDDC4946C47, 6E731B28C38ED2BA48CF4855EBBF8B548D45C8DB8ABD9521E5516227CA68072B ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
11:03:36.0242 0x1ab0  Avgfwfd - ok
11:03:36.0382 0x1ab0  [ D6916995A3736E41224FC757E6520060, 374927C9AA4FDEE2AC4A66323D80F79216B19FFD0D42F252208E9F56FCEEC13C ] avgfws          C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
11:03:36.0398 0x1ab0  avgfws - ok
11:03:36.0507 0x1ab0  [ 225B28E9303D375314C744AE181DF95F, 6BC8F19F6B4D901661022CD8F4EA90A8F1895B6B3BD1225B3708E2CBDCAB8D50 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
11:03:36.0554 0x1ab0  AVGIDSAgent - ok
11:03:36.0679 0x1ab0  [ A3124AC9C0AF30ABD000A7CB5779C101, 1719EE6986FC29EE4EA383B2DAF4CAF9C1E70A1F547F75F8D51EDA027D3E5236 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:03:36.0695 0x1ab0  AVGIDSDriver - ok
11:03:36.0726 0x1ab0  [ 68070AEEE757ACC6EC5BC291B1E8EA1A, 8A4902CE6F4696F33CD6CF98F96FDA7895B99A676916F3137CF34192AF3C25A4 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
11:03:36.0726 0x1ab0  AVGIDSHA - ok
11:03:36.0757 0x1ab0  [ 7C9E8FD2BFCE60BDF9B5944C0BE47C87, 0F51507BAECDEF7B6F553066621A03832FF070EC6837A8E304AABA1227F779BF ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
11:03:36.0773 0x1ab0  Avgldx64 - ok
11:03:36.0804 0x1ab0  [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
11:03:36.0804 0x1ab0  Avgloga - ok
11:03:36.0820 0x1ab0  [ B4D589C734D796B5B76E0A0E5DA50397, CACAB2C0D01583CEB55C62334A4E9BB46A2E399BE9B7EDC988AEC785DF1FCC1C ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
11:03:36.0835 0x1ab0  Avgmfx64 - ok
11:03:36.0851 0x1ab0  [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
11:03:36.0851 0x1ab0  Avgrkx64 - ok
11:03:36.0882 0x1ab0  [ 2B38C7E964FA19A298D04CA177FF8B6F, B233B6AD03217AD72A8F4253FDCF182E6007B5D28178F38BDCACBC16BD69D0CB ] avgwd           C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
11:03:36.0882 0x1ab0  avgwd - ok
11:03:36.0914 0x1ab0  [ DFB6F6E34ACDB4F55AF6B2DCBFB3225E, 02EEBB109B951BD54DBE3D31B459AAFC0F9E751E4F202C8A0AC66474777B2B1F ] Avgwfpa         C:\Windows\system32\DRIVERS\avgwfpa.sys
11:03:36.0929 0x1ab0  Avgwfpa - ok
11:03:36.0992 0x1ab0  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:03:36.0992 0x1ab0  AxInstSV - ok
11:03:37.0023 0x1ab0  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:03:37.0039 0x1ab0  b06bdrv - ok
11:03:37.0070 0x1ab0  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
11:03:37.0085 0x1ab0  BasicDisplay - ok
11:03:37.0085 0x1ab0  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
11:03:37.0101 0x1ab0  BasicRender - ok
11:03:37.0132 0x1ab0  [ 558F6EEF46EC2642C8F72D34CBB5612E, DA192AB0C645200E7135C994866589DB6ACA451CC3F2BC903C95E5ABCD7391CC ] BDESVC          C:\Windows\System32\bdesvc.dll
11:03:37.0132 0x1ab0  BDESVC - ok
11:03:37.0148 0x1ab0  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
11:03:37.0148 0x1ab0  Beep - ok
11:03:37.0195 0x1ab0  [ 407F85D5387EDBB665A7969DF4D4712B, 56E103CDCDFB07E54ABF7F7AD898E7E989B0D9CD73352E6AB89D7AE52AA46C9D ] BFE             C:\Windows\System32\bfe.dll
11:03:37.0210 0x1ab0  BFE - ok
11:03:37.0351 0x1ab0  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
11:03:37.0492 0x1ab0  BITS - ok
11:03:37.0507 0x1ab0  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:03:37.0507 0x1ab0  bowser - ok
11:03:37.0539 0x1ab0  [ 975398A3D2C1FEA73FC93931978DF354, 623E66E79BF16AC82E5DD579B1D50AA1A884FAFC042C3C8A1B503C97A84098DF ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
11:03:37.0539 0x1ab0  BrokerInfrastructure - ok
11:03:37.0570 0x1ab0  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
11:03:37.0570 0x1ab0  Browser - ok
11:03:37.0617 0x1ab0  [ 942F3F6286056D6BBB5B02ED2B7088BD, 9F187C480BD40815ECFFC208BD1B00ACDFAD16899B4C8BE79C803FE48E322EA0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
11:03:37.0617 0x1ab0  BTATH_A2DP - ok
11:03:37.0632 0x1ab0  [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
11:03:37.0632 0x1ab0  btath_avdt - ok
11:03:37.0664 0x1ab0  [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS       C:\Windows\System32\drivers\btath_bus.sys
11:03:37.0664 0x1ab0  BTATH_BUS - ok
11:03:37.0679 0x1ab0  [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP      C:\Windows\System32\drivers\btath_hcrp.sys
11:03:37.0679 0x1ab0  BTATH_HCRP - ok
11:03:37.0695 0x1ab0  [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
11:03:37.0695 0x1ab0  BTATH_LWFLT - ok
11:03:37.0726 0x1ab0  [ 057DA8351AD21AE485A11A8237DC9263, 151C0A591A26E26C7700F00EC8E95C6D8A5406869109A0CA01A3C38D1C5FBA2A ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
11:03:37.0726 0x1ab0  BTATH_RCP - ok
11:03:37.0757 0x1ab0  [ A54980772C5A779D5A7A800E398A5509, 512285FD2C61C56487141923207F2BC698996D2AF010F7E86371A0025C5006A9 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
11:03:37.0773 0x1ab0  BtFilter - ok
11:03:37.0804 0x1ab0  [ FC79BE6D8FBC8699E9980F657D281BE9, 02D3233719E1DB059ABFB0F5D534114E70208D1339BC53EADC5C78424A3E7117 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
11:03:37.0820 0x1ab0  BthAvrcpTg - ok
11:03:37.0836 0x1ab0  [ 8DE53C3B497D58C7D3E52F54D28E7D86, 1063973F6B0125E1209AE012E218AD9E7AABA5DBB03D883050F25C9D4F68B99B ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
11:03:37.0851 0x1ab0  BthEnum - ok
11:03:37.0867 0x1ab0  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
11:03:37.0882 0x1ab0  BthHFEnum - ok
11:03:37.0898 0x1ab0  [ 6F7368071FCDDB96C0527A6E5D7C1906, 0406CDEC064D644F38950FF26234F006D59F5E3265614D50F5D9C7CEC8475B48 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
11:03:37.0914 0x1ab0  bthhfhid - ok
11:03:37.0929 0x1ab0  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
11:03:37.0945 0x1ab0  BthLEEnum - ok
11:03:37.0961 0x1ab0  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
11:03:37.0976 0x1ab0  BTHMODEM - ok
11:03:37.0992 0x1ab0  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:03:38.0007 0x1ab0  BthPan - ok
11:03:38.0074 0x1ab0  [ 427510B95603B24A0E1DDB47EFC4BA44, D90ED0D0313FB1517D3645AA01E5422351AE2BB3778325EFD6D0A0ACD1DC7E7C ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:03:38.0096 0x1ab0  BTHPORT - ok
11:03:38.0158 0x1ab0  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
11:03:38.0174 0x1ab0  bthserv - ok
11:03:38.0205 0x1ab0  [ 0BB16201253AA87015EFFECAF157225F, 1B5B38275828B82B06D24018A8965DA58866C05E3847AA1B55BFF6F13FD9E235 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:03:38.0236 0x1ab0  BTHUSB - ok
11:03:38.0408 0x1ab0  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
11:03:38.0471 0x1ab0  c2cautoupdatesvc - ok
11:03:38.0627 0x1ab0  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
11:03:38.0674 0x1ab0  c2cpnrsvc - ok
11:03:38.0721 0x1ab0  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:03:38.0801 0x1ab0  cdfs - ok
11:03:38.0848 0x1ab0  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
11:03:38.0863 0x1ab0  cdrom - ok
11:03:38.0973 0x1ab0  [ 3B279C131FD85D8045DB0D8E1D489879, EDC21B955B5697A42207879D87B7908728C0D2CF12A9E17EF3B4C6D8DCCC0ED4 ] CEDRIVER60      C:\Program Files (x86)\Cheat Engine 6.2\dbk64.sys
11:03:38.0988 0x1ab0  CEDRIVER60 - ok
11:03:39.0051 0x1ab0  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:03:39.0051 0x1ab0  CertPropSvc - ok
11:03:39.0066 0x1ab0  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
11:03:39.0082 0x1ab0  circlass - ok
11:03:39.0098 0x1ab0  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
11:03:39.0113 0x1ab0  CLFS - ok
11:03:39.0191 0x1ab0  [ E26C19EB9CF338CB1FB7C2912ADFA81C, 819D1F2C6F4AAA7320FECE26D51F33ABF8815D04E58ABEA3E12CD5E9D85CBD4C ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
11:03:39.0207 0x1ab0  CLKMSVC10_38F51D56 - ok
11:03:39.0223 0x1ab0  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
11:03:39.0223 0x1ab0  CmBatt - ok
11:03:39.0301 0x1ab0  [ 1894FD2D5966A81D3B07A7C4D8724D59, 18DCE6DF0DE39DFD1358A1E061AD97099699CE430BCB906AFB7F51277681461D ] CNG             C:\Windows\system32\Drivers\cng.sys
11:03:39.0301 0x1ab0  CNG - ok
11:03:39.0316 0x1ab0  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
11:03:39.0332 0x1ab0  CompositeBus - ok
11:03:39.0332 0x1ab0  COMSysApp - ok
11:03:39.0332 0x1ab0  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
11:03:39.0348 0x1ab0  condrv - ok
11:03:39.0363 0x1ab0  [ F0E78B119D12BA81F163D48C0FF30B9A, 9622A2F36F03A33E7D145C439BD62D5AEFD53064D60BCC787555D1AF8CB936A9 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:03:39.0363 0x1ab0  CryptSvc - ok
11:03:39.0379 0x1ab0  [ A4CCA7289C1A6223D61FD27BF2FC413F, DCDA516FE602690802A8D2A854E607FFCB0BCFDFCDB1F1AC6B30CBAED2663726 ] dam             C:\Windows\system32\drivers\dam.sys
11:03:39.0379 0x1ab0  dam - ok
11:03:39.0426 0x1ab0  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:03:39.0457 0x1ab0  DcomLaunch - ok
11:03:39.0488 0x1ab0  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll
11:03:39.0488 0x1ab0  defragsvc - ok
11:03:39.0551 0x1ab0  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
11:03:39.0566 0x1ab0  DeviceAssociationService - ok
11:03:39.0598 0x1ab0  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
11:03:39.0598 0x1ab0  DeviceInstall - ok
11:03:39.0629 0x1ab0  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
11:03:39.0629 0x1ab0  Dfsc - ok
11:03:39.0660 0x1ab0  [ CFB72DF4B2364AF6D4D685DCD310E942, 89C72E1008B92B85A275B9F37D96481C3EFCABE9ACD28B698D5A04E0DDA0DF8F ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:03:39.0660 0x1ab0  Dhcp - ok
11:03:39.0691 0x1ab0  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
11:03:39.0691 0x1ab0  discache - ok
11:03:39.0691 0x1ab0  [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6 ] disk            C:\Windows\system32\drivers\disk.sys
11:03:39.0707 0x1ab0  disk - ok
11:03:39.0707 0x1ab0  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
11:03:39.0707 0x1ab0  dmvsc - ok
11:03:39.0738 0x1ab0  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:03:39.0738 0x1ab0  Dnscache - ok
11:03:39.0785 0x1ab0  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
11:03:39.0801 0x1ab0  dot3svc - ok
11:03:39.0801 0x1ab0  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
11:03:39.0816 0x1ab0  DPS - ok
11:03:39.0832 0x1ab0  [ 84D07E4E4FBE72DA3EC1C1E77C49B53C, 81846E3E91080EA3E21FDC1120B5CC2265258AC78AF654DCD1A05E3966AA923A ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:03:39.0848 0x1ab0  drmkaud - ok
11:03:39.0863 0x1ab0  [ BF48F32EE248C3D371DA5DC93BBEADA7, C8E9B685A8F2F99140382557F11E362D899E7EC6693ADEFE762F0A3850585C63 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
11:03:39.0879 0x1ab0  DsmSvc - ok
11:03:39.0926 0x1ab0  [ 898BF1647BBF012B38EF45C7F9F7A67E, 800EF0CF107B5F29702FA50D448E20D3EB19984C38D1AA0197636A80629A3160 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:03:39.0973 0x1ab0  DXGKrnl - ok
11:03:40.0035 0x1ab0  [ 651FBD69A9713D623D456A240F96179C, 22A1F306B454EF9C84D25EF266F3ED0E1D896B1F5BE60170E79F37F2DBCA59F4 ] e1iexpress      C:\Windows\system32\DRIVERS\e1i63x64.sys
11:03:40.0066 0x1ab0  e1iexpress - ok
11:03:40.0082 0x1ab0  EagleX64 - ok
11:03:40.0117 0x1ab0  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
11:03:40.0164 0x1ab0  Eaphost - ok
11:03:40.0508 0x1ab0  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:03:40.0617 0x1ab0  ebdrv - ok
11:03:40.0664 0x1ab0  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS             C:\Windows\System32\lsass.exe
11:03:40.0664 0x1ab0  EFS - ok
11:03:40.0695 0x1ab0  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
11:03:40.0695 0x1ab0  EhStorClass - ok
11:03:40.0727 0x1ab0  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
11:03:40.0727 0x1ab0  EhStorTcgDrv - ok
11:03:40.0742 0x1ab0  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
11:03:40.0758 0x1ab0  ErrDev - ok
11:03:40.0789 0x1ab0  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
11:03:40.0805 0x1ab0  EventSystem - ok
11:03:40.0836 0x1ab0  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
11:03:40.0852 0x1ab0  exfat - ok
11:03:40.0883 0x1ab0  [ 440698D7CF32AA990B295AFA40EE9517, 313E02D7B303D4D6BF0BD41A1EE6F42D84834DF8E9AFB38C4DC8A07EA2B79A61 ] FanChkService   C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe
11:03:40.0899 0x1ab0  FanChkService - ok
11:03:40.0914 0x1ab0  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:03:40.0914 0x1ab0  fastfat - ok
11:03:41.0055 0x1ab0  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
11:03:41.0196 0x1ab0  Fax - ok
11:03:41.0211 0x1ab0  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
11:03:41.0227 0x1ab0  fdc - ok
11:03:41.0289 0x1ab0  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:03:41.0289 0x1ab0  fdPHost - ok
11:03:41.0305 0x1ab0  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:03:41.0305 0x1ab0  FDResPub - ok
11:03:41.0336 0x1ab0  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
11:03:41.0336 0x1ab0  fhsvc - ok
11:03:41.0383 0x1ab0  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:03:41.0383 0x1ab0  FileInfo - ok
11:03:41.0399 0x1ab0  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:03:41.0399 0x1ab0  Filetrace - ok
11:03:41.0414 0x1ab0  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
11:03:41.0430 0x1ab0  flpydisk - ok
11:03:41.0446 0x1ab0  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:03:41.0461 0x1ab0  FltMgr - ok
11:03:41.0508 0x1ab0  [ 305CB1E16576F436BC8797E629A3D46D, E3644AE3FA8F755D306D9C4177262CEC451B33731074508B139F3F86AC1B5AE6 ] FontCache       C:\Windows\system32\FntCache.dll
11:03:41.0539 0x1ab0  FontCache - ok
11:03:41.0649 0x1ab0  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:03:41.0649 0x1ab0  FontCache3.0.0.0 - ok
11:03:41.0680 0x1ab0  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:03:41.0680 0x1ab0  FsDepends - ok
11:03:41.0696 0x1ab0  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:03:41.0696 0x1ab0  Fs_Rec - ok
11:03:41.0727 0x1ab0  [ FA228F4BB10DC7ED7E7D131C034E2331, 0463B1DB8BB2B5AF95EAD988EA9DEB5483D9E78C07E07BAC1E3CC46C086B3BB0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:03:41.0727 0x1ab0  fvevol - ok
11:03:41.0758 0x1ab0  [ 3EF3FCCC0E70EEC5C2AD996F32BBA642, AC452FD68519DD1EFC971D223CBB3702F38146CB4203E2F6A4302EE3F76144EB ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
11:03:41.0774 0x1ab0  FxPPM - ok
11:03:41.0789 0x1ab0  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:03:41.0789 0x1ab0  gagp30kx - ok
11:03:41.0805 0x1ab0  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
11:03:41.0821 0x1ab0  gencounter - ok
11:03:41.0836 0x1ab0  [ CA18ECFCFFDD638ECE80799A9056B238, FEA6778443253CBAA9FF43A980D576A3F449B036151F91495F04CE0C54F02254 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
11:03:41.0836 0x1ab0  GPIOClx0101 - ok
11:03:41.0899 0x1ab0  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:03:41.0961 0x1ab0  gpsvc - ok
11:03:42.0024 0x1ab0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:03:42.0024 0x1ab0  gupdate - ok
11:03:42.0120 0x1ab0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:03:42.0121 0x1ab0  gupdatem - ok
11:03:42.0229 0x1ab0  [ 9FC1F11D4D19F61DFE5CC878B4557D3A, 17A0EC253D04FBD25C2113FD96FBF9D822E8295623C1B1DDA712FB102D42E956 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:03:42.0322 0x1ab0  HdAudAddService - ok
11:03:42.0354 0x1ab0  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
11:03:42.0354 0x1ab0  HDAudBus - ok
11:03:42.0369 0x1ab0  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
11:03:42.0369 0x1ab0  HidBatt - ok
11:03:42.0400 0x1ab0  [ A25BAE8C1F2830C8E5625EC7E4E968BE, 81D441B6616094C604453D8EC289C29D9B84A323B5C7C312C96C8380D51538DA ] HidBth          C:\Windows\System32\drivers\hidbth.sys
11:03:42.0400 0x1ab0  HidBth - ok
11:03:42.0416 0x1ab0  [ AC0526C4E3A7954F750B8F8D95EFB340, BE5180F60761F513B3CD5FC395BB8BCF6EAB6D7A910E0C824FFBEC128285F7A7 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
11:03:42.0432 0x1ab0  hidi2c - ok
11:03:42.0447 0x1ab0  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
11:03:42.0494 0x1ab0  HidIr - ok
11:03:42.0541 0x1ab0  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
11:03:42.0541 0x1ab0  hidserv - ok
11:03:42.0604 0x1ab0  [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch       C:\Windows\System32\drivers\AsHIDSwitch64.sys
11:03:42.0604 0x1ab0  HIDSwitch - ok
11:03:42.0635 0x1ab0  [ 590B6F71BCDA4368B4BF7D8DF22B60F7, 5CED8ACCBBF373607A8CEC81E9F9856C450A73A969E07DF3218B85F444CA7D3F ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
11:03:42.0635 0x1ab0  HidUsb - ok
11:03:42.0666 0x1ab0  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:03:42.0666 0x1ab0  hkmsvc - ok
11:03:42.0744 0x1ab0  [ 6CC1AD7B0E071C317B7FB8FC6AEF0EDA, 2A907E87E491F76B75F13CD921962EA4D1FF4C705E393F8FA3F48EC701E668F5 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:03:42.0760 0x1ab0  HomeGroupListener - ok
11:03:42.0822 0x1ab0  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:03:42.0854 0x1ab0  HomeGroupProvider - ok
11:03:42.0932 0x1ab0  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:03:42.0932 0x1ab0  HpSAMD - ok
11:03:42.0963 0x1ab0  [ 47DBBF38E00C3F7404B71F6509241EF1, CBB3B3F46F702605DD47F12C318984937D7E8384C0A6B62556A6961F74305292 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:03:42.0994 0x1ab0  HTTP - ok
11:03:43.0010 0x1ab0  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:03:43.0010 0x1ab0  hwpolicy - ok
11:03:43.0010 0x1ab0  hxsyol - ok
11:03:43.0026 0x1ab0  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
11:03:43.0041 0x1ab0  hyperkbd - ok
11:03:43.0057 0x1ab0  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
11:03:43.0072 0x1ab0  HyperVideo - ok
11:03:43.0088 0x1ab0  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
11:03:43.0104 0x1ab0  i8042prt - ok
11:03:43.0166 0x1ab0  [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
11:03:43.0182 0x1ab0  iaStorA - ok
11:03:43.0197 0x1ab0  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:03:43.0213 0x1ab0  iaStorV - ok
11:03:43.0933 0x1ab0  [ E5272DDF2C9043411809171715B4633D, B98E6565E7EA912E32746E1D35AD29C2EB9F3A21ACA8CB145C9F503B66AF0AFB ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:03:44.0359 0x1ab0  igfx - ok
11:03:44.0390 0x1ab0  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:03:44.0390 0x1ab0  iirsp - ok
11:03:44.0484 0x1ab0  [ 45EACE8D94B9CEC746A85154892C4FDC, F2507F1AA4C5D54EC8151B44CD033B231C708B57761432E5EDEE6219122301C2 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:03:44.0515 0x1ab0  IKEEXT - ok
11:03:44.0594 0x1ab0  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:03:44.0625 0x1ab0  Intel(R) Capability Licensing Service Interface - ok
11:03:44.0672 0x1ab0  [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:03:44.0672 0x1ab0  Intel(R) ME Service - ok
11:03:44.0703 0x1ab0  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:03:44.0703 0x1ab0  intelide - ok
11:03:44.0719 0x1ab0  [ F9E126AA767E2E6E3128434A43C9F713, 1BF023083158DB1D76E89C77D383C082F1CA19F00C8FC3B0C30A93263A32BCEA ] intelppm        C:\Windows\System32\drivers\intelppm.sys
11:03:44.0719 0x1ab0  intelppm - ok
11:03:44.0734 0x1ab0  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:03:44.0750 0x1ab0  IpFilterDriver - ok
11:03:44.0781 0x1ab0  [ CAC5202757EF68C4849B0DFFA75F6D3C, D68EDCED68DB7755AA8BE5EC2784C124888BA4ED33B3E366FD83C3E64E42B770 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:03:44.0828 0x1ab0  iphlpsvc - ok
11:03:44.0828 0x1ab0  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
11:03:44.0844 0x1ab0  IPMIDRV - ok
11:03:44.0859 0x1ab0  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:03:44.0875 0x1ab0  IPNAT - ok
11:03:44.0906 0x1ab0  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:03:44.0906 0x1ab0  IRENUM - ok
11:03:44.0937 0x1ab0  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:03:44.0937 0x1ab0  isapnp - ok
11:03:44.0969 0x1ab0  [ F5F0DE1B7F256997501EECECE9648108, F9B602EA6B278980A299BB7A393ED09388761DE56162AC998398AB95B5A4EC3E ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
11:03:44.0969 0x1ab0  iScsiPrt - ok
11:03:44.0984 0x1ab0  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:03:45.0000 0x1ab0  jhi_service - ok
11:03:45.0016 0x1ab0  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
11:03:45.0016 0x1ab0  kbdclass - ok
11:03:45.0031 0x1ab0  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
11:03:45.0031 0x1ab0  kbdhid - ok
11:03:45.0062 0x1ab0  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\Windows\System32\drivers\kbfiltr.sys
11:03:45.0062 0x1ab0  kbfiltr - ok
11:03:45.0062 0x1ab0  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
11:03:45.0078 0x1ab0  kdnic - ok
11:03:45.0094 0x1ab0  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso          C:\Windows\system32\lsass.exe
11:03:45.0094 0x1ab0  KeyIso - ok
11:03:45.0109 0x1ab0  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:03:45.0109 0x1ab0  KSecDD - ok
11:03:45.0140 0x1ab0  [ E427D299CFE267A2465D3AAF81440ED9, 78F2649FDFF78C358E4FF8EB9772F726A23457658C1CCEABA4D4DEF6927A0423 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:03:45.0140 0x1ab0  KSecPkg - ok
11:03:45.0156 0x1ab0  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:03:45.0156 0x1ab0  ksthunk - ok
11:03:45.0187 0x1ab0  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:03:45.0203 0x1ab0  KtmRm - ok
11:03:45.0219 0x1ab0  [ CBD16721541EE334F6D623CE0B4003BF, DE2C6345B2051AD4C3A3F3AB89AB63AE58A0BA6AB0BCB6B0DFCE6BCD0E8E9519 ] L1C             C:\Windows\system32\DRIVERS\L1C63x64.sys
11:03:45.0219 0x1ab0  L1C - ok
11:03:45.0250 0x1ab0  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:03:45.0265 0x1ab0  LanmanServer - ok
11:03:45.0297 0x1ab0  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:03:45.0297 0x1ab0  LanmanWorkstation - ok
11:03:45.0312 0x1ab0  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:03:45.0312 0x1ab0  lltdio - ok
11:03:45.0359 0x1ab0  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:03:45.0359 0x1ab0  lltdsvc - ok
11:03:45.0375 0x1ab0  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:03:45.0375 0x1ab0  lmhosts - ok
11:03:45.0375 0x1ab0  LMIInfo - ok
11:03:45.0390 0x1ab0  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
11:03:45.0390 0x1ab0  lmimirr - ok
11:03:45.0390 0x1ab0  LMIRfsClientNP - ok
11:03:45.0406 0x1ab0  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
11:03:45.0422 0x1ab0  LMIRfsDriver - ok
11:03:45.0437 0x1ab0  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:03:45.0453 0x1ab0  LMS - ok
11:03:45.0484 0x1ab0  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:03:45.0547 0x1ab0  LSI_SAS - ok
11:03:45.0562 0x1ab0  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:03:45.0578 0x1ab0  LSI_SAS2 - ok
11:03:45.0594 0x1ab0  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:03:45.0594 0x1ab0  LSI_SCSI - ok
11:03:45.0625 0x1ab0  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
11:03:45.0625 0x1ab0  LSI_SSS - ok
11:03:45.0656 0x1ab0  [ 8FEFDCEE40B75FD23B4BC60DA6576113, 1C3B690B00D95F6A4DB9225A42B1E5BF5A586785A3E097A9D46D35D580490924 ] LSM             C:\Windows\System32\lsm.dll
11:03:45.0672 0x1ab0  LSM - ok
11:03:45.0687 0x1ab0  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:03:45.0687 0x1ab0  luafv - ok
11:03:45.0703 0x1ab0  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:03:45.0719 0x1ab0  megasas - ok
11:03:45.0734 0x1ab0  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:03:45.0750 0x1ab0  MegaSR - ok
11:03:45.0766 0x1ab0  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
11:03:45.0766 0x1ab0  MEIx64 - ok
11:03:45.0781 0x1ab0  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll
11:03:45.0781 0x1ab0  MMCSS - ok
11:03:45.0797 0x1ab0  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
11:03:45.0812 0x1ab0  Modem - ok
11:03:45.0828 0x1ab0  [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935, CC3F4E09F8834C7293B607446FECFE3CBB9B9151E65AAD38E2A4A8B30244DE14 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:03:45.0828 0x1ab0  monitor - ok
11:03:45.0844 0x1ab0  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
11:03:45.0844 0x1ab0  mouclass - ok
11:03:45.0859 0x1ab0  [ CB2527B8B87D83E56FBF3944BBB6F606, F8DA5AF97B91099C58E14D1DACBCA02AF8F193E53A88DDC8CC4C0655A2E4F90B ] mouhid          C:\Windows\System32\drivers\mouhid.sys
11:03:45.0875 0x1ab0  mouhid - ok
11:03:45.0875 0x1ab0  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:03:45.0875 0x1ab0  mountmgr - ok
11:03:45.0891 0x1ab0  [ 36BF4D86F166ACBC14F0B8B8F90CBCEA, 9127DB0ABCCF57DEEB6447EEE33C5F4724472763DB1941D6FA74C745512D0DA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:03:45.0891 0x1ab0  mpsdrv - ok
11:03:45.0937 0x1ab0  [ 411EA973A1961C287927DF13891EB41E, 1DA42631346FF8B43443A4DCE838AEB3C7166FBB272FC47740B09A1A1CE5CCBC ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:03:45.0969 0x1ab0  MpsSvc - ok
11:03:46.0000 0x1ab0  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:03:46.0016 0x1ab0  MRxDAV - ok
11:03:46.0047 0x1ab0  [ 1EEAA5A62E8C49DDF58798F06F78BFFA, D5F37463EC4E4E5F538DCB4B98BFE1415A7CCFA9641BED0621B5BCEBEA91E184 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:03:46.0047 0x1ab0  mrxsmb - ok
11:03:46.0062 0x1ab0  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:03:46.0078 0x1ab0  mrxsmb10 - ok
11:03:46.0094 0x1ab0  [ BFBE1EA55ECC15733933D429E384BCA4, 01B2C5B5D92E8F33F5F86A372AE0AFF22779E70377B0C904BEFD0998906DD8B7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:03:46.0109 0x1ab0  mrxsmb20 - ok
11:03:46.0128 0x1ab0  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
11:03:46.0133 0x1ab0  MsBridge - ok
11:03:46.0164 0x1ab0  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
11:03:46.0180 0x1ab0  MSDTC - ok
11:03:46.0196 0x1ab0  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:03:46.0196 0x1ab0  Msfs - ok
11:03:46.0211 0x1ab0  [ C9BFB0353099B071E70299549C18C8AE, 5BEB200A6B824F63E2F39BA4F0693DBAC948BEA3B5A56AC9715716F1CE387566 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
11:03:46.0211 0x1ab0  msgpiowin32 - ok
11:03:46.0242 0x1ab0  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:03:46.0242 0x1ab0  mshidkmdf - ok
11:03:46.0242 0x1ab0  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
11:03:46.0258 0x1ab0  mshidumdf - ok
11:03:46.0258 0x1ab0  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:03:46.0274 0x1ab0  msisadrv - ok
11:03:46.0321 0x1ab0  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:03:46.0336 0x1ab0  MSiSCSI - ok
11:03:46.0336 0x1ab0  msiserver - ok
11:03:46.0352 0x1ab0  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:03:46.0367 0x1ab0  MSKSSRV - ok
11:03:46.0383 0x1ab0  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
11:03:46.0383 0x1ab0  MsLldp - ok
11:03:46.0399 0x1ab0  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:03:46.0414 0x1ab0  MSPCLOCK - ok
11:03:46.0430 0x1ab0  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:03:46.0446 0x1ab0  MSPQM - ok
11:03:46.0461 0x1ab0  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:03:46.0477 0x1ab0  MsRPC - ok
11:03:46.0492 0x1ab0  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
11:03:46.0492 0x1ab0  mssmbios - ok
11:03:46.0492 0x1ab0  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:03:46.0508 0x1ab0  MSTEE - ok
11:03:46.0524 0x1ab0  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
11:03:46.0539 0x1ab0  MTConfig - ok
11:03:46.0555 0x1ab0  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
11:03:46.0555 0x1ab0  Mup - ok
11:03:46.0571 0x1ab0  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
11:03:46.0571 0x1ab0  mvumis - ok
11:03:46.0617 0x1ab0  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
11:03:46.0633 0x1ab0  napagent - ok
11:03:46.0664 0x1ab0  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:03:46.0664 0x1ab0  NativeWifiP - ok
11:03:46.0696 0x1ab0  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
11:03:46.0711 0x1ab0  NcaSvc - ok
11:03:46.0727 0x1ab0  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
11:03:46.0727 0x1ab0  NcdAutoSetup - ok
11:03:46.0758 0x1ab0  [ FE6463C1574610E26ED8DE2054DF59A4, 736680A9B567709A32D668D84A1AD630AD5CE048BBC3005826EB8F7E40C6ABA2 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:03:46.0805 0x1ab0  NDIS - ok
11:03:46.0836 0x1ab0  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:03:46.0836 0x1ab0  NdisCap - ok
11:03:46.0852 0x1ab0  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:03:46.0852 0x1ab0  NdisImPlatform - ok
11:03:46.0883 0x1ab0  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:03:46.0899 0x1ab0  NdisTapi - ok
11:03:46.0899 0x1ab0  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:03:46.0899 0x1ab0  Ndisuio - ok
11:03:46.0930 0x1ab0  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:03:46.0946 0x1ab0  NdisWan - ok
11:03:46.0946 0x1ab0  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
11:03:46.0946 0x1ab0  NDISWANLEGACY - ok
11:03:46.0961 0x1ab0  [ CE6EBC0AD38CC6482D8FBB744FF15CE2, B8712DB2E574ECFBC840FAAFB874644AB56909382BA2A5A8BC599874BBEAA543 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:03:46.0961 0x1ab0  NDProxy - ok
11:03:46.0977 0x1ab0  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
11:03:46.0977 0x1ab0  Ndu - ok
11:03:46.0992 0x1ab0  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:03:46.0992 0x1ab0  NetBIOS - ok
11:03:47.0039 0x1ab0  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:03:47.0071 0x1ab0  NetBT - ok
11:03:47.0102 0x1ab0  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon        C:\Windows\system32\lsass.exe
11:03:47.0102 0x1ab0  Netlogon - ok
11:03:47.0180 0x1ab0  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
11:03:47.0180 0x1ab0  Netman - ok
11:03:47.0227 0x1ab0  [ 20F6FD63E6D456114BC8056D62792786, 12EDB8DD4D647F8CF680ABD1A36704EE9BEBE5F65C821E6D76F798441AF2C199 ] netprofm        C:\Windows\System32\netprofmsvc.dll
11:03:47.0242 0x1ab0  netprofm - ok
11:03:47.0352 0x1ab0  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:03:47.0430 0x1ab0  NetTcpPortSharing - ok
11:03:47.0930 0x1ab0  [ 57B9C04D673F236D41FAB03842C8640B, 898DCBBBF94875059CD328B0FC75BE36A4E3DD471C6E28BFAE064BCF84349518 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
11:03:48.0249 0x1ab0  NETwNs64 - ok
11:03:48.0296 0x1ab0  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:03:48.0311 0x1ab0  nfrd960 - ok
11:03:48.0358 0x1ab0  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:03:48.0374 0x1ab0  NlaSvc - ok
11:03:48.0389 0x1ab0  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:03:48.0389 0x1ab0  Npfs - ok
11:03:48.0405 0x1ab0  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
11:03:48.0421 0x1ab0  npsvctrig - ok
11:03:48.0436 0x1ab0  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
11:03:48.0436 0x1ab0  nsi - ok
11:03:48.0452 0x1ab0  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:03:48.0452 0x1ab0  nsiproxy - ok
11:03:48.0514 0x1ab0  [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD, 4F9872ACF27D9C7D52256CAB09AEEC760402B69088789018D0736F16236C1FE3 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:03:48.0577 0x1ab0  Ntfs - ok
11:03:48.0592 0x1ab0  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
11:03:48.0608 0x1ab0  Null - ok
11:03:48.0624 0x1ab0  [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:03:48.0655 0x1ab0  NVHDA - ok
11:03:49.0437 0x1ab0  [ 3DACF2705582853756994A9EE87ABED8, 2A56F88C2169A835EA7D8C3567216B9F1D5324AE01CAB3E0E31C0042C2F1AD9B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:03:49.0781 0x1ab0  nvlddmkm - ok
11:03:50.0031 0x1ab0  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:03:50.0031 0x1ab0  nvraid - ok
11:03:50.0062 0x1ab0  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:03:50.0062 0x1ab0  nvstor - ok
11:03:50.0109 0x1ab0  [ 55AEE39B2229688072E66682DA0614B5, 9DCABFEFA28E531354DE958064941FC635686C41F3D6B56D0DA87EB060B13C52 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:03:50.0140 0x1ab0  nvsvc - ok
11:03:50.0285 0x1ab0  [ CBF57D045F325D790D061B97F69E75D6, 18E38A1941F9B7B0A897BBA2A01B4EE15159C08105B5319EDD5D49AF067086FF ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:03:50.0301 0x1ab0  nvUpdatusService - ok
11:03:50.0316 0x1ab0  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:03:50.0316 0x1ab0  nv_agp - ok
11:03:50.0613 0x1ab0  [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service D:\Origin\OriginClientService.exe
11:03:50.0910 0x1ab0  Origin Client Service - ok
11:03:50.0973 0x1ab0  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:03:50.0973 0x1ab0  p2pimsvc - ok
11:03:51.0020 0x1ab0  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:03:51.0035 0x1ab0  p2psvc - ok
11:03:51.0082 0x1ab0  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
11:03:51.0082 0x1ab0  Parport - ok
11:03:51.0098 0x1ab0  [ C1D7BA7F0DE487DFEEB51BF8D3EC5562, 72F38D6C6FD1ED6E1BC47B781A06FFBE29C99A70382D38759B53A184F61B6643 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:03:51.0098 0x1ab0  partmgr - ok
11:03:51.0113 0x1ab0  [ 19E41F140A6ADBD38943710DA7FF0E38, AF9FDBEB0E519B7EA034C76077E514FE27138204E9874F4DDEA0B1CB26A45BA0 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:03:51.0129 0x1ab0  PcaSvc - ok
11:03:51.0145 0x1ab0  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
11:03:51.0160 0x1ab0  pci - ok
11:03:51.0176 0x1ab0  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
11:03:51.0176 0x1ab0  pciide - ok
11:03:51.0207 0x1ab0  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:03:51.0207 0x1ab0  pcmcia - ok
11:03:51.0223 0x1ab0  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
11:03:51.0223 0x1ab0  pcw - ok
11:03:51.0254 0x1ab0  [ A192B9FC67F181A78B05175EE0A244FA, CC62F12062066AAF0BD96163448FA5599F3B468E7DFE5704FF5288F32F01391B ] pdc             C:\Windows\system32\drivers\pdc.sys
11:03:51.0254 0x1ab0  pdc - ok
11:03:51.0285 0x1ab0  [ 70DBB6A8B52B3830922F1C5789E1BEEB, 30288885789753FE19B51A200137E916E10BCD4211EFF50931C19E88824EADC0 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:03:51.0332 0x1ab0  PEAUTH - ok
11:03:51.0535 0x1ab0  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:03:51.0707 0x1ab0  PerfHost - ok
11:03:51.0957 0x1ab0  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
11:03:52.0004 0x1ab0  pla - ok
11:03:52.0051 0x1ab0  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:03:52.0051 0x1ab0  PlugPlay - ok
11:03:52.0098 0x1ab0  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:03:52.0098 0x1ab0  PNRPAutoReg - ok
11:03:52.0129 0x1ab0  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:03:52.0129 0x1ab0  PNRPsvc - ok
11:03:52.0274 0x1ab0  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:03:52.0289 0x1ab0  PolicyAgent - ok
11:03:52.0367 0x1ab0  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll
11:03:52.0367 0x1ab0  Power - ok
11:03:52.0399 0x1ab0  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:03:52.0414 0x1ab0  PptpMiniport - ok
11:03:52.0633 0x1ab0  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE, 878E46E308BC3AC689CFC401BAA12D217BFB9911C29A10DB5DFFAC250A58CE55 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:03:52.0711 0x1ab0  PrintNotify - ok
11:03:52.0727 0x1ab0  [ 8DA167F8967AB35A2487095CB1B879A0, 78FD1D87F0A52254DFD71B76BEEA4179CECF830D1CF623A12FBD991B7C1CDDC1 ] Processor       C:\Windows\System32\drivers\processr.sys
11:03:52.0727 0x1ab0  Processor - ok
11:03:52.0758 0x1ab0  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll
11:03:52.0758 0x1ab0  ProfSvc - ok
11:03:52.0805 0x1ab0  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:03:52.0805 0x1ab0  Psched - ok
11:03:52.0821 0x1ab0  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
11:03:52.0836 0x1ab0  QWAVE - ok
11:03:52.0883 0x1ab0  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:03:52.0899 0x1ab0  QWAVEdrv - ok
11:03:52.0930 0x1ab0  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:03:52.0946 0x1ab0  RasAcd - ok
11:03:52.0977 0x1ab0  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:03:52.0993 0x1ab0  RasAgileVpn - ok
11:03:53.0039 0x1ab0  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
11:03:53.0039 0x1ab0  RasAuto - ok
11:03:53.0102 0x1ab0  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:03:53.0118 0x1ab0  Rasl2tp - ok
11:03:53.0243 0x1ab0  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
11:03:53.0321 0x1ab0  RasMan - ok
11:03:53.0368 0x1ab0  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:03:53.0383 0x1ab0  RasPppoe - ok
11:03:53.0414 0x1ab0  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:03:53.0430 0x1ab0  RasSstp - ok
11:03:53.0508 0x1ab0  [ B72C33DBD5326B3864CF2091AF8B906B, 85A22311FA870CE43CF70F69D7D101D96B9095A992DCF5FA1587886F6D4282DC ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:03:53.0524 0x1ab0  rdbss - ok
11:03:53.0586 0x1ab0  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
11:03:53.0602 0x1ab0  rdpbus - ok
11:03:53.0680 0x1ab0  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:03:53.0680 0x1ab0  RDPDR - ok
11:03:53.0711 0x1ab0  [ 3B4F32CA8B37584ECF98BCE136E38B96, 2B39224FEF5C0AE000FF667B3D6C3C279DBEE8EABAE2F5C40BBCF6DDFFD4DE3C ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:03:53.0711 0x1ab0  RdpVideoMiniport - ok
11:03:53.0805 0x1ab0  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:03:53.0821 0x1ab0  RDPWD - ok
11:03:53.0837 0x1ab0  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:03:53.0837 0x1ab0  rdyboost - ok
11:03:53.0869 0x1ab0  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:03:53.0869 0x1ab0  RemoteAccess - ok
11:03:53.0931 0x1ab0  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:03:53.0931 0x1ab0  RemoteRegistry - ok
11:03:53.0947 0x1ab0  [ 17EF582CBC4809F96B9E6D0543480763, 7097ACDC565A50C7F3F8659693356EE9CAA6B922124C27C4F9D7C89526A87481 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:03:53.0962 0x1ab0  RFCOMM - ok
11:03:54.0009 0x1ab0  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:03:54.0009 0x1ab0  RpcEptMapper - ok
11:03:54.0072 0x1ab0  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
11:03:54.0072 0x1ab0  RpcLocator - ok
11:03:54.0103 0x1ab0  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
11:03:54.0119 0x1ab0  RpcSs - ok
11:03:54.0134 0x1ab0  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:03:54.0150 0x1ab0  rspndr - ok
11:03:54.0170 0x1ab0  [ 15923AA360F7675D3D43C9669316A0BA, AD1852732082140C62CC44A01914162E44BF412B4A852DF27DC0E0765E64288F ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
11:03:54.0201 0x1ab0  RTL8168 - ok
11:03:54.0217 0x1ab0  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
11:03:54.0232 0x1ab0  s3cap - ok
11:03:54.0248 0x1ab0  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs           C:\Windows\system32\lsass.exe
11:03:54.0248 0x1ab0  SamSs - ok
11:03:54.0279 0x1ab0  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:03:54.0279 0x1ab0  sbp2port - ok
11:03:54.0311 0x1ab0  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:03:54.0311 0x1ab0  SCardSvr - ok
11:03:54.0326 0x1ab0  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:03:54.0326 0x1ab0  scfilter - ok
11:03:54.0373 0x1ab0  [ EDCDF4DB82EF825B94B190D544C8C58B, 65E316CB66893FBA852D44F6ACE0F1DA415DBADADCA838B31DF3AB6B681E33B6 ] Schedule        C:\Windows\system32\schedsvc.dll
11:03:54.0420 0x1ab0  Schedule - ok
11:03:54.0451 0x1ab0  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:03:54.0451 0x1ab0  SCPolicySvc - ok
11:03:54.0514 0x1ab0  [ A27CF856218B1B1442A7A3B5CF94B4B9, A3BBF36034BBF92E81FDDB9E22370D9AF132997593452BEAAEDCBA43BC5F5D79 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
11:03:54.0529 0x1ab0  sdbus - ok
11:03:54.0545 0x1ab0  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:03:54.0545 0x1ab0  SDRSVC - ok
11:03:54.0576 0x1ab0  [ 74369A913837FB46C3B27373DA2ADF4E, 30CB6AD90520D410D914C5D654C8838DF13B2FC850EB7F0BFB2B937F9BC14E2E ] sdstor          C:\Windows\System32\drivers\sdstor.sys
11:03:54.0576 0x1ab0  sdstor - ok
11:03:54.0592 0x1ab0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:03:54.0607 0x1ab0  secdrv - ok
11:03:54.0623 0x1ab0  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
11:03:54.0623 0x1ab0  seclogon - ok
11:03:54.0639 0x1ab0  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
11:03:54.0654 0x1ab0  SENS - ok
11:03:54.0670 0x1ab0  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:03:54.0670 0x1ab0  SensrSvc - ok
11:03:54.0701 0x1ab0  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
11:03:54.0717 0x1ab0  SerCx - ok
11:03:54.0733 0x1ab0  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
11:03:54.0733 0x1ab0  Serenum - ok
11:03:54.0764 0x1ab0  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
11:03:54.0779 0x1ab0  Serial - ok
11:03:54.0795 0x1ab0  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
11:03:54.0795 0x1ab0  sermouse - ok
11:03:54.0826 0x1ab0  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:03:54.0842 0x1ab0  SessionEnv - ok
11:03:54.0858 0x1ab0  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
11:03:54.0858 0x1ab0  sfloppy - ok
11:03:54.0998 0x1ab0  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:03:55.0014 0x1ab0  SharedAccess - ok
11:03:55.0076 0x1ab0  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:03:55.0108 0x1ab0  ShellHWDetection - ok
11:03:55.0123 0x1ab0  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:03:55.0123 0x1ab0  SiSRaid2 - ok
11:03:55.0154 0x1ab0  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:03:55.0154 0x1ab0  SiSRaid4 - ok
11:03:55.0248 0x1ab0  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:03:55.0248 0x1ab0  SkypeUpdate - ok
11:03:55.0326 0x1ab0  [ E21869A63A7E71BE2216E586B6F023DB, 9D71A86D6069D6309B4D0A6EF63EF8D0A5CBD50CB12181E36591A3794226D40A ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
11:03:55.0326 0x1ab0  SmbDrvI - ok
11:03:55.0358 0x1ab0  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:03:55.0358 0x1ab0  SNMPTRAP - ok
11:03:55.0389 0x1ab0  [ 465F3C355CE5ED2779B8F460F14C5A78, 4CDFBACBC2C228D6655DFE151249725D72D58DAE3299E15EAAEBC26FE0F712DC ] spaceport       C:\Windows\system32\drivers\spaceport.sys
11:03:55.0404 0x1ab0  spaceport - ok
11:03:55.0420 0x1ab0  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
11:03:55.0420 0x1ab0  SpbCx - ok
11:03:55.0467 0x1ab0  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
11:03:55.0498 0x1ab0  Spooler - ok
11:03:55.0701 0x1ab0  [ EC84D961501054F87A6878EC5D53388F, C69F3542B182BED4260EE1906361B72B9FFDE47FD92A161850E28BC6ED7505CC ] sppsvc          C:\Windows\system32\sppsvc.exe
11:03:55.0842 0x1ab0  sppsvc - ok
11:03:55.0873 0x1ab0  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:03:55.0889 0x1ab0  srv - ok
11:03:55.0920 0x1ab0  [ 0DE224F7B8041B17AA53D00327A86396, 283AD5E9EE8F0C2F47B81FF246BC42ED0656026DA760CAB9EA25611785BBFED8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:03:55.0936 0x1ab0  srv2 - ok
11:03:55.0951 0x1ab0  [ 9400C71F5A1A380B494B6922F007D485, 66C293974BA4A61A06DC26EF48D5FA5E75377F66AD1CD774AA6827FA20A5F46E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:03:55.0951 0x1ab0  srvnet - ok
11:03:55.0983 0x1ab0  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:03:55.0983 0x1ab0  SSDPSRV - ok
11:03:56.0029 0x1ab0  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:03:56.0029 0x1ab0  SstpSvc - ok
11:03:56.0123 0x1ab0  [ C154DBA4FEB177C6A22C14E1143015A2, 590E32FB2D7488FBBEECC7E9231A61EFA4DD824954BD13C1242A304A73F82A3E ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:03:56.0123 0x1ab0  Stereo Service - ok
11:03:56.0154 0x1ab0  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:03:56.0154 0x1ab0  stexstor - ok
11:03:56.0206 0x1ab0  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
11:03:56.0222 0x1ab0  stisvc - ok
11:03:56.0253 0x1ab0  [ C588BBD37B432CE3204E5765B459E6B2, 6A30570C82390C4D6668137D05C7EFBE243CAC243CBE405D308E3F7B2BC5729D ] storahci        C:\Windows\system32\drivers\storahci.sys
11:03:56.0253 0x1ab0  storahci - ok
11:03:56.0269 0x1ab0  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
11:03:56.0269 0x1ab0  storflt - ok
11:03:56.0316 0x1ab0  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
11:03:56.0316 0x1ab0  StorSvc - ok
11:03:56.0347 0x1ab0  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:03:56.0347 0x1ab0  storvsc - ok
11:03:56.0363 0x1ab0  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
11:03:56.0363 0x1ab0  svsvc - ok
11:03:56.0394 0x1ab0  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
11:03:56.0394 0x1ab0  swenum - ok
11:03:56.0410 0x1ab0  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
11:03:56.0425 0x1ab0  swprv - ok
11:03:56.0456 0x1ab0  [ EAEECEEA44BF82B58CB835C13617FBCD, ACE7170983F77B574D6CA68A61C6834D2113362D81CAB416507E780E9BE603C7 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:03:56.0472 0x1ab0  SynTP - ok
11:03:56.0519 0x1ab0  [ DC21E1F06343773D7E24362DCEF7944B, E5C13A2D4DEEBEDC6E0E4882FFC56322EA0474A3BD8B1C8A077293F433854F9B ] SysMain         C:\Windows\system32\sysmain.dll
11:03:56.0566 0x1ab0  SysMain - ok
11:03:56.0581 0x1ab0  [ 079244F281621FEDCC161D3923E858FE, A9997FF335B2A81CD9C1DFF8177FBBD4E36360BC1F3E7CD260144806EB12BC5E ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
11:03:56.0581 0x1ab0  SystemEventsBroker - ok
11:03:56.0613 0x1ab0  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
11:03:56.0613 0x1ab0  TabletInputService - ok
11:03:56.0628 0x1ab0  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:03:56.0628 0x1ab0  TapiSrv - ok
11:03:56.0706 0x1ab0  [ 1D644E2D0FC395A055AB1C23C3B43631, 2AF96480449756C76C2466E546912D1EBB2847490BF611FEBE842CC25EA98765 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:03:56.0769 0x1ab0  Tcpip - ok
11:03:56.0847 0x1ab0  [ 1D644E2D0FC395A055AB1C23C3B43631, 2AF96480449756C76C2466E546912D1EBB2847490BF611FEBE842CC25EA98765 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:03:56.0863 0x1ab0  TCPIP6 - ok
11:03:56.0941 0x1ab0  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:03:57.0035 0x1ab0  tcpipreg - ok
11:03:57.0331 0x1ab0  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:03:58.0209 0x1ab0  tdx - ok
11:03:58.0537 0x1ab0  [ 6EC042A004268B3EA2FB96D939303095, 0E889FB317AF484DA4A8529C5569350C69F4587C2B455C0F559E8061ECC2247B ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
11:03:58.0693 0x1ab0  TeamViewer - ok
11:03:58.0735 0x1ab0  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
11:03:58.0735 0x1ab0  terminpt - ok
11:03:58.0860 0x1ab0  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll
11:03:58.0908 0x1ab0  TermService - ok
11:03:58.0971 0x1ab0  [ FBAC60FDCBEBEB65B25C964652D8B4E1, 32B1F92560C291A94BB90E7FAF42D6B82D286190D3C1CDB3993472EE2213C4B4 ] TesSafe         C:\Windows\system32\TesSafe.sys
11:03:59.0002 0x1ab0  TesSafe - ok
11:03:59.0033 0x1ab0  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
11:03:59.0033 0x1ab0  Themes - ok
11:03:59.0111 0x1ab0  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:03:59.0111 0x1ab0  THREADORDER - ok
11:03:59.0236 0x1ab0  [ 52066C139CC189468845D5BE557B25EB, 65A6828240CC06435C1A5FD48B443C3023CE2E8A0A6BDEF67795612457B0CF60 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
11:03:59.0252 0x1ab0  TimeBroker - ok
11:03:59.0283 0x1ab0  [ B44EFE254C0B3719E4037088D24FE4B5, 5AC07658A599470C2BCB2813E644B132DDF886510470F5CC636113CEC48DC0F3 ] TPM             C:\Windows\system32\drivers\tpm.sys
11:03:59.0283 0x1ab0  TPM - ok
11:03:59.0361 0x1ab0  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
11:03:59.0361 0x1ab0  TrkWks - ok
11:03:59.0408 0x1ab0  [ 8D516AEF3C1DF980664CF17BB1FF6093, D68A82D7DE647EAD68D5B8F3E8174B520C7FC6387EC68C8685B3E161C6020488 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:03:59.0424 0x1ab0  TrustedInstaller - ok
11:03:59.0455 0x1ab0  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:03:59.0471 0x1ab0  TsUsbFlt - ok
11:03:59.0471 0x1ab0  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
11:03:59.0486 0x1ab0  TsUsbGD - ok
11:03:59.0518 0x1ab0  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:03:59.0533 0x1ab0  tunnel - ok
11:03:59.0549 0x1ab0  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:03:59.0549 0x1ab0  uagp35 - ok
11:03:59.0564 0x1ab0  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
11:03:59.0580 0x1ab0  UASPStor - ok
11:03:59.0611 0x1ab0  [ 1ED222DFE6C13DA50FE081ABF90CAFE1, B3DFAE29D2E08E2A5ABEF8B4D2C03CD25EE22B11D6E0B6BFCAC2D09B8D73AD49 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
11:03:59.0611 0x1ab0  UCX01000 - ok
11:03:59.0658 0x1ab0  [ DC5A461591C71AF7F19DC048A81E3F88, C6689C70B6CDE5A5707C06ABDC9CABF87CCE549BD23B96969EF3AA177A889320 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:03:59.0705 0x1ab0  udfs - ok
11:03:59.0736 0x1ab0  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:03:59.0736 0x1ab0  UI0Detect - ok
11:03:59.0783 0x1ab0  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:03:59.0783 0x1ab0  uliagpkx - ok
11:03:59.0830 0x1ab0  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
11:03:59.0861 0x1ab0  umbus - ok
11:03:59.0877 0x1ab0  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
11:03:59.0877 0x1ab0  UmPass - ok
11:03:59.0908 0x1ab0  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:03:59.0924 0x1ab0  UmRdpService - ok
11:04:00.0174 0x1ab0  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:04:00.0191 0x1ab0  UNS - ok
11:04:00.0443 0x1ab0  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
11:04:00.0475 0x1ab0  upnphost - ok
11:04:00.0537 0x1ab0  [ 3FBE0784E42E7BA93FCC5201D2BAFE23, B0B45103EA209DE5B75396C5A25CBBBFAF05E199C7B5092342DC3AFEB70A0CE6 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:04:00.0553 0x1ab0  usbaudio - ok
11:04:00.0631 0x1ab0  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B, AADB8991174CCDA3ADE14AF3EFB3A9826EC17A0F989F449FF43010A99D8CAA1F ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
11:04:00.0647 0x1ab0  usbccgp - ok
11:04:00.0865 0x1ab0  [ B395B62B62F28106218FA6FB17F4C797, 231CA3512B02BBE70E630A6304E899BCB741CE411FB10C2B3DE48E52034F24BB ] usbcir          C:\Windows\System32\drivers\usbcir.sys
11:04:00.0881 0x1ab0  usbcir - ok
11:04:00.0975 0x1ab0  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86, 93E2CC1D4A56A3BBDD85020A8F4AD1B9B119953DB83A155C56D667924D5D8A02 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
11:04:00.0990 0x1ab0  usbehci - ok
11:04:01.0178 0x1ab0  [ FBB6794E3BBAD92D66D59D206C1F849F, CEA5B07518699F09B2ABA372312FF0769B913DC4C43CC142BDB25274B52825DA ] usbhub          C:\Windows\System32\drivers\usbhub.sys
11:04:01.0225 0x1ab0  usbhub - ok
11:04:01.0381 0x1ab0  [ 7B886003CEEBF3C8E4FDF3586DCB3787, 7206C2F264EE3339460D5E1218B0A83E222CB670AB100A4FEB67AAF2FD6CC6C9 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
11:04:01.0381 0x1ab0  USBHUB3 - ok
11:04:01.0428 0x1ab0  [ EC1303E3DBF312B846377A84C0D15F27, D710EA9DC98FD157DF6B312AF5D716DD0AD2F3DF2351571DEA399642BC023EDD ] usbohci         C:\Windows\System32\drivers\usbohci.sys
11:04:01.0444 0x1ab0  usbohci - ok
11:04:01.0522 0x1ab0  [ BA3ABE0CD1C14B3295BAD0F076B84CAC, 19E0679D44A9BD9DDCC336C7DE784147D6CFC3DE4250D5CA31CE49867D51A414 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
11:04:01.0537 0x1ab0  usbprint - ok
11:04:01.0584 0x1ab0  [ F77177F6C95B2116EE7AD23B5EF57007, 646E345DE5AFF26B338E17BC9D03D0EDA5608DF77D7685DE7AFF6E4113B9EB87 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
11:04:01.0584 0x1ab0  USBSTOR - ok
11:04:01.0662 0x1ab0  [ D25EF4A6EC244C5DE85D88A05B7C149D, A08793945D5FDC2CCCB2C621853A69941F1A108DF6CB559F3E8A21A047A8CCB3 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
11:04:01.0678 0x1ab0  usbuhci - ok
11:04:01.0787 0x1ab0  [ 09799E701B4327097E9F63D3FE221083, CF2B97D5B3D434D8E5547B2A86771C69A6F7F4857CAD70865B50462A04A27A48 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:04:02.0084 0x1ab0  usbvideo - ok
11:04:02.0198 0x1ab0  [ 9CD4259AD15F84DE27B94A956C978D6C, F3289BBB1C52E49D8F76D07877541A74DFB7AD3E950C2E58A2C6CDC443F824CF ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
11:04:02.0276 0x1ab0  USBXHCI - ok
11:04:02.0307 0x1ab0  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc        C:\Windows\system32\lsass.exe
11:04:02.0307 0x1ab0  VaultSvc - ok
11:04:02.0416 0x1ab0  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:04:02.0416 0x1ab0  vdrvroot - ok
11:04:02.0682 0x1ab0  [ 00FBA165A1167738802DA5D0EE78EF10, 3BA85214F881AB2629CAD73BA0F8D7B1BD18831344FE4A56476B97591602B99B ] vds             C:\Windows\System32\vds.exe
11:04:02.0869 0x1ab0  vds - ok
11:04:03.0026 0x1ab0  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
11:04:03.0135 0x1ab0  VerifierExt - ok
11:04:03.0416 0x1ab0  [ 8628FA679F0EC4B709CCD1F6B6A3233B, E8A99795BB7956BFB9FDF6D24209280917FE6500E52F82F50C9FAD2EA6EDFA88 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
11:04:03.0432 0x1ab0  vhdmp - ok
11:04:03.0588 0x1ab0  [ ECFF1FACB0554F10C57426B216254011, 3EFD4B7E3BC43EE3FB3FFCE8304E603351067070323E96609960AA6EEBAA9D80 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
11:04:03.0682 0x1ab0  VIAHdAudAddService - ok
11:04:03.0698 0x1ab0  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:04:03.0713 0x1ab0  viaide - ok
11:04:03.0745 0x1ab0  [ CFCD3C58029F2C43CE0E5E5EABC8607A, 15F0B51DBA7A71F49550903E14582F7007DD8CAEE93567EBD641A7869E1C80D8 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
11:04:03.0760 0x1ab0  VIAKaraokeService - ok
11:04:03.0791 0x1ab0  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:04:03.0791 0x1ab0  vmbus - ok
11:04:03.0807 0x1ab0  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
11:04:03.0807 0x1ab0  VMBusHID - ok
11:04:03.0870 0x1ab0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
11:04:03.0885 0x1ab0  vmicheartbeat - ok
11:04:03.0916 0x1ab0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
11:04:03.0916 0x1ab0  vmickvpexchange - ok
11:04:03.0933 0x1ab0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
11:04:03.0933 0x1ab0  vmicrdv - ok
11:04:03.0933 0x1ab0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
11:04:03.0949 0x1ab0  vmicshutdown - ok
11:04:03.0949 0x1ab0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
11:04:03.0949 0x1ab0  vmictimesync - ok
11:04:03.0996 0x1ab0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
11:04:03.0996 0x1ab0  vmicvss - ok
11:04:04.0042 0x1ab0  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:04:04.0042 0x1ab0  volmgr - ok
11:04:04.0074 0x1ab0  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:04:04.0074 0x1ab0  volmgrx - ok
11:04:04.0121 0x1ab0  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE, 26FD9DBCFAEDE0F945D80B11769741A3A837F84461263217A43C458B674566EE ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:04:04.0121 0x1ab0  volsnap - ok
11:04:04.0152 0x1ab0  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
11:04:04.0152 0x1ab0  vpci - ok
11:04:04.0206 0x1ab0  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:04:04.0211 0x1ab0  vsmraid - ok
11:04:04.0263 0x1ab0  [ EA658570314042C914964FC72AB50E6B, 0B10E16D5136BF71EAF68F0D9A8B25F92F6D686BF9F80FEEB9F291221C6B8284 ] VSS             C:\Windows\system32\vssvc.exe
11:04:04.0326 0x1ab0  VSS - ok
11:04:04.0341 0x1ab0  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
11:04:04.0357 0x1ab0  VSTXRAID - ok
11:04:04.0373 0x1ab0  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:04:04.0373 0x1ab0  vwifibus - ok
11:04:04.0388 0x1ab0  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:04:04.0388 0x1ab0  vwififlt - ok
11:04:04.0388 0x1ab0  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:04:04.0404 0x1ab0  vwifimp - ok
11:04:04.0419 0x1ab0  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
11:04:04.0435 0x1ab0  W32Time - ok
11:04:04.0451 0x1ab0  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
11:04:04.0466 0x1ab0  WacomPen - ok
11:04:04.0482 0x1ab0  [ 6081CEC9EF9EB145D8B46655C7708D51, 34E421501185BDE9049AC68F0604F4AD694AF6DA1D52A7D75C2BD050B5817ADF ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
11:04:04.0498 0x1ab0  Wanarp - ok
11:04:04.0498 0x1ab0  [ 6081CEC9EF9EB145D8B46655C7708D51, 34E421501185BDE9049AC68F0604F4AD694AF6DA1D52A7D75C2BD050B5817ADF ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:04:04.0513 0x1ab0  Wanarpv6 - ok
11:04:04.0576 0x1ab0  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
11:04:04.0638 0x1ab0  wbengine - ok
11:04:04.0701 0x1ab0  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:04:04.0716 0x1ab0  WbioSrvc - ok
11:04:04.0732 0x1ab0  [ D9C1E82651BF19C6FF69CEC6FD400124, 93B96481A5B26F5617B16DD775AF0F8CE9001B30251FFF58D6EF9044D5EE91CD ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
11:04:04.0748 0x1ab0  Wcmsvc - ok
11:04:04.0794 0x1ab0  [ 4507D89FA9E4283100948C91E867D130, 7DEEE18C903752A46D9B23B8C8F50A0028E6682321B365EC87F87D1E7EFB8621 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:04:04.0794 0x1ab0  wcncsvc - ok
11:04:04.0826 0x1ab0  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:04:04.0841 0x1ab0  WcsPlugInService - ok
11:04:04.0873 0x1ab0  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
11:04:04.0888 0x1ab0  Wd - ok
11:04:04.0888 0x1ab0  [ 260F8DFC4D5748F4CCB9B19CFB0E58EA, 36A6B264677A8A5A4E4785C9BE49E39C82B552460C46026964B700CCBA51FBB0 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
11:04:04.0888 0x1ab0  WdBoot - ok
11:04:04.0919 0x1ab0  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:04:04.0951 0x1ab0  Wdf01000 - ok
11:04:04.0966 0x1ab0  [ 880FFFC4D5BBBB4187B6B04AB2E8C32A, 406363087976285481A8401FC5A8BBAF0DDCCC8D9228F39702D5B80ADC61EEA9 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
11:04:04.0982 0x1ab0  WdFilter - ok
11:04:04.0998 0x1ab0  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:04:05.0013 0x1ab0  WdiServiceHost - ok
11:04:05.0013 0x1ab0  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:04:05.0013 0x1ab0  WdiSystemHost - ok
11:04:05.0044 0x1ab0  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6 ] WebClient       C:\Windows\System32\webclnt.dll
11:04:05.0044 0x1ab0  WebClient - ok
11:04:05.0076 0x1ab0  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:04:05.0091 0x1ab0  Wecsvc - ok
11:04:05.0107 0x1ab0  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:04:05.0107 0x1ab0  wercplsupport - ok
11:04:05.0138 0x1ab0  [ 8E2426162ED6749A127B35D235F21E11, 3B92CE177DE926CC801B71EACC2901DB11BDBF4A1269A004BFFECB3047E17E4C ] WerSvc          C:\Windows\System32\WerSvc.dll
11:04:05.0138 0x1ab0  WerSvc - ok
11:04:05.0170 0x1ab0  [ FE762D3498719C3A23471BBA62F747B4, 7F9390D5B0133BF1FA66BFC5FD933E17AADEB7845F141948EE4A52AB779A69F8 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
11:04:05.0170 0x1ab0  WFPLWFS - ok
11:04:05.0185 0x1ab0  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
11:04:05.0185 0x1ab0  WiaRpc - ok
11:04:05.0201 0x1ab0  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:04:05.0216 0x1ab0  WIMMount - ok
11:04:05.0232 0x1ab0  WinDefend - ok
11:04:05.0357 0x1ab0  [ 1369928779943B5C7AABA263E6E2BBC1, 5DB4E77912051839B842F43B01933A07D72BD9E772F129573B1504361A9AA6A4 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
11:04:05.0404 0x1ab0  WinHttpAutoProxySvc - ok
11:04:05.0451 0x1ab0  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:04:05.0466 0x1ab0  Winmgmt - ok
11:04:05.0716 0x1ab0  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:04:05.0810 0x1ab0  WinRM - ok
11:04:05.0841 0x1ab0  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
11:04:05.0857 0x1ab0  WinUsb - ok
11:04:05.0966 0x1ab0  [ 19B3CFB1D6516AB2C54772CB75426AD4, 9DB10D2BE984AC665562FB6095F32E0A9E7FDCCF1580C87A7F5DCEAA3EC4C463 ] WlanSvc         C:\Windows\System32\wlansvc.dll
11:04:06.0029 0x1ab0  WlanSvc - ok
11:04:06.0123 0x1ab0  [ 08EFA13A2234C8C3B8A99E4B88BE7E9B, 460ACD1687A2E5443A1B0E1786A517E67DB876403AC3498555848BD16DA08929 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
11:04:06.0201 0x1ab0  wlidsvc - ok
11:04:06.0252 0x1ab0  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
11:04:06.0252 0x1ab0  WmiAcpi - ok
11:04:06.0299 0x1ab0  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:04:06.0299 0x1ab0  wmiApSrv - ok
11:04:06.0330 0x1ab0  WMPNetworkSvc - ok
11:04:06.0346 0x1ab0  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
11:04:06.0362 0x1ab0  wpcfltr - ok
11:04:06.0393 0x1ab0  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:04:06.0393 0x1ab0  WPCSvc - ok
11:04:06.0408 0x1ab0  [ 94AA5150E35B3ABB7191FE641E3C2473, 48CC776E92579188FF75BADFABF7BDBED0092AF5EE2BDBDEF9C3834A01E39CAB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:04:06.0408 0x1ab0  WPDBusEnum - ok
11:04:06.0455 0x1ab0  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
11:04:06.0455 0x1ab0  WpdUpFltr - ok
11:04:06.0487 0x1ab0  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:04:06.0487 0x1ab0  ws2ifsl - ok
11:04:06.0518 0x1ab0  [ FB0C1B7F94FA08E72F19F6F2CE7210E1, DC5475E9172BD732A654838CDB8057FCD83A02060C0C79B141F74A74D4C77555 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:04:06.0518 0x1ab0  wscsvc - ok
11:04:06.0518 0x1ab0  WSearch - ok
11:04:06.0596 0x1ab0  [ C10BFFEE7E0D7A1366E84F251796C51D, E1FD1DF5F5C5934F9A8584D54F35720655AC4F5D4CFD69CD1E063C0BBEC4D33D ] WSService       C:\Windows\System32\WSService.dll
11:04:06.0674 0x1ab0  WSService - ok
11:04:06.0830 0x1ab0  [ 69DDDAF7BB4D39A4CC928EA434A3E258, 3C3335682C53C283E9C2C42EBB557944C4808F8C0F1781A8B2C4CA24D1677531 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:04:06.0932 0x1ab0  wuauserv - ok
11:04:06.0960 0x1ab0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:04:06.0963 0x1ab0  WudfPf - ok
11:04:06.0988 0x1ab0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
11:04:07.0003 0x1ab0  WUDFRd - ok
11:04:07.0019 0x1ab0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:04:07.0034 0x1ab0  wudfsvc - ok
11:04:07.0034 0x1ab0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
11:04:07.0034 0x1ab0  WUDFWpdMtp - ok
11:04:07.0113 0x1ab0  [ F9D8D2E6ECE08B278621D5BF3A7240A6, 99EEEE51EA6CE8909713CA81A2AFA5102774AE9C8554F422F4D9A1D8B0ABDB09 ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:04:07.0144 0x1ab0  WwanSvc - ok
11:04:07.0300 0x1ab0  X6va015 - ok
11:04:07.0378 0x1ab0  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:04:07.0394 0x1ab0  YahooAUService - ok
11:04:07.0503 0x1ab0  [ 03CD249A16CF815FFFD347DC61EF9E6D, 3DE860B1BACF3F1D48B773FD6F4E25977F5193F01897278AED6CD276595356CE ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
11:04:07.0519 0x1ab0  ZAtheros Bt and Wlan Coex Agent - ok
11:04:07.0519 0x1ab0  ================ Scan global ===============================
11:04:07.0581 0x1ab0  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
11:04:07.0628 0x1ab0  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
11:04:07.0660 0x1ab0  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
11:04:07.0691 0x1ab0  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
11:04:07.0691 0x1ab0  [ Global ] - ok
11:04:07.0691 0x1ab0  ================ Scan MBR ==================================
11:04:07.0706 0x1ab0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:04:07.0706 0x1ab0  \Device\Harddisk0\DR0 - ok
11:04:07.0706 0x1ab0  ================ Scan VBR ==================================
11:04:07.0722 0x1ab0  [ 51DEC4414F13B5F73EDEA00E72F6EA04 ] \Device\Harddisk0\DR0\Partition1
11:04:07.0738 0x1ab0  \Device\Harddisk0\DR0\Partition1 - ok
11:04:07.0738 0x1ab0  [ 6EF0792F4E5D1796BFEF84FB294AEA04 ] \Device\Harddisk0\DR0\Partition2
11:04:07.0753 0x1ab0  \Device\Harddisk0\DR0\Partition2 - ok
11:04:07.0753 0x1ab0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
11:04:07.0753 0x1ab0  \Device\Harddisk0\DR0\Partition3 - ok
11:04:07.0769 0x1ab0  [ 9A729AD5B3C9C844E18C0CB4CC516B25 ] \Device\Harddisk0\DR0\Partition4
11:04:07.0785 0x1ab0  \Device\Harddisk0\DR0\Partition4 - ok
11:04:07.0816 0x1ab0  [ 66F48CA713908C45DE2D80107EFF6B1F ] \Device\Harddisk0\DR0\Partition5
11:04:07.0816 0x1ab0  \Device\Harddisk0\DR0\Partition5 - ok
11:04:07.0847 0x1ab0  [ E9ECA4EAFB37F42FBAC2FDD95A37FC15 ] \Device\Harddisk0\DR0\Partition6
11:04:07.0863 0x1ab0  \Device\Harddisk0\DR0\Partition6 - ok
11:04:07.0863 0x1ab0  ================ Scan generic autorun ======================
11:04:08.0050 0x1ab0  [ 996643178C150A64D5B202A85AD63C57, 840E94DFFE3F8A1895BC23158C6F61424B2FBAAC2E1FC998D64D497BDA910AC5 ] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe
11:04:08.0050 0x1ab0  BtPreLoad - ok
11:04:08.0113 0x1ab0  SynAsusGestureAPIMgr - ok
11:04:08.0113 0x1ab0  AsusNewUI - ok
11:04:08.0382 0x1ab0  [ B7BCA8A30CE13A283CDBDECEF5616C39, C734A8C3633653E0C903E7F14F574DEED763613F9E6A5CE7862D547CAE9AEDDB ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
11:04:08.0414 0x1ab0  ACMON - ok
11:04:08.0414 0x1ab0  LogMeIn GUI - ok
11:04:08.0679 0x1ab0  [ E97140424C378ACBD47DF493A6AB7235, 00F26F670AD6B03C465C4FC834DC993B551B8A8E73B603FE7B9CFFA893094A3D ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
11:04:08.0679 0x1ab0  Adobe Reader Speed Launcher - ok
11:04:08.0773 0x1ab0  [ BAD6BEA0DE1F69C82BDB74378CE0C20A, ADA84B75173E9D03C180B527E31475ACA16CB19532C3EDA11357BD37049927E3 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:04:08.0773 0x1ab0  Adobe ARM - ok
11:04:08.0945 0x1ab0  [ D3188B327C6F3C6354075FD594121633, 165A1D6B359063DBCFA3807479A5D5CB3BD1484EC5EBE390E09AB10D56200DC9 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
11:04:09.0087 0x1ab0  HDAudDeck - ok
11:04:09.0165 0x1ab0  [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
11:04:09.0165 0x1ab0  RemoteControl10 - ok
11:04:09.0212 0x1ab0  [ 408A52C9DD19FADB4EC43A0FB30862A8, F96D3F6A12070B20AC1509B2F09D95829AF4D91C13B345AAA3D0FEDE65DD9798 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
11:04:09.0212 0x1ab0  BDRegion - ok
11:04:09.0290 0x1ab0  [ 2F7197083A673FA151EEB748F530A012, FAE58DD0672F41E253352BFC0A122A15F48E7F8C4812D62F1214B541F57674E7 ] C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
11:04:09.0305 0x1ab0  ROGNB - ok
11:04:09.0602 0x1ab0  [ FF3ADE2620DD221C3E011DC614EA71EF, 572A0D40E30A1F8B2121B5B4AE9B46301CEF0E370318EAF1F8FC7916DE7470F2 ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe
11:04:09.0633 0x1ab0  ASUSWebStorage - ok
11:04:09.0712 0x1ab0  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:04:09.0712 0x1ab0  APSDaemon - ok
11:04:09.0743 0x1ab0  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe
11:04:09.0758 0x1ab0  QuickTime Task - ok
11:04:10.0196 0x1ab0  [ 7E713E2ED0226EA82E97A630684115BE, C99F83CF01E7926DE8D2FBCDFA9565D2BCC2D156976458367AEBDB3B327FB849 ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
11:04:10.0245 0x1ab0  AVG_UI - ok
11:04:10.0730 0x1ab0  [ 127CD00925C1A2B759765C5B9600DE30, 22A9710B84873622EB1027552F3E7CC3E054FF367010149822F476A143556335 ] C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe
11:04:10.0917 0x1ab0  Messenger (Yahoo!) - ok
11:04:11.0152 0x1ab0  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Hitomi\AppData\Local\Akamai\netsession_win.exe
11:04:11.0198 0x1ab0  Akamai NetSession Interface - ok
11:04:11.0308 0x1ab0  Skype - ok
11:04:11.0308 0x1ab0  Waiting for KSN requests completion. In queue: 129
11:04:12.0328 0x1ab0  Waiting for KSN requests completion. In queue: 129
11:04:13.0341 0x1ab0  Waiting for KSN requests completion. In queue: 129
11:04:14.0368 0x1ab0  AV detected via SS2: AVG Internet Security 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5645 ), 0x41000 ( enabled : updated )
11:04:14.0415 0x1ab0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.0.9200.16384 ), 0x60100 ( disabled : updated )
11:04:14.0415 0x1ab0  FW detected via SS2: AVG Internet Security 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5645 ), 0x41010 ( enabled )
11:04:16.0889 0x1ab0  ============================================================
11:04:16.0889 0x1ab0  Scan finished
11:04:16.0889 0x1ab0  ============================================================
11:04:16.0889 0x199c  Detected object count: 0
11:04:16.0889 0x199c  Actual detected object count: 0



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 08 January 2015 - 05:39 AM

IRP hooks may be legitimate as well.

Please post the AVG log.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 Iholly

Iholly
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 08 January 2015 - 11:30 AM

I'm sorry for being a bit stupid here... But where can I find the Avg log files?



#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 09 January 2015 - 06:20 AM

Have a look at C:\ProgramData\AVG15\Log


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 Iholly

Iholly
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 09 January 2015 - 11:58 AM

Okay, I've only found two log files in the folder I am not sure which one that you need. Hopefully I am posting the correct ones sorry in advance if I am not, I am not much of a expert when it comes to security data.

 

2014-12-03 14:28:17,998 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" (PID: 3252) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-03 14:28:26,864 KAIRI MSG:1:2 Application: "C:\USERS\HITOMI\APPDATA\LOCAL\AKAMAI\NETSESSION_WIN.EXE" (PID: 4480) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-03 14:29:05,970 KAIRI MSG:1:2 Application: "C:\PROGRAMDATA\MFADATA\SELFUPD\AVGMFAPX.EXE" (PID: 6652) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-03 14:30:15,912 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\WSQMCONS.EXE" (PID: 7060) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-03 14:31:02,295 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\RUNDLL32.EXE" (PID: 7052) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-03 14:34:32,935 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\GOOGLEUPDATE.EXE" (PID: 1100) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-03 14:35:01,119 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\SKYPE\PHONE\SKYPE.EXE" (PID: 4488) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-03 16:20:01,817 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\ASUS\ASUS LIVE UPDATE\LIVEUPDATE.EXE" (PID: 4708) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-03 17:49:17,544 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\MBAM.EXE" (PID: 3132) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-03 18:20:15,323 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE" (PID: 2816) has been found in trusted database, new rule created in profile: "No profile" Type: 1 (eltTrustedDB)
2014-12-04 03:57:35,523 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\YAHOO!\SOFTWAREUPDATE\YAHOOAUSERVICE.EXE" (PID: 2272) has been found in trusted database, new rule created in profile: "No profile" Type: 1 (eltTrustedDB)
2014-12-04 17:04:50,426 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\DASHOST.EXE" (PID: 1276) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-04 17:07:12,415 KAIRI MSG:1:2 Application: "C:\WINDOWS\EXPLORER.EXE" (PID: 4060) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-04 21:51:42,014 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\SKYPE\TOOLBARS\AUTOUPDATE\SKYPEC2CAUTOUPDATESVC.EXE" (PID: 1896) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-05 16:57:23,612 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES\SYNAPTICS\SYNTP\ASUSNEWUI35.EXE" (PID: 3740) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-05 18:43:40,196 KAIRI MSG:1:2 Application: "C:\PROGRAMDATA\YAHOO!\YUPDATER\YUPDATER.EXE" (PID: 3616) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-09 03:41:07,616 KAIRI MSG:1:2 Application: "D:\ORIGIN\ORIGIN.EXE" (PID: 1564) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-09 03:41:21,586 KAIRI MSG:1:2 Application: "D:\PROGRA~1\ORIGIN GAMES\THE SIMS 4\GAME\BIN\CORE\ACTIVATIONUI.EXE" (PID: 6424) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-09 03:41:35,980 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSWOW64\WERMGR.EXE" (PID: 5404) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-09 15:25:13,778 KAIRI MSG:1:2 Application: "D:\PROGRA~1\ORIGIN GAMES\THE SIMS 4\GAME\BIN\CORE\ACTIVATIONUI.EXE" (PID: 7912) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-09 15:27:06,632 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\WINDOWS MEDIA PLAYER\WMPLAYER.EXE" (PID: 4464) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-10 14:33:43,792 KAIRI MSG:1:2 Application: "D:\PROGRA~1\ORIGIN GAMES\THE SIMS 4\GAME\BIN\CORE\ACTIVATIONUI.EXE" (PID: 4080) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-10 22:27:36,049 KAIRI MSG:1:2 Application: "D:\PROGRA~1\ORIGIN GAMES\THE SIMS 4\GAME\BIN\CORE\ACTIVATIONUI.EXE" (PID: 6496) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-11 14:22:33,002 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\APOWERSOFT\MKV CONVERTER STUDIO\MKVCONVERTERSTUDIO.EXE" (PID: 5108) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-11 18:30:49,589 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\WERMGR.EXE" (PID: 5344) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-11 20:40:09,575 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\TASKHOST.EXE" (PID: 6824) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-12 17:28:55,211 KAIRI MSG:1:2 Application: "C:\USERS\HITOMI\DESKTOP\ETHER SAGA RELOADED\ELEMENT\ELEMENTCLIENT.EXE" (PID: 5004) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-12 18:30:01,993 KAIRI MSG:1:2 Application: "C:\USERS\HITOMI\DESKTOP\ETHER SAGA RELOADED\PATCHER\PATCHER.EXE" (PID: 6508) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-13 17:08:50,977 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\WERFAULT.EXE" (PID: 11436) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-14 05:25:27,235 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\TEAMVIEWER\VERSION9\TEAMVIEWER_SERVICE.EXE" (PID: 2884) has been found in trusted database, new rule created in profile: "No profile" Type: 1 (eltTrustedDB)
2014-12-14 05:25:28,256 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\TEAMVIEWER\VERSION9\TEAMVIEWER.EXE" (PID: 8800) has been found in trusted database, new rule created in profile: "No profile" Type: 1 (eltTrustedDB)
2014-12-14 05:28:03,016 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\TEAMVIEWER\TEAMVIEWER_SERVICE.EXE" (PID: 10820) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-14 05:28:04,039 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\TEAMVIEWER\TEAMVIEWER.EXE" (PID: 8520) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-14 16:18:13,991 KAIRI MSG:1:2 Application: "D:\PROGRA~1\ORIGIN GAMES\THE SIMS 4\GAME\BIN\CORE\ACTIVATIONUI.EXE" (PID: 12084) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-15 15:22:14,565 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\MSIEXEC.EXE" (PID: 11092) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-15 17:55:08,071 KAIRI MSG:1:2 Application: "D:\PROGRA~1\ORIGIN GAMES\THE SIMS 4\GAME\BIN\CORE\ACTIVATIONUI.EXE" (PID: 40520) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-17 15:05:31,689 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\SKYPE\UPDATER\UPDATER.EXE" (PID: 31532) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-17 20:08:43,470 KAIRI MSG:1:2 Application: "C:\USERS\HITOMI\DESKTOP\VINDICTUS_DOWNLOADER.EXE" (PID: 47448) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-17 21:40:16,890 KAIRI MSG:1:2 Application: "D:\VINDICTUS\EN-US\VINDICTUS.EXE" (PID: 15384) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-17 21:40:17,971 KAIRI MSG:1:2 Application: "D:\VINDICTUS\EN-US\HSHIELD\HSUPDATE.EXE" (PID: 55404) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-17 21:45:53,238 KAIRI MSG:1:2 Application: "D:\VINDICTUS\EN-US\NMSERVICE.EXE" (PID: 14524) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-18 03:05:25,755 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSWOW64\WERFAULT.EXE" (PID: 33932) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-18 03:09:08,516 KAIRI MSG:1:2 Application: "D:\VINDICTUS\EN-US\SRCDS.EXE" (PID: 36968) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-18 16:21:41,866 KAIRI MSG:1:2 Application: "C:\WINDOWS\TEMP\SKYAD94.TMP" (PID: 34212) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-18 16:22:12,209 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSWOW64\MSIEXEC.EXE" (PID: 73416) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-20 19:49:57,057 KAIRI MSG:1:2 Application: "C:\USERS\HITOMI\APPDATA\LOCAL\TEMP\IXP000.TMP\DXWSETUP.EXE" (PID: 59580) has been found in trusted database, new rule created in profile: "No profile" Type: 1 (eltTrustedDB)
2014-12-21 01:05:29,067 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\MBAMSERVICE.EXE" (PID: 6452) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-22 04:01:29,374 KAIRI MSG:1:2 Application: "C:\PROGRAM FILES (X86)\APPLE SOFTWARE UPDATE\SOFTWAREUPDATE.EXE" (PID: 8488) has been found in trusted database, new rule created in profile: "No profile" Type: 1 (eltTrustedDB)
2014-12-25 15:33:42,295 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\WWAHOST.EXE" (PID: 7144) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-25 15:36:46,261 KAIRI MSG:1:2 Application: "C:\WINDOWS\WINSTORE\WSHOST.EXE" (PID: 8756) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2014-12-25 15:54:37,023 KAIRI MSG:1:2 Application: "C:\WINDOWS\HELPPANE.EXE" (PID: 7720) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2015-01-02 21:40:57,263 KAIRI MSG:1:2 Application: "D:\ORIGIN\ORIGINCLIENTSERVICE.EXE" (PID: 7116) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2015-01-03 07:27:04,179 KAIRI MSG:1:2 Application: "D:\PROGRA~1\ORIGIN GAMES\THE SIMS 4\GAME\BIN\CORE\ACTIVATIONUI.EXE" (PID: 7472) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2015-01-03 07:29:38,898 KAIRI MSG:1:2 Application: "D:\PROGRA~1\ORIGIN GAMES\THE SIMS 4\GAME\BIN\CORE\ACTIVATIONUI.EXE" (PID: 340) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2015-01-03 21:03:20,335 KAIRI MSG:1:2 Application: "D:\PROGRA~1\ORIGIN GAMES\THE SIMS 4\GAME\BIN\CORE\ACTIVATIONUI.EXE" (PID: 6788) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2015-01-07 16:02:52,601 KAIRI MSG:1:2 Application: "C:\USERS\HITOMI\DESKTOP\TDSSKILLER.EXE" (PID: 5824) has trusted digital signature, new rule created in profile: "No profile" Type: 2 (eltSignature)
2015-01-07 16:04:45,744 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\LSASS.EXE" rules updated in profile: "No profile" Type: 3 (eltUpdate)
2015-01-07 16:04:45,760 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\SERVICES.EXE" rules updated in profile: "No profile" Type: 3 (eltUpdate)
2015-01-07 16:04:45,776 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSWOW64\SVCHOST.EXE" rules updated in profile: "No profile" Type: 3 (eltUpdate)
2015-01-07 16:04:45,791 KAIRI MSG:1:2 Application: "C:\WINDOWS\SYSTEM32\SVCHOST.EXE" rules updated in profile: "No profile" Type: 3 (eltUpdate)


 

2015-01-07 01:30:01,102 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:32:06,132 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:34:11,163 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:35:11,682 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:35:16,798 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:35:58,066 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:36:16,089 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:36:59,918 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:37:07,082 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:38:03,198 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:38:21,117 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:39:06,380 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:39:09,962 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:40:26,147 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:40:26,763 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:40:54,003 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:42:04,248 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:42:08,547 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:42:31,074 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:42:33,737 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:44:36,104 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:44:45,321 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:45:32,936 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 01:46:36,321 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 01:46:36,322 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 01:46:36,324 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 01:46:36,325 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 01:46:41,134 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:48:46,164 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:50:51,093 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:52:56,120 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:55:01,150 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:57:06,077 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 01:58:13,190 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "FilterDevice" (PID: 0) User: "" Direction: @FW_Direction_Out Proto: TCP RemotePort: 80 RemoteIp: 74.217.34.21 LocalPort: 50057 LocalIp: 192.168.1.6
2015-01-07 01:58:13,489 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "FilterDevice" (PID: 0) User: "" Direction: @FW_Direction_Out Proto: TCP RemotePort: 80 RemoteIp: 74.217.34.21 LocalPort: 50057 LocalIp: 192.168.1.6
2015-01-07 01:58:14,096 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "FilterDevice" (PID: 0) User: "" Direction: @FW_Direction_Out Proto: TCP RemotePort: 80 RemoteIp: 74.217.34.21 LocalPort: 50057 LocalIp: 192.168.1.6
2015-01-07 01:58:15,295 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "FilterDevice" (PID: 0) User: "" Direction: @FW_Direction_Out Proto: TCP RemotePort: 80 RemoteIp: 74.217.34.21 LocalPort: 50057 LocalIp: 192.168.1.6
2015-01-07 01:58:17,701 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "FilterDevice" (PID: 0) User: "" Direction: @FW_Direction_Out Proto: TCP RemotePort: 80 RemoteIp: 74.217.34.21 LocalPort: 50057 LocalIp: 192.168.1.6
2015-01-07 01:58:22,501 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "FilterDevice" (PID: 0) User: "" Direction: @FW_Direction_Out Proto: TCP RemotePort: 80 RemoteIp: 74.217.34.21 LocalPort: 50057 LocalIp: 192.168.1.6
2015-01-07 01:58:32,101 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "FilterDevice" (PID: 0) User: "" Direction: @FW_Direction_Out Proto: TCP RemotePort: 80 RemoteIp: 74.217.34.21 LocalPort: 50057 LocalIp: 192.168.1.6
2015-01-07 01:59:11,107 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:01:16,137 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:03:21,064 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:05:26,094 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:07:31,123 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:09:36,153 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:11:41,080 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:13:46,110 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:15:51,140 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:16:37,936 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 02:16:37,938 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 02:16:37,939 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 02:16:37,941 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 02:17:56,066 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:20:01,098 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:22:06,126 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:24:11,053 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:26:16,084 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:28:21,115 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:30:26,043 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:32:31,072 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:34:36,100 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:36:26,432 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:36:26,615 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:36:26,753 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:30,708 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:30,709 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:30,713 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:30,753 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:31,211 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:31,253 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:31,755 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:31,759 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:32,253 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:33,719 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:33,723 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:33,753 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:34,545 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:34,545 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:34,754 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 02:38:44,240 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:40:49,166 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:42:54,184 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:44:59,224 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:46:39,476 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 02:46:39,477 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 02:46:39,478 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 02:47:04,154 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:49:09,184 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:51:14,213 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:53:19,244 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:55:24,170 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:57:29,203 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 02:59:34,229 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:01:39,156 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:03:44,186 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:05:49,217 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:07:54,143 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:09:59,172 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:12:04,202 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:14:09,233 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:16:14,160 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:16:41,091 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 03:16:41,092 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 03:16:41,093 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 03:18:19,190 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:20:24,218 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:22:29,146 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:24:34,176 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:26:39,205 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:28:44,134 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:30:49,163 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:32:54,192 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:34:59,221 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:37:04,148 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:39:09,178 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:41:14,207 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:43:19,134 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:45:24,165 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:46:42,603 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 03:46:42,604 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 03:46:42,605 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 03:46:42,606 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 03:47:29,194 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:49:34,122 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:51:39,151 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:53:44,181 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:55:49,210 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:57:54,137 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 03:59:59,167 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:02:04,197 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:04:09,125 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:06:14,154 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:08:19,184 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:10:24,113 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:12:29,141 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:14:34,170 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:16:39,200 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:16:43,193 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 04:16:43,194 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 04:16:43,195 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 04:16:43,196 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 04:18:44,126 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:20:49,157 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:22:54,187 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:24:59,114 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:27:04,143 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:29:09,173 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:31:14,100 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:33:19,130 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:35:24,159 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:37:29,190 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:39:34,117 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:41:39,146 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:43:44,176 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:45:49,103 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:46:44,707 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 04:46:44,708 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 04:46:44,709 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 04:46:44,710 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 04:47:54,133 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:49:59,162 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:52:04,089 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:54:09,120 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:56:14,149 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 04:58:19,179 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:00:24,106 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:02:29,136 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:04:34,165 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:06:39,092 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:08:44,122 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:10:49,151 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:12:54,080 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:14:59,109 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:16:46,344 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 05:16:46,345 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 05:16:46,346 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 05:16:46,347 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 05:17:04,139 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:19:09,168 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:21:14,095 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:23:19,125 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:25:24,154 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:27:29,081 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:29:34,112 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:31:39,142 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:33:44,070 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:35:49,098 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:37:54,128 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:39:59,157 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:42:04,084 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:44:09,114 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:46:14,145 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:46:47,936 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 05:46:47,937 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 05:46:47,938 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 05:46:47,939 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 05:48:19,072 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:50:24,101 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:52:29,131 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:54:34,058 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:56:39,087 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 05:58:44,117 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:00:49,044 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:02:54,074 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:04:59,106 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:07:04,134 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:09:09,064 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:11:14,091 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:13:19,120 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:15:24,047 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:16:48,526 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 06:16:48,629 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 06:16:48,630 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 06:16:48,631 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 06:17:29,077 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:19:34,106 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:21:39,033 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:23:44,064 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:25:49,094 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:27:54,123 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:29:59,050 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:32:04,080 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:34:09,109 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:36:14,036 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:38:19,066 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:40:24,096 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:42:29,024 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:44:34,053 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:46:39,083 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:46:50,141 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 06:46:50,142 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 06:46:50,143 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 06:46:50,244 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 06:48:44,112 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:50:49,040 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:52:54,069 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:54:59,101 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:57:04,026 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 06:59:09,056 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:01:14,086 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:03:19,001 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:07:29,074 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:09:34,102 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:11:39,029 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:13:44,058 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:15:49,089 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:16:51,245 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 07:16:51,246 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 07:16:51,247 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 07:16:51,248 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 07:17:54,017 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:19:59,045 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:22:04,075 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:24:09,002 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:26:14,032 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:28:19,061 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:30:24,090 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:32:29,019 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:34:34,049 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:36:39,078 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:38:44,006 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:40:49,034 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:42:54,064 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:44:58,991 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:46:51,835 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 07:46:51,837 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 07:46:51,837 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 07:47:04,021 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:49:09,051 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:51:14,082 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:53:19,008 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:55:24,037 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:57:29,066 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 07:59:33,994 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:01:39,023 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:03:44,053 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:05:48,980 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:07:54,011 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:09:59,040 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:12:04,070 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:14:08,997 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:16:14,026 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:16:52,324 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 08:16:52,325 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 08:16:52,326 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 08:16:52,328 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 08:18:19,056 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:20:23,983 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:22:29,013 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:24:34,043 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:26:38,970 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:28:44,000 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:30:49,029 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:32:54,059 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:34:58,987 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:37:04,016 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:39:09,045 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:41:13,972 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:43:19,003 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:45:24,032 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:46:53,734 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 08:46:53,734 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 08:46:53,736 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 08:46:53,737 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 08:47:28,959 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:49:33,990 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:51:39,018 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:53:44,048 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:55:48,975 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:57:54,005 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 08:59:59,035 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 09:04:08,992 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 09:06:14,021 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 09:08:18,949 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 09:10:23,978 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 09:12:29,008 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 09:14:34,037 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 09:16:38,965 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 09:16:55,246 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 09:16:55,247 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 09:16:55,248 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 09:16:55,249 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 09:18:32,980 KAIRI MSG:1:1 Action: @Fw_fwaAllow (1) App: "D:\VINDICTUS\EN-US\_USA_ADBALLOONEXT.EXE" (PID: 8312) User: "Hitomi" Direction: @FW_Direction_Out Proto: TCP RemotePort: 80 RemoteIp: 23.15.8.210 LocalPort: 55076 LocalIp: 192.168.1.6
2015-01-07 09:18:43,995 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 09:22:15,671 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 09:22:15,859 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 09:22:15,859 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 09:22:15,859 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 09:22:15,859 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:05,981 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:05,997 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:07,122 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:07,169 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:07,684 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:07,684 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:08,169 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:08,528 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:08,528 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:08,669 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:09,669 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:09,669 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:10,169 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 15:55:23,035 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "C:\WINDOWS\SYSTEM32\SVCHOST.EXE" (PID: 1460) User: "LOCAL SERVICE" Direction: @FW_Direction_Out Proto: UDP RemotePort: 67 RemoteIp: 255.255.255.255 LocalPort: 68 LocalIp: 0.0.0.0
2015-01-07 15:56:37,919 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 15:58:42,950 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:00:47,979 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:02:53,023 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:04:57,949 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:07:02,978 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:09:08,012 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:11:12,940 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:13:17,969 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:15:22,999 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:17:12,362 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 16:17:12,363 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 16:17:12,364 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 16:17:12,365 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 16:17:27,927 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:19:32,956 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:21:37,991 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:23:43,016 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:25:47,944 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:27:52,974 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:29:58,003 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:32:02,932 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:34:07,961 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:36:12,992 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:38:17,919 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:40:22,948 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:42:27,979 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:44:33,009 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:46:37,935 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:47:13,878 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 16:47:13,882 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 16:47:13,884 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 16:47:13,885 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 16:48:42,966 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:50:47,996 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:52:52,924 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:53:51,709 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 16:54:01,122 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 16:54:57,953 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:54:59,695 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 16:57:02,983 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:57:03,495 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 16:59:07,912 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 16:59:09,242 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:01:12,940 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:01:22,876 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:03:17,971 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:03:21,452 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:04:57,298 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:05:23,000 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:06:55,981 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:07:03,557 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:07:27,928 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:07:36,734 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:08:56,606 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:09:32,958 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:11:37,987 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:13:42,916 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:15:03,812 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:15:11,081 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:15:47,945 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:15:49,072 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:17:15,394 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 17:17:15,395 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 17:17:15,396 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 17:17:15,397 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 17:17:52,975 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:17:56,253 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:18:37,723 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:19:35,477 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:19:42,337 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:19:57,903 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:20:04,354 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:21:00,366 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:21:05,691 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:21:17,570 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 17:22:02,933 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:24:07,962 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:26:12,993 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:28:17,920 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:30:22,950 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:32:27,980 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:34:32,908 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:36:37,938 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:38:42,967 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:40:47,896 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:42:52,928 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:44:57,954 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:47:02,984 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:47:17,013 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 17:47:17,014 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 17:47:17,015 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 17:47:17,016 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 17:49:07,912 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:51:12,941 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:53:17,972 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:55:22,899 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:57:27,929 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 17:59:32,959 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:01:37,887 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:03:42,917 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:05:47,946 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:07:52,977 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:09:57,903 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:12:02,933 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:14:07,963 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:16:12,891 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:17:18,631 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 18:17:18,632 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 18:17:18,633 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 18:17:18,635 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 18:18:17,920 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:20:22,951 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:22:27,878 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:24:32,909 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:26:37,938 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:28:42,968 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:30:47,896 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:34:57,956 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:37:02,883 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:39:07,913 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:41:12,943 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:43:17,870 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:45:22,902 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:47:20,255 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 18:47:20,257 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 18:47:20,258 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 18:47:20,259 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 18:47:27,931 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:49:32,858 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:51:37,888 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:53:42,918 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:54:52,344 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 18:54:56,543 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 18:55:47,948 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:55:56,549 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 18:56:36,487 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 18:57:52,875 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 18:59:57,905 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:00:27,498 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:00:32,720 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:00:38,762 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:01:15,933 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:01:23,921 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:01:27,608 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:01:41,843 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:01:46,141 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:02:02,935 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:02:11,536 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:02:14,505 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:03:15,642 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:03:23,933 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:04:07,863 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:04:07,965 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:04:42,780 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:05:31,831 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:05:39,714 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:06:12,893 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:06:16,374 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:07:30,614 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:08:17,924 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:08:27,241 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:08:27,650 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 19:10:22,850 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:12:27,881 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:14:32,911 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:16:37,939 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:17:21,869 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 19:17:21,871 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 19:17:21,872 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 19:17:21,873 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 19:18:42,867 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:20:47,897 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:22:52,927 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:24:57,855 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:27:02,884 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:29:07,916 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:31:12,843 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:33:17,872 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:35:22,902 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:37:27,932 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:39:32,860 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:41:37,889 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:43:42,919 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:45:47,847 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:47:23,488 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 19:47:23,489 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 19:47:23,490 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 19:47:23,492 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 19:47:23,591 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 19:47:52,876 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:49:57,907 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:52:02,834 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:54:07,864 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:56:12,894 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 19:58:17,923 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:00:22,851 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:02:27,881 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:04:32,912 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:06:37,839 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:07:19,108 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 20:07:22,178 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 20:08:42,869 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:10:47,898 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:12:52,827 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:14:57,855 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:17:02,887 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:17:25,004 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 20:17:25,107 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 20:17:25,107 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 20:17:25,108 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 20:19:07,915 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:21:12,843 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:25:22,902 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:27:27,831 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:29:32,860 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:31:37,889 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:33:42,820 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:35:47,847 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:37:52,876 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:39:57,907 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:42:02,834 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:44:07,864 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:46:12,894 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:47:26,621 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 20:47:26,622 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 20:47:26,624 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 20:47:26,625 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 20:48:17,821 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:50:22,851 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:52:27,869 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:54:32,808 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 20:58:42,868 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:00:47,897 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:02:52,826 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:04:57,855 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:07:02,891 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:09:07,812 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:11:12,842 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:13:17,877 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:15:22,805 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:17:27,828 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:17:28,136 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 21:17:28,137 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 21:17:28,138 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 21:17:28,139 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 21:19:32,862 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:21:37,888 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:23:42,815 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:25:47,846 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:27:52,875 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:29:57,802 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:32:02,833 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:34:07,887 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:36:12,790 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:38:17,820 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:40:22,849 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:42:27,880 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:44:32,807 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:46:37,849 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:47:29,753 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 21:47:29,754 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 21:47:29,762 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 21:47:29,764 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 232.192.0.0
2015-01-07 21:50:47,820 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:51:06,657 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 21:51:14,729 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 21:51:50,258 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.9 LocalPort: 0 LocalIp: 239.255.255.250
2015-01-07 21:52:52,825 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_In Proto: IGMP RemotePort: 0 RemoteIp: 192.168.1.1 LocalPort: 0 LocalIp: 224.0.0.1
2015-01-07 21:54:57,961 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 21:54:57,964 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 21:54:57,964 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 21:54:57,966 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 21:54:58,165 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6
2015-01-07 21:54:58,666 KAIRI MSG:1:1 Action: @Fw_fwaBlock (10) App: "SYSTEM" (PID: 4) User: "" Direction: @FW_Direction_Out Proto: IGMP RemotePort: 0 RemoteIp: 224.0.0.22 LocalPort: 0 LocalIp: 192.168.1.6



#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 09 January 2015 - 12:44 PM

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 Iholly

Iholly
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 09 January 2015 - 05:11 PM

No threats have been detected on malwarebyte the computer did freeze some programs a bit. 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/9/2015
Scan Time: 1:20:10 PM
Logfile: 
Administrator: No

Version: 2.00.4.1028
Malware Database: v2015.01.09.13
Rootkit Database: v2015.01.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Hitomi

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 655556
Time Elapsed: 2 hr, 37 min, 51 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 running ESET now I will show you the logs when it is done, just want to post this incase anything goes wrong in advance.
 



#13 Iholly

Iholly
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 09 January 2015 - 06:23 PM

C:\Program Files (x86)\Cheat Engine 6.2\cheatengine-i386.exe	a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application
C:\Program Files (x86)\Cheat Engine 6.2\standalonephase1.dat	a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application
C:\Users\Hitomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serveur.exe.old	a variant of MSIL/Injector.BOX trojan
C:\Users\Hitomi\Documents\APNSetup.exe	a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C:\Users\Hitomi\Downloads\utorrent.exe	a variant of Win32/Bunndle potentially unsafe application
C:\Windows.old\Users\Hitomi\AppData\Roaming\uTorrent\uTorrent.exe	a variant of Win32/Bunndle potentially unsafe application
D:\bin\CheatEngine62.exe	Win32/OpenCandy potentially unsafe application



#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 12 January 2015 - 03:58 AM

 

C:\Users\Hitomi\AppData\Roaming\Microsoft\Windows\Start Menu

Delete this directory.

 

 

C:\Program Files (x86)\Cheat Engine 6.2\cheatengine-i386.exe    a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application
C
:\Program Files (x86)\Cheat Engine 6.2\standalonephase1.dat    a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application
C:\Users\Hitomi\Documents\APNSetup.exe    a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C
:\Users\Hitomi\Downloads\utorrent.exe    a variant of Win32/Bunndle potentially unsafe application
D:\bin\CheatEngine62.exe    Win32/OpenCandy potentially unsafe application

These files aren´t malware but contain security risks. I´d delete them immediately - your choice.

 

 

 

C:\Windows.old

This is a remaining of your former windows installation. You may delete it to free a large amount of disk space.

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK Mirror (if the link is down)

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread (Note: Do NOT post this one into a code box!


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 Iholly

Iholly
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 12 January 2015 - 04:28 AM

How do I delete the three quoted tasks you've just listed?  *EDIT:  Nevermind found out how, sorry about that was not thinking... It was really late when I got on here. I am having bit of a problem removing a file from the "old." windows file it keeps saying the name is too long and I cannot rename it.


Edited by Iholly, 12 January 2015 - 12:10 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users