Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Csrss.exe running without description or file location


  • Please log in to reply
11 replies to this topic

#1 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 30 January 2015 - 07:57 PM

Hello, the BleepingComputer community! My computer might have a virus: there's a csrss.exe running in the background without a description or associated username. When I right clicked it in task manager and chose to look at the file's location, there was no information about where the file was; the explorer window did not open.

 

My symptoms first started when Windows told me that my avast! installation was not a valid application. I tried to fix it by using the repair option for avast, but it did not work. Then, I installed ad-aware antivirus--which I later uninstalled and replaced with FortiClient. FortiClient did not yet find a virus, and neither did Malwarebytes.

 

Screenshot of the problem:

10fn6m8.png


Edited by jh1234l, 30 January 2015 - 08:19 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:24 PM

Posted 30 January 2015 - 08:24 PM

Hello jh

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.

  • Do not reboot the computer, you will need to run the application again.
  • [/list]
    >>>

    3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • [/list] SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • zcMPezJ.pngAdwCleaner
    [list]
  • Please download AdwCleaner by Xplode and save to your

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jh1234l

jh1234l
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 30 January 2015 - 08:41 PM

Rkill log:

 

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/30/2015 05:39:12 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1 localhost
  0.0.0.0 ad.doubleclick.net
  0.0.0.0 http://ds.serving-sys.com


Program finished at: 01/30/2015 05:40:06 PM
Execution time: 0 hours(s), 0 minute(s), and 54 seconds(s)
 



#4 jh1234l

jh1234l
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 30 January 2015 - 08:44 PM

Minitoolbox log:

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Admin (administrator) on 30-01-2015 at 17:42:35
Running from "C:\Users\Admin\Desktop\BLEEPINGCOMPUTER"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
0.0.0.0 ad.doubleclick.net
0.0.0.0 http://ds.serving-sys.com

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5300 AGN = Wireless Network Connection (Connected)
PPPoP WAN Adapter = Local Area Connection 3 (Connected)
Intel® 82567LM Gigabit Network Connection = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Fortinet virtual adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : T400
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : telus

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Fortinet virtual adapter
   Physical Address. . . . . . . . . : 00-09-0F-FE-00-01
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 00-26-5E-95-A7-40
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : telus
   Description . . . . . . . . . . . : Intel® WiFi Link 5300 AGN
   Physical Address. . . . . . . . . : 00-21-6A-6E-B7-1E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::801b:189a:94a:3041%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.69(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, January 30, 2015 4:12:04 PM
   Lease Expires . . . . . . . . . . : Saturday, January 31, 2015 4:12:04 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DNS Servers . . . . . . . . . . . : 208.67.222.222
                                       208.67.220.220
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82567LM Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-24-7E-6A-A9-5E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3CCD273F-F000-4FD3-8E1A-46D71593E4A9}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9EECAFA9-12D4-4633-8413-FA0B401B8D62}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  resolver1.opendns.com
Address:  208.67.222.222

Name:    google.com
Addresses:  2607:f8b0:400a:806::200e
      209.52.189.94
      209.52.189.114
      209.52.189.89
      209.52.189.103
      209.52.189.104
      209.52.189.118
      209.52.189.113
      209.52.189.119
      209.52.189.99
      209.52.189.93
      209.52.189.108
      209.52.189.123
      209.52.189.98
      209.52.189.88
      209.52.189.109
      209.52.189.84


Pinging google.com [209.52.189.84] with 32 bytes of data:
Reply from 209.52.189.84: bytes=32 time=28ms TTL=61
Reply from 209.52.189.84: bytes=32 time=53ms TTL=61

Ping statistics for 209.52.189.84:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 53ms, Average = 40ms
Server:  resolver1.opendns.com
Address:  208.67.222.222

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=78ms TTL=53
Reply from 98.138.253.109: bytes=32 time=67ms TTL=53

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 67ms, Maximum = 78ms, Average = 72ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 20...00 09 0f fe 00 01 ......Fortinet virtual adapter
 17...00 26 5e 95 a7 40 ......Bluetooth Device (Personal Area Network)
 12...00 21 6a 6e b7 1e ......Intel® WiFi Link 5300 AGN
 10...00 24 7e 6a a9 5e ......Intel® 82567LM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.69     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.69    281
     192.168.1.69  255.255.255.255         On-link      192.168.1.69    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.69    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.69    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.69    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::801b:189a:94a:3041/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/30/2015 04:28:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.7601.17514, time stamp: 0x4ce792c4
Faulting module name: MSI5CE1.tmp_unloaded, version: 0.0.0.0, time stamp: 0x54bd91e4
Exception code: 0xc0000005
Fault offset: 0x6ed38f40
Faulting process id: 0x1620
Faulting application start time: 0xMsiExec.exe0
Faulting application path: MsiExec.exe1
Faulting module path: MsiExec.exe2
Report Id: MsiExec.exe3

Error: (01/29/2015 06:52:17 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b94

Start Time: 01d03c316612dd63

Termination Time: 28924

Application Path: C:\Windows\Explorer.EXE

Report Id: eb656125-a82a-11e4-92cb-00265e95a740

Error: (01/24/2015 05:28:51 PM) (Source: Application Hang) (User: )
Description: The program gimp-2.8.exe version 2.8.14.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4c8

Start Time: 01d0383e1bf1138d

Termination Time: 16

Application Path: C:\Program Files\GIMP 2\bin\gimp-2.8.exe

Report Id: 73ee14b6-a431-11e4-8181-00265e95a740

Error: (01/24/2015 02:58:59 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/24/2015 02:58:59 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/24/2015 02:58:59 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/24/2015 02:58:59 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (01/24/2015 02:58:58 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/24/2015 02:58:58 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/24/2015 02:58:58 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (01/30/2015 04:13:24 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (01/30/2015 04:11:49 PM) (Source: Service Control Manager) (User: )
Description: The Ricoh xD-Picture Card Driver service failed to start due to the following error:
%%1058

Error: (01/30/2015 04:11:49 PM) (Source: Service Control Manager) (User: )
Description: The rimsptsk service failed to start due to the following error:
%%1058

Error: (01/30/2015 04:11:49 PM) (Source: Service Control Manager) (User: )
Description: The rimmptsk service failed to start due to the following error:
%%1058

Error: (01/30/2015 04:11:49 PM) (Source: Service Control Manager) (User: )
Description: The KSDService service failed to start due to the following error:
%%2

Error: (01/30/2015 03:38:51 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (01/30/2015 03:38:29 PM) (Source: Service Control Manager) (User: )
Description: The Ricoh xD-Picture Card Driver service failed to start due to the following error:
%%1058

Error: (01/30/2015 03:38:29 PM) (Source: Service Control Manager) (User: )
Description: The rimsptsk service failed to start due to the following error:
%%1058

Error: (01/30/2015 03:38:29 PM) (Source: Service Control Manager) (User: )
Description: The rimmptsk service failed to start due to the following error:
%%1058

Error: (01/30/2015 03:38:29 PM) (Source: Service Control Manager) (User: )
Description: The KSDService service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (01/30/2015 04:28:18 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.7601.175144ce792c4MSI5CE1.tmp_unloaded0.0.0.054bd91e4c00000056ed38f40162001d03cecb8853ca0C:\Windows\system32\MsiExec.exeMSI5CE1.tmp0d1c3ced-a8e0-11e4-8682-00265e95a740

Error: (01/29/2015 06:52:17 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.17567b9401d03c316612dd6328924C:\Windows\Explorer.EXEeb656125-a82a-11e4-92cb-00265e95a740

Error: (01/24/2015 05:28:51 PM) (Source: Application Hang)(User: )
Description: gimp-2.8.exe2.8.14.04c801d0383e1bf1138d16C:\Program Files\GIMP 2\bin\gimp-2.8.exe73ee14b6-a431-11e4-8181-00265e95a740

Error: (01/24/2015 02:58:59 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/24/2015 02:58:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/24/2015 02:58:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/24/2015 02:58:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (01/24/2015 02:58:58 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (01/24/2015 02:58:58 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/24/2015 02:58:58 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt



=========================== Installed Programs ============================
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
Build Tools - x86 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (Version: 12.0.30723 - Microsoft Corporation) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Capture One 6.0 (HKLM\...\CaptureOne6_is1) (Version: 6.0.44552.130 - Phase One A/S)
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
ChildControl+ (HKCU\...\6dbe00cae4696c4b) (Version: 1.0.0.3 - ChildControl+)
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant)
CPUID HWMonitor 1.21 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
FortiClient (HKLM\...\{A98353B4-1E25-44EC-BCC0-6F84D2F5F243}) (Version: 5.2.3.0633 - Fortinet Inc)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Integrated Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.53003.0 - Sonix)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Intel? Matrix Storage Manager and Intel? Turbo Memory (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intel? Turbo Memory (HKLM\...\{31423F74-36B2-4d24-B10D-CD00BFB7C118}) (Version:  - Intel Corporation)
Java 7 Update 76 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
Java Auto Updater (Version: 2.1.76.13 - Oracle, Inc.) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
LibreOffice 4.3.0.4 (HKLM\...\{5C005E2A-AEAE-4DF7-B7CA-1E6DCDD2AEA4}) (Version: 4.3.0.4 - The Document Foundation)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (Version: 2.8.50313.46 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{5EF1EBC5-4A40-4D1C-B02E-0C54BC93FD06}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{FE939060-416C-4ECD-890E-13776E2707C4}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{544ACD54-9FAA-4A60-A1E7-B2EC3AA75D24}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{E7654811-38F9-4225-9688-827FDA716582}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Update 3 Object Model (x86) (Version: 12.0.30723 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Update 3 Object Model Language Pack (x86) - ENU (Version: 12.0.30723 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Diagnostic Tools - x86 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 3 (HKLM\...\{1ef771b4-b774-439e-a015-23dec292d9a4}) (Version: 12.0.30723.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop (Version: 12.0.21005 - Microsoft Corporation) Hidden
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Firefox 35.0.1 (x86 en-US) (HKCU\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
O&O CleverCache (HKLM\...\{1D557982-6BBB-454A-93AC-41B4A53CB216}) (Version: 7.1.2737 - O&O Software GmbH)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.42.00 - )
Opera Mail 1.0 (HKCU\...\Opera 1.0.1040) (Version: 1.0.1040 - Opera Software ASA)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC41}) (Version: 4.0.5 - dotPDN LLC)
Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Prerequisites for SSDT  (HKLM\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (Version: 1.0 - Microsoft Corporation) Hidden
Qustodio (HKLM\...\Qustodio) (Version:  - Qustodio)
RapidBoot HDD Accelerator (HKLM\...\Fastboot) (Version: 1.0.5.9 - Lenovo)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
RICOH R5U8xx Media Driver ver.3.64.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH)
seriousd (Version: 1.4.5.3 - hackeratwork.com) Hidden
SumatraPDF (HKLM\...\SumatraPDF) (Version: 2.3.2 - Krzysztof Kowalczyk)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Explorer for Microsoft Visual Studio 2013 (Version: 12.0.21005 - Microsoft Corporation) Hidden
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.62 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkPad UltraNav Utility (HKLM\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 1.42 - Lenovo)
TPFanControl v0.63 (HKLM\...\{717F5741-5C2E-4469-BDA0-B5EC2243646F}_is1) (Version:  - troubadix)
Trillian (HKLM\...\Trillian) (Version:  - Cerulean Studios, LLC)
TypeScript Power Tool (Version: 1.0.3.1 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (Version: 1.0.3.1 - Microsoft Corporation) Hidden
UltimateDefrag (HKLM\...\UltimateDefrag) (Version: 4.0.98.0 - DiskTrix, Inc.)
UltraEdit (HKLM\...\InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}) (Version: 21.20.1014 - IDM Computer Solutions, Inc.)
UltraEdit (Version: 21.20.1014 - IDM Computer Solutions, Inc.) Hidden
Update for  (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2013 Update 3 (KB2829760) (HKLM\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript (Version: 2.1.30723.00 - Microsoft Corporation) Hidden
VS Update core components (Version: 12.0.30723 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Software Development Kit (Version: 8.100.26831 - Microsoft Corporation) Hidden
Windows Software Development Kit (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (Version: 8.100.26831 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.100.26831 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 4.20 (32 位) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
招商证券全能版 (HKLM\...\招商证券全能版) (Version:  - )
招行专业版 (HKLM\...\CMBPB40) (Version:  - )

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 2520.03 MB
Available physical RAM: 1465.66 MB
Total Pagefile: 5038.34 MB
Available Pagefile: 4037.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1954.68 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:181.67 GB) (Free:146.58 GB) NTFS

========================= Users: ========================================

User accounts for \\T400

Admin                    Administrator            Guest                    


**** End of log ****
 



#5 jh1234l

jh1234l
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 30 January 2015 - 08:47 PM

TDSSKiller log:

 

17:45:07.0097 0x1cf0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:45:20.0505 0x1cf0  ============================================================
17:45:20.0505 0x1cf0  Current date / time: 2015/01/30 17:45:20.0505
17:45:20.0505 0x1cf0  SystemInfo:
17:45:20.0505 0x1cf0  
17:45:20.0505 0x1cf0  OS Version: 6.1.7601 ServicePack: 1.0
17:45:20.0505 0x1cf0  Product type: Workstation
17:45:20.0506 0x1cf0  ComputerName: T400
17:45:20.0506 0x1cf0  UserName: Admin
17:45:20.0506 0x1cf0  Windows directory: C:\Windows
17:45:20.0506 0x1cf0  System windows directory: C:\Windows
17:45:20.0506 0x1cf0  Processor architecture: Intel x86
17:45:20.0506 0x1cf0  Number of processors: 2
17:45:20.0506 0x1cf0  Page size: 0x1000
17:45:20.0507 0x1cf0  Boot type: Normal boot
17:45:20.0507 0x1cf0  ============================================================
17:45:20.0827 0x1cf0  KLMD registered as C:\Windows\system32\drivers\81275746.sys
17:45:21.0498 0x1cf0  System UUID: {B0D4CAFC-AC3D-54E6-FD45-B68B96588FEC}
17:45:23.0160 0x1cf0  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
17:45:23.0165 0x1cf0  ============================================================
17:45:23.0165 0x1cf0  \Device\Harddisk0\DR0:
17:45:23.0165 0x1cf0  MBR partitions:
17:45:23.0165 0x1cf0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:45:23.0165 0x1cf0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x16B56C6C
17:45:23.0217 0x1cf0  ============================================================
17:45:23.0253 0x1cf0  C: <-> \Device\Harddisk0\DR0\Partition2
17:45:23.0254 0x1cf0  ============================================================
17:45:23.0254 0x1cf0  Initialize success
17:45:23.0254 0x1cf0  ============================================================
17:45:34.0453 0x021c  ============================================================
17:45:34.0454 0x021c  Scan started
17:45:34.0454 0x021c  Mode: Manual;
17:45:34.0454 0x021c  ============================================================
17:45:34.0454 0x021c  KSN ping started
17:45:37.0267 0x021c  KSN ping finished: true
17:45:38.0685 0x021c  ================ Scan system memory ========================
17:45:38.0685 0x021c  System memory - ok
17:45:38.0688 0x021c  ================ Scan services =============================
17:45:38.0899 0x021c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:45:38.0995 0x021c  1394ohci - ok
17:45:39.0099 0x021c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:45:39.0118 0x021c  ACPI - ok
17:45:39.0154 0x021c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:45:39.0194 0x021c  AcpiPmi - ok
17:45:39.0293 0x021c  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:45:39.0315 0x021c  AdobeFlashPlayerUpdateSvc - ok
17:45:39.0390 0x021c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:45:39.0505 0x021c  adp94xx - ok
17:45:39.0552 0x021c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:45:39.0638 0x021c  adpahci - ok
17:45:39.0674 0x021c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:45:39.0737 0x021c  adpu320 - ok
17:45:39.0783 0x021c  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:45:39.0792 0x021c  AeLookupSvc - ok
17:45:39.0864 0x021c  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
17:45:39.0887 0x021c  AFD - ok
17:45:39.0931 0x021c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
17:45:39.0937 0x021c  agp440 - ok
17:45:39.0987 0x021c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
17:45:40.0045 0x021c  aic78xx - ok
17:45:40.0087 0x021c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
17:45:40.0097 0x021c  ALG - ok
17:45:40.0149 0x021c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:45:40.0190 0x021c  aliide - ok
17:45:40.0241 0x021c  [ D4713285C6F84272635DFE73BD9ED389, 43102ADD8AC4F7C39D369BFCF79E22A81B50AABDC7F462DB1485358609CBDE96 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:45:40.0256 0x021c  AMD External Events Utility - ok
17:45:40.0285 0x021c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:45:40.0349 0x021c  amdagp - ok
17:45:40.0386 0x021c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:45:40.0429 0x021c  amdide - ok
17:45:40.0465 0x021c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:45:40.0522 0x021c  AmdK8 - ok
17:45:40.0906 0x021c  [ 3A894B97304C06FF46B5E7B6D1936BC3, DEE51A4D9E2FC6DDE5E27D5D321341DCE5CE07B8E10C4AE95D39392CFD0DA45E ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
17:45:41.0528 0x021c  amdkmdag - ok
17:45:41.0618 0x021c  [ 8E1023B042F6502CC83308FB1EBF5AA2, DA07598034CF3A761C6F7522C56C83E058E4E5A3E0FE59FC52B0DE2E10406B5A ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:45:41.0680 0x021c  amdkmdap - ok
17:45:41.0741 0x021c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:45:41.0815 0x021c  AmdPPM - ok
17:45:41.0876 0x021c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:45:41.0940 0x021c  amdsata - ok
17:45:41.0974 0x021c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:45:42.0009 0x021c  amdsbs - ok
17:45:42.0027 0x021c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:45:42.0050 0x021c  amdxata - ok
17:45:42.0097 0x021c  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
17:45:42.0124 0x021c  AppID - ok
17:45:42.0178 0x021c  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:45:42.0232 0x021c  AppIDSvc - ok
17:45:42.0279 0x021c  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
17:45:42.0341 0x021c  Appinfo - ok
17:45:42.0406 0x021c  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:45:42.0420 0x021c  AppMgmt - ok
17:45:42.0471 0x021c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:45:42.0524 0x021c  arc - ok
17:45:42.0566 0x021c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:45:42.0630 0x021c  arcsas - ok
17:45:42.0774 0x021c  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:45:42.0801 0x021c  aspnet_state - ok
17:45:42.0870 0x021c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:45:42.0882 0x021c  AsyncMac - ok
17:45:42.0942 0x021c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:45:42.0944 0x021c  atapi - ok
17:45:43.0202 0x021c  [ 3A894B97304C06FF46B5E7B6D1936BC3, DEE51A4D9E2FC6DDE5E27D5D321341DCE5CE07B8E10C4AE95D39392CFD0DA45E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:45:43.0548 0x021c  atikmdag - ok
17:45:43.0625 0x021c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:45:43.0663 0x021c  AudioEndpointBuilder - ok
17:45:43.0678 0x021c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:45:43.0689 0x021c  Audiosrv - ok
17:45:43.0723 0x021c  avchv - ok
17:45:43.0751 0x021c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:45:43.0777 0x021c  AxInstSV - ok
17:45:43.0829 0x021c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
17:45:43.0871 0x021c  b06bdrv - ok
17:45:43.0909 0x021c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:45:43.0939 0x021c  b57nd60x - ok
17:45:43.0974 0x021c  bd0001 - ok
17:45:44.0001 0x021c  bd0004 - ok
17:45:44.0030 0x021c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
17:45:44.0057 0x021c  BDESVC - ok
17:45:44.0108 0x021c  [ AB6A392459DCF3306EEA4297FD121240, D765BD54D5435F6B0B1228885774493506A47E2BB35A1028CAEF927151B40A86 ] BDSafeBrowser   C:\Windows\system32\drivers\BDSafeBrowser.sys
17:45:44.0126 0x021c  BDSafeBrowser - ok
17:45:44.0155 0x021c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:45:44.0156 0x021c  Beep - ok
17:45:44.0214 0x021c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
17:45:44.0255 0x021c  BFE - ok
17:45:44.0302 0x021c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
17:45:44.0321 0x021c  BITS - ok
17:45:44.0349 0x021c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:45:44.0365 0x021c  blbdrive - ok
17:45:44.0421 0x021c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:45:44.0443 0x021c  bowser - ok
17:45:44.0503 0x021c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:45:44.0531 0x021c  BrFiltLo - ok
17:45:44.0561 0x021c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:45:44.0582 0x021c  BrFiltUp - ok
17:45:44.0667 0x021c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
17:45:44.0673 0x021c  Browser - ok
17:45:44.0765 0x021c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:45:44.0847 0x021c  Brserid - ok
17:45:44.0908 0x021c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:45:44.0937 0x021c  BrSerWdm - ok
17:45:45.0006 0x021c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:45:45.0023 0x021c  BrUsbMdm - ok
17:45:45.0078 0x021c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:45:45.0097 0x021c  BrUsbSer - ok
17:45:45.0222 0x021c  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
17:45:45.0248 0x021c  BthEnum - ok
17:45:45.0289 0x021c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:45:45.0321 0x021c  BTHMODEM - ok
17:45:45.0429 0x021c  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
17:45:45.0529 0x021c  BthPan - ok
17:45:45.0716 0x021c  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
17:45:45.0744 0x021c  BTHPORT - ok
17:45:45.0914 0x021c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
17:45:46.0016 0x021c  bthserv - ok
17:45:46.0091 0x021c  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
17:45:46.0097 0x021c  BTHUSB - ok
17:45:46.0194 0x021c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:45:46.0211 0x021c  cdfs - ok
17:45:46.0291 0x021c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:45:46.0304 0x021c  cdrom - ok
17:45:46.0388 0x021c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:45:46.0463 0x021c  CertPropSvc - ok
17:45:46.0545 0x021c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:45:46.0601 0x021c  circlass - ok
17:45:46.0698 0x021c  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
17:45:46.0832 0x021c  CLFS - ok
17:45:46.0980 0x021c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:45:46.0993 0x021c  clr_optimization_v2.0.50727_32 - ok
17:45:47.0058 0x021c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:45:47.0110 0x021c  clr_optimization_v4.0.30319_32 - ok
17:45:47.0185 0x021c  [ 6B0F39E11EEC9FA75A2F3E74344470E0, 6B6C27A1B516CAFE54E86B7F62105E1C4133C514E4B85039D42A3AF6ADCC8A2A ] CMB8100         C:\Windows\system32\Drivers\CertClient.dat
17:45:47.0203 0x021c  CMB8100 - ok
17:45:47.0257 0x021c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:45:47.0259 0x021c  CmBatt - ok
17:45:47.0467 0x021c  [ 01BD490E00F607C0C82B2B7F7DA64E25, F4EE535E85660FB718DCD290036BD9BABDDE741D57D5D32F9AA3AB1193993B93 ] CMBProtector    C:\Windows\system32\Drivers\CMBProtector.dat
17:45:47.0517 0x021c  CMBProtector - ok
17:45:47.0677 0x021c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:45:47.0728 0x021c  cmdide - ok
17:45:47.0821 0x021c  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
17:45:47.0936 0x021c  CNG - ok
17:45:48.0103 0x021c  [ 726803D911045D283509D3CDD91D8E52, 32261DEC62D38720671B8CC073F7879FB5F8BD576FD4BF9CE3FE7D9BEA35B597 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
17:45:48.0206 0x021c  CnxtHdAudService - ok
17:45:48.0275 0x021c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:45:48.0277 0x021c  Compbatt - ok
17:45:48.0351 0x021c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:45:48.0418 0x021c  CompositeBus - ok
17:45:48.0477 0x021c  COMSysApp - ok
17:45:48.0524 0x021c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:45:48.0581 0x021c  crcdisk - ok
17:45:48.0700 0x021c  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:45:48.0715 0x021c  CryptSvc - ok
17:45:48.0854 0x021c  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
17:45:48.0989 0x021c  CSC - ok
17:45:49.0058 0x021c  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
17:45:49.0126 0x021c  CscService - ok
17:45:49.0189 0x021c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:45:49.0206 0x021c  DcomLaunch - ok
17:45:49.0272 0x021c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
17:45:49.0325 0x021c  defragsvc - ok
17:45:49.0394 0x021c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:45:49.0465 0x021c  DfsC - ok
17:45:49.0566 0x021c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:45:49.0587 0x021c  Dhcp - ok
17:45:49.0617 0x021c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
17:45:49.0670 0x021c  discache - ok
17:45:49.0794 0x021c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:45:49.0801 0x021c  Disk - ok
17:45:49.0883 0x021c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:45:49.0990 0x021c  Dnscache - ok
17:45:50.0129 0x021c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:45:50.0198 0x021c  dot3svc - ok
17:45:50.0275 0x021c  [ 6D279BB0DE1D8E34F454E1B353F4D738, 0BBC77A62CC92D4C57DA1BE5CFAF5F50447746DD8D676904AEBD79D19A80AEE1 ] DozeHDD         C:\Windows\system32\DRIVERS\DozeHDD.sys
17:45:50.0302 0x021c  DozeHDD - ok
17:45:50.0429 0x021c  [ A4ECDD165B0F7EE9E44A569881F4CA6D, 9D0D72FA55BF678CFC7BEECEFC4A5DB18F85CF1D98D0F8D85AFE322E22655B9E ] DozeSvc         C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
17:45:50.0509 0x021c  DozeSvc - ok
17:45:50.0657 0x021c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
17:45:50.0729 0x021c  DPS - ok
17:45:50.0883 0x021c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:45:50.0885 0x021c  drmkaud - ok
17:45:51.0082 0x021c  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:45:51.0249 0x021c  DXGKrnl - ok
17:45:51.0338 0x021c  [ F8261752AB473E3B24376AAB280AD15A, 8E681395EB13A06634034356B7C807028655160EB879EFDECE8DC684F78C7246 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y6232.sys
17:45:51.0409 0x021c  e1yexpress - ok
17:45:51.0504 0x021c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
17:45:51.0538 0x021c  EapHost - ok
17:45:51.0957 0x021c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
17:45:52.0540 0x021c  ebdrv - ok
17:45:52.0629 0x021c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
17:45:52.0636 0x021c  EFS - ok
17:45:52.0725 0x021c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:45:52.0749 0x021c  ehRecvr - ok
17:45:52.0793 0x021c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
17:45:52.0804 0x021c  ehSched - ok
17:45:52.0941 0x021c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:45:53.0022 0x021c  elxstor - ok
17:45:53.0047 0x021c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:45:53.0061 0x021c  ErrDev - ok
17:45:53.0113 0x021c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
17:45:53.0121 0x021c  EventSystem - ok
17:45:53.0202 0x021c  [ 33ABDDB21DE2F4BB1B05A5A3A671BD64, 9A27823BE9C035F99729001AD765EF086DFAD7DB2DD546E7E1D0B9F347513A09 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:45:53.0311 0x021c  EvtEng - ok
17:45:53.0331 0x021c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:45:53.0358 0x021c  exfat - ok
17:45:53.0396 0x021c  [ 8343981F8B05F6BE0188A8527BC4EE53, 00AC635222E2037E460B4F6D0661EAFCB15F44A18CBD7AD24ECEF36B42A4EB01 ] FAFileMon       C:\Windows\system32\drivers\fortimon2.sys
17:45:53.0412 0x021c  FAFileMon - ok
17:45:53.0452 0x021c  [ DFBA1B3F47E34024FF6E00129B82A5C6, 08639FAC008989473268421844091466F4842464E06E74CE75554518AA4426C3 ] Fastboot        C:\Windows\system32\drivers\Fastboot.sys
17:45:53.0470 0x021c  Fastboot - ok
17:45:53.0526 0x021c  [ 6B9DC153941FF58D684C409614565A4E, 201AC8FCF22536DE5C0B9292560E501A2F8FEAAF811893D2638C49C815F86FCC ] FastbootService C:\Program Files\Lenovo\RapidBoot HDD Accelerator\FBService.exe
17:45:53.0531 0x021c  FastbootService - ok
17:45:53.0570 0x021c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:45:53.0583 0x021c  fastfat - ok
17:45:53.0655 0x021c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
17:45:53.0698 0x021c  Fax - ok
17:45:53.0791 0x021c  [ 6526788ADE5886920F775185EE4CAFAD, 7813F73CABC30BE4E4E21CC4D15806BD9DD4CF5D917A22A046AC35E67F40BBE7 ] FA_Scheduler    C:\Program Files\Fortinet\FortiClient\scheduler.exe
17:45:53.0800 0x021c  FA_Scheduler - ok
17:45:53.0835 0x021c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:45:53.0839 0x021c  fdc - ok
17:45:53.0869 0x021c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
17:45:53.0918 0x021c  fdPHost - ok
17:45:53.0946 0x021c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:45:54.0249 0x021c  FDResPub - ok
17:45:54.0262 0x021c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:45:54.0313 0x021c  FileInfo - ok
17:45:54.0321 0x021c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:45:54.0344 0x021c  Filetrace - ok
17:45:54.0365 0x021c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:45:54.0367 0x021c  flpydisk - ok
17:45:54.0405 0x021c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:45:54.0412 0x021c  FltMgr - ok
17:45:54.0467 0x021c  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
17:45:54.0590 0x021c  FontCache - ok
17:45:54.0657 0x021c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:45:54.0659 0x021c  FontCache3.0.0.0 - ok
17:45:54.0682 0x021c  [ A198F863A8A4C51664206444D9F43521, B8548412BF616871E68C3BD0C5D3B1E23FA3FA708450284E2B3E5DE028B9A34E ] fortiapd        C:\Windows\system32\drivers\fortiapd.sys
17:45:54.0701 0x021c  fortiapd - ok
17:45:54.0737 0x021c  [ 50D027A64A41993DF37B753FB4E8D114, 7529FE0ABBA0A6E9A34CD06972A83A6C01FC8354B8D232283D8A3499417B4A4E ] FortiFilter     C:\Windows\system32\DRIVERS\FortiFilter.sys
17:45:54.0757 0x021c  FortiFilter - ok
17:45:54.0776 0x021c  [ 5753B255B03AECD57EFC124A5B71E9B2, 83BFB1BC27EE9F49AC1C1854315221F71FD5CDDA4D70CA5D08F11D54E2E15BB2 ] FortiFW         C:\Windows\system32\drivers\FortiFW2.sys
17:45:54.0798 0x021c  FortiFW - ok
17:45:54.0809 0x021c  [ 94C1E997894495C1C3FA5C2E74DF959F, C2B5EFFDE4410C017801C4BA921EEA53DC6111B3AB2281E6767B0FD42FF25F5C ] fortiloader     C:\Windows\system32\drivers\fortiloader.sys
17:45:54.0826 0x021c  fortiloader - ok
17:45:54.0850 0x021c  [ 1FF5E17E5C296E7548D792619C9D94EE, 514A9EC6755C8DBD3DB82D358AA0E7F6D5A4A951211ED4B20782ABCD4A7C3571 ] Fortips         C:\Windows\system32\drivers\fortips.sys
17:45:54.0880 0x021c  Fortips - ok
17:45:54.0897 0x021c  [ 5AC752CA0726B7A577C55C7AFCD638CE, 725C6EC7AC909021C69C5892A288E241465717F7CAA165A3035C258AED349875 ] FortiRdr        C:\Windows\system32\drivers\FortiRdr2.sys
17:45:54.0919 0x021c  FortiRdr - ok
17:45:54.0931 0x021c  [ A0A2ACC982DF0F73ADBC57B1B50764E0, 5A667A59CEF55E94E02234F4FE41C43E93242EE3F50CB7BDFCCCBA133C42B811 ] FortiShield     C:\Windows\system32\drivers\FortiShield.sys
17:45:54.0983 0x021c  FortiShield - ok
17:45:55.0014 0x021c  [ A37DC80DD621849F52B0F0E8B8812773, E3E114902A09F01E0092EE774CE22DF0A850F3C75B71BA0F8987962C29DFC248 ] fortisniff      C:\Windows\system32\drivers\fortisniff2.sys
17:45:55.0065 0x021c  fortisniff - ok
17:45:55.0098 0x021c  [ A800B5B876C5CB9A05C1016C863BBEBD, DC83AC4B9F7FEF3A5BCDE5EFF64E6B20066D291FC80B4B01758C9A0896C7E3AF ] FortiWF         C:\Windows\system32\drivers\FortiWF2.sys
17:45:55.0143 0x021c  FortiWF - ok
17:45:55.0171 0x021c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:45:55.0203 0x021c  FsDepends - ok
17:45:55.0242 0x021c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:45:55.0246 0x021c  Fs_Rec - ok
17:45:55.0294 0x021c  [ 6F8AC27B43ECE9504FA5D521E086A92A, C1F3F10BE0B43D03F33A16D49953F67247CC2BD3D1EAC2F209AD68FF0D7866C1 ] ft_vnic         C:\Windows\system32\DRIVERS\ftvnic.sys
17:45:55.0329 0x021c  ft_vnic - ok
17:45:55.0389 0x021c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:45:55.0465 0x021c  fvevol - ok
17:45:55.0512 0x021c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:45:55.0576 0x021c  gagp30kx - ok
17:45:55.0641 0x021c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:45:55.0769 0x021c  gpsvc - ok
17:45:55.0838 0x021c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:45:55.0851 0x021c  gupdate - ok
17:45:55.0899 0x021c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:45:55.0910 0x021c  gupdatem - ok
17:45:55.0920 0x021c  gzflt - ok
17:45:55.0961 0x021c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:45:56.0004 0x021c  hcw85cir - ok
17:45:56.0066 0x021c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:45:56.0150 0x021c  HdAudAddService - ok
17:45:56.0194 0x021c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:45:56.0267 0x021c  HDAudBus - ok
17:45:56.0300 0x021c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:45:56.0343 0x021c  HidBatt - ok
17:45:56.0369 0x021c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:45:56.0431 0x021c  HidBth - ok
17:45:56.0467 0x021c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:45:56.0514 0x021c  HidIr - ok
17:45:56.0547 0x021c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
17:45:56.0590 0x021c  hidserv - ok
17:45:56.0634 0x021c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:45:56.0638 0x021c  HidUsb - ok
17:45:56.0673 0x021c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:45:56.0717 0x021c  hkmsvc - ok
17:45:56.0766 0x021c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:45:56.0863 0x021c  HomeGroupListener - ok
17:45:56.0904 0x021c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:45:56.0997 0x021c  HomeGroupProvider - ok
17:45:57.0050 0x021c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:45:57.0106 0x021c  HpSAMD - ok
17:45:57.0174 0x021c  [ 210388FD8225B02BD83D77628AAE64A9, EFB755244CDF8344E14528CF46A6D43C1E8266A307603A63023D8955925FE0C3 ] HsfXAudioService C:\Windows\system32\XAudio32.dll
17:45:57.0259 0x021c  HsfXAudioService - ok
17:45:57.0344 0x021c  [ C761B4A8391F5E47F7C51A691CE773F4, FDECE4A213F6200B381149DA7C7236E0B26F6AD8BFA09BE678E391FF924BA0DE ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
17:45:57.0517 0x021c  HSF_DPV - ok
17:45:57.0567 0x021c  [ 50B42EF358A2E5363BE6B77138A22391, 8ACFA56E332338047CEBE8F87AE6614B9222DFDD49C48FA6F3C3C4AED3206B9F ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
17:45:57.0644 0x021c  HSXHWAZL - ok
17:45:57.0722 0x021c  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:45:57.0756 0x021c  HTTP - ok
17:45:57.0791 0x021c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:45:57.0852 0x021c  hwpolicy - ok
17:45:57.0938 0x021c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:45:57.0942 0x021c  i8042prt - ok
17:45:58.0024 0x021c  [ 0E899D0DB39617AA0B2F992E7E95B5EB, 214AA4A0F298BB97C9DC6CB0496D566519C45C1092CE2C5BF92E5FFB8E4B6FA3 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:45:58.0042 0x021c  IAANTMON - ok
17:45:58.0072 0x021c  [ D0310C79C5A9D42B96E37C5C510C6A5C, 071B372D4F88A0647B4BE6618360CAD6CFB2D739156B71F797AD6C715311ACA8 ] iaNvStor        C:\Windows\system32\DRIVERS\iaNvStor.sys
17:45:58.0132 0x021c  iaNvStor - ok
17:45:58.0172 0x021c  [ 01446278D4563B3013C92830AE6CBB26, 68DB91660E46945CAD5AB9767A603D1B750899A0737C538551F01892E755F0ED ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:45:58.0185 0x021c  iaStor - ok
17:45:58.0250 0x021c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:45:58.0300 0x021c  iaStorV - ok
17:45:58.0347 0x021c  [ E34EF65898A3529BE7C2AC9CB77B09D3, 7396166EB6AA5DAA978779093A1E09F300E91BACAB812163A9F35087F0A617C6 ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
17:45:58.0371 0x021c  IBMPMDRV - ok
17:45:58.0386 0x021c  [ C9D46BEA56C89778AFF1494F9CCF66AC, FF076093F275CFDC7ACFB864C0451C294D5179230F90A73975682DD812F608FA ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
17:45:58.0391 0x021c  IBMPMSVC - ok
17:45:58.0451 0x021c  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:45:58.0487 0x021c  idsvc - ok
17:45:58.0529 0x021c  IEEtwCollectorService - ok
17:45:58.0826 0x021c  [ 36CC40B02AE593D6152AC8BD657720AF, 4AE1417A762EA3B00D49B721D5E147FA741D416DC4617BFBB21BD2EF1F81F057 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
17:45:59.0177 0x021c  igfx - ok
17:45:59.0292 0x021c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:45:59.0307 0x021c  iirsp - ok
17:45:59.0377 0x021c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:45:59.0518 0x021c  IKEEXT - ok
17:45:59.0595 0x021c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:45:59.0599 0x021c  intelide - ok
17:46:00.0027 0x021c  [ 36CC40B02AE593D6152AC8BD657720AF, 4AE1417A762EA3B00D49B721D5E147FA741D416DC4617BFBB21BD2EF1F81F057 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd32.sys
17:46:00.0347 0x021c  intelkmd - ok
17:46:00.0435 0x021c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:46:00.0438 0x021c  intelppm - ok
17:46:00.0469 0x021c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:46:00.0493 0x021c  IPBusEnum - ok
17:46:00.0517 0x021c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:46:00.0522 0x021c  IpFilterDriver - ok
17:46:00.0603 0x021c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:46:00.0717 0x021c  iphlpsvc - ok
17:46:00.0760 0x021c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:46:00.0819 0x021c  IPMIDRV - ok
17:46:00.0851 0x021c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:46:00.0861 0x021c  IPNAT - ok
17:46:00.0893 0x021c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:46:00.0897 0x021c  IRENUM - ok
17:46:00.0926 0x021c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:46:00.0932 0x021c  isapnp - ok
17:46:00.0984 0x021c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:46:01.0054 0x021c  iScsiPrt - ok
17:46:01.0089 0x021c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:46:01.0094 0x021c  kbdclass - ok
17:46:01.0148 0x021c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:46:01.0192 0x021c  kbdhid - ok
17:46:01.0214 0x021c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
17:46:01.0222 0x021c  KeyIso - ok
17:46:01.0271 0x021c  [ 4476FE98AAF505ACDCD3EE6360AABEC1, 1573C5B9F1B12FEEE6D771AFF8969FB9D06878B1E0BECCD4AF13DA9F194FB256 ] KMWDFILTERx86   C:\Windows\system32\DRIVERS\KMWDFILTER.sys
17:46:01.0315 0x021c  KMWDFILTERx86 - ok
17:46:01.0368 0x021c  KSDService - ok
17:46:01.0404 0x021c  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:46:01.0410 0x021c  KSecDD - ok
17:46:01.0444 0x021c  [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:46:01.0517 0x021c  KSecPkg - ok
17:46:01.0571 0x021c  [ 4D52FBA29E3E2A79C0BC3C403B756D89, C7BF2D99645DC8289BED058660EDE37F5506FB9942A53067B655ACD250494DDE ] KSSafe          C:\Windows\system32\drivers\KSSafe.sys
17:46:01.0688 0x021c  KSSafe - ok
17:46:01.0746 0x021c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:46:01.0898 0x021c  KtmRm - ok
17:46:01.0963 0x021c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:46:01.0998 0x021c  LanmanServer - ok
17:46:02.0026 0x021c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:46:02.0053 0x021c  LanmanWorkstation - ok
17:46:02.0103 0x021c  [ CAB9C6C37FD0F9612B269349116504B6, ACA134CC1531791F1EB424BF64F5F46C4FD91439DB5E7D23140A0104E4FD522C ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
17:46:02.0141 0x021c  LENOVO.CAMMUTE - ok
17:46:02.0183 0x021c  [ 128158D8B1DF639BF3E3FDBCBB64CDAC, F55DA8F202A8E81D4E8ABECCC1B7CE5162D6891A23278A8C664AA1EE9AE3C7CF ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
17:46:02.0186 0x021c  LENOVO.MICMUTE - ok
17:46:02.0200 0x021c  [ 9AAC267A225F3CAEBB9E633F7EB16E4B, BFBB9772646D62ACD9208041621E4CDE92982ED96F243C8F61334F7FC368B387 ] lenovo.smi      C:\Windows\system32\DRIVERS\smiif32.sys
17:46:02.0217 0x021c  lenovo.smi - ok
17:46:02.0241 0x021c  [ 04B5F7F44CCB2FAB615C67ED0E6C8323, CB0C7DD1F968FA7DC8F9AC99435FF9FB6E39CB058C978E977606F5C8CD275B90 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
17:46:02.0283 0x021c  LENOVO.TPKNRSVC - ok
17:46:02.0311 0x021c  [ 6F2CC57EB5836D2AC9BD37F3554D55F8, C877F63AACA68AD3505EC4A8B8916FA2E07C2CB29E74FA368A103F612E18499E ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
17:46:02.0377 0x021c  Lenovo.VIRTSCRLSVC - ok
17:46:02.0443 0x021c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:46:02.0544 0x021c  lltdio - ok
17:46:02.0587 0x021c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:46:02.0656 0x021c  lltdsvc - ok
17:46:02.0677 0x021c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:46:02.0706 0x021c  lmhosts - ok
17:46:02.0763 0x021c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:46:02.0820 0x021c  LSI_FC - ok
17:46:02.0858 0x021c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:46:02.0929 0x021c  LSI_SAS - ok
17:46:02.0965 0x021c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:46:03.0026 0x021c  LSI_SAS2 - ok
17:46:03.0086 0x021c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:46:03.0153 0x021c  LSI_SCSI - ok
17:46:03.0177 0x021c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:46:03.0220 0x021c  luafv - ok
17:46:03.0251 0x021c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:46:03.0288 0x021c  Mcx2Svc - ok
17:46:03.0345 0x021c  [ C5907099E5C283C6F9ABB1638B45DCC5, C0B7F62384B82CD346621C4C2BF50F0DAAEAF712C04A886F66F2D086C09216C4 ] mdareDriver_48  C:\Program Files\Fortinet\FortiClient\mdare32_48.sys
17:46:03.0378 0x021c  mdareDriver_48 - ok
17:46:03.0436 0x021c  [ 9E71652FCA3337C88CEE7894B473C4DA, 1C08DBDCBEEA2468B11AE9A054A054BF41F204FB459A502C47F32F255DFF932D ] mdareDriver_52  C:\Program Files\Fortinet\FortiClient\mdare32_52.sys
17:46:03.0441 0x021c  mdareDriver_52 - ok
17:46:03.0484 0x021c  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:46:03.0500 0x021c  mdmxsdk - ok
17:46:03.0533 0x021c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:46:03.0569 0x021c  megasas - ok
17:46:03.0619 0x021c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:46:03.0665 0x021c  MegaSR - ok
17:46:03.0693 0x021c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
17:46:03.0699 0x021c  MMCSS - ok
17:46:03.0714 0x021c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
17:46:03.0716 0x021c  Modem - ok
17:46:03.0756 0x021c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:46:03.0783 0x021c  monitor - ok
17:46:03.0830 0x021c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:46:03.0833 0x021c  mouclass - ok
17:46:03.0894 0x021c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:46:03.0897 0x021c  mouhid - ok
17:46:03.0920 0x021c  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:46:03.0925 0x021c  mountmgr - ok
17:46:04.0023 0x021c  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:46:04.0030 0x021c  MozillaMaintenance - ok
17:46:04.0061 0x021c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:46:04.0105 0x021c  mpio - ok
17:46:04.0155 0x021c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:46:04.0185 0x021c  mpsdrv - ok
17:46:04.0248 0x021c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:46:04.0331 0x021c  MpsSvc - ok
17:46:04.0361 0x021c  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:46:04.0364 0x021c  MRxDAV - ok
17:46:04.0391 0x021c  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:46:04.0395 0x021c  mrxsmb - ok
17:46:04.0418 0x021c  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:46:04.0449 0x021c  mrxsmb10 - ok
17:46:04.0464 0x021c  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:46:04.0485 0x021c  mrxsmb20 - ok
17:46:04.0506 0x021c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:46:04.0520 0x021c  msahci - ok
17:46:04.0553 0x021c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:46:04.0576 0x021c  msdsm - ok
17:46:04.0593 0x021c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
17:46:04.0600 0x021c  MSDTC - ok
17:46:04.0647 0x021c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:46:04.0648 0x021c  Msfs - ok
17:46:04.0660 0x021c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:46:04.0671 0x021c  mshidkmdf - ok
17:46:04.0692 0x021c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:46:04.0706 0x021c  msisadrv - ok
17:46:04.0756 0x021c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:46:04.0841 0x021c  MSiSCSI - ok
17:46:04.0859 0x021c  msiserver - ok
17:46:04.0905 0x021c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:46:04.0908 0x021c  MSKSSRV - ok
17:46:04.0931 0x021c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:46:04.0933 0x021c  MSPCLOCK - ok
17:46:04.0952 0x021c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:46:04.0955 0x021c  MSPQM - ok
17:46:04.0998 0x021c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:46:05.0080 0x021c  MsRPC - ok
17:46:05.0147 0x021c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:46:05.0152 0x021c  mssmbios - ok
17:46:05.0190 0x021c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:46:05.0240 0x021c  MSTEE - ok
17:46:05.0290 0x021c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:46:05.0338 0x021c  MTConfig - ok
17:46:05.0356 0x021c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:46:05.0359 0x021c  Mup - ok
17:46:05.0402 0x021c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
17:46:05.0454 0x021c  napagent - ok
17:46:05.0499 0x021c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:46:05.0562 0x021c  NativeWifiP - ok
17:46:05.0648 0x021c  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:46:05.0695 0x021c  NDIS - ok
17:46:05.0724 0x021c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:46:05.0772 0x021c  NdisCap - ok
17:46:05.0794 0x021c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:46:05.0798 0x021c  NdisTapi - ok
17:46:05.0833 0x021c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:46:05.0838 0x021c  Ndisuio - ok
17:46:05.0884 0x021c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:46:05.0893 0x021c  NdisWan - ok
17:46:05.0924 0x021c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:46:05.0929 0x021c  NDProxy - ok
17:46:05.0971 0x021c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:46:05.0976 0x021c  NetBIOS - ok
17:46:06.0016 0x021c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:46:06.0030 0x021c  NetBT - ok
17:46:06.0057 0x021c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
17:46:06.0066 0x021c  Netlogon - ok
17:46:06.0111 0x021c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
17:46:06.0139 0x021c  Netman - ok
17:46:06.0190 0x021c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:46:06.0205 0x021c  NetMsmqActivator - ok
17:46:06.0231 0x021c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:46:06.0242 0x021c  NetPipeActivator - ok
17:46:06.0277 0x021c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
17:46:06.0309 0x021c  netprofm - ok
17:46:06.0327 0x021c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:46:06.0338 0x021c  NetTcpActivator - ok
17:46:06.0358 0x021c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:46:06.0371 0x021c  NetTcpPortSharing - ok
17:46:06.0682 0x021c  [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
17:46:07.0342 0x021c  netw5v32 - ok
17:46:07.0825 0x021c  [ 83553135AD346D247C482F1B8ACA921F, 84CB2B77782F5222B81497BB592D6E2AA8991DBB9AFE1CD9131CBA883E5A11A4 ] NETwNs32        C:\Windows\system32\DRIVERS\NETwNs32.sys
17:46:08.0059 0x021c  NETwNs32 - ok
17:46:08.0106 0x021c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:46:08.0137 0x021c  nfrd960 - ok
17:46:08.0169 0x021c  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:46:08.0200 0x021c  NlaSvc - ok
17:46:08.0543 0x021c  [ 25401B0C9576C8456B3E0BBD74FF0771, BB569C99360A631850537DC2EDA0BF85D091CC30BD98B3FD2AC9DABDFB7741DA ] npf             C:\Windows\system32\drivers\npf.sys
17:46:08.0683 0x021c  npf - ok
17:46:08.0761 0x021c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:46:08.0777 0x021c  Npfs - ok
17:46:08.0839 0x021c  [ 47951B596E8F7CD157E85671C7491B4A, 98A3314FB71EB175CF1507835DF29FE0C7C0600EBF6BED7D8E1729E209F97948 ] Nsafepw         C:\Windows\system32\drivers\Nsafepw.sys
17:46:08.0902 0x021c  Nsafepw - ok
17:46:08.0949 0x021c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
17:46:08.0980 0x021c  nsi - ok
17:46:08.0995 0x021c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:46:09.0027 0x021c  nsiproxy - ok
17:46:09.0151 0x021c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:46:09.0183 0x021c  Ntfs - ok
17:46:09.0214 0x021c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
17:46:09.0214 0x021c  Null - ok
17:46:09.0245 0x021c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:46:09.0276 0x021c  nvraid - ok
17:46:09.0307 0x021c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:46:09.0339 0x021c  nvstor - ok
17:46:09.0354 0x021c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:46:09.0385 0x021c  nv_agp - ok
17:46:09.0495 0x021c  [ 3BBBC02D84AC98AF93F2F4D00EC347F0, 18D806BFBE2711BD9C221B5DFF54626FEBA273DF70D07549DD9A881EA5384A16 ] O&O CleverCache C:\Program Files\OO Software\CleverCache\ooccag.exe
17:46:09.0526 0x021c  O&O CleverCache - ok
17:46:09.0557 0x021c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:46:09.0604 0x021c  ohci1394 - ok
17:46:09.0666 0x021c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:46:09.0775 0x021c  p2pimsvc - ok
17:46:09.0822 0x021c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:46:09.0916 0x021c  p2psvc - ok
17:46:09.0947 0x021c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:46:09.0963 0x021c  Parport - ok
17:46:09.0994 0x021c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:46:09.0994 0x021c  partmgr - ok
17:46:10.0025 0x021c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:46:10.0025 0x021c  Parvdm - ok
17:46:10.0072 0x021c  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:46:10.0134 0x021c  PcaSvc - ok
17:46:10.0197 0x021c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
17:46:10.0212 0x021c  pci - ok
17:46:10.0243 0x021c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:46:10.0275 0x021c  pciide - ok
17:46:10.0321 0x021c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:46:10.0337 0x021c  pcmcia - ok
17:46:10.0353 0x021c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:46:10.0399 0x021c  pcw - ok
17:46:10.0477 0x021c  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:46:10.0602 0x021c  PEAUTH - ok
17:46:10.0711 0x021c  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:46:10.0930 0x021c  PeerDistSvc - ok
17:46:11.0086 0x021c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
17:46:11.0320 0x021c  pla - ok
17:46:11.0367 0x021c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:46:11.0398 0x021c  PlugPlay - ok
17:46:11.0413 0x021c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:46:11.0460 0x021c  PNRPAutoReg - ok
17:46:11.0491 0x021c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:46:11.0523 0x021c  PNRPsvc - ok
17:46:11.0585 0x021c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:46:11.0601 0x021c  PolicyAgent - ok
17:46:11.0647 0x021c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
17:46:11.0679 0x021c  Power - ok
17:46:11.0710 0x021c  [ 7A1E6CF32EDFF1F13186997FCA086FC7, BD9BF58557046B535C59EE2DBFB887C317542A9EDB33BA07D5A151BC2CFA63C1 ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
17:46:11.0757 0x021c  Power Manager DBC Service - ok
17:46:11.0803 0x021c  [ 4FB133321E33CF310B0010F7F3631536, FC31C0BC624FC1D2FFD839044B99BE6B361AED0A82FB553DA9FCA6F6CDE1FDFD ] pppop           C:\Windows\system32\DRIVERS\pppop.sys
17:46:11.0850 0x021c  pppop - ok
17:46:11.0881 0x021c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:46:11.0897 0x021c  PptpMiniport - ok
17:46:11.0913 0x021c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:46:11.0928 0x021c  Processor - ok
17:46:11.0959 0x021c  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:46:11.0975 0x021c  ProfSvc - ok
17:46:12.0006 0x021c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:46:12.0006 0x021c  ProtectedStorage - ok
17:46:12.0053 0x021c  [ 80DDC44934305224AEBFC37A264803C2, ACFCDED9C73119088F8319D329CAC95AFF2EB00036EDE5A7224F7F94736AE6EB ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
17:46:12.0100 0x021c  psadd - ok
17:46:12.0147 0x021c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:46:12.0225 0x021c  Psched - ok
17:46:12.0271 0x021c  [ 20EFF1CA8922F6A834261B985550A51D, 20EC7A845CF3D6DEE6F208E782D12E091CC69D2944D28527A76C3DE7CDAB2502 ] PwmEWSvc        C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE
17:46:12.0505 0x021c  PwmEWSvc - ok
17:46:12.0583 0x021c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:46:12.0708 0x021c  ql2300 - ok
17:46:12.0739 0x021c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:46:12.0771 0x021c  ql40xx - ok
17:46:12.0802 0x021c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
17:46:12.0864 0x021c  QWAVE - ok
17:46:12.0880 0x021c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:46:12.0895 0x021c  QWAVEdrv - ok
17:46:12.0911 0x021c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:46:12.0911 0x021c  RasAcd - ok
17:46:12.0927 0x021c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:46:12.0958 0x021c  RasAgileVpn - ok
17:46:12.0989 0x021c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
17:46:13.0020 0x021c  RasAuto - ok
17:46:13.0051 0x021c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:46:13.0051 0x021c  Rasl2tp - ok
17:46:13.0083 0x021c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
17:46:13.0129 0x021c  RasMan - ok
17:46:13.0145 0x021c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:46:13.0161 0x021c  RasPppoe - ok
17:46:13.0176 0x021c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:46:13.0239 0x021c  RasSstp - ok
17:46:13.0285 0x021c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:46:13.0301 0x021c  rdbss - ok
17:46:13.0317 0x021c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:46:13.0363 0x021c  rdpbus - ok
17:46:13.0379 0x021c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:46:13.0379 0x021c  RDPCDD - ok
17:46:13.0426 0x021c  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:46:13.0441 0x021c  RDPDR - ok
17:46:13.0488 0x021c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:46:13.0519 0x021c  RDPENCDD - ok
17:46:13.0566 0x021c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:46:13.0597 0x021c  RDPREFMP - ok
17:46:13.0691 0x021c  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:46:13.0722 0x021c  RdpVideoMiniport - ok
17:46:13.0769 0x021c  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:46:13.0785 0x021c  RDPWD - ok
17:46:13.0816 0x021c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:46:13.0909 0x021c  rdyboost - ok
17:46:14.0003 0x021c  [ 03D281098CE722210C48E1E8CAFEA260, 371BFCAF8AC64F321C853DFDC172998F8649B6EBBE515AFBB67AB8D1AE27740C ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:46:14.0221 0x021c  RegSrvc - ok
17:46:14.0268 0x021c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:46:14.0315 0x021c  RemoteAccess - ok
17:46:14.0346 0x021c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:46:14.0362 0x021c  RemoteRegistry - ok
17:46:14.0440 0x021c  [ B9BB8E2093C1615AD6EA55AD96214354, 57A2EEA52E2A670B712C4446F1A6379D1B79454A09A7B79455CA08894FD4B21F ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
17:46:14.0471 0x021c  Revoflt - ok
17:46:14.0533 0x021c  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
17:46:14.0611 0x021c  RFCOMM - ok
17:46:14.0658 0x021c  [ D65AC8797F0286ED269500747D6290A4, 7E264156FF5B8D9E39FEECC1D905C8E8E6E85206B7BFB7B49172167DA6F32884 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
17:46:14.0705 0x021c  rimmptsk - ok
17:46:14.0721 0x021c  [ 49EC82B44EB93374ED9988DA7E0E0151, 4F5C32D20F7B11080688B3E9E84BAF9253D4027C36294FF44661F2ECC4197480 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
17:46:14.0767 0x021c  rimsptsk - ok
17:46:14.0783 0x021c  [ 3F400C3CCD0818858602DDB37B5DE719, 2F9045D59A18EA5D0FA9AC8C369C5FFF017147246E078CA0C612854CDFC2F1B4 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
17:46:14.0830 0x021c  rismxdp - ok
17:46:14.0861 0x021c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:46:14.0892 0x021c  RpcEptMapper - ok
17:46:14.0908 0x021c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
17:46:14.0923 0x021c  RpcLocator - ok
17:46:14.0970 0x021c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
17:46:15.0017 0x021c  RpcSs - ok
17:46:15.0048 0x021c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:46:15.0111 0x021c  rspndr - ok
17:46:15.0157 0x021c  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:46:15.0189 0x021c  s3cap - ok
17:46:15.0204 0x021c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
17:46:15.0220 0x021c  SamSs - ok
17:46:15.0267 0x021c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:46:15.0313 0x021c  sbp2port - ok
17:46:15.0360 0x021c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:46:15.0423 0x021c  SCardSvr - ok
17:46:15.0454 0x021c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:46:15.0501 0x021c  scfilter - ok
17:46:15.0594 0x021c  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
17:46:15.0657 0x021c  Schedule - ok
17:46:15.0688 0x021c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:46:15.0703 0x021c  SCPolicySvc - ok
17:46:15.0750 0x021c  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\drivers\sdbus.sys
17:46:15.0766 0x021c  sdbus - ok
17:46:15.0797 0x021c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:46:15.0859 0x021c  SDRSVC - ok
17:46:15.0922 0x021c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:46:15.0953 0x021c  secdrv - ok
17:46:15.0984 0x021c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
17:46:16.0015 0x021c  seclogon - ok
17:46:16.0031 0x021c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
17:46:16.0047 0x021c  SENS - ok
17:46:16.0078 0x021c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:46:16.0125 0x021c  SensrSvc - ok
17:46:16.0156 0x021c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:46:16.0156 0x021c  Serenum - ok
17:46:16.0203 0x021c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:46:16.0203 0x021c  Serial - ok
17:46:16.0218 0x021c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:46:16.0265 0x021c  sermouse - ok
17:46:16.0327 0x021c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:46:16.0374 0x021c  SessionEnv - ok
17:46:16.0421 0x021c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:46:16.0421 0x021c  sffdisk - ok
17:46:16.0437 0x021c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:46:16.0483 0x021c  sffp_mmc - ok
17:46:16.0515 0x021c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:46:16.0530 0x021c  sffp_sd - ok
17:46:16.0546 0x021c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:46:16.0546 0x021c  sfloppy - ok
17:46:16.0608 0x021c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:46:16.0717 0x021c  SharedAccess - ok
17:46:16.0780 0x021c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:46:16.0811 0x021c  ShellHWDetection - ok
17:46:16.0873 0x021c  [ 1624530D05155F4E5A4736531523BFF5, CB0194DC136DD0065ED3F26BB5580EB07ACA2D7387641D6A03C82E6CF73D0182 ] Shockprf        C:\Windows\system32\DRIVERS\Apsx86.sys
17:46:16.0951 0x021c  Shockprf - ok
17:46:16.0983 0x021c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:46:17.0045 0x021c  sisagp - ok
17:46:17.0076 0x021c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:46:17.0123 0x021c  SiSRaid2 - ok
17:46:17.0154 0x021c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:46:17.0201 0x021c  SiSRaid4 - ok
17:46:17.0248 0x021c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:46:17.0295 0x021c  Smb - ok
17:46:17.0341 0x021c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:46:17.0357 0x021c  SNMPTRAP - ok
17:46:17.0638 0x021c  [ A10C0F1F8D394E7D392FAD72B7A01C1B, ABAE2BEA89903889C0E433C26351374B62759552DC3151B15117B4F9F41B6782 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
17:46:18.0043 0x021c  SNP2UVC - ok
17:46:18.0121 0x021c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:46:18.0168 0x021c  spldr - ok
17:46:18.0231 0x021c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
17:46:18.0262 0x021c  Spooler - ok
17:46:18.0496 0x021c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
17:46:18.0730 0x021c  sppsvc - ok
17:46:18.0792 0x021c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:46:18.0855 0x021c  sppuinotify - ok
17:46:18.0933 0x021c  [ D98CDF8AAC4D427FDD70553CA59BECAE, B6C804180DB18103F81AA21A5485DD3AA34D60DF13335D12E2BE4671FAACAE3D ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:46:18.0948 0x021c  SQLWriter - ok
17:46:18.0995 0x021c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:46:19.0011 0x021c  srv - ok
17:46:19.0057 0x021c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:46:19.0151 0x021c  srv2 - ok
17:46:19.0213 0x021c  [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:46:19.0291 0x021c  SrvHsfHDA - ok
17:46:19.0369 0x021c  [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:46:19.0541 0x021c  SrvHsfV92 - ok
17:46:19.0603 0x021c  [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:46:19.0666 0x021c  SrvHsfWinac - ok
17:46:19.0697 0x021c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:46:19.0728 0x021c  srvnet - ok
17:46:19.0775 0x021c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:46:19.0806 0x021c  SSDPSRV - ok
17:46:19.0822 0x021c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:46:19.0884 0x021c  SstpSvc - ok
17:46:19.0915 0x021c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:46:19.0947 0x021c  stexstor - ok
17:46:20.0009 0x021c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:46:20.0056 0x021c  StiSvc - ok
17:46:20.0071 0x021c  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:46:20.0118 0x021c  storflt - ok
17:46:20.0149 0x021c  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:46:20.0196 0x021c  storvsc - ok
17:46:20.0259 0x021c  [ 787D181332401B04DA4EDC422193C47B, AA4F1FE78B86AA58BDD6AFDA715D944EEC5158DDB352E5A01103B02E73B8B74A ] SUService       C:\Program Files\Lenovo\System Update\SUService.exe
17:46:20.0290 0x021c  SUService - ok
17:46:20.0305 0x021c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:46:20.0321 0x021c  swenum - ok
17:46:20.0368 0x021c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
17:46:20.0461 0x021c  swprv - ok
17:46:20.0477 0x021c  Synth3dVsc - ok
17:46:20.0555 0x021c  [ FFFA898575A8A16665429AFAE3D55302, 4241268D45E86D797250A996C014F7F4F701DF023A64669217C1EBE2555836BE ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:46:20.0680 0x021c  SynTP - ok
17:46:20.0789 0x021c  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
17:46:20.0992 0x021c  SysMain - ok
17:46:21.0023 0x021c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:46:21.0070 0x021c  TabletInputService - ok
17:46:21.0117 0x021c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:46:21.0148 0x021c  TapiSrv - ok
17:46:21.0179 0x021c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
17:46:21.0241 0x021c  TBS - ok
17:46:21.0273 0x021c  TcHardWare - ok
17:46:21.0397 0x021c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:46:21.0475 0x021c  Tcpip - ok
17:46:21.0585 0x021c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:46:21.0663 0x021c  TCPIP6 - ok
17:46:21.0725 0x021c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:46:21.0772 0x021c  tcpipreg - ok
17:46:21.0803 0x021c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:46:21.0803 0x021c  TDPIPE - ok
17:46:21.0834 0x021c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:46:21.0850 0x021c  TDTCP - ok
17:46:21.0881 0x021c  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:46:21.0881 0x021c  tdx - ok
17:46:21.0897 0x021c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:46:21.0912 0x021c  TermDD - ok
17:46:21.0975 0x021c  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
17:46:22.0021 0x021c  TermService - ok
17:46:22.0053 0x021c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
17:46:22.0099 0x021c  Themes - ok
17:46:22.0115 0x021c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:46:22.0131 0x021c  THREADORDER - ok
17:46:22.0162 0x021c  [ D2378FBBD668D9FE9B6B5E3139D506D3, A0CE1FB7E70AE0119536EAFBA4E29E94C944910381A0C73B4B32F8AAB3EDDA7E ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM86.sys
17:46:22.0209 0x021c  TPDIGIMN - ok
17:46:22.0287 0x021c  [ A34A1E6B5461273846D30F5898602A72, 645B066A772A92F5BF5636C94EF7F8E06519B12E63BDA263E3501D09C2E07D8A ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG.exe
17:46:22.0349 0x021c  TPHDEXLGSVC - ok
17:46:22.0380 0x021c  [ 1DBF0267CEBF80F0BD24DFE895367DB5, F7525704FB4AE95C552CCCB25A52FBC2597202071E2AA95850DC65D91A6F4452 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
17:46:22.0396 0x021c  TPHKLOAD - ok
17:46:22.0411 0x021c  [ CB0625C2F5B7C72C50C5AE34F8E8F7D0, 301BA79C4CA350EB9CFC083B69D830C27B3298DD23ADC986D002B4C58BD6DBAD ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
17:46:22.0411 0x021c  TPHKSVC - ok
17:46:22.0458 0x021c  [ C16EC6A5390904D3971179553852025B, EEECA9068E72C46A669421CD2754DCE0DE865B53212534DB3B1149EC776035A0 ] TPPWRIF         C:\Windows\system32\drivers\Tppwr32v.sys
17:46:22.0489 0x021c  TPPWRIF - ok
17:46:22.0536 0x021c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
17:46:22.0583 0x021c  TrkWks - ok
17:46:22.0645 0x021c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:46:22.0661 0x021c  TrustedInstaller - ok
17:46:22.0723 0x021c  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:46:22.0755 0x021c  tssecsrv - ok
17:46:22.0817 0x021c  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:46:22.0879 0x021c  TsUsbFlt - ok
17:46:22.0895 0x021c  tsusbhub - ok
17:46:22.0957 0x021c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:46:23.0020 0x021c  tunnel - ok
17:46:23.0082 0x021c  [ 3147063508EAE931BECC01573C204FAC, 9135B51B9730ECFB9304DDD8673E1E1B987CAA5918E552810234E715E8CBE0EA ] TVicPort        C:\Windows\system32\drivers\TVicPort.sys
17:46:23.0129 0x021c  TVicPort - ok
17:46:23.0160 0x021c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:46:23.0223 0x021c  uagp35 - ok
17:46:23.0254 0x021c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:46:23.0285 0x021c  udfs - ok
17:46:23.0332 0x021c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:46:23.0347 0x021c  UI0Detect - ok
17:46:23.0394 0x021c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:46:23.0457 0x021c  uliagpkx - ok
17:46:23.0503 0x021c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:46:23.0550 0x021c  umbus - ok
17:46:23.0581 0x021c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:46:23.0628 0x021c  UmPass - ok
17:46:23.0691 0x021c  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:46:23.0753 0x021c  UmRdpService - ok
17:46:23.0815 0x021c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
17:46:23.0831 0x021c  upnphost - ok
17:46:23.0878 0x021c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:46:23.0893 0x021c  usbccgp - ok
17:46:23.0925 0x021c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:46:23.0987 0x021c  usbcir - ok
17:46:24.0018 0x021c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:46:24.0018 0x021c  usbehci - ok
17:46:24.0081 0x021c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:46:24.0096 0x021c  usbhub - ok
17:46:24.0112 0x021c  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:46:24.0159 0x021c  usbohci - ok
17:46:24.0205 0x021c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:46:24.0237 0x021c  usbprint - ok
17:46:24.0268 0x021c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:46:24.0283 0x021c  USBSTOR - ok
17:46:24.0315 0x021c  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:46:24.0315 0x021c  usbuhci - ok
17:46:24.0346 0x021c  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:46:24.0408 0x021c  usbvideo - ok
17:46:24.0455 0x021c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
17:46:24.0486 0x021c  UxSms - ok
17:46:24.0502 0x021c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
17:46:24.0517 0x021c  VaultSvc - ok
17:46:24.0580 0x021c  [ 600F67394269A9324652BD138CA7A5F5, 0F0C68080E125F0B1868F650A1044278E690333B3EE8DF7C90AA1E00E530AC7B ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:46:24.0658 0x021c  VBoxNetAdp - ok
17:46:24.0689 0x021c  VBoxNetFlt - ok
17:46:24.0736 0x021c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:46:24.0783 0x021c  vdrvroot - ok
17:46:24.0845 0x021c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
17:46:24.0892 0x021c  vds - ok
17:46:24.0923 0x021c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:46:24.0970 0x021c  vga - ok
17:46:25.0001 0x021c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:46:25.0001 0x021c  VgaSave - ok
17:46:25.0032 0x021c  VGPU - ok
17:46:25.0079 0x021c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:46:25.0157 0x021c  vhdmp - ok
17:46:25.0204 0x021c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:46:25.0251 0x021c  viaagp - ok
17:46:25.0297 0x021c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
17:46:25.0344 0x021c  ViaC7 - ok
17:46:25.0375 0x021c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:46:25.0422 0x021c  viaide - ok
17:46:25.0469 0x021c  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:46:25.0531 0x021c  vmbus - ok
17:46:25.0563 0x021c  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:46:25.0609 0x021c  VMBusHID - ok
17:46:25.0625 0x021c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:46:25.0687 0x021c  volmgr - ok
17:46:26.0327 0x021c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:46:26.0873 0x021c  volmgrx - ok
17:46:26.0982 0x021c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:46:26.0998 0x021c  volsnap - ok
17:46:27.0091 0x021c  [ 1DEF4C3C8AF0E71B6852A901DAE11AAC, C08F7F6F5336E3CC22D0702882FF18B990D5465B7BADBD2AB24C4A199D17DC39 ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
17:46:27.0107 0x021c  VsEtwService120 - ok
17:46:27.0154 0x021c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:46:27.0216 0x021c  vsmraid - ok
17:46:27.0310 0x021c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
17:46:27.0388 0x021c  VSS - ok
17:46:27.0419 0x021c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:46:27.0466 0x021c  vwifibus - ok
17:46:27.0497 0x021c  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:46:27.0559 0x021c  vwififlt - ok
17:46:27.0606 0x021c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
17:46:27.0637 0x021c  W32Time - ok
17:46:27.0669 0x021c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:46:27.0715 0x021c  WacomPen - ok
17:46:27.0762 0x021c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:46:27.0778 0x021c  WANARP - ok
17:46:27.0793 0x021c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:46:27.0793 0x021c  Wanarpv6 - ok
17:46:27.0934 0x021c  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:46:28.0027 0x021c  WatAdminSvc - ok
17:46:28.0137 0x021c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
17:46:28.0230 0x021c  wbengine - ok
17:46:28.0277 0x021c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:46:28.0371 0x021c  WbioSrvc - ok
17:46:28.0417 0x021c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:46:28.0527 0x021c  wcncsvc - ok
17:46:28.0542 0x021c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:46:28.0605 0x021c  WcsPlugInService - ok
17:46:28.0636 0x021c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:46:28.0683 0x021c  Wd - ok
17:46:28.0745 0x021c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:46:28.0854 0x021c  Wdf01000 - ok
17:46:28.0885 0x021c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:46:28.0901 0x021c  WdiServiceHost - ok
17:46:28.0917 0x021c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:46:28.0932 0x021c  WdiSystemHost - ok
17:46:28.0979 0x021c  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
17:46:29.0057 0x021c  WebClient - ok
17:46:29.0104 0x021c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:46:29.0135 0x021c  Wecsvc - ok
17:46:29.0151 0x021c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:46:29.0197 0x021c  wercplsupport - ok
17:46:29.0229 0x021c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
17:46:29.0244 0x021c  WerSvc - ok
17:46:29.0291 0x021c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:46:29.0338 0x021c  WfpLwf - ok
17:46:29.0353 0x021c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:46:29.0400 0x021c  WIMMount - ok
17:46:29.0478 0x021c  [ 253A9C2DF9A2A7B3B23146014959F2CD, DC9AEF4F5085C52930EE7523FB8FF209D1EF6A8333FAAB043269C18AD029112A ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
17:46:29.0619 0x021c  winachsf - ok
17:46:29.0743 0x021c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:46:29.0884 0x021c  WinDefend - ok
17:46:29.0931 0x021c  WinHttpAutoProxySvc - ok
17:46:30.0009 0x021c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:46:30.0087 0x021c  Winmgmt - ok
17:46:30.0180 0x021c  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
17:46:30.0414 0x021c  WinRM - ok
17:46:30.0492 0x021c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:46:30.0539 0x021c  WinUsb - ok
17:46:30.0633 0x021c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:46:30.0695 0x021c  Wlansvc - ok
17:46:30.0882 0x021c  [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:46:31.0007 0x021c  wlidsvc - ok
17:46:31.0054 0x021c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:46:31.0085 0x021c  WmiAcpi - ok
17:46:31.0147 0x021c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:46:31.0147 0x021c  wmiApSrv - ok
17:46:31.0272 0x021c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:46:31.0350 0x021c  WMPNetworkSvc - ok
17:46:31.0397 0x021c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:46:31.0444 0x021c  WPCSvc - ok
17:46:31.0475 0x021c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:46:31.0553 0x021c  WPDBusEnum - ok
17:46:31.0600 0x021c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:46:31.0600 0x021c  ws2ifsl - ok
17:46:31.0647 0x021c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
17:46:31.0662 0x021c  wscsvc - ok
17:46:31.0678 0x021c  WSearch - ok
17:46:31.0849 0x021c  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
17:46:32.0208 0x021c  wuauserv - ok
17:46:32.0255 0x021c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:46:32.0317 0x021c  WudfPf - ok
17:46:32.0364 0x021c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:46:32.0458 0x021c  WUDFRd - ok
17:46:32.0505 0x021c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:46:32.0598 0x021c  wudfsvc - ok
17:46:32.0676 0x021c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:46:32.0754 0x021c  WwanSvc - ok
17:46:32.0801 0x021c  [ 894F963BE999BA9DB5AAC3AED55B115D, F4ECDD57FC5F6E295414745C2B8A2D9F9074C7035A6902456EE4447560863710 ] XAudio          C:\Windows\system32\DRIVERS\XAudio32.sys
17:46:32.0817 0x021c  XAudio - ok
17:46:32.0848 0x021c  ================ Scan global ===============================
17:46:32.0879 0x021c  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
17:46:32.0926 0x021c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
17:46:32.0973 0x021c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
17:46:33.0019 0x021c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:46:33.0066 0x021c  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
17:46:33.0097 0x021c  [ Global ] - ok
17:46:33.0113 0x021c  ================ Scan MBR ==================================
17:46:33.0129 0x021c  [ EA923EB0EC0060F1451E9AD7B5762CFE ] \Device\Harddisk0\DR0
17:46:33.0253 0x021c  \Device\Harddisk0\DR0 - ok
17:46:33.0253 0x021c  ================ Scan VBR ==================================
17:46:33.0253 0x021c  [ C2FD94906B14C1DB8FB6C5992232EF98 ] \Device\Harddisk0\DR0\Partition1
17:46:33.0253 0x021c  \Device\Harddisk0\DR0\Partition1 - ok
17:46:33.0269 0x021c  [ 680168FDD732B9CEF060E1F9A8F9F401 ] \Device\Harddisk0\DR0\Partition2
17:46:33.0269 0x021c  \Device\Harddisk0\DR0\Partition2 - ok
17:46:33.0285 0x021c  ================ Scan generic autorun ======================
17:46:33.0285 0x021c  PWMTRV - ok
17:46:33.0347 0x021c  [ 93A7EFB6044F0617099FA16C56EC3399, 451A76145DA62BC070039CEE7FC91976C1F21E6A8642FA126AA7FE2090F1CE4E ] C:\Windows\system32\TpShocks.exe
17:46:33.0378 0x021c  TpShocks - ok
17:46:33.0487 0x021c  [ 51511FF7FE04A9ADC4E5A16BB36607C5, 259651430933ACDB3D80F9A45F52898FBC1283B6F52780AF9E56477EFE44C196 ] C:\Program Files\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
17:46:33.0550 0x021c  Fastboot - ok
17:46:33.0597 0x021c  [ 42CA44AB64855CA845DB5A53A05316A8, 211A0926612077146EEA45CE8A25536820FE3C5EA102F2A8B2AA3D42DB567E60 ] C:\Windows\system32\igfxtray.exe
17:46:33.0597 0x021c  IgfxTray - ok
17:46:33.0612 0x021c  [ E739713BA54EFB6F69DF32145FCE0173, 8E4C363826E19A91E83153733737D07ADFD09F2BDD53A8AED23B1FD4B8CC8DA0 ] C:\Windows\system32\hkcmd.exe
17:46:33.0628 0x021c  HotKeysCmds - ok
17:46:33.0643 0x021c  [ 3BCDA891203AC468F10056166EA74E17, BCED6B6CEFE04169E0B80C0044DC4B8D6BD21EF49650FDD105DF24310C069A54 ] C:\Windows\system32\igfxpers.exe
17:46:33.0643 0x021c  Persistence - ok
17:46:33.0706 0x021c  [ AA70EE08B721782F81418146CC2A887E, 713E28D84D5BAF41273A8F36A6A978CE3EB121CEA1F3BA0D2AF0675F488FB012 ] C:\Program Files\TPFanControl\TPFanControl.exe
17:46:33.0721 0x021c  TPFanControl - ok
17:46:33.0784 0x021c  [ 1606CBD0193E93952CD4EACDC9229651, 0FC50B71C1C7F607FF66BF4EF066AA1CC2AA373F9475B4FCC32CCF50F93D5CDC ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
17:46:33.0799 0x021c  SunJavaUpdateSched - ok
17:46:33.0987 0x021c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:46:34.0096 0x021c  Sidebar - ok
17:46:34.0408 0x021c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:46:34.0423 0x021c  mctadmin - ok
17:46:34.0517 0x021c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:46:34.0564 0x021c  Sidebar - ok
17:46:34.0579 0x021c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:46:34.0579 0x021c  mctadmin - ok
17:46:34.0579 0x021c  Waiting for KSN requests completion. In queue: 145
17:46:35.0593 0x021c  Waiting for KSN requests completion. In queue: 145
17:46:36.0607 0x021c  Waiting for KSN requests completion. In queue: 145
17:46:37.0621 0x021c  Waiting for KSN requests completion. In queue: 145
17:46:38.0682 0x021c  AV detected via SS2: FortiClient AntiVirus, C:\Program Files\Fortinet\FortiClient\FCWsc.exe ( 5.2.3.633 ), 0x41000 ( enabled : updated )
17:46:38.0698 0x021c  Win FW state via NFP2: enabled
17:46:41.0428 0x021c  ============================================================
17:46:41.0428 0x021c  Scan finished
17:46:41.0428 0x021c  ============================================================
17:46:41.0443 0x0f28  Detected object count: 0
17:46:41.0443 0x0f28  Actual detected object count: 0
 



#6 jh1234l

jh1234l
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 30 January 2015 - 08:48 PM

Hello, Bloopme! I am a bit confused about what I should do with AdwCleaner; the instructions appear to have been cut short.

 

EDIT: Everything past the part about AdwCleaner appear to have been cut out.


Edited by jh1234l, 31 January 2015 - 06:22 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:24 PM

Posted 30 January 2015 - 09:07 PM

sorry

ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
  • [/list]

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 jh1234l

jh1234l
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 30 January 2015 - 09:17 PM

No worries!

 

AdwCleaner log:

 

# AdwCleaner v4.109 - Report created 30/01/2015 at 18:14:43
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Admin - T400
# Running from : C:\Users\Admin\Desktop\BLEEPINGCOMPUTER\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : bd0001
[#] Service Deleted : BDSafeBrowser
Service Deleted : bd0004

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\rvlkl
Folder Deleted : C:\Program Files\kuaiyong
Folder Deleted : C:\Program Files\Common Files\baidu
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Roaming\baidu
Folder Deleted : C:\Users\Admin\AppData\Local\CrashRpt

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Deleted : HKLM\SOFTWARE\Classes\BDDownloadProxy.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\BDDownloadProxy.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85E0B1AA-04FA-11D1-B7DA-00A0C90348D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{91B5E4DE-4C97-41CD-9F94-84BFAABB7371}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKLM\SOFTWARE\CToolbar
Key Deleted : HKLM\SOFTWARE\Baidu

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


-\\ Pale Moon v25.0.2 (en-US)


-\\ Google Chrome v

[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

*************************

AdwCleaner[R1].txt - [2373 octets] - [30/01/2015 18:10:03]
AdwCleaner[S0].txt - [2352 octets] - [30/01/2015 18:14:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2412 octets] ##########
 



#9 jh1234l

jh1234l
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 30 January 2015 - 09:22 PM

JRT log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Ultimate x86
Ran by Admin on 01/30/2015 Fri at 18:19:21.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\BAIDUAN.EXE-B5DEB7BB.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUANPATCHER.EXE-7390B3FE.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUANTRAY.EXE-9D4D4AD3.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUANUPDATE.EXE-93B45AA2.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUBROWSER.EXE-DE372C1C.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPSBUGRPT.EXE-9D7B94BB.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUPLAYER.EXE-225FA7F7.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUPROTECT.EXE-E789FC82.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDTRAY.EXE-5CD7AED9.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDUPDATE.EXE-01081448.pf



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\tencent"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\zrthv4s6.default\minidumps [25 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/30/2015 Fri at 18:21:53.55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 



#10 jh1234l

jh1234l
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 31 January 2015 - 12:18 AM

ESET log:

 

C:\Users\Admin\AppData\Local\Temp\{84F1CD26-D6E4-4E30-9FE5-72339CA773C2}.exe    a variant of Win32/Toolbar.Visicom.A potentially unwanted application    deleted - quarantined
C:\Windows\System32\drivers\ndisrd.sys    a variant of Win32/KeyLogger.Refog.D application    cleaned by deleting - quarantined
C:\Windows\System32\DriverStore\FileRepository\ndisrd_lwf.inf_x86_neutral_78bc6ce246c8b43e\ndisrd.sys    a variant of Win32/KeyLogger.Refog.D application    cleaned by deleting - quarantined
 


Edited by jh1234l, 31 January 2015 - 12:19 AM.


#11 jh1234l

jh1234l
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 31 January 2015 - 10:45 AM

It seems as if my computer is really slow right now; some unknown processes appear to be hogging my CPU. Also, there are several svchost.exe's which use more RAM than they normally do. Do you think that this is suspicious/indicative of anything? (NOTE: The CPU usage for svchost.exe once grew to 50, but I did not get to take a screenshot of it.)

 

21djuz5.png

Also, there are 2 instances of csrss.exe:

 

imovmp.png


Edited by jh1234l, 31 January 2015 - 10:49 AM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:24 PM

Posted 02 February 2015 - 04:35 PM

Sorry, ice took out internet.

You have a keylogger (removed).. It would be dangerous if you do not know about this and do banking on here.

I recommend a deeper look. Start new topic.. "Keylogger removd,wonder what else can be here"
This can be your other issues.

Please follow this Preparation Guide and post in a new topic.
Include this link back to here

http://www.bleepingcomputer.com/forums/t/565153/csrssexe-running-without-description-or-file-location/#entry3613187

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users