Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected???


  • This topic is locked This topic is locked
5 replies to this topic

#1 comp_help2014

comp_help2014

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 20 February 2015 - 01:24 PM

When I boot my computer, the Action center throws up a notification saying that my AV needs to be turned on and even when I go into the Action Center Area and click on 'Turn On', it takes time to do that. Is this normal with Avira?

 

I was advised to reinstall Avira here. Should I use Avira or Avast? I have the Windows 7 OS. 

 

My computer and internet connection too had slowed down in between and then it started working fine again.So just would like to check whether there are any infections.


Edited by comp_help2014, 21 February 2015 - 07:13 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:51 PM

Posted 20 February 2015 - 08:06 PM

Well either one is good, there is a chance one may not work well with your particular PC configuration.


I think tho' we should scan it first.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 comp_help2014

comp_help2014
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 24 February 2015 - 10:07 PM

Sorry for the delay!! 

 

Minitoolbox:

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by NM (administrator) on 25-02-2015 at 08:00:46
Running from "C:\Users\NM\Downloads"
Microsoft Windows 7 Starter  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
========================= IP Configuration: ================================
 
Realtek PCIe FE Family Controller = Local Area Connection (Connected)
Broadcom 802.11b/g WLAN = Wireless Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : NM-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.name
   System Quarantine State . . . . . : Not Restricted
 
 
Ethernet adapter Local Area Connection* 15:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter #2
   Physical Address. . . . . . . . . : 00-FF-B2-28-06-35
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-F1-BF-B7-56
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.name
   Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
   Physical Address. . . . . . . . . : C4-17-FE-5C-7C-BD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : domain.name
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : C8-0A-A9-16-F3-D3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::318f:2675:55ff:14b7%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 25 February 2015 07:54:25
   Lease Expires . . . . . . . . . . : 26 February 2015 07:54:25
   Default Gateway . . . . . . . . . : fe80::217:7cff:fe2a:3088%10
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.domain.name:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.name
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{B2280635-4E82-435A-AFBC-0B888B973D68}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 16:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:14da:2769:3f57:fefc(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::14da:2769:3f57:fefc%24(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{F1BFB756-2F18-4CB6-AC01-C03D961D083A}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2404:6800:4009:802::1006
 173.194.36.2
 173.194.36.3
 173.194.36.4
 173.194.36.5
 173.194.36.6
 173.194.36.7
 173.194.36.8
 173.194.36.9
 173.194.36.14
 173.194.36.0
 173.194.36.1
 
 
Pinging google.com [173.194.36.1] with 32 bytes of data:
Reply from 173.194.36.1: bytes=32 time=76ms TTL=56
Reply from 173.194.36.1: bytes=32 time=76ms TTL=56
 
Ping statistics for 173.194.36.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 76ms, Maximum = 76ms, Average = 76ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=321ms TTL=47
Reply from 206.190.36.45: bytes=32 time=320ms TTL=47
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 320ms, Maximum = 321ms, Average = 320ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 21...00 ff b2 28 06 35 ......Anchorfree HSS VPN Adapter #2
 20...00 ff f1 bf b7 56 ......Anchorfree HSS VPN Adapter
 14...c4 17 fe 5c 7c bd ......Broadcom 802.11b/g WLAN
 10...c8 0a a9 16 f3 d3 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 24...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    276
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 24     58 ::/0                     On-link
 10    276 ::/0                     fe80::217:7cff:fe2a:3088
  1    306 ::1/128                  On-link
 24     58 2001::/32                On-link
 24    306 2001:0:9d38:6ab8:14da:2769:3f57:fefc/128
                                    On-link
 10    276 fe80::/64                On-link
 24    306 fe80::/64                On-link
 24    306 fe80::14da:2769:3f57:fefc/128
                                    On-link
 10    276 fe80::318f:2675:55ff:14b7/128
                                    On-link
  1    306 ff00::/8                 On-link
 24    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/24/2015 11:15:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (02/23/2015 10:49:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (02/23/2015 09:53:21 PM) (Source: Avira Service Host) (User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/23/2015 03:31:15 PM) (Source: Avira Service Host) (User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/23/2015 01:31:51 PM) (Source: Avira Service Host) (User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/22/2015 03:17:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (02/22/2015 11:23:16 AM) (Source: Avira Service Host) (User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/21/2015 06:10:33 PM) (Source: Avira Service Host) (User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/20/2015 10:23:54 PM) (Source: Avira Service Host) (User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/20/2015 03:39:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 35.0.1.5500, time stamp: 0x54c1f9f3
Faulting module name: mozalloc.dll, version: 35.0.1.5500, time stamp: 0x54c1f224
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0xd9c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
 
 
System errors:
=============
Error: (02/25/2015 06:05:01 AM) (Source: DCOM) (User: )
Description: {57787927-8B56-4E73-A2BB-5FC76872CDA0}
 
Error: (02/25/2015 06:03:21 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/25/2015 01:04:05 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (02/24/2015 08:41:28 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/24/2015 11:33:23 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/24/2015 00:00:04 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/23/2015 11:55:59 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 23:55:06 on ‎23-‎02-‎2015 was unexpected.
 
Error: (02/23/2015 09:56:17 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/23/2015 04:42:19 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/23/2015 04:38:42 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 16:10:34 on ‎23-‎02-‎2015 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (02/24/2015 11:15:37 PM) (Source: SideBySide)(User: )
Description: C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SRCHBXEX.DLLC:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SRCHBXEX.DLL2
 
Error: (02/23/2015 10:49:19 PM) (Source: SideBySide)(User: )
Description: C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SRCHBXEX.DLLC:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SRCHBXEX.DLL2
 
Error: (02/23/2015 09:53:21 PM) (Source: Avira Service Host)(User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/23/2015 03:31:15 PM) (Source: Avira Service Host)(User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/23/2015 01:31:51 PM) (Source: Avira Service Host)(User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/22/2015 03:17:51 PM) (Source: SideBySide)(User: )
Description: C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SRCHBXEX.DLLC:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SRCHBXEX.DLL2
 
Error: (02/22/2015 11:23:16 AM) (Source: Avira Service Host)(User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/21/2015 06:10:33 PM) (Source: Avira Service Host)(User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/20/2015 10:23:54 PM) (Source: Avira Service Host)(User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (02/20/2015 03:39:49 AM) (Source: Application Error)(User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425d9c01d04c8fb87e8ccbC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll04ce4a8c-b884-11e4-9b5d-e6576307fa24
 
 
 
=========================== Installed Programs ============================
3G - Connect (HKLM\...\3G - Connect - 3G - Connect_is1) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe AIR (Version: 15.0.0.356 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Avira (HKLM\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira System Speedup 1.6 (HKLM\...\Avira System Speedup_is1) (Version: 1.6 - 2000 - 2015 Avira Operations GmbH & Co. KG)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.18.41 - Broadcom Corporation)
ESU for Microsoft Windows 7 (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
GlassWire 1.0 (remove only) (HKLM\...\GlassWire 1.0) (Version: 1.0.35 - SecureMix LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
HP Customer Experience Enhancements (Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP MediaStream (HKLM\...\{4414C431-245A-4AF7-8FE0-3ED2333FD8D2}) (Version: 2.5.1466 - Simplify Media)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP QuickSync (HKLM\...\{EEA95E6C-6847-49BE-83C9-ED92D8E18983}) (Version: 5.1.234.4788 - Hewlett-Packard)
HP QuickWeb (HKLM\...\{21FFAF37-E51A-41AB-8749-ACD1F9CF8E37}) (Version: 1.1.2.2 - DeviceVM, Inc.)
HP Setup (HKLM\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP User Guides 0169 (HKLM\...\{4B7057D5-6D5D-4088-8217-48EA20C44373}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{1061DF04-CF33-40B0-8360-D07C9BBEB122}) (Version: 3.50.10.1 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6246.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.1929 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (Version: 2.8.25.18 - Oracle Corporation) Hidden
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Recovery Manager (Version: 5.5.2214 - CyberLink Corp.) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.13.1 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Who Is On My Wifi version 3.0.2 (HKLM\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 3.0.2 - IO3O LLC)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Toolbar (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )
 
========================= Memory info: ===================================
 
Percentage of memory in use: 75%
Total physical RAM: 1012.2 MB
Available physical RAM: 253.03 MB
Total Pagefile: 2610.2 MB
Available Pagefile: 1043.31 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.17 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:137.33 GB) (Free:95.02 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:11.42 GB) (Free:1.19 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\NM-PC
 
Administrator            Guest                    NM                       
 
 
**** End of log ****
 
 
TDSS:
 
08:08:36.0446 0x14f0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
08:08:43.0031 0x14f0  ============================================================
08:08:43.0031 0x14f0  Current date / time: 2015/02/25 08:08:43.0031
08:08:43.0031 0x14f0  SystemInfo:
08:08:43.0031 0x14f0  
08:08:43.0031 0x14f0  OS Version: 6.1.7601 ServicePack: 1.0
08:08:43.0031 0x14f0  Product type: Workstation
08:08:43.0032 0x14f0  ComputerName: NM-PC
08:08:43.0032 0x14f0  UserName: NM
08:08:43.0032 0x14f0  Windows directory: C:\Windows
08:08:43.0032 0x14f0  System windows directory: C:\Windows
08:08:43.0032 0x14f0  Processor architecture: Intel x86
08:08:43.0032 0x14f0  Number of processors: 2
08:08:43.0032 0x14f0  Page size: 0x1000
08:08:43.0032 0x14f0  Boot type: Normal boot
08:08:43.0032 0x14f0  ============================================================
08:08:44.0017 0x14f0  KLMD registered as C:\Windows\system32\drivers\49407240.sys
08:08:44.0703 0x14f0  System UUID: {18D819AD-2417-103D-4CAD-7AC6E0723EFE}
08:08:46.0760 0x14f0  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:08:46.0816 0x14f0  ============================================================
08:08:46.0816 0x14f0  \Device\Harddisk0\DR0:
08:08:46.0819 0x14f0  MBR partitions:
08:08:46.0819 0x14f0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
08:08:46.0819 0x14f0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x112A9000
08:08:46.0819 0x14f0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1130D000, BlocksNum 0x16D9000
08:08:46.0819 0x14f0  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x129E6000, BlocksNum 0x336B0
08:08:46.0819 0x14f0  ============================================================
08:08:46.0894 0x14f0  C: <-> \Device\Harddisk0\DR0\Partition2
08:08:46.0940 0x14f0  D: <-> \Device\Harddisk0\DR0\Partition3
08:08:46.0956 0x14f0  E: <-> \Device\Harddisk0\DR0\Partition4
08:08:46.0994 0x14f0  ============================================================
08:08:46.0994 0x14f0  Initialize success
08:08:46.0994 0x14f0  ============================================================
08:08:50.0309 0x116c  ============================================================
08:08:50.0309 0x116c  Scan started
08:08:50.0309 0x116c  Mode: Manual; 
08:08:50.0309 0x116c  ============================================================
08:08:50.0309 0x116c  KSN ping started
08:08:53.0447 0x116c  KSN ping finished: true
08:08:54.0216 0x116c  ================ Scan system memory ========================
08:08:54.0216 0x116c  System memory - ok
08:08:54.0219 0x116c  ================ Scan services =============================
08:08:54.0664 0x116c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:08:54.0733 0x116c  1394ohci - ok
08:08:54.0987 0x116c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:08:55.0018 0x116c  ACPI - ok
08:08:55.0081 0x116c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:08:55.0219 0x116c  AcpiPmi - ok
08:08:55.0392 0x116c  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:08:55.0410 0x116c  AdobeARMservice - ok
08:08:55.0539 0x116c  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:08:55.0568 0x116c  AdobeFlashPlayerUpdateSvc - ok
08:08:55.0649 0x116c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:08:55.0724 0x116c  adp94xx - ok
08:08:55.0759 0x116c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:08:55.0829 0x116c  adpahci - ok
08:08:55.0875 0x116c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:08:55.0966 0x116c  adpu320 - ok
08:08:56.0038 0x116c  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:08:56.0130 0x116c  AeLookupSvc - ok
08:08:56.0545 0x116c  [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\aestsrv.exe
08:08:56.0567 0x116c  AESTFilters - ok
08:08:56.0729 0x116c  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
08:08:56.0762 0x116c  AFD - ok
08:08:56.0833 0x116c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
08:08:56.0907 0x116c  agp440 - ok
08:08:57.0025 0x116c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
08:08:57.0099 0x116c  aic78xx - ok
08:08:57.0204 0x116c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
08:08:57.0241 0x116c  ALG - ok
08:08:57.0341 0x116c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:08:57.0385 0x116c  aliide - ok
08:08:57.0442 0x116c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
08:08:57.0501 0x116c  amdagp - ok
08:08:57.0561 0x116c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
08:08:57.0612 0x116c  amdide - ok
08:08:57.0659 0x116c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:08:57.0722 0x116c  AmdK8 - ok
08:08:57.0765 0x116c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:08:57.0815 0x116c  AmdPPM - ok
08:08:57.0911 0x116c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:08:57.0975 0x116c  amdsata - ok
08:08:58.0058 0x116c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:08:58.0143 0x116c  amdsbs - ok
08:08:58.0178 0x116c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:08:58.0235 0x116c  amdxata - ok
08:08:58.0542 0x116c  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
08:08:58.0650 0x116c  AntiVirSchedulerService - ok
08:08:58.0956 0x116c  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
08:08:58.0981 0x116c  AntiVirService - ok
08:08:59.0038 0x116c  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
08:08:59.0082 0x116c  AppID - ok
08:08:59.0127 0x116c  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:08:59.0161 0x116c  AppIDSvc - ok
08:08:59.0199 0x116c  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
08:08:59.0209 0x116c  Appinfo - ok
08:08:59.0265 0x116c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:08:59.0373 0x116c  arc - ok
08:08:59.0404 0x116c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:08:59.0455 0x116c  arcsas - ok
08:08:59.0659 0x116c  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:08:59.0784 0x116c  aspnet_state - ok
08:08:59.0835 0x116c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:08:59.0851 0x116c  AsyncMac - ok
08:08:59.0893 0x116c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
08:08:59.0923 0x116c  atapi - ok
08:09:00.0060 0x116c  [ 76BAB0C824E2D05B940C4DD40A9B08BF, 237C60123F5AFF06C20757E2791C0CA383DE094DB634C239E375639B1B923844 ] athr            C:\Windows\system32\DRIVERS\athr.sys
08:09:00.0202 0x116c  athr - ok
08:09:00.0389 0x116c  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:09:00.0425 0x116c  AudioEndpointBuilder - ok
08:09:00.0491 0x116c  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
08:09:00.0518 0x116c  Audiosrv - ok
08:09:00.0577 0x116c  [ F581D2F3E30C1CA7206D660FB7689F98, 53647E017AE58788922F72285DD63E8CD2F9E922B31F7C6711E547BC6B360154 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
08:09:00.0583 0x116c  avgntflt - ok
08:09:00.0663 0x116c  [ A2EE407D6D3757A2FFD5095DD16AE1F2, BBFCC5DC116D6A3AF85591955541528DB0CB1FE81D353F717BE7CAD3F7F446F4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
08:09:00.0671 0x116c  avipbb - ok
08:09:00.0825 0x116c  [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
08:09:00.0857 0x116c  Avira.OE.ServiceHost - ok
08:09:00.0980 0x116c  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
08:09:00.0983 0x116c  avkmgr - ok
08:09:01.0124 0x116c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:09:01.0186 0x116c  AxInstSV - ok
08:09:01.0281 0x116c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
08:09:01.0503 0x116c  b06bdrv - ok
08:09:01.0574 0x116c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
08:09:01.0630 0x116c  b57nd60x - ok
08:09:01.0997 0x116c  [ 3508FD340C8B0FBBDB548F174D48762E, 44E57BF6912D330962B5BF8F34E5032000E36438C4FF6AC627F2B718F7840458 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
08:09:02.0219 0x116c  BCM43XX - ok
08:09:02.0308 0x116c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
08:09:02.0357 0x116c  BDESVC - ok
08:09:02.0430 0x116c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:09:02.0463 0x116c  Beep - ok
08:09:02.0652 0x116c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
08:09:02.0685 0x116c  BFE - ok
08:09:02.0860 0x116c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
08:09:03.0257 0x116c  BITS - ok
08:09:03.0300 0x116c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:09:03.0344 0x116c  blbdrive - ok
08:09:03.0414 0x116c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:09:03.0532 0x116c  bowser - ok
08:09:03.0561 0x116c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:09:03.0589 0x116c  BrFiltLo - ok
08:09:03.0642 0x116c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:09:03.0692 0x116c  BrFiltUp - ok
08:09:03.0775 0x116c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
08:09:03.0839 0x116c  Browser - ok
08:09:03.0943 0x116c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:09:04.0050 0x116c  Brserid - ok
08:09:04.0096 0x116c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:09:04.0164 0x116c  BrSerWdm - ok
08:09:04.0244 0x116c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:09:04.0280 0x116c  BrUsbMdm - ok
08:09:04.0301 0x116c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:09:04.0332 0x116c  BrUsbSer - ok
08:09:04.0450 0x116c  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
08:09:04.0487 0x116c  BthEnum - ok
08:09:04.0522 0x116c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:09:04.0578 0x116c  BTHMODEM - ok
08:09:04.0664 0x116c  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
08:09:04.0716 0x116c  BthPan - ok
08:09:04.0939 0x116c  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
08:09:05.0125 0x116c  BTHPORT - ok
08:09:05.0238 0x116c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
08:09:05.0347 0x116c  bthserv - ok
08:09:05.0448 0x116c  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
08:09:05.0508 0x116c  BTHUSB - ok
08:09:05.0620 0x116c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:09:05.0738 0x116c  cdfs - ok
08:09:05.0831 0x116c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:09:05.0899 0x116c  cdrom - ok
08:09:05.0956 0x116c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
08:09:06.0003 0x116c  CertPropSvc - ok
08:09:06.0037 0x116c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:09:06.0067 0x116c  circlass - ok
08:09:06.0128 0x116c  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
08:09:06.0151 0x116c  CLFS - ok
08:09:06.0211 0x116c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:09:06.0252 0x116c  clr_optimization_v2.0.50727_32 - ok
08:09:06.0301 0x116c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:09:06.0488 0x116c  clr_optimization_v4.0.30319_32 - ok
08:09:06.0531 0x116c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:09:06.0559 0x116c  CmBatt - ok
08:09:06.0596 0x116c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:09:06.0626 0x116c  cmdide - ok
08:09:06.0704 0x116c  [ F516F1167EFBBC5ABC90687C94497869, AD650D56241533439419EA00236ABE14AB6E50B768620211D1A44047A9FA14EC ] CNG             C:\Windows\system32\Drivers\cng.sys
08:09:06.0757 0x116c  CNG - ok
08:09:06.0969 0x116c  [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
08:09:07.0007 0x116c  Com4QLBEx - ok
08:09:07.0066 0x116c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:09:07.0122 0x116c  Compbatt - ok
08:09:07.0168 0x116c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:09:07.0194 0x116c  CompositeBus - ok
08:09:07.0214 0x116c  COMSysApp - ok
08:09:07.0245 0x116c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:09:07.0304 0x116c  crcdisk - ok
08:09:07.0355 0x116c  [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:09:07.0366 0x116c  CryptSvc - ok
08:09:07.0486 0x116c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:09:07.0542 0x116c  DcomLaunch - ok
08:09:07.0626 0x116c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
08:09:07.0648 0x116c  defragsvc - ok
08:09:07.0698 0x116c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:09:07.0745 0x116c  DfsC - ok
08:09:07.0849 0x116c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:09:07.0869 0x116c  Dhcp - ok
08:09:07.0901 0x116c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
08:09:07.0906 0x116c  discache - ok
08:09:07.0953 0x116c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:09:08.0007 0x116c  Disk - ok
08:09:08.0068 0x116c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:09:08.0122 0x116c  Dnscache - ok
08:09:08.0216 0x116c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:09:08.0288 0x116c  dot3svc - ok
08:09:08.0354 0x116c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
08:09:08.0366 0x116c  DPS - ok
08:09:08.0426 0x116c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:09:08.0471 0x116c  drmkaud - ok
08:09:08.0569 0x116c  [ 8CF55015B2A443EE869C90CAB31FD435, 53397A7AFCF0F3C34D95A85BF5DA343BD1DD241B322E2FBAE0CEA422E0CA70B9 ] DVMIO           C:\SPLASH.SYS\config\dvmio.sys
08:09:08.0638 0x116c  DVMIO - ok
08:09:08.0701 0x116c  [ 577582D57D90FB64276ACFEE958DBFD3, F13FF2BB28863F4158C64E0A9D4C0A155C4E32D5C4C7E2BE8DBB2B8EB7C60B88 ] DvmMDES         C:\SPLASH.SYS\config\DVMExportService.exe
08:09:08.0722 0x116c  DvmMDES - ok
08:09:08.0863 0x116c  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:09:08.0953 0x116c  DXGKrnl - ok
08:09:09.0006 0x116c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
08:09:09.0049 0x116c  EapHost - ok
08:09:09.0402 0x116c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
08:09:09.0740 0x116c  ebdrv - ok
08:09:09.0791 0x116c  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] EFS             C:\Windows\System32\lsass.exe
08:09:09.0800 0x116c  EFS - ok
08:09:09.0874 0x116c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:09:09.0939 0x116c  elxstor - ok
08:09:09.0981 0x116c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:09:10.0010 0x116c  ErrDev - ok
08:09:10.0104 0x116c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
08:09:10.0133 0x116c  EventSystem - ok
08:09:10.0194 0x116c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
08:09:10.0243 0x116c  exfat - ok
08:09:10.0277 0x116c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:09:10.0322 0x116c  fastfat - ok
08:09:10.0443 0x116c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
08:09:10.0533 0x116c  Fax - ok
08:09:10.0570 0x116c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:09:10.0613 0x116c  fdc - ok
08:09:10.0650 0x116c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
08:09:10.0694 0x116c  fdPHost - ok
08:09:10.0714 0x116c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:09:10.0762 0x116c  FDResPub - ok
08:09:10.0799 0x116c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:09:10.0830 0x116c  FileInfo - ok
08:09:10.0850 0x116c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:09:10.0897 0x116c  Filetrace - ok
08:09:10.0935 0x116c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:09:10.0966 0x116c  flpydisk - ok
08:09:11.0013 0x116c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:09:11.0028 0x116c  FltMgr - ok
08:09:11.0212 0x116c  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
08:09:11.0272 0x116c  FontCache - ok
08:09:11.0362 0x116c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:09:11.0504 0x116c  FontCache3.0.0.0 - ok
08:09:11.0536 0x116c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:09:11.0570 0x116c  FsDepends - ok
08:09:11.0606 0x116c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:09:11.0674 0x116c  Fs_Rec - ok
08:09:11.0755 0x116c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:09:11.0779 0x116c  fvevol - ok
08:09:11.0841 0x116c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:09:11.0888 0x116c  gagp30kx - ok
08:09:12.0686 0x116c  [ B995217A4FF103D584CD6D2D452C332E, 55C4FF088338C27107486817067A63858ED4B4A2595E8E23EC98CBBC8636B4D0 ] GlassWire       C:\Program Files\GlassWire\GWCtlSrv.exe
08:09:13.0266 0x116c  GlassWire - ok
08:09:13.0414 0x116c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
08:09:13.0495 0x116c  gpsvc - ok
08:09:13.0614 0x116c  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
08:09:13.0630 0x116c  gupdate - ok
08:09:13.0649 0x116c  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
08:09:13.0655 0x116c  gupdatem - ok
08:09:13.0694 0x116c  [ 89A47FF1CD3A99C61A7A237F876919C1, 9FEAC217161F13304B0C7FC9F5984000079EAEB44135C8FDCBB77D362B59C1D5 ] gwdrv           C:\Windows\system32\DRIVERS\gwdrv.sys
08:09:13.0738 0x116c  gwdrv - ok
08:09:13.0787 0x116c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:09:13.0839 0x116c  hcw85cir - ok
08:09:13.0941 0x116c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:09:14.0006 0x116c  HdAudAddService - ok
08:09:14.0059 0x116c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:09:14.0073 0x116c  HDAudBus - ok
08:09:14.0103 0x116c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:09:14.0137 0x116c  HidBatt - ok
08:09:14.0178 0x116c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:09:14.0230 0x116c  HidBth - ok
08:09:14.0264 0x116c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:09:14.0312 0x116c  HidIr - ok
08:09:14.0360 0x116c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
08:09:14.0408 0x116c  hidserv - ok
08:09:14.0481 0x116c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
08:09:14.0518 0x116c  HidUsb - ok
08:09:14.0569 0x116c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:09:14.0620 0x116c  hkmsvc - ok
08:09:14.0657 0x116c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:09:14.0722 0x116c  HomeGroupListener - ok
08:09:14.0779 0x116c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:09:14.0843 0x116c  HomeGroupProvider - ok
08:09:14.0907 0x116c  [ 1210960FF8928950D2A786895B0C424A, 22C8785E024CFDD3A43FAEAAA96B8332C37E9B6C765AB7AFBCD3DAA2DC9EFFC7 ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
08:09:14.0931 0x116c  HpqKbFiltr - ok
08:09:15.0058 0x116c  [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
08:09:15.0110 0x116c  hpqwmiex - ok
08:09:15.0156 0x116c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:09:15.0206 0x116c  HpSAMD - ok
08:09:15.0311 0x116c  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:09:15.0346 0x116c  HTTP - ok
08:09:15.0397 0x116c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:09:15.0419 0x116c  hwpolicy - ok
08:09:15.0518 0x116c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:09:15.0573 0x116c  i8042prt - ok
08:09:15.0767 0x116c  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
08:09:15.0806 0x116c  IAANTMON - ok
08:09:15.0917 0x116c  [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
08:09:15.0943 0x116c  iaStor - ok
08:09:16.0025 0x116c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:09:16.0110 0x116c  iaStorV - ok
08:09:16.0289 0x116c  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:09:16.0489 0x116c  idsvc - ok
08:09:16.0544 0x116c  IEEtwCollectorService - ok
08:09:17.0204 0x116c  [ 81F7C715528AB621C6AF58869D4B07B9, 999341B68BB63C50A08311D6FD50470CBC5B6B66EBFCACFE7768F36ECA547EAC ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
08:09:17.0726 0x116c  igfx - ok
08:09:17.0844 0x116c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:09:17.0915 0x116c  iirsp - ok
08:09:18.0103 0x116c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
08:09:18.0166 0x116c  IKEEXT - ok
08:09:18.0234 0x116c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
08:09:18.0294 0x116c  intelide - ok
08:09:18.0377 0x116c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:09:18.0399 0x116c  intelppm - ok
08:09:18.0455 0x116c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:09:18.0512 0x116c  IPBusEnum - ok
08:09:18.0543 0x116c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:09:18.0600 0x116c  IpFilterDriver - ok
08:09:18.0717 0x116c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:09:18.0763 0x116c  iphlpsvc - ok
08:09:18.0802 0x116c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:09:18.0862 0x116c  IPMIDRV - ok
08:09:18.0922 0x116c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:09:18.0988 0x116c  IPNAT - ok
08:09:19.0010 0x116c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:09:19.0054 0x116c  IRENUM - ok
08:09:19.0124 0x116c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:09:19.0211 0x116c  isapnp - ok
08:09:19.0297 0x116c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:09:19.0416 0x116c  iScsiPrt - ok
08:09:19.0456 0x116c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
08:09:19.0514 0x116c  kbdclass - ok
08:09:19.0600 0x116c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
08:09:19.0653 0x116c  kbdhid - ok
08:09:19.0692 0x116c  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] KeyIso          C:\Windows\system32\lsass.exe
08:09:19.0698 0x116c  KeyIso - ok
08:09:19.0738 0x116c  [ EF88BAC2B489D9C46F4E41ACF0219CD0, BF0FAF51BB6D0E588E53E483EF48D8D96B33544113892CC723CDEFAE7E5FB97A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:09:19.0812 0x116c  KSecDD - ok
08:09:19.0870 0x116c  [ 49D70660EE8266988C1F99A0297A1430, D17B7A3118DB42358DEA80D8A21C5F1B0CC33BF74F6570676D4708B36BB91FD4 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:09:20.0004 0x116c  KSecPkg - ok
08:09:20.0095 0x116c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:09:20.0173 0x116c  KtmRm - ok
08:09:20.0252 0x116c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:09:20.0366 0x116c  LanmanServer - ok
08:09:20.0431 0x116c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:09:20.0507 0x116c  LanmanWorkstation - ok
08:09:20.0606 0x116c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:09:20.0655 0x116c  lltdio - ok
08:09:20.0716 0x116c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:09:20.0833 0x116c  lltdsvc - ok
08:09:20.0871 0x116c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:09:20.0920 0x116c  lmhosts - ok
08:09:20.0988 0x116c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:09:21.0061 0x116c  LSI_FC - ok
08:09:21.0126 0x116c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:09:21.0205 0x116c  LSI_SAS - ok
08:09:21.0281 0x116c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:09:21.0327 0x116c  LSI_SAS2 - ok
08:09:21.0406 0x116c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:09:21.0472 0x116c  LSI_SCSI - ok
08:09:21.0520 0x116c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
08:09:21.0537 0x116c  luafv - ok
08:09:21.0579 0x116c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:09:21.0675 0x116c  megasas - ok
08:09:21.0738 0x116c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:09:21.0832 0x116c  MegaSR - ok
08:09:21.0994 0x116c  Microsoft SharePoint Workspace Audit Service - ok
08:09:22.0063 0x116c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
08:09:22.0113 0x116c  MMCSS - ok
08:09:22.0154 0x116c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
08:09:22.0207 0x116c  Modem - ok
08:09:22.0265 0x116c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:09:22.0284 0x116c  monitor - ok
08:09:22.0346 0x116c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\drivers\mouclass.sys
08:09:22.0433 0x116c  mouclass - ok
08:09:22.0534 0x116c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:09:22.0620 0x116c  mouhid - ok
08:09:22.0682 0x116c  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:09:22.0695 0x116c  mountmgr - ok
08:09:22.0815 0x116c  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:09:22.0874 0x116c  MozillaMaintenance - ok
08:09:22.0931 0x116c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:09:23.0024 0x116c  mpio - ok
08:09:23.0100 0x116c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:09:23.0174 0x116c  mpsdrv - ok
08:09:23.0314 0x116c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:09:23.0356 0x116c  MpsSvc - ok
08:09:23.0425 0x116c  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:09:23.0468 0x116c  MRxDAV - ok
08:09:23.0532 0x116c  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:09:23.0569 0x116c  mrxsmb - ok
08:09:23.0633 0x116c  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:09:23.0732 0x116c  mrxsmb10 - ok
08:09:23.0769 0x116c  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:09:23.0820 0x116c  mrxsmb20 - ok
08:09:23.0860 0x116c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:09:23.0907 0x116c  msahci - ok
08:09:23.0956 0x116c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:09:24.0017 0x116c  msdsm - ok
08:09:24.0057 0x116c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
08:09:24.0113 0x116c  MSDTC - ok
08:09:24.0190 0x116c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:09:24.0247 0x116c  Msfs - ok
08:09:24.0277 0x116c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:09:24.0358 0x116c  mshidkmdf - ok
08:09:24.0392 0x116c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:09:24.0409 0x116c  msisadrv - ok
08:09:24.0463 0x116c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:09:24.0536 0x116c  MSiSCSI - ok
08:09:24.0553 0x116c  msiserver - ok
08:09:24.0608 0x116c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:09:24.0649 0x116c  MSKSSRV - ok
08:09:24.0687 0x116c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:09:24.0718 0x116c  MSPCLOCK - ok
08:09:24.0741 0x116c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:09:24.0762 0x116c  MSPQM - ok
08:09:24.0810 0x116c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:09:24.0875 0x116c  MsRPC - ok
08:09:24.0929 0x116c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:09:24.0936 0x116c  mssmbios - ok
08:09:24.0995 0x116c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:09:25.0023 0x116c  MSTEE - ok
08:09:25.0056 0x116c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:09:25.0091 0x116c  MTConfig - ok
08:09:25.0118 0x116c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
08:09:25.0179 0x116c  Mup - ok
08:09:25.0260 0x116c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
08:09:25.0300 0x116c  napagent - ok
08:09:25.0381 0x116c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:09:25.0406 0x116c  NativeWifiP - ok
08:09:25.0543 0x116c  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:09:25.0609 0x116c  NDIS - ok
08:09:25.0645 0x116c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:09:25.0683 0x116c  NdisCap - ok
08:09:25.0723 0x116c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:09:25.0767 0x116c  NdisTapi - ok
08:09:25.0832 0x116c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:09:25.0867 0x116c  Ndisuio - ok
08:09:25.0929 0x116c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:09:25.0987 0x116c  NdisWan - ok
08:09:26.0021 0x116c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:09:26.0058 0x116c  NDProxy - ok
08:09:26.0123 0x116c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:09:26.0194 0x116c  NetBIOS - ok
08:09:26.0263 0x116c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:09:26.0282 0x116c  NetBT - ok
08:09:26.0314 0x116c  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] Netlogon        C:\Windows\system32\lsass.exe
08:09:26.0324 0x116c  Netlogon - ok
08:09:26.0392 0x116c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
08:09:26.0425 0x116c  Netman - ok
08:09:26.0490 0x116c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:09:26.0610 0x116c  NetMsmqActivator - ok
08:09:26.0653 0x116c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:09:26.0667 0x116c  NetPipeActivator - ok
08:09:26.0736 0x116c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
08:09:26.0773 0x116c  netprofm - ok
08:09:26.0819 0x116c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:09:26.0832 0x116c  NetTcpActivator - ok
08:09:26.0857 0x116c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:09:26.0869 0x116c  NetTcpPortSharing - ok
08:09:27.0295 0x116c  [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
08:09:28.0040 0x116c  netw5v32 - ok
08:09:28.0110 0x116c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:09:28.0190 0x116c  nfrd960 - ok
08:09:28.0257 0x116c  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:09:28.0285 0x116c  NlaSvc - ok
08:09:28.0323 0x116c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:09:28.0375 0x116c  Npfs - ok
08:09:28.0452 0x116c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
08:09:28.0495 0x116c  nsi - ok
08:09:28.0536 0x116c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:09:28.0542 0x116c  nsiproxy - ok
08:09:28.0709 0x116c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:09:28.0902 0x116c  Ntfs - ok
08:09:28.0956 0x116c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
08:09:28.0992 0x116c  Null - ok
08:09:29.0033 0x116c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:09:29.0102 0x116c  nvraid - ok
08:09:29.0163 0x116c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:09:29.0212 0x116c  nvstor - ok
08:09:29.0252 0x116c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:09:29.0308 0x116c  nv_agp - ok
08:09:29.0346 0x116c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:09:29.0397 0x116c  ohci1394 - ok
08:09:29.0498 0x116c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:09:29.0547 0x116c  ose - ok
08:09:30.0436 0x116c  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:09:30.0897 0x116c  osppsvc - ok
08:09:31.0014 0x116c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:09:31.0049 0x116c  p2pimsvc - ok
08:09:31.0125 0x116c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:09:31.0222 0x116c  p2psvc - ok
08:09:31.0267 0x116c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:09:31.0336 0x116c  Parport - ok
08:09:31.0378 0x116c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:09:31.0430 0x116c  partmgr - ok
08:09:31.0463 0x116c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
08:09:31.0479 0x116c  Parvdm - ok
08:09:31.0540 0x116c  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:09:31.0629 0x116c  PcaSvc - ok
08:09:31.0685 0x116c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
08:09:31.0762 0x116c  pci - ok
08:09:31.0818 0x116c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
08:09:31.0849 0x116c  pciide - ok
08:09:31.0905 0x116c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:09:31.0971 0x116c  pcmcia - ok
08:09:32.0010 0x116c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:09:32.0048 0x116c  pcw - ok
08:09:32.0136 0x116c  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:09:32.0263 0x116c  PEAUTH - ok
08:09:32.0498 0x116c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
08:09:32.0798 0x116c  pla - ok
08:09:32.0887 0x116c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:09:32.0924 0x116c  PlugPlay - ok
08:09:32.0953 0x116c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:09:32.0998 0x116c  PNRPAutoReg - ok
08:09:33.0059 0x116c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:09:33.0090 0x116c  PNRPsvc - ok
08:09:33.0191 0x116c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:09:33.0277 0x116c  PolicyAgent - ok
08:09:33.0343 0x116c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
08:09:33.0368 0x116c  Power - ok
08:09:33.0432 0x116c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:09:33.0480 0x116c  PptpMiniport - ok
08:09:33.0517 0x116c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:09:33.0554 0x116c  Processor - ok
08:09:33.0612 0x116c  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:09:33.0639 0x116c  ProfSvc - ok
08:09:33.0671 0x116c  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:09:33.0682 0x116c  ProtectedStorage - ok
08:09:33.0716 0x116c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:09:33.0730 0x116c  Psched - ok
08:09:33.0782 0x116c  [ C456C2DB7F7D6A3112A360DDF315298B, E53AEB04F909B4D245EC9B5BFCF31F547C1397A53D2BF2CEE460EE42CA9D89CA ] PTSimBus        C:\Windows\system32\DRIVERS\PTSimBus.sys
08:09:33.0871 0x116c  PTSimBus - ok
08:09:33.0914 0x116c  [ F98BB914074A43E7E83EA98D7D13D612, AA007DFB7178E86407A3C9472FBA4383560AAC4FAF4C1949B44642D1A36D8FE3 ] PTSimHid        C:\Windows\system32\DRIVERS\PTSimHid.sys
08:09:33.0946 0x116c  PTSimHid - ok
08:09:34.0117 0x116c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:09:34.0302 0x116c  ql2300 - ok
08:09:34.0346 0x116c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:09:34.0419 0x116c  ql40xx - ok
08:09:34.0480 0x116c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
08:09:34.0562 0x116c  QWAVE - ok
08:09:34.0591 0x116c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:09:34.0657 0x116c  QWAVEdrv - ok
08:09:34.0716 0x116c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:09:34.0773 0x116c  RasAcd - ok
08:09:34.0865 0x116c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:09:34.0921 0x116c  RasAgileVpn - ok
08:09:34.0993 0x116c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
08:09:35.0063 0x116c  RasAuto - ok
08:09:35.0120 0x116c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:09:35.0159 0x116c  Rasl2tp - ok
08:09:35.0280 0x116c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
08:09:35.0389 0x116c  RasMan - ok
08:09:35.0430 0x116c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:09:35.0476 0x116c  RasPppoe - ok
08:09:35.0549 0x116c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:09:35.0659 0x116c  RasSstp - ok
08:09:35.0728 0x116c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:09:35.0791 0x116c  rdbss - ok
08:09:35.0848 0x116c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:09:35.0861 0x116c  rdpbus - ok
08:09:35.0905 0x116c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:09:35.0923 0x116c  RDPCDD - ok
08:09:35.0998 0x116c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:09:36.0014 0x116c  RDPENCDD - ok
08:09:36.0062 0x116c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:09:36.0082 0x116c  RDPREFMP - ok
08:09:36.0143 0x116c  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:09:36.0196 0x116c  RDPWD - ok
08:09:36.0290 0x116c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:09:36.0407 0x116c  rdyboost - ok
08:09:36.0465 0x116c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:09:36.0506 0x116c  RemoteAccess - ok
08:09:36.0567 0x116c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:09:36.0624 0x116c  RemoteRegistry - ok
08:09:36.0711 0x116c  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
08:09:36.0770 0x116c  RFCOMM - ok
08:09:36.0803 0x116c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:09:36.0872 0x116c  RpcEptMapper - ok
08:09:36.0932 0x116c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
08:09:37.0016 0x116c  RpcLocator - ok
08:09:37.0092 0x116c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
08:09:37.0133 0x116c  RpcSs - ok
08:09:37.0188 0x116c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:09:37.0373 0x116c  rspndr - ok
08:09:37.0434 0x116c  [ F9541F3B59DA30423F2F76EF443C07FC, 531FA15BB281D9C93CEEECAF02984EA78669D213E6D43EFF2E11CF522F7A8191 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
08:09:37.0523 0x116c  RSUSBSTOR - ok
08:09:37.0583 0x116c  [ C5A68C5EC01FD6F03396DD154B48DB56, D8F1AACABFCFF7E69BCFED61AE6A4AE1851E055D1DCC5EA468E166D440D933DA ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
08:09:37.0602 0x116c  RTL8167 - ok
08:09:37.0638 0x116c  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] SamSs           C:\Windows\system32\lsass.exe
08:09:37.0647 0x116c  SamSs - ok
08:09:37.0730 0x116c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:09:37.0796 0x116c  sbp2port - ok
08:09:37.0857 0x116c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:09:38.0031 0x116c  SCardSvr - ok
08:09:38.0073 0x116c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:09:38.0110 0x116c  scfilter - ok
08:09:38.0271 0x116c  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
08:09:38.0374 0x116c  Schedule - ok
08:09:38.0402 0x116c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:09:38.0408 0x116c  SCPolicySvc - ok
08:09:38.0477 0x116c  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\drivers\sdbus.sys
08:09:38.0542 0x116c  sdbus - ok
08:09:38.0626 0x116c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:09:38.0691 0x116c  SDRSVC - ok
08:09:38.0817 0x116c  [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
08:09:38.0842 0x116c  SeaPort - ok
08:09:38.0897 0x116c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:09:38.0913 0x116c  secdrv - ok
08:09:38.0959 0x116c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
08:09:39.0029 0x116c  seclogon - ok
08:09:39.0067 0x116c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
08:09:39.0087 0x116c  SENS - ok
08:09:39.0116 0x116c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:09:39.0168 0x116c  Serenum - ok
08:09:39.0229 0x116c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:09:39.0283 0x116c  Serial - ok
08:09:39.0315 0x116c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:09:39.0327 0x116c  sermouse - ok
08:09:39.0421 0x116c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:09:39.0504 0x116c  SessionEnv - ok
08:09:39.0560 0x116c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:09:39.0597 0x116c  sffdisk - ok
08:09:39.0625 0x116c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:09:39.0663 0x116c  sffp_mmc - ok
08:09:39.0692 0x116c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:09:39.0727 0x116c  sffp_sd - ok
08:09:39.0800 0x116c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:09:39.0841 0x116c  sfloppy - ok
08:09:39.0940 0x116c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:09:40.0005 0x116c  SharedAccess - ok
08:09:40.0130 0x116c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:09:40.0179 0x116c  ShellHWDetection - ok
08:09:40.0235 0x116c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
08:09:40.0276 0x116c  sisagp - ok
08:09:40.0337 0x116c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:09:40.0375 0x116c  SiSRaid2 - ok
08:09:40.0415 0x116c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:09:40.0457 0x116c  SiSRaid4 - ok
08:09:40.0585 0x116c  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
08:09:40.0618 0x116c  SkypeUpdate - ok
08:09:40.0666 0x116c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:09:40.0709 0x116c  Smb - ok
08:09:40.0764 0x116c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:09:40.0793 0x116c  SNMPTRAP - ok
08:09:40.0834 0x116c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:09:40.0881 0x116c  spldr - ok
08:09:40.0983 0x116c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
08:09:41.0008 0x116c  Spooler - ok
08:09:41.0420 0x116c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
08:09:41.0692 0x116c  sppsvc - ok
08:09:41.0773 0x116c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:09:41.0856 0x116c  sppuinotify - ok
08:09:41.0983 0x116c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:09:42.0086 0x116c  srv - ok
08:09:42.0173 0x116c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:09:42.0293 0x116c  srv2 - ok
08:09:42.0355 0x116c  [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
08:09:42.0438 0x116c  SrvHsfHDA - ok
08:09:42.0577 0x116c  [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
08:09:42.0858 0x116c  SrvHsfV92 - ok
08:09:43.0022 0x116c  [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
08:09:43.0138 0x116c  SrvHsfWinac - ok
08:09:43.0201 0x116c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:09:43.0252 0x116c  srvnet - ok
08:09:43.0294 0x116c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:09:43.0311 0x116c  SSDPSRV - ok
08:09:43.0390 0x116c  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
08:09:43.0426 0x116c  ssmdrv - ok
08:09:43.0448 0x116c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:09:43.0505 0x116c  SstpSvc - ok
08:09:43.0737 0x116c  [ 1816C34D3DC9A0F1745FB455506C7B58, 7E44931C32D75165547E62699CDE7C7627118560C57A397939CC8043E3EC1B37 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\STacSV.exe
08:09:43.0762 0x116c  STacSV - ok
08:09:43.0811 0x116c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:09:43.0846 0x116c  stexstor - ok
08:09:43.0904 0x116c  [ 96CB9FD21207AF4456D37957441F6001, 8AC9CD84467225FDD9ADAE7C551D874D1DA9B32410DB794CEE161ADCA4A2D751 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
08:09:44.0043 0x116c  STHDA - ok
08:09:44.0162 0x116c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
08:09:44.0245 0x116c  StiSvc - ok
08:09:44.0293 0x116c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:09:44.0338 0x116c  swenum - ok
08:09:44.0480 0x116c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
08:09:44.0555 0x116c  swprv - ok
08:09:44.0657 0x116c  [ C6E720D3F5FB8290D01ACFB63E14B606, 1A27E5E154A8113BAAA152050E106AB0A2E850478CC9ECD528ECCF339F25EEAA ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
08:09:44.0780 0x116c  SynTP - ok
08:09:44.0967 0x116c  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
08:09:45.0068 0x116c  SysMain - ok
08:09:45.0159 0x116c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
08:09:45.0209 0x116c  TabletInputService - ok
08:09:45.0275 0x116c  [ 5E5CAB2BE8F078DCD0D3BFE6AE87AA2E, 9FA1F711BB7CA3E24F20C54953450BE2F31DCB49A475D97534CF41F358066450 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
08:09:45.0458 0x116c  taphss6 - ok
08:09:45.0562 0x116c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:09:45.0646 0x116c  TapiSrv - ok
08:09:45.0696 0x116c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
08:09:45.0716 0x116c  TBS - ok
08:09:45.0759 0x116c  [ 9B10F2BE724D8E978E21A5DA498FF5C1, 42AF51728C339DF3E49C249A884D7CF1D6E2C16226CA2AF706E10C5DE433A37D ] TClass2k        C:\Windows\system32\DRIVERS\TClass2k.sys
08:09:45.0844 0x116c  TClass2k - ok
08:09:46.0088 0x116c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:09:46.0282 0x116c  Tcpip - ok
08:09:46.0395 0x116c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:09:46.0466 0x116c  TCPIP6 - ok
08:09:46.0550 0x116c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:09:46.0652 0x116c  tcpipreg - ok
08:09:46.0712 0x116c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:09:46.0747 0x116c  TDPIPE - ok
08:09:46.0776 0x116c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:09:46.0941 0x116c  TDTCP - ok
08:09:46.0979 0x116c  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:09:47.0037 0x116c  tdx - ok
08:09:47.0102 0x116c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:09:47.0134 0x116c  TermDD - ok
08:09:47.0259 0x116c  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
08:09:47.0504 0x116c  TermService - ok
08:09:47.0555 0x116c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
08:09:47.0589 0x116c  Themes - ok
08:09:47.0619 0x116c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
08:09:47.0628 0x116c  THREADORDER - ok
08:09:47.0657 0x116c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
08:09:47.0697 0x116c  TrkWks - ok
08:09:47.0779 0x116c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:09:47.0811 0x116c  TrustedInstaller - ok
08:09:47.0906 0x116c  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:09:47.0950 0x116c  tssecsrv - ok
08:09:48.0056 0x116c  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:09:48.0109 0x116c  TsUsbFlt - ok
08:09:48.0186 0x116c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:09:48.0270 0x116c  tunnel - ok
08:09:48.0325 0x116c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:09:48.0370 0x116c  uagp35 - ok
08:09:48.0402 0x116c  [ 915A53A87CF9B3BC27359846ECD6A547, D36B5BEDF53D6F42F69E95DAF34A81CA3643FA48E3DCA5CF7581C61DFBEFF8BE ] UCTblHid        C:\Windows\system32\DRIVERS\UCTblHid.sys
08:09:48.0433 0x116c  UCTblHid - ok
08:09:48.0516 0x116c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:09:48.0581 0x116c  udfs - ok
08:09:48.0682 0x116c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:09:48.0737 0x116c  UI0Detect - ok
08:09:48.0770 0x116c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:09:48.0795 0x116c  uliagpkx - ok
08:09:48.0845 0x116c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
08:09:48.0884 0x116c  umbus - ok
08:09:48.0938 0x116c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:09:48.0998 0x116c  UmPass - ok
08:09:49.0070 0x116c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
08:09:49.0131 0x116c  upnphost - ok
08:09:49.0178 0x116c  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
08:09:49.0213 0x116c  usbaudio - ok
08:09:49.0269 0x116c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:09:49.0332 0x116c  usbccgp - ok
08:09:49.0371 0x116c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:09:49.0424 0x116c  usbcir - ok
08:09:49.0462 0x116c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
08:09:49.0497 0x116c  usbehci - ok
08:09:49.0552 0x116c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:09:49.0625 0x116c  usbhub - ok
08:09:49.0654 0x116c  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:09:49.0697 0x116c  usbohci - ok
08:09:49.0735 0x116c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:09:49.0779 0x116c  usbprint - ok
08:09:49.0834 0x116c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:09:49.0868 0x116c  USBSTOR - ok
08:09:49.0922 0x116c  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
08:09:49.0962 0x116c  usbuhci - ok
08:09:50.0027 0x116c  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
08:09:50.0075 0x116c  usbvideo - ok
08:09:50.0116 0x116c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
08:09:50.0149 0x116c  UxSms - ok
08:09:50.0183 0x116c  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] VaultSvc        C:\Windows\system32\lsass.exe
08:09:50.0204 0x116c  VaultSvc - ok
08:09:50.0253 0x116c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:09:50.0281 0x116c  vdrvroot - ok
08:09:50.0397 0x116c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
08:09:50.0475 0x116c  vds - ok
08:09:50.0540 0x116c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:09:50.0578 0x116c  vga - ok
08:09:50.0618 0x116c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:09:50.0656 0x116c  VgaSave - ok
08:09:50.0714 0x116c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:09:50.0759 0x116c  vhdmp - ok
08:09:50.0790 0x116c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
08:09:50.0828 0x116c  viaagp - ok
08:09:50.0884 0x116c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
08:09:50.0922 0x116c  ViaC7 - ok
08:09:50.0958 0x116c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:09:51.0008 0x116c  viaide - ok
08:09:51.0045 0x116c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:09:51.0076 0x116c  volmgr - ok
08:09:51.0122 0x116c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:09:51.0151 0x116c  volmgrx - ok
08:09:51.0223 0x116c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:09:51.0277 0x116c  volsnap - ok
08:09:51.0326 0x116c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:09:51.0365 0x116c  vsmraid - ok
08:09:51.0511 0x116c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
08:09:51.0580 0x116c  VSS - ok
08:09:51.0637 0x116c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
08:09:51.0676 0x116c  vwifibus - ok
08:09:51.0713 0x116c  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
08:09:51.0746 0x116c  vwififlt - ok
08:09:51.0819 0x116c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
08:09:51.0898 0x116c  W32Time - ok
08:09:51.0953 0x116c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:09:52.0002 0x116c  WacomPen - ok
08:09:52.0084 0x116c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:09:52.0135 0x116c  WANARP - ok
08:09:52.0160 0x116c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:09:52.0168 0x116c  Wanarpv6 - ok
08:09:52.0322 0x116c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
08:09:52.0449 0x116c  wbengine - ok
08:09:52.0564 0x116c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:09:52.0625 0x116c  WbioSrvc - ok
08:09:52.0688 0x116c  [ 8880FC9AE8BD03DAC35DD674DD324B90, EFE82E4A3BB703CB612FC27DA01CF27ED51FA1065D9C4476CE8424A94C3A9B17 ] WCDMA_Datacard_Usb_Ser C:\Windows\system32\DRIVERS\WCDMA_Datacard_Usb_Ser.sys
08:09:52.0737 0x116c  WCDMA_Datacard_Usb_Ser - ok
08:09:52.0855 0x116c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:09:52.0935 0x116c  wcncsvc - ok
08:09:52.0987 0x116c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:09:53.0026 0x116c  WcsPlugInService - ok
08:09:53.0068 0x116c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:09:53.0110 0x116c  Wd - ok
08:09:53.0216 0x116c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:09:53.0324 0x116c  Wdf01000 - ok
08:09:53.0409 0x116c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:09:53.0424 0x116c  WdiServiceHost - ok
08:09:53.0439 0x116c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:09:53.0459 0x116c  WdiSystemHost - ok
08:09:53.0560 0x116c  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
08:09:53.0631 0x116c  WebClient - ok
08:09:53.0691 0x116c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:09:53.0735 0x116c  Wecsvc - ok
08:09:53.0770 0x116c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:09:53.0809 0x116c  wercplsupport - ok
08:09:53.0856 0x116c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
08:09:53.0869 0x116c  WerSvc - ok
08:09:53.0900 0x116c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:09:53.0924 0x116c  WfpLwf - ok
08:09:53.0966 0x116c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:09:53.0986 0x116c  WIMMount - ok
08:09:54.0195 0x116c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
08:09:54.0236 0x116c  WinDefend - ok
08:09:54.0292 0x116c  WinHttpAutoProxySvc - ok
08:09:54.0367 0x116c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:09:54.0433 0x116c  Winmgmt - ok
08:09:54.0639 0x116c  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
08:09:54.0761 0x116c  WinRM - ok
08:09:54.0872 0x116c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
08:09:54.0907 0x116c  WinUsb - ok
08:09:55.0031 0x116c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:09:55.0095 0x116c  Wlansvc - ok
08:09:55.0162 0x116c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:09:55.0169 0x116c  WmiAcpi - ok
08:09:55.0230 0x116c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:09:55.0292 0x116c  wmiApSrv - ok
08:09:55.0577 0x116c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
08:09:55.0677 0x116c  WMPNetworkSvc - ok
08:09:55.0732 0x116c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:09:55.0782 0x116c  WPCSvc - ok
08:09:55.0834 0x116c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:09:55.0947 0x116c  WPDBusEnum - ok
08:09:56.0032 0x116c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:09:56.0080 0x116c  ws2ifsl - ok
08:09:56.0142 0x116c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
08:09:56.0170 0x116c  wscsvc - ok
08:09:56.0185 0x116c  WSearch - ok
08:09:56.0477 0x116c  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
08:09:56.0656 0x116c  wuauserv - ok
08:09:56.0701 0x116c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:09:56.0776 0x116c  WudfPf - ok
08:09:56.0853 0x116c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:09:56.0963 0x116c  WUDFRd - ok
08:09:57.0016 0x116c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:09:57.0101 0x116c  wudfsvc - ok
08:09:57.0202 0x116c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:09:57.0284 0x116c  WwanSvc - ok
08:09:57.0806 0x116c  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:09:57.0966 0x116c  YahooAUService - ok
08:09:58.0065 0x116c  [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
08:09:58.0165 0x116c  yukonw7 - ok
08:09:58.0257 0x116c  ================ Scan global ===============================
08:09:58.0349 0x116c  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
08:09:58.0444 0x116c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
08:09:58.0493 0x116c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
08:09:58.0553 0x116c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
08:09:58.0676 0x116c  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
08:09:58.0707 0x116c  [ Global ] - ok
08:09:58.0709 0x116c  ================ Scan MBR ==================================
08:09:58.0731 0x116c  [ 96DF35FB53F30C9502CA788EC35FEBA2 ] \Device\Harddisk0\DR0
08:09:59.0090 0x116c  \Device\Harddisk0\DR0 - ok
08:09:59.0091 0x116c  ================ Scan VBR ==================================
08:09:59.0102 0x116c  [ 9AC3EF90453A081F99F098F544DD9893 ] \Device\Harddisk0\DR0\Partition1
08:09:59.0107 0x116c  \Device\Harddisk0\DR0\Partition1 - ok
08:09:59.0122 0x116c  [ 6F0689F5B6E426A7605D2B89C259B31A ] \Device\Harddisk0\DR0\Partition2
08:09:59.0125 0x116c  \Device\Harddisk0\DR0\Partition2 - ok
08:09:59.0141 0x116c  [ 36992C4AF34E884BE76432B818BF59D3 ] \Device\Harddisk0\DR0\Partition3
08:09:59.0145 0x116c  \Device\Harddisk0\DR0\Partition3 - ok
08:09:59.0160 0x116c  [ D7E5B53E57191A904A2F273152C73BF5 ] \Device\Harddisk0\DR0\Partition4
08:09:59.0164 0x116c  \Device\Harddisk0\DR0\Partition4 - ok
08:09:59.0168 0x116c  ================ Scan generic autorun ======================
08:09:59.0219 0x116c  [ 5C24E2555BBC89450B7DF750E512EDA9, E6A1D028A600873B959A60DD7639C6E0F48A2761F95A9866629C8CE1C53DC360 ] C:\Windows\system32\igfxtray.exe
08:09:59.0316 0x116c  IgfxTray - ok
08:09:59.0363 0x116c  [ D0E7BABD0C69A901F399F2B3A8FA0B3F, 46D5DD489CBFC849E2D63C123B37B327FA4CB136B851A8C9ED85628BE1553F1A ] C:\Windows\system32\hkcmd.exe
08:09:59.0383 0x116c  HotKeysCmds - ok
08:09:59.0414 0x116c  [ 743F85DECDA712ABE3C789D41AE267EF, 430DE43CE041644FF1E63FBFDF75961D8111BEBAA26CAD6599A95A03D932CE3B ] C:\Windows\system32\igfxpers.exe
08:09:59.0432 0x116c  Persistence - ok
08:09:59.0645 0x116c  [ 3B4B584458821D418B1DE62A92EB2441, 16C407E97DA3B3EC598B666ACF55717AE96E9E4DCD1A727B0D56002D7E530ED4 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
08:10:00.0076 0x116c  SynTPEnh - ok
08:10:01.0070 0x116c  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
08:10:01.0184 0x116c  IAAnotif - ok
08:10:02.0285 0x116c  [ 415BCA1280BDADD3B8F8CC28E4879CA0, 3709C5638F73DDC0A158F04478302EAA7BDB8FE560F91EA8E284F8528DDC77D6 ] C:\Program Files\IDT\WDM\sttray.exe
08:10:02.0899 0x116c  SysTrayApp - ok
08:10:04.0119 0x116c  [ A9B4164E6D19E544FBEFE09F561EA1FF, 1E323F46A7F3C2294FAF0BF5D09FED931B6E9DFC5BDE44CE8F1D6A3C79238082 ] C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
08:10:04.0264 0x116c  HP - ok
08:10:04.0351 0x116c  [ 019D774B725DCFD9A188F07764A32214, D9926C2664754AB2FED379AE203A8D290C65FA78518B37385642F8D654EC011E ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
08:10:04.0376 0x116c  QlbCtrl.exe - ok
08:10:04.0582 0x116c  [ D018F156D00D4C2DDCD0D11118E4AE81, 330ECE67B48F7943C6AC31C8E8ADCA971FCBABB585FB2AF1F8252A77A75FAA99 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
08:10:04.0646 0x116c  WirelessAssistant - ok
08:10:04.0700 0x116c  [ AD64ADB9C72FCAB8E4C992528A9215FE, 6F6D7D4A0A1BD5C56C229A7D460191657E2A772CDFA3AF82991AB1CE73C7646D ] C:\Windows\system32\WTClient.exe
08:10:04.0835 0x116c  WTClient - ok
08:10:05.0247 0x116c  [ 67BD916F01424DEB8AB8CD9E0096F277, D1E4A7BA332DA229138E89E5C4550A58ADD896B85728DF6BA33F1DE57D586E77 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
08:10:05.0566 0x116c  BCSSync - ok
08:10:05.0818 0x116c  [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
08:10:05.0848 0x116c  Avira Systray - ok
08:10:06.0450 0x116c  [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
08:10:06.0671 0x116c  avgnt - ok
08:10:06.0909 0x116c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
08:10:07.0057 0x116c  Sidebar - ok
08:10:07.0117 0x116c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
08:10:07.0225 0x116c  mctadmin - ok
08:10:07.0348 0x116c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
08:10:07.0405 0x116c  Sidebar - ok
08:10:07.0448 0x116c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
08:10:07.0458 0x116c  mctadmin - ok
08:10:07.0509 0x116c  Simplify Media - ok
08:10:09.0556 0x116c  [ BCC290BD7043C82ADEB060AB22797DCF, 68BA6746A16E6FC44FF5E66A9A664EA7860BC8EF05FB70BB0DC64546743602AA ] C:\Program Files\GlassWire\glasswire.exe
08:10:10.0607 0x116c  GlassWire - ok
08:10:11.0720 0x116c  [ 127CD00925C1A2B759765C5B9600DE30, 22A9710B84873622EB1027552F3E7CC3E054FF367010149822F476A143556335 ] C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe
08:10:12.0193 0x116c  Messenger (Yahoo!) - ok
08:10:12.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:13.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:14.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:15.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:16.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:17.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:18.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:19.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:20.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:21.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:22.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:23.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:24.0214 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:25.0215 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:26.0215 0x116c  Waiting for KSN requests completion. In queue: 17
08:10:27.0539 0x116c  AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
08:10:27.0602 0x116c  Win FW state via NFP2: enabled
08:10:30.0783 0x116c  ============================================================
08:10:30.0783 0x116c  Scan finished
08:10:30.0783 0x116c  ============================================================
08:10:30.0823 0x153c  Detected object count: 0
08:10:30.0823 0x153c  Actual detected object count: 0
 
 
ADWCleaner:
 

After doing the scanning, I did not find any report icon. I clicked on the Logfile and have pasted the contents here.  I then clicked on cleaning.

 

I want to keep Hola for my browsing.

 
# AdwCleaner v4.111 - Logfile created 25/02/2015 at 08:16:00
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Starter Service Pack 1 (x86)
# Username : NM - NM-PC
# Running from : C:\Users\NM\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : YahooAUService
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
File Found : C:\Users\NM\AppData\Roaming\Mozilla\Firefox\Profiles\jqpzy8et.default-1421991119153\user.js
Folder Found : C:\ProgramData\Yahoo! Companion
Folder Found : C:\Users\NM\AppData\Local\Hola
Folder Found : C:\Users\NM\AppData\LocalLow\Yahoo! Companion
Folder Found : C:\Users\NM\AppData\Roaming\Mozilla\Firefox\Profiles\jqpzy8et.default-1421991119153\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\rttasks
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\DeviceVM
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
 
-\\ Mozilla Firefox v35.0.1 (x86 en-US)
 
[jqpzy8et.default-1421991119153] - Line Found : user_pref("avira.safe_search.prev_newtab", "hxxps://safesearch.avira.com/#?source=newtab");
[jqpzy8et.default-1421991119153] - Line Found : user_pref("browser.newtab.url", "hxxps://safesearch.avira.com/#?source=newtab");
[jqpzy8et.default-1421991119153] - Line Found : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[jqpzy8et.default-1421991119153] - Line Found : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"14b796527789-04c3a4faf29562-7f6b1235-0-14b7965277b38\"");
[jqpzy8et.default-1421991119153] - Line Found : user_pref("extensions.safesearch.SAUTH_expires_at", "1424967402");
[jqpzy8et.default-1421991119153] - Line Found : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"7020c7a90a8ddaa6d726d3d586f19a3e3e438d39\"");
[jqpzy8et.default-1421991119153] - Line Found : user_pref("extensions.safesearch.SAUTH_userid", "5844432122");
[jqpzy8et.default-1421991119153] - Line Found : user_pref("extensions.safesearch.SAUTH_utoken", "\"18e7139d276a6bf719b41a200fd477d1145b4d58\"");
[jqpzy8et.default-1421991119153] - Line Found : user_pref("extensions.safesearch.install", "1423670847428");
[jqpzy8et.default-1421991119153] - Line Found : user_pref("extensions.xpiState", "{\"app-profile\":{\"abs@avira.com\":{\"d\":\"C:\\\\Users\\\\NM\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jqpzy8et.default-1421991119153\\\\extensions[...]
 
-\\ Google Chrome v40.0.2214.115
 
*************************
 
AdwCleaner[R7].txt - [4381 bytes] - [25/02/2015 08:16:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R7].txt - [4440 bytes] ##########
 
After the cleaning, and rebooting, a logfile opened up. The contents are here:
 
# AdwCleaner v4.111 - Logfile created 25/02/2015 at 08:40:43
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Starter Service Pack 1 (x86)
# Username : NM - NM-PC
# Running from : C:\Users\NM\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
Service Deleted : YahooAUService
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\Users\NM\AppData\Local\Hola
Folder Deleted : C:\Users\NM\AppData\LocalLow\Yahoo! Companion
Folder Deleted : C:\Users\NM\AppData\Roaming\Mozilla\Firefox\Profiles\jqpzy8et.default-1421991119153\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File Deleted : C:\Users\NM\AppData\Roaming\Mozilla\Firefox\Profiles\jqpzy8et.default-1421991119153\user.js
File Deleted : C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\rttasks
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
 
-\\ Mozilla Firefox v35.0.1 (x86 en-US)
 
[jqpzy8et.default-1421991119153\prefs.js] - Line Deleted : user_pref("avira.safe_search.prev_newtab", "hxxps://safesearch.avira.com/#?source=newtab");
[jqpzy8et.default-1421991119153\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxps://safesearch.avira.com/#?source=newtab");
[jqpzy8et.default-1421991119153\prefs.js] - Line Deleted : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[jqpzy8et.default-1421991119153\prefs.js] - Line Deleted : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"14b796527789-04c3a4faf29562-7f6b1235-0-14b7965277b38\"");
[jqpzy8et.default-1421991119153\prefs.js] - Line Deleted : user_pref("extensions.safesearch.SAUTH_expires_at", "1424967402");
[jqpzy8et.default-1421991119153\prefs.js] - Line Deleted : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"7020c7a90a8ddaa6d726d3d586f19a3e3e438d39\"");
[jqpzy8et.default-1421991119153\prefs.js] - Line Deleted : user_pref("extensions.safesearch.SAUTH_userid", "5844432122");
[jqpzy8et.default-1421991119153\prefs.js] - Line Deleted : user_pref("extensions.safesearch.SAUTH_utoken", "\"18e7139d276a6bf719b41a200fd477d1145b4d58\"");
[jqpzy8et.default-1421991119153\prefs.js] - Line Deleted : user_pref("extensions.safesearch.install", "1423670847428");
[jqpzy8et.default-1421991119153\prefs.js] - Line Deleted : user_pref("extensions.xpiState", "{\"app-profile\":{\"abs@avira.com\":{\"d\":\"C:\\\\Users\\\\NM\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jqpzy8et.default-1421991119153\\\\extensions[...]
 
-\\ Google Chrome v40.0.2214.115
 
 
*************************
 
AdwCleaner[R7].txt - [4519 bytes] - [25/02/2015 08:16:00]
AdwCleaner[R8].txt - [4578 bytes] - [25/02/2015 08:34:46]
AdwCleaner[S6].txt - [4501 bytes] - [25/02/2015 08:40:43]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [4560  bytes] ##########
 
I've noticed right now - the same problem again - Both Avira and windows defender says it is turned off. Not sure why it's taking long to turn on. If Avira checks for PUPs , then why did the AdwCleaner show unwanted stuff which needed to be cleaned? I had reinstalled Avira. Should I get the paid version of it or a different AV? All this while, after reinstallation, the notification flag would never say that Avira is turned off, but it just happened again right now. Just wanted to inform you. I like Avira though. Just hope that it is efficient enough.
 
 
JRT:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Starter x86
Ran by NM on 25-02-2015 at  9:47:17.19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\NM\AppData\Roaming\mozilla\firefox\profiles\jqpzy8et.default-1421991119153\searchplugins\avira-safesearch.xml
Successfully deleted: [Folder] C:\Users\NM\AppData\Roaming\mozilla\firefox\profiles\jqpzy8et.default-1421991119153\extensions\safesearch@avira.com
Successfully deleted the following from C:\Users\NM\AppData\Roaming\mozilla\firefox\profiles\jqpzy8et.default-1421991119153\prefs.js
 
user_pref("avira.safe_search.search_was_active", "true");
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-
user_pref("extensions.bootstrappedAddons", "{\"abs@avira.com\":{\"version\":\"1.4.4\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\NM\\\\AppData\\\\Roaming\\\\Mozill
user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"14b796527789-04c3a4faf29562-7f6b1235-0-14b7965277b38\"");
user_pref("extensions.safesearch.SAUTH_expires_at", "1425439270");
user_pref("extensions.safesearch.SAUTH_rndsnr", "\"c0ff69a946faf498ae8ad51fea2c6fab2c7b80ea\"");
user_pref("extensions.safesearch.SAUTH_userid", "5871617299");
user_pref("extensions.safesearch.SAUTH_utoken", "\"cb58504975c54b0897acd9fe1fd139e91951bf1d\"");
user_pref("extensions.safesearch.install", "1424834461768");
user_pref("extensions.xpiState", "{\"app-profile\":{\"abs@avira.com\":{\"d\":\"C:\\\\Users\\\\NM\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jqpzy8et.default-14
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25-02-2015 at  9:55:21.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 

Edited by comp_help2014, 24 February 2015 - 11:49 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:51 PM

Posted 25 February 2015 - 12:39 PM

Hmmm ... appears we need a deeper look.
Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 comp_help2014

comp_help2014
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 27 February 2015 - 11:56 AM

Hi,

 

My new thread is : 

 
My AV keeps saying that it is turned off! And it takes time to turn on!
 
Thanks for your help!


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:51 PM

Posted 27 February 2015 - 03:26 PM

Looks good.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 3 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users