Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

quadro 4000 crashing Windows 7 BSOD


  • Please log in to reply
15 replies to this topic

#1 spants

spants

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 09 April 2017 - 09:53 PM

My computer started crashing lately until recently when it crashed and I rebooted to see odd characters in the BIOS bootup screens. Booted up again but GPU was disabeled with Code 46 error:
Windows has stopped this device because it has reported problems. (Code 43)
 
I updated the driver and now it crashes when Windows splash screen should appear and instead I get BSOD. I can boot in safe mode.
 
Any advice?
 
Steve
 
Intel Xeon E5645 (single) 
EVGA Classified SR-2 
G.SKILL Ripjaws Series 24GB (6 x 4GB) 240-Pin DDR3 SDRAM
VGA PNY VCQ4000-PB RT 
SAMSUNG 850 2.5" 256GB
Microsoft Windows 7 Professional SP1 64-bit 


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:04 PM

Posted 11 April 2017 - 05:04 AM

Please try the following after booting into safe mode with networking.

 

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy taking care to post the link of the snapshot in your next post.

   Go to Piriform's website, and download the free version on the left.  Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version. You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.

    After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
 
     Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
 
post-33068-0-86653600-1480692866_thumb.j

     Now, at the top, click File > Publish Snapshot.

     Click Yes > then Copy to Clipboard

Now, once you are back in the forum topic you are posting in, click the ADD REPLY or REPLY TO THIS TOPIC button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Louis



#3 spants

spants
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 12 April 2017 - 07:24 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Steven Pantazis (administrator) on 12-04-2017 at 19:18:13
Running from "C:\Users\Steven Pantazis\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: To Be Filled By O.E.M. Manufacturer: To Be Filled By O.E.M.
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/12/2017 07:17:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 10:10:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 09:46:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 09:42:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 09:33:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 09:18:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 09:16:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/03/2017 10:14:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce7a313
Faulting module name: mshtml.dll, version: 8.0.7601.17514, time stamp: 0x4ce7c7f0
Exception code: 0xc0000005
Fault offset: 0x0000000000644080
Faulting process id: 0x14cc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (04/03/2017 10:14:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce7a313
Faulting module name: mshtml.dll, version: 8.0.7601.17514, time stamp: 0x4ce7c7f0
Exception code: 0xc0000005
Fault offset: 0x0000000000644080
Faulting process id: 0x1114
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (04/03/2017 09:53:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
System errors:
=============
Error: (04/12/2017 07:16:06 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: ESProtectionDriver
 
Error: (04/09/2017 04:15:34 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
Error: (04/09/2017 04:15:34 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
Error: (04/09/2017 04:15:34 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
Error: (04/09/2017 04:15:26 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
Error: (04/09/2017 04:15:26 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
Error: (04/09/2017 04:15:26 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
Error: (04/09/2017 04:15:24 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
Error: (04/09/2017 04:15:24 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
Error: (04/09/2017 04:15:24 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
Microsoft Office Sessions:
=========================
Error: (04/12/2017 07:17:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 10:10:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 09:46:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 09:42:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 09:33:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 09:18:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2017 09:16:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/03/2017 10:14:35 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce7a313mshtml.dll8.0.7601.175144ce7c7f0c0000005000000000064408014cc01d 2acf195e18a28C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mshtml.dlld42318fb-18e4-11e7-8a91-001fbc0e1728
 
Error: (04/03/2017 10:14:32 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce7a313mshtml.dll8.0.7601.175144ce7c7f0c0000005000000000064408011 1401d2acf18cd979baC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mshtml.dlld25f4b5c-18e4-11e7-8a91-001fbc0e1728
 
Error: (04/03/2017 09:53:18 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
CodeIntegrity Errors:
===================================
  Date: 2017-04-12 19:16:04.312
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-04 22:14:33.553
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-04 22:08:16.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-04 21:44:55.171
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-04 21:17:08.890
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-04 21:14:24.625
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-03 22:10:44.826
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-03 22:04:23.431
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-03 21:51:35.093
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-03 19:41:55.656
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
=========================== Installed Programs ============================
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
AutoCAD 2016 - English (HKLM\...\{5783F2D7-F001-0409-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (HKLM\...\{5783F2D7-F001-0409-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 (HKLM\...\{52B37EC7-D836-0410-0464-3C24BCED2010}) (Version: 18.0.873.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 (HKLM\...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk)
Autodesk 3ds Max 2016 Populate Data (HKLM\...\{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}) (Version: 18.0.0.0 - Autodesk)
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\{AA384BE4-1700-0010-0000-97E7D7D00B17}) (Version: 17.0.416.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\Autodesk A360 Collaboration for Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk)
Autodesk BIM 360 Revit 2016 Add-in 64 bit (HKLM\...\{C5A83116-8654-47A3-A3B1-B76905C8A198}) (Version: 4.35.3969 - Autodesk)
Autodesk BIM 360 Revit 2017 Add-in 64 bit (HKLM\...\{A26EBAD5-9591-407F-9D6C-C7A4F3DFE506}) (Version: 4.37.6853 - Autodesk)
Autodesk Civil View for 3ds Max 2016 64-bit (HKLM\...\{1C4FFAF0-6DBB-4F7A-A386-46747D060826}) (Version: 18.0.0.0 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Featured Apps (2016) (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM\...\{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2016 (HKLM-x32\...\{FA5DF4D1-CD59-4183-B3D4-779A56498786}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk Revit 2016 (HKLM\...\Autodesk Revit 2016) (Version: 16.0.428.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Autodesk Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Revit 2017) (Version:  - )
Autodesk Revit Content Libraries 2016 (HKLM\...\Autodesk Revit Content Libraries 2016) (Version: 16.0.428.0 - Autodesk)
Autodesk Revit Content Libraries 2017 (HKLM\...\Autodesk Revit Content Libraries 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit Content Libraries 2017 (HKLM\...\Revit Content Libraries 2017) (Version:  - )
Autodesk Revit Interoperability for 3ds Max 2016 (HKLM\...\{0BB716E0-1600-0610-0000-097DC2F354DF}) (Version: 16.0.421.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2016 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2016) (Version: 16.0.421.0 - Autodesk)
Autodesk Revit MEP Imperial Content v2.0 (HKLM\...\{F2538944-3E07-4E97-B41A-FC48AB53EE9D}) (Version: 2.0 - Autodesk)
Autodesk Revit MEP Metric Content v2.0 (HKLM\...\{DEF775C7-84BF-4730-976A-FE3747F1757C}) (Version: 2.0 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.19 - Autodesk, Inc.)
Autodesk Workflows 2017 (HKLM\...\{23A13F78-5B67-441A-ABF9-48BE8B5455DB}) (Version: 15.11.13.0 - Autodesk, Inc.)
DriversCloud.com (64 bits) (HKLM\...\{B3F21810-C58E-4AE1-BFBA-8327721C9F8A}) (Version: 8.0.4.0 - Cybelsoft)
Dynamo 0.9.1 (HKLM\...\{85626FB3-CAF9-49C1-AA28-E3C75164BD6F}) (Version: 0.9.1.4062 - Autodesk)
Effects Suite 64-bit (HKLM\...\{B7765C3D-27EE-4AA8-BB54-D88285D128A0}) (Version: 10.0.2 - Red Giant Software) Hidden
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{B7765C3D-27EE-4AA8-BB54-D88285D128A0}) (Version: 10.0.2 - Red Giant Software)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.503.3 (64bit) (HKLM-x32\...\{1C05E654-FB81-4274-BF32-292E3707701D}) (Version: 5.3.3.38662 - FARO Scanner Production)
FormIt 360 Converter For Revit 2017 (HKLM\...\{637211B6-D2E9-474A-BF06-4F61F1254104}) (Version: 1.9.0.0 - Autodesk)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.65.11 - JMicron Technology Corp.)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 12.10.17.3 - Marvell)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 377.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 377.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 377.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 377.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA nView 148.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.47 - NVIDIA Corporation)
NVIDIA WMI 2.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.29.0 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F31F-4024-A289-92CF4B6FB256}) (Version: 16.0.1109.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1109.0 - Autodesk)
QGIS 2.18 2.18.0 Las (HKLM\...\QGIS 2.18) (Version:  - QGIS Development Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
Revit 2016 (HKLM\...\{7346B4A0-1600-0510-0000-705C0D862004}) (Version: 16.0.428.0 - Autodesk) Hidden
Revit 2017 (HKLM\...\{7346B4A0-1700-0510-0000-705C0D862004}) (Version: 17.0.416.0 - Autodesk) Hidden
Revit Content Libraries 2016 (HKLM\...\{941030D0-1600-0410-0000-818BB38A95FC}) (Version: 16.0.428.0 - Autodesk) Hidden
Revit Content Libraries 2017 (HKLM\...\{941030D0-1700-0410-0000-818BB38A95FC}) (Version: 17.0.416.0 - Autodesk) Hidden
Rhinoceros 5 (64-bit) (HKLM\...\{BC439995-D96E-45FE-A918-936E3A0E4633}) (Version: 5.7.31113.14095 - Robert McNeel & Associates)
Rhinoceros 5 (HKLM-x32\...\{05309BE5-9B09-4177-A843-47A7C6F998A3}) (Version: 5.7.31113.14095 - Robert McNeel & Associates)
Rhinoceros 5 Help Media (HKLM-x32\...\{A4365004-2ADC-4787-8A20-8B8CBE4BEE1C}) (Version: 5.7.31022.19295 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (en-US) (HKLM-x32\...\{3066DE6C-0CB4-49BD-9915-3FAA02274A11}) (Version: 5.7.31113.14095 - Robert McNeel & Associates)
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
SketchUp Import (2016) (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.40 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.4 - win.rar GmbH)
 
========================= Memory info: ===================================
Percentage of memory in use: 16%
Total physical RAM: 24567.17 MB
Available physical RAM: 20483.32 MB
Total Virtual: 49132.54 MB
Available Virtual: 44748.27 MB
 
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:232.79 GB) (Free:111.77 GB) NTFS
2 Drive d: (Steve) (Fixed) (Total:1863.01 GB) (Free:979.85 GB) NTFS
4 Drive f: (Backup) (Fixed) (Total:465.76 GB) (Free:200.08 GB) NTFS
 
========================= Users: ========================================
User accounts for \\PANTAZIS_001
 
Administrator            Guest                    Steven Pantazis          
 
 
**** End of log ****
 

 

http://speccy.piriform.com/results/lpZrnRetPW4QJkC52q04Zq6


Edited by hamluis, 13 April 2017 - 09:41 AM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:04 PM

Posted 13 April 2017 - 10:18 AM

The errors reflected in Event Viewer point to 2 items:  IE 8 installation and Comodo Internet Security Essentials.  IE 8 is outdated/unsupported and should be immediately replaced with IE 11 (the only currently supported version of IE).  I see no apparent trace of Comodo, other than the errors provided.  System also reflects errors pertaining to Malwarebytes Anti-Exploit driver...but no apparent install of Malwarebytes.

 

Process ID: 1052    User: SYSTEM    Domain: NT AUTHORITY     Path: C:\Windows\system32\svchost.exe
Memory Usage: 1.73 GB    Peak Memory Usage: 2.78 GB
 
The above svchost.exe process reflects excessive memory usage, with peak memory usage about 9 times what I would expect for a valid process.  I suggest investigating this process.  You can use the following guidance for that:  How to determine what services are running under a SVCHOST.EXE process - http://www.bleepingcomputer.com/tutorials/tutorial129.html .
 
Louis


#5 spants

spants
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 13 April 2017 - 10:28 PM

I installed explorer 11 and upon reboot saw the Windows update do not turn off computer message prior to shutdown. Before Windows would start again the message read "failed windows update rolling back something-something". Explorer 8 is still installed, no sign of 11.

 

I followed the SVchost instructions and did not see anything out of the ordinary associated with any of the entries. To be honest I'm not sure I would recognize it if there was.

 

Steve



#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:04 PM

Posted 14 April 2017 - 09:39 AM

Any process that routinely appears to use more than 300MB RAM...is out of the ordinary.

 

Louis



#7 spants

spants
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 14 April 2017 - 08:03 PM

There is a process, taskeng.exe using 2.9GB.

Did not show up in safe mode.

It won't let me kill the process.

Steve



#8 hamluis

hamluis

    Moderator


  • Moderator
  • 56,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:04 PM

Posted 15 April 2017 - 10:35 AM

From what I see, that could be malware.

 

Topic moved from Internal Hardware to Am I Infected for a malware check.

 

Louis


Edited by hamluis, 15 April 2017 - 10:35 AM.


#9 spants

spants
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 25 April 2017 - 02:49 PM

Louis,

I understand you have moved my topic. I have not received a response in 10 days. Is there something more I should do to receive a response?

Steve



#10 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:04 PM

Posted 23 May 2017 - 01:02 AM

Hello Steve,

 

Sorry about the excessive delay.  I'm working on finding someone to assist you.

 

~ Orange Blossom :cherry:


Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#11 spants

spants
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 23 May 2017 - 11:24 AM

Thanks I'll keep waiting.

Steve



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:04 PM

Posted 23 May 2017 - 04:18 PM

Please scan,,,,,

]
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 spants

spants
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 26 May 2017 - 06:49 AM

MiniToolBox

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Steven Pantazis (administrator) on 25-05-2017 at 19:54:42
Running from "C:\Users\Steven Pantazis\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: To Be Filled By O.E.M. Manufacturer: To Be Filled By O.E.M.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================
 
Marvell Yukon 88E8057 Family PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected)
Marvell Yukon 88E8057 Family PCI-E Gigabit Ethernet Controller = Local Area Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : pantazis_001
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : cable.rcn.com
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Marvell Yukon 88E8057 Family PCI-E Gigabit Ethernet Controller #2
   Physical Address. . . . . . . . . : 00-1F-BC-0E-17-28
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : cable.rcn.com
   Description . . . . . . . . . . . : Marvell Yukon 88E8057 Family PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 00-1F-BC-0E-17-27
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a050:a4e5:bfcb:d903%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.187(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, May 25, 2017 7:49:08 PM
   Lease Expires . . . . . . . . . . : Friday, May 26, 2017 7:49:08 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234889148
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-3C-65-5B-00-1F-BC-0E-17-27
   DNS Servers . . . . . . . . . . . : 8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled
   Connection-specific DNS Suffix Search List :
                                       cable.rcn.com
 
Tunnel adapter isatap.{5D18BF56-45CE-45D1-94A4-83009C644B63}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.cable.rcn.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : cable.rcn.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    google.com
Addresses:  2607:f8b0:4009:80b::200e
 172.217.8.206
 172.217.8.206
 172.217.8.206
 
 
Pinging google.com [216.58.216.110] with 32 bytes of data:
Reply from 216.58.216.110: bytes=32 time=9ms TTL=54
Reply from 216.58.216.110: bytes=32 time=9ms TTL=54
 
Ping statistics for 216.58.216.110:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 9ms, Average = 9ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=40ms TTL=51
Reply from 98.139.183.24: bytes=32 time=48ms TTL=51
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 40ms, Maximum = 48ms, Average = 44ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...00 1f bc 0e 17 28 ......Marvell Yukon 88E8057 Family PCI-E Gigabit Ethernet Controller #2
 11...00 1f bc 0e 17 27 ......Marvell Yukon 88E8057 Family PCI-E Gigabit Ethernet Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.187     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.187    266
    192.168.1.187  255.255.255.255         On-link     192.168.1.187    266
    192.168.1.255  255.255.255.255         On-link     192.168.1.187    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.187    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.187    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    266 fe80::/64                On-link
 11    266 fe80::a050:a4e5:bfcb:d903/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/07/2017 02:31:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/02/2017 09:22:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/16/2017 07:49:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: nvcplui.exe, version: 8.1.1050.0, time stamp: 0x58cc2c9e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x0000000000570ec0
Faulting process id: 0x12ec
Faulting application start time: 0xnvcplui.exe0
Faulting application path: nvcplui.exe1
Faulting module path: nvcplui.exe2
Report Id: nvcplui.exe3
 
Error: (04/16/2017 07:49:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: nvcplui.exe, version: 8.1.1050.0, time stamp: 0x58cc2c9e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000570ec0
Faulting process id: 0x12ec
Faulting application start time: 0xnvcplui.exe0
Faulting application path: nvcplui.exe1
Faulting module path: nvcplui.exe2
Report Id: nvcplui.exe3
 
Error: (04/16/2017 07:28:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/14/2017 08:02:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/14/2017 07:49:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/14/2017 07:45:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/13/2017 10:24:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/13/2017 10:20:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (05/07/2017 02:29:53 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ESProtectionDriver
 
Error: (05/07/2017 02:28:56 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.241.541.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.9.0218.00
 
Source Path: 4.9.0218.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (05/02/2017 09:20:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ESProtectionDriver
 
Error: (05/02/2017 09:19:14 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.241.541.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.9.0218.00
 
Source Path: 4.9.0218.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (04/16/2017 07:27:04 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ESProtectionDriver
 
Error: (04/15/2017 08:00:54 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (04/15/2017 08:00:54 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (04/15/2017 08:00:54 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (04/15/2017 08:00:54 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (04/15/2017 08:00:54 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
 
Microsoft Office Sessions:
=========================
Error: (05/07/2017 02:31:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/02/2017 09:22:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/16/2017 07:49:36 PM) (Source: Application Error)(User: )
Description: nvcplui.exe8.1.1050.058cc2c9eunknown0.0.0.000000000c000041d0000000000570ec012ec01d2b7125bc73966C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exeunknownba1740ec-2307-11e7-a8a8-001fbc0e1728
 
Error: (04/16/2017 07:49:12 PM) (Source: Application Error)(User: )
Description: nvcplui.exe8.1.1050.058cc2c9eunknown0.0.0.000000000c00000050000000000570ec012ec01d2b7125bc73966C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exeunknownac3ad710-2307-11e7-a8a8-001fbc0e1728
 
Error: (04/16/2017 07:28:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/14/2017 08:02:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/14/2017 07:49:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/14/2017 07:45:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/13/2017 10:24:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/13/2017 10:20:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2017-05-08 21:40:55.035
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-08 21:05:42.414
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-07 15:16:35.481
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-07 14:29:51.281
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-07 14:28:19.561
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-02 21:59:06.966
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-02 21:20:34.328
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-22 14:03:15.630
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-20 22:17:21.427
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-19 21:21:32.926
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
AutoCAD 2016 - English (HKLM\...\{5783F2D7-F001-0409-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (HKLM\...\{5783F2D7-F001-0409-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 (HKLM\...\{52B37EC7-D836-0410-0464-3C24BCED2010}) (Version: 18.0.873.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 (HKLM\...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk)
Autodesk 3ds Max 2016 Populate Data (HKLM\...\{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}) (Version: 18.0.0.0 - Autodesk)
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\{AA384BE4-1700-0010-0000-97E7D7D00B17}) (Version: 17.0.416.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\Autodesk A360 Collaboration for Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk)
Autodesk BIM 360 Revit 2016 Add-in 64 bit (HKLM\...\{C5A83116-8654-47A3-A3B1-B76905C8A198}) (Version: 4.35.3969 - Autodesk)
Autodesk BIM 360 Revit 2017 Add-in 64 bit (HKLM\...\{A26EBAD5-9591-407F-9D6C-C7A4F3DFE506}) (Version: 4.37.6853 - Autodesk)
Autodesk Civil View for 3ds Max 2016 64-bit (HKLM\...\{1C4FFAF0-6DBB-4F7A-A386-46747D060826}) (Version: 18.0.0.0 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Featured Apps (2016) (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM\...\{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2016 (HKLM-x32\...\{FA5DF4D1-CD59-4183-B3D4-779A56498786}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk Revit 2016 (HKLM\...\Autodesk Revit 2016) (Version: 16.0.428.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Autodesk Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Revit 2017) (Version:  - )
Autodesk Revit Content Libraries 2016 (HKLM\...\Autodesk Revit Content Libraries 2016) (Version: 16.0.428.0 - Autodesk)
Autodesk Revit Content Libraries 2017 (HKLM\...\Autodesk Revit Content Libraries 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit Content Libraries 2017 (HKLM\...\Revit Content Libraries 2017) (Version:  - )
Autodesk Revit Interoperability for 3ds Max 2016 (HKLM\...\{0BB716E0-1600-0610-0000-097DC2F354DF}) (Version: 16.0.421.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2016 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2016) (Version: 16.0.421.0 - Autodesk)
Autodesk Revit MEP Imperial Content v2.0 (HKLM\...\{F2538944-3E07-4E97-B41A-FC48AB53EE9D}) (Version: 2.0 - Autodesk)
Autodesk Revit MEP Metric Content v2.0 (HKLM\...\{DEF775C7-84BF-4730-976A-FE3747F1757C}) (Version: 2.0 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.19 - Autodesk, Inc.)
Autodesk Workflows 2017 (HKLM\...\{23A13F78-5B67-441A-ABF9-48BE8B5455DB}) (Version: 15.11.13.0 - Autodesk, Inc.)
DriversCloud.com (64 bits) (HKLM\...\{B3F21810-C58E-4AE1-BFBA-8327721C9F8A}) (Version: 8.0.4.0 - Cybelsoft)
Dynamo 0.9.1 (HKLM\...\{85626FB3-CAF9-49C1-AA28-E3C75164BD6F}) (Version: 0.9.1.4062 - Autodesk)
Effects Suite 64-bit (HKLM\...\{B7765C3D-27EE-4AA8-BB54-D88285D128A0}) (Version: 10.0.2 - Red Giant Software) Hidden
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{B7765C3D-27EE-4AA8-BB54-D88285D128A0}) (Version: 10.0.2 - Red Giant Software)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.503.3 (64bit) (HKLM-x32\...\{1C05E654-FB81-4274-BF32-292E3707701D}) (Version: 5.3.3.38662 - FARO Scanner Production)
FormIt 360 Converter For Revit 2017 (HKLM\...\{637211B6-D2E9-474A-BF06-4F61F1254104}) (Version: 1.9.0.0 - Autodesk)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.65.11 - JMicron Technology Corp.)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 12.10.17.3 - Marvell)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 377.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 377.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 377.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 377.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA nView 148.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.47 - NVIDIA Corporation)
NVIDIA WMI 2.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.29.0 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F31F-4024-A289-92CF4B6FB256}) (Version: 16.0.1109.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1109.0 - Autodesk)
QGIS 2.18 2.18.0 Las (HKLM\...\QGIS 2.18) (Version:  - QGIS Development Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
Revit 2016 (HKLM\...\{7346B4A0-1600-0510-0000-705C0D862004}) (Version: 16.0.428.0 - Autodesk) Hidden
Revit 2017 (HKLM\...\{7346B4A0-1700-0510-0000-705C0D862004}) (Version: 17.0.416.0 - Autodesk) Hidden
Revit Content Libraries 2016 (HKLM\...\{941030D0-1600-0410-0000-818BB38A95FC}) (Version: 16.0.428.0 - Autodesk) Hidden
Revit Content Libraries 2017 (HKLM\...\{941030D0-1700-0410-0000-818BB38A95FC}) (Version: 17.0.416.0 - Autodesk) Hidden
Rhinoceros 5 (64-bit) (HKLM\...\{BC439995-D96E-45FE-A918-936E3A0E4633}) (Version: 5.7.31113.14095 - Robert McNeel & Associates)
Rhinoceros 5 (HKLM-x32\...\{05309BE5-9B09-4177-A843-47A7C6F998A3}) (Version: 5.7.31113.14095 - Robert McNeel & Associates)
Rhinoceros 5 Help Media (HKLM-x32\...\{A4365004-2ADC-4787-8A20-8B8CBE4BEE1C}) (Version: 5.7.31022.19295 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (en-US) (HKLM-x32\...\{3066DE6C-0CB4-49BD-9915-3FAA02274A11}) (Version: 5.7.31113.14095 - Robert McNeel & Associates)
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
SketchUp Import (2016) (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinHTTrack Website Copier 3.49-1 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.1 - HTTrack)
WinRAR 5.40 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.4 - win.rar GmbH)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 12%
Total physical RAM: 24567.17 MB
Available physical RAM: 21594.83 MB
Total Virtual: 49132.54 MB
Available Virtual: 41417.61 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:232.79 GB) (Free:120.1 GB) NTFS
2 Drive d: (Steve) (Fixed) (Total:1863.01 GB) (Free:979.79 GB) NTFS
4 Drive f: (Backup) (Fixed) (Total:465.76 GB) (Free:200.08 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\PANTAZIS_001
 
Administrator            Guest                    Steven Pantazis          
 
 
**** End of log ****
 
TDSSKiller
19:55:17.0692 0x0c6c  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
19:55:24.0134 0x0c6c  ============================================================
19:55:24.0134 0x0c6c  Current date / time: 2017/05/25 19:55:24.0134
19:55:24.0134 0x0c6c  SystemInfo:
19:55:24.0134 0x0c6c  
19:55:24.0134 0x0c6c  OS Version: 6.1.7601 ServicePack: 1.0
19:55:24.0134 0x0c6c  Product type: Workstation
19:55:24.0134 0x0c6c  ComputerName: PANTAZIS_001
19:55:24.0134 0x0c6c  UserName: Steven Pantazis
19:55:24.0134 0x0c6c  Windows directory: C:\Windows
19:55:24.0134 0x0c6c  System windows directory: C:\Windows
19:55:24.0134 0x0c6c  Running under WOW64
19:55:24.0134 0x0c6c  Processor architecture: Intel x64
19:55:24.0134 0x0c6c  Number of processors: 12
19:55:24.0134 0x0c6c  Page size: 0x1000
19:55:24.0134 0x0c6c  Boot type: Normal boot
19:55:24.0135 0x0c6c  CodeIntegrityOptions = 0x00000001
19:55:24.0135 0x0c6c  ============================================================
19:55:24.0225 0x0c6c  KLMD registered as C:\Windows\system32\drivers\40378554.sys
19:55:24.0225 0x0c6c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.17514, osProperties = 0x1
19:55:25.0020 0x0c6c  System UUID: {91016D9A-C259-8DE7-A860-712943AE8CEC}
19:55:25.0750 0x0c6c  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:55:25.0758 0x0c6c  Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:55:25.0766 0x0c6c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xEC93D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
19:55:25.0770 0x0c6c  ============================================================
19:55:25.0770 0x0c6c  \Device\Harddisk1\DR1:
19:55:25.0770 0x0c6c  MBR partitions:
19:55:25.0770 0x0c6c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
19:55:25.0770 0x0c6c  \Device\Harddisk2\DR2:
19:55:25.0770 0x0c6c  MBR partitions:
19:55:25.0770 0x0c6c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:55:25.0771 0x0c6c  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
19:55:25.0771 0x0c6c  \Device\Harddisk0\DR0:
19:55:25.0771 0x0c6c  MBR partitions:
19:55:25.0771 0x0c6c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
19:55:25.0771 0x0c6c  ============================================================
19:55:25.0772 0x0c6c  C: <-> \Device\Harddisk2\DR2\Partition2
19:55:25.0784 0x0c6c  F: <-> \Device\Harddisk0\DR0\Partition1
19:55:25.0832 0x0c6c  D: <-> \Device\Harddisk1\DR1\Partition1
19:55:25.0832 0x0c6c  ============================================================
19:55:25.0832 0x0c6c  Initialize success
19:55:25.0832 0x0c6c  ============================================================
19:56:01.0501 0x2894  ============================================================
19:56:01.0501 0x2894  Scan started
19:56:01.0501 0x2894  Mode: Manual; 
19:56:01.0501 0x2894  ============================================================
19:56:01.0501 0x2894  KSN ping started
19:56:04.0466 0x2894  KSN ping finished: true
19:56:05.0133 0x2894  ================ Scan system memory ========================
19:56:05.0133 0x2894  System memory - ok
19:56:05.0133 0x2894  ================ Scan services =============================
19:56:05.0161 0x2894  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:56:05.0166 0x2894  1394ohci - ok
19:56:05.0185 0x2894  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:56:05.0192 0x2894  ACPI - ok
19:56:05.0195 0x2894  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:56:05.0196 0x2894  AcpiPmi - ok
19:56:05.0201 0x2894  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:56:05.0203 0x2894  AdobeARMservice - ok
19:56:05.0222 0x2894  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:05.0228 0x2894  AdobeFlashPlayerUpdateSvc - ok
19:56:05.0241 0x2894  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:56:05.0251 0x2894  adp94xx - ok
19:56:05.0261 0x2894  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:56:05.0268 0x2894  adpahci - ok
19:56:05.0275 0x2894  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:56:05.0279 0x2894  adpu320 - ok
19:56:05.0284 0x2894  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:56:05.0286 0x2894  AeLookupSvc - ok
19:56:05.0298 0x2894  [ D31DC7A16DEA4A9BAF179F3D6FBDB38C, 532678D86E3E667F2E789C4873565E0B92C549A93F10802BB6D5B505CA3238CE ] AFD             C:\Windows\system32\drivers\afd.sys
19:56:05.0308 0x2894  AFD - ok
19:56:05.0313 0x2894  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:56:05.0314 0x2894  agp440 - ok
19:56:05.0364 0x2894  [ 021D06851E7AFF5C314039DF813608F3, 081B14840F4AD428B4407AA2E639369A45D174D9507BD107F33FE3A94FB8F8EC ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
19:56:05.0409 0x2894  AGSService - ok
19:56:05.0416 0x2894  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:56:05.0417 0x2894  ALG - ok
19:56:05.0419 0x2894  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:56:05.0420 0x2894  aliide - ok
19:56:05.0423 0x2894  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:56:05.0424 0x2894  amdide - ok
19:56:05.0427 0x2894  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:56:05.0429 0x2894  AmdK8 - ok
19:56:05.0433 0x2894  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:56:05.0434 0x2894  AmdPPM - ok
19:56:05.0439 0x2894  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:56:05.0442 0x2894  amdsata - ok
19:56:05.0448 0x2894  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:56:05.0453 0x2894  amdsbs - ok
19:56:05.0456 0x2894  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:56:05.0457 0x2894  amdxata - ok
19:56:05.0459 0x2894  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:56:05.0461 0x2894  AppID - ok
19:56:05.0464 0x2894  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:56:05.0465 0x2894  AppIDSvc - ok
19:56:05.0469 0x2894  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
19:56:05.0471 0x2894  Appinfo - ok
19:56:05.0477 0x2894  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:56:05.0482 0x2894  AppMgmt - ok
19:56:05.0486 0x2894  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:56:05.0489 0x2894  arc - ok
19:56:05.0493 0x2894  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:56:05.0495 0x2894  arcsas - ok
19:56:05.0507 0x2894  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:56:05.0523 0x2894  aspnet_state - ok
19:56:05.0526 0x2894  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:05.0527 0x2894  AsyncMac - ok
19:56:05.0530 0x2894  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:56:05.0531 0x2894  atapi - ok
19:56:05.0547 0x2894  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:05.0562 0x2894  AudioEndpointBuilder - ok
19:56:05.0580 0x2894  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:56:05.0591 0x2894  AudioSrv - ok
19:56:05.0597 0x2894  [ B52F9B2C63DF84B58E59016FE25648C0, 1FDBB382A288732216A45E773559AFFC241EA47D192BDFB34AA695C2122F5E4C ] Autodesk Content Service C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
19:56:05.0599 0x2894  Autodesk Content Service - ok
19:56:05.0604 0x2894  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:56:05.0606 0x2894  AxInstSV - ok
19:56:05.0619 0x2894  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:56:05.0629 0x2894  b06bdrv - ok
19:56:05.0637 0x2894  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:56:05.0643 0x2894  b57nd60a - ok
19:56:05.0649 0x2894  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:56:05.0652 0x2894  BDESVC - ok
19:56:05.0655 0x2894  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:56:05.0655 0x2894  Beep - ok
19:56:05.0672 0x2894  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:56:05.0688 0x2894  BFE - ok
19:56:05.0709 0x2894  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
19:56:05.0729 0x2894  BITS - ok
19:56:05.0732 0x2894  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:56:05.0734 0x2894  blbdrive - ok
19:56:05.0738 0x2894  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:56:05.0741 0x2894  bowser - ok
19:56:05.0744 0x2894  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:56:05.0745 0x2894  BrFiltLo - ok
19:56:05.0747 0x2894  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:56:05.0748 0x2894  BrFiltUp - ok
19:56:05.0752 0x2894  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
19:56:05.0754 0x2894  BridgeMP - ok
19:56:05.0759 0x2894  [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser         C:\Windows\System32\browser.dll
19:56:05.0763 0x2894  Browser - ok
19:56:05.0772 0x2894  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:56:05.0778 0x2894  Brserid - ok
19:56:05.0782 0x2894  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:56:05.0783 0x2894  BrSerWdm - ok
19:56:05.0786 0x2894  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:56:05.0787 0x2894  BrUsbMdm - ok
19:56:05.0789 0x2894  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:56:05.0790 0x2894  BrUsbSer - ok
19:56:05.0793 0x2894  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:56:05.0795 0x2894  BTHMODEM - ok
19:56:05.0800 0x2894  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:56:05.0803 0x2894  bthserv - ok
19:56:05.0804 0x2894  catchme - ok
19:56:05.0809 0x2894  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:56:05.0812 0x2894  cdfs - ok
19:56:05.0817 0x2894  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:56:05.0821 0x2894  cdrom - ok
19:56:05.0825 0x2894  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:56:05.0827 0x2894  CertPropSvc - ok
19:56:05.0831 0x2894  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:56:05.0832 0x2894  circlass - ok
19:56:05.0842 0x2894  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:56:05.0850 0x2894  CLFS - ok
19:56:05.0855 0x2894  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:05.0857 0x2894  clr_optimization_v2.0.50727_32 - ok
19:56:05.0862 0x2894  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:56:05.0864 0x2894  clr_optimization_v2.0.50727_64 - ok
19:56:05.0872 0x2894  [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:05.0889 0x2894  clr_optimization_v4.0.30319_32 - ok
19:56:05.0894 0x2894  [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:56:05.0910 0x2894  clr_optimization_v4.0.30319_64 - ok
19:56:05.0914 0x2894  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:56:05.0914 0x2894  CmBatt - ok
19:56:05.0916 0x2894  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:56:05.0917 0x2894  cmdide - ok
19:56:05.0930 0x2894  [ D5FEA92400F12412B3922087C09DA6A5, C8CD9215D26D3295FE487C96A4FC3F4C8AFED764AE9445D9858D7489823A8A2B ] CNG             C:\Windows\system32\Drivers\cng.sys
19:56:05.0940 0x2894  CNG - ok
19:56:05.0943 0x2894  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:56:05.0944 0x2894  Compbatt - ok
19:56:05.0947 0x2894  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:56:05.0949 0x2894  CompositeBus - ok
19:56:05.0951 0x2894  COMSysApp - ok
19:56:05.0955 0x2894  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:56:05.0956 0x2894  crcdisk - ok
19:56:05.0962 0x2894  [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:56:05.0966 0x2894  CryptSvc - ok
19:56:05.0980 0x2894  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
19:56:05.0991 0x2894  CSC - ok
19:56:06.0008 0x2894  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
19:56:06.0024 0x2894  CscService - ok
19:56:06.0039 0x2894  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:56:06.0050 0x2894  DcomLaunch - ok
19:56:06.0060 0x2894  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:56:06.0066 0x2894  defragsvc - ok
19:56:06.0071 0x2894  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:56:06.0074 0x2894  DfsC - ok
19:56:06.0083 0x2894  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:56:06.0090 0x2894  Dhcp - ok
19:56:06.0093 0x2894  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:56:06.0094 0x2894  discache - ok
19:56:06.0098 0x2894  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:56:06.0100 0x2894  Disk - ok
19:56:06.0103 0x2894  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
19:56:06.0106 0x2894  dmvsc - ok
19:56:06.0112 0x2894  [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:56:06.0117 0x2894  Dnscache - ok
19:56:06.0125 0x2894  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:56:06.0130 0x2894  dot3svc - ok
19:56:06.0136 0x2894  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:56:06.0140 0x2894  DPS - ok
19:56:06.0142 0x2894  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:56:06.0143 0x2894  drmkaud - ok
19:56:06.0166 0x2894  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:56:06.0186 0x2894  DXGKrnl - ok
19:56:06.0192 0x2894  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:56:06.0195 0x2894  EapHost - ok
19:56:06.0265 0x2894  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:56:06.0333 0x2894  ebdrv - ok
19:56:06.0338 0x2894  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
19:56:06.0340 0x2894  EFS - ok
19:56:06.0358 0x2894  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:56:06.0374 0x2894  ehRecvr - ok
19:56:06.0378 0x2894  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:56:06.0381 0x2894  ehSched - ok
19:56:06.0395 0x2894  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:56:06.0407 0x2894  elxstor - ok
19:56:06.0410 0x2894  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:56:06.0410 0x2894  ErrDev - ok
19:56:06.0414 0x2894  ESProtectionDriver - ok
19:56:06.0426 0x2894  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:56:06.0435 0x2894  EventSystem - ok
19:56:06.0442 0x2894  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:56:06.0447 0x2894  exfat - ok
19:56:06.0453 0x2894  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:56:06.0458 0x2894  fastfat - ok
19:56:06.0475 0x2894  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:56:06.0490 0x2894  Fax - ok
19:56:06.0494 0x2894  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:56:06.0495 0x2894  fdc - ok
19:56:06.0498 0x2894  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:56:06.0499 0x2894  fdPHost - ok
19:56:06.0501 0x2894  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:56:06.0502 0x2894  FDResPub - ok
19:56:06.0506 0x2894  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:56:06.0508 0x2894  FileInfo - ok
19:56:06.0511 0x2894  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:56:06.0512 0x2894  Filetrace - ok
19:56:06.0548 0x2894  [ 1B04D931B3EFA5FE67FA7D8510722222, 3D55A122A19F7D92782D0588F42F7B7CA33DB56B1F987BCA1E338F7F945E03F1 ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
19:56:06.0580 0x2894  FlexNet Licensing Service 64 - ok
19:56:06.0584 0x2894  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:56:06.0585 0x2894  flpydisk - ok
19:56:06.0594 0x2894  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:56:06.0600 0x2894  FltMgr - ok
19:56:06.0627 0x2894  [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache       C:\Windows\system32\FntCache.dll
19:56:06.0652 0x2894  FontCache - ok
19:56:06.0656 0x2894  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:06.0658 0x2894  FontCache3.0.0.0 - ok
19:56:06.0661 0x2894  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:56:06.0663 0x2894  FsDepends - ok
19:56:06.0666 0x2894  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:56:06.0666 0x2894  Fs_Rec - ok
19:56:06.0673 0x2894  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:56:06.0678 0x2894  fvevol - ok
19:56:06.0682 0x2894  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:56:06.0683 0x2894  gagp30kx - ok
19:56:06.0703 0x2894  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:56:06.0719 0x2894  gpsvc - ok
19:56:06.0726 0x2894  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:06.0730 0x2894  gupdate - ok
19:56:06.0735 0x2894  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:06.0738 0x2894  gupdatem - ok
19:56:06.0741 0x2894  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:56:06.0743 0x2894  hcw85cir - ok
19:56:06.0752 0x2894  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:06.0760 0x2894  HdAudAddService - ok
19:56:06.0765 0x2894  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:06.0767 0x2894  HDAudBus - ok
19:56:06.0770 0x2894  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:56:06.0772 0x2894  HidBatt - ok
19:56:06.0788 0x2894  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:56:06.0790 0x2894  HidBth - ok
19:56:06.0793 0x2894  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:56:06.0794 0x2894  HidIr - ok
19:56:06.0797 0x2894  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
19:56:06.0799 0x2894  hidserv - ok
19:56:06.0802 0x2894  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:56:06.0803 0x2894  HidUsb - ok
19:56:06.0807 0x2894  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:56:06.0810 0x2894  hkmsvc - ok
19:56:06.0817 0x2894  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:56:06.0823 0x2894  HomeGroupListener - ok
19:56:06.0830 0x2894  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:56:06.0834 0x2894  HomeGroupProvider - ok
19:56:06.0838 0x2894  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:56:06.0841 0x2894  HpSAMD - ok
19:56:06.0859 0x2894  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:56:06.0875 0x2894  HTTP - ok
19:56:06.0877 0x2894  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:56:06.0878 0x2894  hwpolicy - ok
19:56:06.0882 0x2894  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:56:06.0885 0x2894  i8042prt - ok
19:56:06.0896 0x2894  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:56:06.0905 0x2894  iaStorV - ok
19:56:06.0925 0x2894  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:06.0943 0x2894  idsvc - ok
19:56:06.0948 0x2894  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:56:06.0949 0x2894  iirsp - ok
19:56:06.0969 0x2894  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:56:06.0988 0x2894  IKEEXT - ok
19:56:07.0085 0x2894  [ 3A2D6740F51BE48C0FD01AD907329DEE, 4FD899CD6E3B3D5C9803E52CB72F002B6CFC144D524FAF6845CF6D115EC6E059 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:56:07.0176 0x2894  IntcAzAudAddService - ok
19:56:07.0183 0x2894  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:56:07.0184 0x2894  intelide - ok
19:56:07.0188 0x2894  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:56:07.0189 0x2894  intelppm - ok
19:56:07.0194 0x2894  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:56:07.0197 0x2894  IPBusEnum - ok
19:56:07.0201 0x2894  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:07.0203 0x2894  IpFilterDriver - ok
19:56:07.0217 0x2894  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:56:07.0230 0x2894  iphlpsvc - ok
19:56:07.0234 0x2894  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:56:07.0236 0x2894  IPMIDRV - ok
19:56:07.0241 0x2894  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:56:07.0244 0x2894  IPNAT - ok
19:56:07.0247 0x2894  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:56:07.0248 0x2894  IRENUM - ok
19:56:07.0250 0x2894  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:56:07.0250 0x2894  isapnp - ok
19:56:07.0259 0x2894  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:56:07.0265 0x2894  iScsiPrt - ok
19:56:07.0269 0x2894  [ CE12F71EDDF5AFBEE60A9FE9130B5527, D0EFA54142AE5662254140896CF24165867918DA729B3BF03D3BEF8FBE3C41D2 ] isedrv          C:\Windows\system32\drivers\isedrv.sys
19:56:07.0270 0x2894  isedrv - ok
19:56:07.0275 0x2894  [ 23A70C99813D554337500396188B9A07, 38AC132EB64948CC9544293349BACC9C32D592F41FB446D57B5C519FF1CE9A11 ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
19:56:07.0278 0x2894  JRAID - ok
19:56:07.0282 0x2894  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:07.0283 0x2894  kbdclass - ok
19:56:07.0286 0x2894  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:56:07.0287 0x2894  kbdhid - ok
19:56:07.0290 0x2894  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
19:56:07.0291 0x2894  KeyIso - ok
19:56:07.0295 0x2894  [ CCD53B5BD33CE0C889E830D839C8B66E, 51B7556DA7DAA0BC75E00E53099776016A55FAA115D5A4E6830E12A0A0869C10 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:56:07.0298 0x2894  KSecDD - ok
19:56:07.0303 0x2894  [ 9FF918A261752C12639E8AD4208D2C2F, B60F7A730C92F2BF7E85A6CA14DD7671AEECEE154CEC83B1E23EF268C25C9E5E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:56:07.0307 0x2894  KSecPkg - ok
19:56:07.0310 0x2894  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:56:07.0311 0x2894  ksthunk - ok
19:56:07.0321 0x2894  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:56:07.0330 0x2894  KtmRm - ok
19:56:07.0337 0x2894  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
19:56:07.0343 0x2894  LanmanServer - ok
19:56:07.0348 0x2894  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:07.0353 0x2894  LanmanWorkstation - ok
19:56:07.0357 0x2894  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:56:07.0359 0x2894  lltdio - ok
19:56:07.0369 0x2894  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:56:07.0375 0x2894  lltdsvc - ok
19:56:07.0378 0x2894  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:56:07.0380 0x2894  lmhosts - ok
19:56:07.0386 0x2894  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:56:07.0389 0x2894  LSI_FC - ok
19:56:07.0393 0x2894  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:56:07.0396 0x2894  LSI_SAS - ok
19:56:07.0399 0x2894  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:56:07.0401 0x2894  LSI_SAS2 - ok
19:56:07.0406 0x2894  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:56:07.0409 0x2894  LSI_SCSI - ok
19:56:07.0414 0x2894  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:56:07.0416 0x2894  luafv - ok
19:56:07.0420 0x2894  [ DB859AD1A8F4FF8D1F3743E4709A6A15, 73F2D72C0E0A4AF136866C26E2E0F3E8B490D454EFFAEE3D2EBDAE8CFF124C42 ] McNeelUpdate    c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
19:56:07.0421 0x2894  McNeelUpdate - ok
19:56:07.0426 0x2894  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:56:07.0428 0x2894  Mcx2Svc - ok
19:56:07.0432 0x2894  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:56:07.0433 0x2894  megasas - ok
19:56:07.0441 0x2894  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:56:07.0448 0x2894  MegaSR - ok
19:56:07.0461 0x2894  [ 0AF89452A8CE3928168F4E5B2208C68B, 571F1A9F1F0B31DB5FFAE7FB7F98C16958439D6666A9F2131B0F2E496BF3D2AC ] mi-raysat_3dsmax2016_64 C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe
19:56:07.0462 0x2894  mi-raysat_3dsmax2016_64 - ok
19:56:07.0466 0x2894  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:56:07.0469 0x2894  MMCSS - ok
19:56:07.0472 0x2894  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:56:07.0473 0x2894  Modem - ok
19:56:07.0476 0x2894  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:56:07.0477 0x2894  monitor - ok
19:56:07.0480 0x2894  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:56:07.0482 0x2894  mouclass - ok
19:56:07.0485 0x2894  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:56:07.0486 0x2894  mouhid - ok
19:56:07.0490 0x2894  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:56:07.0492 0x2894  mountmgr - ok
19:56:07.0500 0x2894  [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:56:07.0507 0x2894  MpFilter - ok
19:56:07.0513 0x2894  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:56:07.0516 0x2894  mpio - ok
19:56:07.0520 0x2894  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:56:07.0523 0x2894  mpsdrv - ok
19:56:07.0542 0x2894  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:56:07.0561 0x2894  MpsSvc - ok
19:56:07.0567 0x2894  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:56:07.0571 0x2894  MRxDAV - ok
19:56:07.0577 0x2894  [ FAF015B07E3A2874A790A39B7D2C579F, C614B0E80B38EBF7C670EEB833F5E476B33042097DA07206D6C5EE3E52B9A427 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:07.0580 0x2894  mrxsmb - ok
19:56:07.0588 0x2894  [ 08E2345DF129082BCDFFDC1440F9C00D, 2ADF69F49DF8C43D4440B6C8A62085C51518CA895A88D37264C60A0B4B1EC55F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:07.0595 0x2894  mrxsmb10 - ok
19:56:07.0600 0x2894  [ 108D87409C5812EF47D81E22843E8C9D, CAE9B91B6BD1DF1552463BD63A06288F5D3E0B81B040BC1C7EC0C2A0119CCECA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:07.0603 0x2894  mrxsmb20 - ok
19:56:07.0606 0x2894  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:56:07.0607 0x2894  msahci - ok
19:56:07.0612 0x2894  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:56:07.0616 0x2894  msdsm - ok
19:56:07.0621 0x2894  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:56:07.0625 0x2894  MSDTC - ok
19:56:07.0629 0x2894  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:56:07.0631 0x2894  Msfs - ok
19:56:07.0633 0x2894  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:56:07.0634 0x2894  mshidkmdf - ok
19:56:07.0636 0x2894  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:56:07.0637 0x2894  msisadrv - ok
19:56:07.0643 0x2894  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:56:07.0647 0x2894  MSiSCSI - ok
19:56:07.0649 0x2894  msiserver - ok
19:56:07.0652 0x2894  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:56:07.0653 0x2894  MSKSSRV - ok
19:56:07.0656 0x2894  [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:56:07.0656 0x2894  MsMpSvc - ok
19:56:07.0659 0x2894  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:07.0659 0x2894  MSPCLOCK - ok
19:56:07.0662 0x2894  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:56:07.0662 0x2894  MSPQM - ok
19:56:07.0672 0x2894  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:56:07.0680 0x2894  MsRPC - ok
19:56:07.0685 0x2894  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:56:07.0686 0x2894  mssmbios - ok
19:56:07.0688 0x2894  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:56:07.0689 0x2894  MSTEE - ok
19:56:07.0691 0x2894  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:56:07.0692 0x2894  MTConfig - ok
19:56:07.0696 0x2894  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:56:07.0697 0x2894  Mup - ok
19:56:07.0700 0x2894  [ 63AC649B6140815AEE01D8C17229BF1E, 0882D73A83A1DCBC52F2820059B1831ED4DE005B0D5FBEE4C08F3D78C70C9579 ] mv91cons        C:\Windows\system32\DRIVERS\mv91cons.sys
19:56:07.0701 0x2894  mv91cons - ok
19:56:07.0713 0x2894  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:56:07.0725 0x2894  napagent - ok
19:56:07.0734 0x2894  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:56:07.0741 0x2894  NativeWifiP - ok
19:56:07.0764 0x2894  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:56:07.0784 0x2894  NDIS - ok
19:56:07.0788 0x2894  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:07.0790 0x2894  NdisCap - ok
19:56:07.0792 0x2894  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:07.0793 0x2894  NdisTapi - ok
19:56:07.0796 0x2894  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:07.0798 0x2894  Ndisuio - ok
19:56:07.0803 0x2894  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:07.0807 0x2894  NdisWan - ok
19:56:07.0811 0x2894  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:56:07.0813 0x2894  NDProxy - ok
19:56:07.0816 0x2894  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:56:07.0817 0x2894  NetBIOS - ok
19:56:07.0825 0x2894  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:56:07.0831 0x2894  NetBT - ok
19:56:07.0833 0x2894  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
19:56:07.0834 0x2894  Netlogon - ok
19:56:07.0844 0x2894  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:56:07.0853 0x2894  Netman - ok
19:56:07.0859 0x2894  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:07.0892 0x2894  NetMsmqActivator - ok
19:56:07.0898 0x2894  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:07.0900 0x2894  NetPipeActivator - ok
19:56:07.0913 0x2894  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:56:07.0923 0x2894  netprofm - ok
19:56:07.0928 0x2894  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:07.0931 0x2894  NetTcpActivator - ok
19:56:07.0936 0x2894  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:07.0939 0x2894  NetTcpPortSharing - ok
19:56:07.0942 0x2894  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:56:07.0944 0x2894  nfrd960 - ok
19:56:07.0949 0x2894  [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:56:07.0953 0x2894  NisDrv - ok
19:56:07.0962 0x2894  [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
19:56:07.0970 0x2894  NisSrv - ok
19:56:07.0979 0x2894  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:56:07.0987 0x2894  NlaSvc - ok
19:56:07.0990 0x2894  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:56:07.0992 0x2894  Npfs - ok
19:56:07.0995 0x2894  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:56:07.0996 0x2894  nsi - ok
19:56:07.0999 0x2894  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:56:08.0000 0x2894  nsiproxy - ok
19:56:08.0038 0x2894  [ 05D78AA5CB5F3F5C31160BDB955D0B7C, E3CD3FAF52ED11A8FB96D667510F1EDCA49053705AA3A13F560F8F6EC995CA45 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:56:08.0074 0x2894  Ntfs - ok
19:56:08.0078 0x2894  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:56:08.0079 0x2894  Null - ok
19:56:08.0083 0x2894  [ B01C1E6D7477961D6D1CBDCD44AF3E67, 407BD335FE7C87DFBD9EDE49BDD828263D8C8D25C8216FF04AC70320E74AE8B6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
19:56:08.0085 0x2894  nusb3hub - ok
19:56:08.0093 0x2894  [ 796BAE22DD827DB8AD7AE7C3F775E92F, D26C921679888D90EEC6FBFDF3884FF151E4C28FD3920CE7F3AB58A8EEF3845E ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:56:08.0098 0x2894  nusb3xhc - ok
19:56:08.0106 0x2894  [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
19:56:08.0110 0x2894  NVHDA - ok
19:56:08.0405 0x2894  [ BA37D8831F28825C587795DA85C91433, E4E254E986C4826A4046A68ED52DDABAB34B904B97E1B80A9B555E218896C931 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:56:08.0655 0x2894  nvlddmkm - ok
19:56:08.0673 0x2894  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:56:08.0677 0x2894  nvraid - ok
19:56:08.0683 0x2894  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:56:08.0687 0x2894  nvstor - ok
19:56:08.0776 0x2894  [ D9252D905A02A1B6BBB0DD1D6DF0A33F, 698637A76F194CF28D7F7CB0362B82EB926C3D7FE477ACCD5D7B9586F944D12B ] NVWMI           C:\Windows\system32\nvwmi64.exe
19:56:08.0850 0x2894  NVWMI - ok
19:56:08.0859 0x2894  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:56:08.0862 0x2894  nv_agp - ok
19:56:08.0866 0x2894  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:56:08.0868 0x2894  ohci1394 - ok
19:56:08.0874 0x2894  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:56:08.0877 0x2894  ose64 - ok
19:56:08.0986 0x2894  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:56:09.0090 0x2894  osppsvc - ok
19:56:09.0106 0x2894  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:56:09.0114 0x2894  p2pimsvc - ok
19:56:09.0125 0x2894  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:56:09.0136 0x2894  p2psvc - ok
19:56:09.0141 0x2894  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
19:56:09.0144 0x2894  Parport - ok
19:56:09.0146 0x2894  Partizan - ok
19:56:09.0152 0x2894  [ 871EADAC56B0A4C6512BBE32753CCF79, F9FD9DBA55274BB72B897550988DCDFD0F2D9367BE641DFDE07D240052DDC180 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:56:09.0154 0x2894  partmgr - ok
19:56:09.0161 0x2894  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:56:09.0166 0x2894  PcaSvc - ok
19:56:09.0171 0x2894  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:56:09.0176 0x2894  pci - ok
19:56:09.0178 0x2894  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:56:09.0179 0x2894  pciide - ok
19:56:09.0186 0x2894  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:56:09.0192 0x2894  pcmcia - ok
19:56:09.0195 0x2894  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:56:09.0197 0x2894  pcw - ok
19:56:09.0212 0x2894  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:56:09.0226 0x2894  PEAUTH - ok
19:56:09.0258 0x2894  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:56:09.0288 0x2894  PeerDistSvc - ok
19:56:09.0303 0x2894  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:56:09.0305 0x2894  PerfHost - ok
19:56:09.0340 0x2894  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:56:09.0371 0x2894  pla - ok
19:56:09.0383 0x2894  [ B806E50427511BCF4AD8E8239C3E25FA, AB89B48ECCF90F701B314D18BE531CDA5ABE1636C17B994A5E4BE5AAC136B4E3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:56:09.0393 0x2894  PlugPlay - ok
19:56:09.0397 0x2894  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:56:09.0398 0x2894  PNRPAutoReg - ok
19:56:09.0408 0x2894  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:56:09.0415 0x2894  PNRPsvc - ok
19:56:09.0428 0x2894  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:56:09.0440 0x2894  PolicyAgent - ok
19:56:09.0447 0x2894  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:56:09.0452 0x2894  Power - ok
19:56:09.0457 0x2894  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:56:09.0459 0x2894  PptpMiniport - ok
19:56:09.0463 0x2894  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:56:09.0464 0x2894  Processor - ok
19:56:09.0471 0x2894  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
19:56:09.0477 0x2894  ProfSvc - ok
19:56:09.0480 0x2894  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:09.0481 0x2894  ProtectedStorage - ok
19:56:09.0487 0x2894  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:56:09.0489 0x2894  Psched - ok
19:56:09.0524 0x2894  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:56:09.0555 0x2894  ql2300 - ok
19:56:09.0562 0x2894  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:56:09.0565 0x2894  ql40xx - ok
19:56:09.0573 0x2894  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:56:09.0579 0x2894  QWAVE - ok
19:56:09.0582 0x2894  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:56:09.0583 0x2894  QWAVEdrv - ok
19:56:09.0585 0x2894  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:56:09.0586 0x2894  RasAcd - ok
19:56:09.0590 0x2894  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:56:09.0592 0x2894  RasAgileVpn - ok
19:56:09.0596 0x2894  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:56:09.0600 0x2894  RasAuto - ok
19:56:09.0605 0x2894  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:09.0608 0x2894  Rasl2tp - ok
19:56:09.0618 0x2894  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:56:09.0625 0x2894  RasMan - ok
19:56:09.0630 0x2894  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:09.0632 0x2894  RasPppoe - ok
19:56:09.0636 0x2894  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:56:09.0638 0x2894  RasSstp - ok
19:56:09.0648 0x2894  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:56:09.0655 0x2894  rdbss - ok
19:56:09.0659 0x2894  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:56:09.0660 0x2894  rdpbus - ok
19:56:09.0663 0x2894  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:09.0663 0x2894  RDPCDD - ok
19:56:09.0670 0x2894  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:56:09.0674 0x2894  RDPDR - ok
19:56:09.0677 0x2894  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:56:09.0678 0x2894  RDPENCDD - ok
19:56:09.0682 0x2894  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:56:09.0682 0x2894  RDPREFMP - ok
19:56:09.0689 0x2894  [ 15B66C206B5CB095BAB980553F38ED23, 3CA50786A8D3D6BAF145AFD22C1ED92C2EB39F5D6AF4F6B09B69610FDE0C5B24 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:56:09.0694 0x2894  RDPWD - ok
19:56:09.0701 0x2894  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:56:09.0706 0x2894  rdyboost - ok
19:56:09.0710 0x2894  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:56:09.0713 0x2894  RemoteAccess - ok
19:56:09.0719 0x2894  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:56:09.0724 0x2894  RemoteRegistry - ok
19:56:09.0728 0x2894  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:56:09.0731 0x2894  RpcEptMapper - ok
19:56:09.0733 0x2894  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:56:09.0734 0x2894  RpcLocator - ok
19:56:09.0748 0x2894  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:56:09.0758 0x2894  RpcSs - ok
19:56:09.0763 0x2894  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:56:09.0765 0x2894  rspndr - ok
19:56:09.0768 0x2894  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:56:09.0769 0x2894  s3cap - ok
19:56:09.0772 0x2894  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
19:56:09.0774 0x2894  SamSs - ok
19:56:09.0778 0x2894  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:56:09.0781 0x2894  sbp2port - ok
19:56:09.0788 0x2894  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:56:09.0792 0x2894  SCardSvr - ok
19:56:09.0796 0x2894  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:56:09.0797 0x2894  scfilter - ok
19:56:09.0823 0x2894  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:56:09.0847 0x2894  Schedule - ok
19:56:09.0854 0x2894  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:56:09.0855 0x2894  SCPolicySvc - ok
19:56:09.0862 0x2894  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:56:09.0867 0x2894  SDRSVC - ok
19:56:09.0870 0x2894  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:56:09.0871 0x2894  secdrv - ok
19:56:09.0874 0x2894  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:56:09.0875 0x2894  seclogon - ok
19:56:09.0879 0x2894  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
19:56:09.0881 0x2894  SENS - ok
19:56:09.0885 0x2894  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:56:09.0887 0x2894  SensrSvc - ok
19:56:09.0890 0x2894  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:56:09.0892 0x2894  Serenum - ok
19:56:09.0896 0x2894  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
19:56:09.0898 0x2894  Serial - ok
19:56:09.0901 0x2894  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:56:09.0903 0x2894  sermouse - ok
19:56:09.0911 0x2894  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:56:09.0915 0x2894  SessionEnv - ok
19:56:09.0917 0x2894  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:56:09.0918 0x2894  sffdisk - ok
19:56:09.0921 0x2894  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:56:09.0922 0x2894  sffp_mmc - ok
19:56:09.0924 0x2894  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:56:09.0925 0x2894  sffp_sd - ok
19:56:09.0928 0x2894  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:56:09.0929 0x2894  sfloppy - ok
19:56:09.0939 0x2894  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:56:09.0948 0x2894  SharedAccess - ok
19:56:09.0958 0x2894  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:09.0967 0x2894  ShellHWDetection - ok
19:56:09.0971 0x2894  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:56:09.0972 0x2894  SiSRaid2 - ok
19:56:09.0977 0x2894  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:56:09.0979 0x2894  SiSRaid4 - ok
19:56:09.0983 0x2894  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:56:09.0985 0x2894  Smb - ok
19:56:09.0992 0x2894  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:56:09.0994 0x2894  SNMPTRAP - ok
19:56:09.0997 0x2894  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:56:09.0998 0x2894  spldr - ok
19:56:10.0012 0x2894  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
19:56:10.0025 0x2894  Spooler - ok
19:56:10.0102 0x2894  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:56:10.0175 0x2894  sppsvc - ok
19:56:10.0182 0x2894  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:56:10.0185 0x2894  sppuinotify - ok
19:56:10.0198 0x2894  [ 2098B8556D1CEC2ACA9A29CD479E3692, D5826407C64F18C16EB36E6F00787CFAFCD9B24B5BD8AD126AD01E6E4134966F ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:56:10.0208 0x2894  srv - ok
19:56:10.0219 0x2894  [ D0F73A42040F21F92FD314B42AC5C9E7, A021C4318C9CFA594305458B2643BB0C22DDE1F3D51C93C9F3E7F7AB75B31278 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:56:10.0229 0x2894  srv2 - ok
19:56:10.0235 0x2894  [ 2BA8F3250828CCDB4204ECF2C6F40B6A, 22C4FBF9A87C46E69C48B681FF733D68D9CB7B7D73FB14C8C2A06E9009F9860E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:56:10.0239 0x2894  srvnet - ok
19:56:10.0246 0x2894  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:56:10.0251 0x2894  SSDPSRV - ok
19:56:10.0255 0x2894  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:56:10.0258 0x2894  SstpSvc - ok
19:56:10.0261 0x2894  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:56:10.0262 0x2894  stexstor - ok
19:56:10.0279 0x2894  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:56:10.0292 0x2894  stisvc - ok
19:56:10.0296 0x2894  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:56:10.0298 0x2894  storflt - ok
19:56:10.0300 0x2894  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
19:56:10.0302 0x2894  StorSvc - ok
19:56:10.0305 0x2894  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:56:10.0307 0x2894  storvsc - ok
19:56:10.0309 0x2894  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:56:10.0310 0x2894  swenum - ok
19:56:10.0325 0x2894  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:56:10.0335 0x2894  SwitchBoard - ok
19:56:10.0350 0x2894  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:56:10.0363 0x2894  swprv - ok
19:56:10.0403 0x2894  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:56:10.0440 0x2894  SysMain - ok
19:56:10.0446 0x2894  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:10.0450 0x2894  TabletInputService - ok
19:56:10.0458 0x2894  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:56:10.0466 0x2894  TapiSrv - ok
19:56:10.0470 0x2894  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:56:10.0473 0x2894  TBS - ok
19:56:10.0516 0x2894  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:56:10.0556 0x2894  Tcpip - ok
19:56:10.0601 0x2894  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:56:10.0634 0x2894  TCPIP6 - ok
19:56:10.0641 0x2894  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:56:10.0642 0x2894  tcpipreg - ok
19:56:10.0646 0x2894  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:56:10.0647 0x2894  TDPIPE - ok
19:56:10.0650 0x2894  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:56:10.0651 0x2894  TDTCP - ok
19:56:10.0656 0x2894  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:56:10.0659 0x2894  tdx - ok
19:56:10.0662 0x2894  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:56:10.0664 0x2894  TermDD - ok
19:56:10.0681 0x2894  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
19:56:10.0697 0x2894  TermService - ok
19:56:10.0702 0x2894  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:56:10.0704 0x2894  Themes - ok
19:56:10.0708 0x2894  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:56:10.0709 0x2894  THREADORDER - ok
19:56:10.0714 0x2894  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:56:10.0718 0x2894  TrkWks - ok
19:56:10.0725 0x2894  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:10.0729 0x2894  TrustedInstaller - ok
19:56:10.0734 0x2894  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:10.0736 0x2894  tssecsrv - ok
19:56:10.0739 0x2894  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:56:10.0742 0x2894  TsUsbFlt - ok
19:56:10.0745 0x2894  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:56:10.0746 0x2894  TsUsbGD - ok
19:56:10.0750 0x2894  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:56:10.0754 0x2894  tunnel - ok
19:56:10.0757 0x2894  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:56:10.0759 0x2894  uagp35 - ok
19:56:10.0769 0x2894  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:56:10.0776 0x2894  udfs - ok
19:56:10.0783 0x2894  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:56:10.0785 0x2894  UI0Detect - ok
19:56:10.0789 0x2894  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:56:10.0791 0x2894  uliagpkx - ok
19:56:10.0793 0x2894  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:56:10.0795 0x2894  umbus - ok
19:56:10.0798 0x2894  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:56:10.0799 0x2894  UmPass - ok
19:56:10.0806 0x2894  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:56:10.0812 0x2894  UmRdpService - ok
19:56:10.0823 0x2894  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:56:10.0832 0x2894  upnphost - ok
19:56:10.0836 0x2894  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:10.0838 0x2894  usbccgp - ok
19:56:10.0843 0x2894  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:56:10.0846 0x2894  usbcir - ok
19:56:10.0849 0x2894  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:56:10.0851 0x2894  usbehci - ok
19:56:10.0860 0x2894  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:56:10.0868 0x2894  usbhub - ok
19:56:10.0872 0x2894  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:56:10.0873 0x2894  usbohci - ok
19:56:10.0875 0x2894  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:56:10.0876 0x2894  usbprint - ok
19:56:10.0880 0x2894  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:10.0882 0x2894  USBSTOR - ok
19:56:10.0885 0x2894  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:56:10.0887 0x2894  usbuhci - ok
19:56:10.0890 0x2894  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:56:10.0893 0x2894  UxSms - ok
19:56:10.0895 0x2894  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
19:56:10.0897 0x2894  VaultSvc - ok
19:56:10.0900 0x2894  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:56:10.0901 0x2894  vdrvroot - ok
19:56:10.0915 0x2894  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:56:10.0927 0x2894  vds - ok
19:56:10.0931 0x2894  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:10.0932 0x2894  vga - ok
19:56:10.0935 0x2894  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:56:10.0936 0x2894  VgaSave - ok
19:56:10.0943 0x2894  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:56:10.0949 0x2894  vhdmp - ok
19:56:10.0951 0x2894  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:56:10.0953 0x2894  viaide - ok
19:56:10.0959 0x2894  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:56:10.0964 0x2894  vmbus - ok
19:56:10.0967 0x2894  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:56:10.0968 0x2894  VMBusHID - ok
19:56:10.0972 0x2894  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:56:10.0974 0x2894  volmgr - ok
19:56:10.0985 0x2894  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:56:10.0993 0x2894  volmgrx - ok
19:56:11.0001 0x2894  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:56:11.0008 0x2894  volsnap - ok
19:56:11.0014 0x2894  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:56:11.0018 0x2894  vsmraid - ok
19:56:11.0055 0x2894  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:56:11.0090 0x2894  VSS - ok
19:56:11.0094 0x2894  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:56:11.0095 0x2894  vwifibus - ok
19:56:11.0106 0x2894  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:56:11.0116 0x2894  W32Time - ok
19:56:11.0120 0x2894  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:56:11.0121 0x2894  WacomPen - ok
19:56:11.0125 0x2894  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:56:11.0127 0x2894  WANARP - ok
19:56:11.0131 0x2894  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:56:11.0132 0x2894  Wanarpv6 - ok
19:56:11.0166 0x2894  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:56:11.0198 0x2894  wbengine - ok
19:56:11.0207 0x2894  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:56:11.0212 0x2894  WbioSrvc - ok
19:56:11.0222 0x2894  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:56:11.0232 0x2894  wcncsvc - ok
19:56:11.0235 0x2894  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:11.0238 0x2894  WcsPlugInService - ok
19:56:11.0241 0x2894  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:56:11.0242 0x2894  Wd - ok
19:56:11.0244 0x2894  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
19:56:11.0245 0x2894  WDC_SAM - ok
19:56:11.0261 0x2894  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:56:11.0275 0x2894  Wdf01000 - ok
19:56:11.0280 0x2894  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:56:11.0284 0x2894  WdiServiceHost - ok
19:56:11.0288 0x2894  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:56:11.0291 0x2894  WdiSystemHost - ok
19:56:11.0298 0x2894  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
19:56:11.0304 0x2894  WebClient - ok
19:56:11.0312 0x2894  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:56:11.0319 0x2894  Wecsvc - ok
19:56:11.0323 0x2894  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:56:11.0326 0x2894  wercplsupport - ok
19:56:11.0330 0x2894  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:56:11.0333 0x2894  WerSvc - ok
19:56:11.0335 0x2894  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:56:11.0336 0x2894  WfpLwf - ok
19:56:11.0339 0x2894  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:56:11.0340 0x2894  WIMMount - ok
19:56:11.0342 0x2894  WinDefend - ok
19:56:11.0347 0x2894  WinHttpAutoProxySvc - ok
19:56:11.0358 0x2894  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:56:11.0364 0x2894  Winmgmt - ok
19:56:11.0411 0x2894  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:56:11.0455 0x2894  WinRM - ok
19:56:11.0461 0x2894  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:56:11.0463 0x2894  WinUsb - ok
19:56:11.0485 0x2894  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:56:11.0504 0x2894  Wlansvc - ok
19:56:11.0508 0x2894  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:56:11.0508 0x2894  WmiAcpi - ok
19:56:11.0516 0x2894  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:56:11.0521 0x2894  wmiApSrv - ok
19:56:11.0523 0x2894  WMPNetworkSvc - ok
19:56:11.0526 0x2894  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:56:11.0528 0x2894  WPCSvc - ok
19:56:11.0533 0x2894  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:56:11.0537 0x2894  WPDBusEnum - ok
19:56:11.0540 0x2894  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:56:11.0541 0x2894  ws2ifsl - ok
19:56:11.0544 0x2894  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
19:56:11.0548 0x2894  wscsvc - ok
19:56:11.0550 0x2894  WSearch - ok
19:56:11.0606 0x2894  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:56:11.0657 0x2894  wuauserv - ok
19:56:11.0665 0x2894  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:56:11.0667 0x2894  WudfPf - ok
19:56:11.0673 0x2894  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:11.0677 0x2894  WUDFRd - ok
19:56:11.0681 0x2894  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:56:11.0685 0x2894  wudfsvc - ok
19:56:11.0692 0x2894  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:56:11.0699 0x2894  WwanSvc - ok
19:56:11.0711 0x2894  [ 728CA8E15873B345BF82F14AD8B65C91, FCD183A7B8F9B39A3C080ADDE6DAF0A72224B0F7D3FF5582EB06F3082A06ACDC ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
19:56:11.0719 0x2894  yukonw7 - ok
19:56:11.0722 0x2894  ================ Scan global ===============================
19:56:11.0725 0x2894  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:56:11.0733 0x2894  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
19:56:11.0757 0x2894  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
19:56:11.0764 0x2894  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:56:11.0775 0x2894  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:56:11.0783 0x2894  [ Global ] - ok
19:56:11.0783 0x2894  ================ Scan MBR ==================================
19:56:11.0784 0x2894  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:56:11.0791 0x2894  \Device\Harddisk1\DR1 - ok
19:56:11.0793 0x2894  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:56:11.0848 0x2894  \Device\Harddisk2\DR2 - ok
19:56:11.0850 0x2894  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:56:11.0973 0x2894  \Device\Harddisk0\DR0 - ok
19:56:11.0973 0x2894  ================ Scan VBR ==================================
19:56:11.0975 0x2894  [ 0F64AA4074662AA874785612246A52D6 ] \Device\Harddisk1\DR1\Partition1
19:56:11.0976 0x2894  \Device\Harddisk1\DR1\Partition1 - ok
19:56:11.0978 0x2894  [ 0236B1931485940082E6FB38E67CCF93 ] \Device\Harddisk2\DR2\Partition1
19:56:11.0979 0x2894  \Device\Harddisk2\DR2\Partition1 - ok
19:56:11.0981 0x2894  [ D64ECF1BBE5FA73836CF29FEC24D5B9D ] \Device\Harddisk2\DR2\Partition2
19:56:11.0982 0x2894  \Device\Harddisk2\DR2\Partition2 - ok
19:56:11.0984 0x2894  [ D13BD68ED74DE33F92D3825470FEBD54 ] \Device\Harddisk0\DR0\Partition1
19:56:11.0985 0x2894  \Device\Harddisk0\DR0\Partition1 - ok
19:56:11.0986 0x2894  ================ Scan generic autorun ======================
19:56:12.0015 0x2894  [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] C:\Program Files\Microsoft Security Client\msseces.exe
19:56:12.0041 0x2894  MSC - ok
19:56:12.0333 0x2894  [ D0E9E2E198C8BA95297EF8C9D04865F1, 1889A66AEEEE1E9D80FB99E23AFBB23AF37044BAA8AE00070667D3B2E32AB804 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:56:12.0610 0x2894  RTHDVCPL - ok
19:56:12.0633 0x2894  [ 20C08CA080F650B730B1E3FDEA9AD532, 1D2B0914412378E0B5834A95BDD86F8927B6A8D37F4E044C904CE381F1C19A75 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
19:56:12.0644 0x2894  AdobeAAMUpdater-1.0 - ok
19:56:12.0655 0x2894  [ 19AA49EDFB49E86745567ABDBCB32464, 256C9A04AF44A2D32895C562172C005475F02A8C0822DB9C25911D09433AB513 ] C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
19:56:12.0679 0x2894  pac - ok
19:56:12.0692 0x2894  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:56:12.0702 0x2894  SwitchBoard - ok
19:56:12.0706 0x2894  [ 8943465BEFA91044227D42E84ECB8280, 76D19CE3EB7E6C6573F250543CDC10B3601604535BFB756805AE246FA55AC265 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
19:56:12.0756 0x2894  NUSB3MON - ok
19:56:12.0759 0x2894  [ FC77F245431D4DA5A9E2A53F3A14B162, 5D45F1AD5492703861873A38FE87F4B8EBBD2DEE3DCFB075D35A362212DF9B04 ] C:\Windows\RaidTool\xInsIDE.exe
19:56:12.0785 0x2894  JMB36X IDE Setup - ok
19:56:12.0810 0x2894  [ 4EAF6F8F0B3BE33A0E3877EB7FFD48D4, CD89A31004E3E5A3253554CABF70B89D4F2FCBC40161FFA9E633CD85261A2769 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:56:12.0833 0x2894  Adobe ARM - ok
19:56:12.0833 0x2894  BlueStacks Agent - ok
19:56:12.0834 0x2894  Waiting for KSN requests completion. In queue: 218
19:56:13.0834 0x2894  Waiting for KSN requests completion. In queue: 218
19:56:14.0834 0x2894  Waiting for KSN requests completion. In queue: 218
19:56:15.0842 0x2894  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
19:56:15.0844 0x2894  Win FW state via NFP2: enabled ( trusted )
19:56:18.0459 0x2894  ============================================================
19:56:18.0459 0x2894  Scan finished
19:56:18.0459 0x2894  ============================================================
19:56:18.0465 0x0200  Detected object count: 0
19:56:18.0465 0x0200  Actual detected object count: 0
20:13:02.0711 0x1978  Deinitialize success
 
AdwCleaner
# AdwCleaner v6.047 - Logfile created 25/05/2017 at 20:15:27
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-26.1 [Local]
# Operating System : Windows 7 Professional Service Pack 1 (X64)
# Username : Steven Pantazis - PANTAZIS_001
# Running from : C:\Users\Steven Pantazis\Desktop\AdwCleaner.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
Folder Found:  C:\Windows\SysWOW64\sstmp
 
 
***** [ Files ] *****
 
File Found:  C:\TOSTACK
File Found:  C:\Windows\SysWOW64\config\systemprofile\AppData\Local\uninstallro.exe
File Found:  C:\prefs.js
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
Key Found:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\geekbuddyrsp
Key Found:  [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\geekbuddyrsp
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [3688 Bytes] - [14/12/2016 00:02:45]
C:\AdwCleaner\AdwCleaner[C2].txt - [1409 Bytes] - [14/12/2016 00:24:03]
C:\AdwCleaner\AdwCleaner[S0].txt - [3690 Bytes] - [14/12/2016 00:02:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [1508 Bytes] - [14/12/2016 00:23:43]
C:\AdwCleaner\AdwCleaner[S2].txt - [1474 Bytes] - [14/12/2016 00:27:14]
C:\AdwCleaner\AdwCleaner[S3].txt - [1651 Bytes] - [25/05/2017 20:15:27]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1724 Bytes] ##########
 
Junkware Removal Tool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 7 Professional x64 
Ran by Steven Pantazis (Administrator) on Thu 05/25/2017 at 20:21:33.75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 32 
 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IZOIGHQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3RGD0KS5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DH3RTA4E (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H39EJ4XI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJDUNH6X (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ7M67Z4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JURS54VQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KB8U1V99 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MO7CUTSY (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9IASQBQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XCYG0P25 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Steven Pantazis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6HXRWP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IZOIGHQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3RGD0KS5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DH3RTA4E (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H39EJ4XI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJDUNH6X (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ7M67Z4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JURS54VQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KB8U1V99 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MO7CUTSY (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9IASQBQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XCYG0P25 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6HXRWP (Temporary Internet Files Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/25/2017 at 20:22:20.47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
ESET Online Scanner
C:\Windows\RUN.del VBS/Runner.NEC trojan cleaned by deleting
C:\Windows\AutoKMS\AutoKMS.exe a variant of MSIL/HackKMS.H potentially unsafe application cleaned by deleting
C:\Windows\System32\BIT1331.tmp a variant of Win32/SpeedBit.BE potentially unwanted application cleaned by deleting
C:\Windows\System32\BITB03F.tmp a variant of Win32/SpeedBit.BE potentially unwanted application cleaned by deleting
C:\Windows\System32\BITB04F.tmp a variant of Win32/SpeedBit.BE potentially unwanted application cleaned by deleting
D:\Steve\Website\Void\2012\htdocs\wp-content\themes\modularity\includes\cache\5657a08a7d850af9ae48cc3148dc9269.php PHP/Small.NAL trojan cleaned by deleting
D:\Steve\Website\Void\xampp\htdocs\spantazis\wp-content\themes\modularity\includes\cache\5657a08a7d850af9ae48cc3148dc9269.php PHP/Small.NAL trojan cleaned by deleting
 


#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:04 PM

Posted 26 May 2017 - 10:23 AM

OK, remove what Adwcleaner found.

Looks like you could re install you Nvidia drivers and Malwarebytes.

How is it running now?

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 spants

spants
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 30 May 2017 - 08:28 PM

Looks clear to me. ADW Log below. Seems to be running okay as well. The original post was about a GPU acting up which I have replaced. Louis pointed out an svchost using >2GB memory. I do not see an entry like that any more. He also asked that I upgrade to iexplorer 11. I have not been able to do that and am not able to install Windows updates, the update checker simply hangs there. I have to admit that I am probably very far behind in updates. Is this something you can help me work through?

 
 
# AdwCleaner v6.047 - Logfile created 29/05/2017 at 14:44:58
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-26.6 [Server]
# Operating System : Windows 7 Professional Service Pack 1 (X64)
# Username : Steven Pantazis - PANTAZIS_001
# Running from : C:\Users\Steven Pantazis\Desktop\AdwCleaner.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\Windows\SysWOW64\sstmp
 
 
***** [ Files ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
 
 
***** [ Web browsers ] *****
 
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [3688 Bytes] - [14/12/2016 00:02:45]
C:\AdwCleaner\AdwCleaner[C2].txt - [1409 Bytes] - [14/12/2016 00:24:03]
C:\AdwCleaner\AdwCleaner[C3].txt - [982 Bytes] - [29/05/2017 14:44:58]
C:\AdwCleaner\AdwCleaner[S0].txt - [3690 Bytes] - [14/12/2016 00:02:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [1508 Bytes] - [14/12/2016 00:23:43]
C:\AdwCleaner\AdwCleaner[S2].txt - [1474 Bytes] - [14/12/2016 00:27:14]
C:\AdwCleaner\AdwCleaner[S3].txt - [1807 Bytes] - [25/05/2017 20:15:27]
C:\AdwCleaner\AdwCleaner[S4].txt - [1632 Bytes] - [29/05/2017 14:38:06]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1419 Bytes] ##########





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users