Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HP Mini's screen won't "sleep" and blinks at logon


  • Please log in to reply
17 replies to this topic

#1 RevGAM

RevGAM

  • Members
  • 696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Milwaukee, Wisconsin, USA
  • Local time:10:34 AM

Posted 02 November 2017 - 07:24 AM

HP Mini 210-4000, X86

W7SP1 Home Premium, 2GB RAM

Intel Atom N2800 @1.86GHz (x2)

I have my Mini set to sleep the monitor after 15 minutes but, for the past few weeks, it never does that, even if I reboot.  It doesn't matter if a program is open, the desktop is showing or it's at the logon screen  A couple of days ago, as it sat at the log on screen, I noticed that it would periodically flash the desktop picture (less than a second), which obviously isn't normal.  I don't recall installing anything recently that might be associated with this problem, although I did try to install Visual Studio Code, which I didn't realize is not for x86.

Is this a hardware problem, a bot or some other form of malware?

Thanks!


Namaste, Peace & Love,
Glenn


If I have frustrated you, then I must be a student. If I've imparted information or a skill to you, then I must be a teacher. If I've helped you, then I must be a volunteer. If I've touched your life, then I must be happy!
If you had to choose between saving just your family, or saving 10,000 GOOD people (but not your family), what would you choose?


BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 70,544 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:34 AM

Posted 06 November 2017 - 12:24 PM

Hello, may not be malware but do these.

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 RevGAM

RevGAM
  • Topic Starter

  • Members
  • 696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Milwaukee, Wisconsin, USA
  • Local time:10:34 AM

Posted 08 November 2017 - 12:28 PM

Results. txt of Minitoolbox:

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Me (administrator) on 08-11-2017 at 11:22:02
Running from "C:\Users\Me\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Model: HP Mini 210-4000 Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Could not flush the DNS Resolver Cache: Function failed during execution.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1 localhost
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu
0.0.0.0 adadvisor.net
0.0.0.0 tag1.adaptiveads.com

There are 11827 entries.

========================= IP Configuration: ================================

Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Blue
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : wi.rr.com

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 1E-B7-0D-FB-5D-94
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : wi.rr.com
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 9C-B7-0D-FB-5D-94
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2605:a000:bc8e:e000:bce9:e537:ac40:ca2a(Preferred)
   Temporary IPv6 Address. . . . . . : 2605:a000:bc8e:e000:2492:5262:1965:9f31(Preferred)
   Link-local IPv6 Address . . . . . : fe80::bce9:e537:ac40:ca2a%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.20(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, November 05, 2017 6:42:17 PM
   Lease Expires . . . . . . . . . . : Thursday, November 09, 2017 10:31:22 AM
   Default Gateway . . . . . . . . . : fe80::facf:c5ff:fefb:b5b9%12
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 379369229
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-E0-FC-F5-80-C1-6E-5D-08-6F
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : wi.rr.com
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 80-C1-6E-5D-08-6F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:4009:80d::200e
      216.58.192.206


Pinging google.com [2607:f8b0:4009:80a::200e] with 32 bytes of data:
Reply from 2607:f8b0:4009:80a::200e: time=12ms
Reply from 2607:f8b0:4009:80a::200e: time=12ms

Ping statistics for 2607:f8b0:4009:80a::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 12ms, Average = 12ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  2001:4998:c:e33::53
      2001:4998:44:204::100d
      2001:4998:58:2201::73
      98.138.252.38
      206.190.39.42
      98.139.180.180


Pinging yahoo.com [2001:4998:58:2201::73] with 32 bytes of data:
Request timed out.
Reply from 2001:4998:58:2201::73: time=27ms

Ping statistics for 2001:4998:58:2201::73:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 27ms, Average = 27ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...1e b7 0d fb 5d 94 ......Microsoft Virtual WiFi Miniport Adapter
 12...9c b7 0d fb 5d 94 ......Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
 11...80 c1 6e 5d 08 6f ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.20     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.20    281
     192.168.0.20  255.255.255.255         On-link      192.168.0.20    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.20    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.20    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.20    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    281 ::/0                     fe80::facf:c5ff:fefb:b5b9
  1    306 ::1/128                  On-link
 12    281 2605:a000:bc8e:e000::/56 fe80::facf:c5ff:fefb:b5b9
 12     33 2605:a000:bc8e:e000::/64 On-link
 12    281 2605:a000:bc8e:e000:2492:5262:1965:9f31/128
                                    On-link
 12    281 2605:a000:bc8e:e000:bce9:e537:ac40:ca2a/128
                                    On-link
 12    281 fe80::/64                On-link
 12    281 fe80::bce9:e537:ac40:ca2a/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/08/2017 04:51:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/08/2017 04:49:58 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/07/2017 03:56:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/07/2017 03:55:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/06/2017 04:45:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/06/2017 04:44:22 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/05/2017 06:43:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/05/2017 04:51:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/05/2017 04:50:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/04/2017 03:52:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (11/05/2017 06:42:18 PM) (Source: Service Control Manager) (User: )
Description: The WinPrivacySvc service failed to start due to the following error:
%%2 = The system cannot find the file specified.


Error: (11/01/2017 03:31:41 PM) (Source: Service Control Manager) (User: )
Description: The WinPrivacySvc service failed to start due to the following error:
%%2 = The system cannot find the file specified.


Error: (10/28/2017 09:16:25 AM) (Source: Service Control Manager) (User: )
Description: The WinPrivacySvc service failed to start due to the following error:
%%2 = The system cannot find the file specified.


Error: (10/28/2017 09:11:10 AM) (Source: Service Control Manager) (User: )
Description: The WinPrivacySvc service failed to start due to the following error:
%%2 = The system cannot find the file specified.


Error: (10/28/2017 09:10:18 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.

Error: (10/26/2017 06:53:19 PM) (Source: Service Control Manager) (User: )
Description: The WinPrivacySvc service failed to start due to the following error:
%%2 = The system cannot find the file specified.


Error: (10/26/2017 06:27:40 PM) (Source: Service Control Manager) (User: )
Description: The WinPrivacySvc service failed to start due to the following error:
%%2 = The system cannot find the file specified.


Error: (10/26/2017 06:25:18 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (03/01/2012 03:04:57 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be  changed by 178362037 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->52.179.17.38:123) is working properly.

Error: (12/31/2010 11:01:14 PM) (Source: Service Control Manager) (User: )
Description: The WinPrivacySvc service failed to start due to the following error:
%%2 = The system cannot find the file specified.



Microsoft Office Sessions:
=========================
Error: (11/08/2017 04:51:11 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\fonepaw\fonepaw android data recovery\x64Installer.exec:\program files\fonepaw\fonepaw android data recovery\Microsoft.VC90.CRT.MANIFEST4

Error: (11/08/2017 04:49:58 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\lenovousbdriver\DPInst64.exe

Error: (11/07/2017 03:56:40 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\fonepaw\fonepaw android data recovery\x64Installer.exec:\program files\fonepaw\fonepaw android data recovery\Microsoft.VC90.CRT.MANIFEST4

Error: (11/07/2017 03:55:08 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\lenovousbdriver\DPInst64.exe

Error: (11/06/2017 04:45:33 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\fonepaw\fonepaw android data recovery\x64Installer.exec:\program files\fonepaw\fonepaw android data recovery\Microsoft.VC90.CRT.MANIFEST4

Error: (11/06/2017 04:44:22 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\lenovousbdriver\DPInst64.exe

Error: (11/05/2017 06:43:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/05/2017 04:51:39 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\fonepaw\fonepaw android data recovery\x64Installer.exec:\program files\fonepaw\fonepaw android data recovery\Microsoft.VC90.CRT.MANIFEST4

Error: (11/05/2017 04:50:30 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\lenovousbdriver\DPInst64.exe

Error: (11/04/2017 03:52:59 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\fonepaw\fonepaw android data recovery\x64Installer.exec:\program files\fonepaw\fonepaw android data recovery\Microsoft.VC90.CRT.MANIFEST4


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.1.1 - HP) Hidden
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824237067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
AirDroid 3.4.0.0 (HKLM\...\AirDroid) (Version: 3.4.0.0 - Sand Studio)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assessment and Deployment Kit (HKLM\...\{fc46d1b2-9557-4c1f-baac-04af4d2db7e4}) (Version: 8.59.25584 - Microsoft Corporation)
Atheros Bluetooth Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.4.0.102 - Atheros)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AVS Video Editor 7.4.1 (HKLM\...\AVS Video Editor_is1) (Version: 7.4.1.281 - Online Media Technologies Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Combined Community Codec Pack 2015-10-18 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2015.10.19.0 - CCCP Project)
CyberLink YouCam (HKLM\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Dynamic Web TWAIN HTML5 Edition (HKLM\...\{41C1256A-0549-47A5-8F5A-1887C54B2BF2}) (Version: 11.3.407 - Dynamsoft)
ESU for Microsoft Windows 7 SP1 (HKLM\...\{BCE2B68D-8543-4ED6-8BF8-DB125A11A929}) (Version: 4.1.1 - Hewlett-Packard)
EULAlyzer 2.2 (HKLM\...\EULAlyzer_is1) (Version: 2.2.0 - BrightFort LLC)
FonePaw Android Data Recovery 1.9.0 (HKLM\...\{10E7BD57-C5FE-484f-A3F2-A1755286C0A7}_is1) (Version: 1.9.0 - FonePaw)
Google Chrome (HKCU\...\Google Chrome) (Version: 62.0.3202.89 - Google Inc.)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM\...\{860C8A24-AA98-476C-90D3-5046C0787987}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Launch Box (HKLM\...\{2DB8743E-A513-4AE5-A617-BD42D0653969}) (Version: 1.1.2 - Hewlett-Packard Company)
HP On Screen Display (HKLM\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{4AC3AD66-3B4C-4122-805F-C03E8A680583}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Setup (HKLM\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)
HP Setup Manager (HKLM\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{DF9DAE00-F582-42F6-9537-B5F1F6858AE1}) (Version: 4.5.2.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.8.37.11 - HP)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6370.0 - IDT)
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1065 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.151.12 - Oracle Corporation) Hidden
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kits Configuration Installer (HKLM\...\{E14DDED2-919B-FCCB-84AC-5ABB6D182D46}) (Version: 8.59.25584 - Microsoft) Hidden
Lenovo Moto Smart Assistant (HKLM\...\{A92D6B74-8528-4284-841F-76B3D9CE478B}) (Version: 3.2.0.9 - Lenovo)
Lenovo Service Bridge (HKCU\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.5.7 - Lenovo)
LenovoUsbDriver 1.0.17 (HKLM\...\LenovoUsbDriver) (Version: 1.0.17 - Lenovo)
MagicDisc 2.7.106 (HKLM\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Assistant (HKLM\...\{AEF3BF36-8B82-4E43-8291-81EF9E01C65B}) (Version: 1.4.1.10123 - Lenovo)
Mozilla Firefox 56.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 56.0.2 (x86 en-US)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
MRU-Blaster v1.5 (Database 3.28.04) (HKLM\...\MRU-Blaster_is1) (Version: 1.5 - BrightFort LLC)
opensource (HKLM\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Skype™ 7.32 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
SpywareBlaster 5.5 (HKLM\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1206 - SUPERAntiSpyware.com)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.33.0 - Synaptics Incorporated)
Toolkit Documentation (HKLM\...\{AB1F3428-D2C6-895F-1966-BA55647B40D8}) (Version: 8.59.25584 - Microsoft) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 35.5.2017.8 - Ruiware)
Yahoo Search Set (HKLM\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

========================= Memory info: ===================================

Percentage of memory in use: 84%
Total physical RAM: 2036.3 MB
Available physical RAM: 316.31 MB
Total Virtual: 4072.6 MB
Available Virtual: 1313.83 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:283.7 GB) (Free:73.84 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:14.1 GB) (Free:1.19 GB) NTFS

========================= Users: ========================================

User accounts for \\BLUE

Administrator            Guest                    Me                       


**** End of log ****
 


Namaste, Peace & Love,
Glenn


If I have frustrated you, then I must be a student. If I've imparted information or a skill to you, then I must be a teacher. If I've helped you, then I must be a volunteer. If I've touched your life, then I must be happy!
If you had to choose between saving just your family, or saving 10,000 GOOD people (but not your family), what would you choose?


#4 RevGAM

RevGAM
  • Topic Starter

  • Members
  • 696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Milwaukee, Wisconsin, USA
  • Local time:10:34 AM

Posted 08 November 2017 - 12:31 PM

TDSS Killer Results

11:29:00.0618 0x1ad8  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
11:29:06.0378 0x1ad8  ============================================================
11:29:06.0378 0x1ad8  Current date / time: 2017/11/08 11:29:06.0378
11:29:06.0378 0x1ad8  SystemInfo:
11:29:06.0378 0x1ad8  
11:29:06.0378 0x1ad8  OS Version: 6.1.7601 ServicePack: 1.0
11:29:06.0378 0x1ad8  Product type: Workstation
11:29:06.0378 0x1ad8  ComputerName: BLUE
11:29:06.0378 0x1ad8  UserName: Me
11:29:06.0378 0x1ad8  Windows directory: C:\Windows
11:29:06.0378 0x1ad8  System windows directory: C:\Windows
11:29:06.0378 0x1ad8  Processor architecture: Intel x86
11:29:06.0378 0x1ad8  Number of processors: 4
11:29:06.0378 0x1ad8  Page size: 0x1000
11:29:06.0378 0x1ad8  Boot type: Normal boot
11:29:06.0378 0x1ad8  CodeIntegrityOptions = 0x00000000
11:29:06.0388 0x1ad8  ============================================================
11:29:07.0258 0x1ad8  KLMD registered as C:\Windows\system32\drivers\38731019.sys
11:29:07.0258 0x1ad8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23915, osProperties = 0x0
11:29:08.0088 0x1ad8  System UUID: {203CD360-59AC-7070-FA50-FCECFAFF6403}
11:29:09.0968 0x1ad8  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:29:10.0168 0x1ad8  ============================================================
11:29:10.0168 0x1ad8  \Device\Harddisk0\DR0:
11:29:10.0168 0x1ad8  MBR partitions:
11:29:10.0168 0x1ad8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:29:10.0168 0x1ad8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23764000
11:29:10.0168 0x1ad8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x237C8000, BlocksNum 0x1C32800
11:29:10.0168 0x1ad8  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33800
11:29:10.0168 0x1ad8  ============================================================
11:29:10.0208 0x1ad8  C: <-> \Device\Harddisk0\DR0\Partition2
11:29:10.0258 0x1ad8  D: <-> \Device\Harddisk0\DR0\Partition3
11:29:10.0318 0x1ad8  ============================================================
11:29:10.0318 0x1ad8  Initialize success
11:29:10.0318 0x1ad8  ============================================================
11:29:20.0258 0x1568  ============================================================
11:29:20.0258 0x1568  Scan started
11:29:20.0258 0x1568  Mode: Manual;
11:29:20.0258 0x1568  ============================================================
11:29:20.0258 0x1568  KSN ping started
11:29:32.0158 0x1568  KSN ping finished: true
11:29:34.0578 0x1568  ================ Scan system memory ========================
11:29:34.0578 0x1568  System memory - ok
11:29:34.0578 0x1568  ================ Scan services =============================
11:29:34.0668 0x1568  [ 4570BB456EEA6AB2A92F60644DFB031B, 200CD43B2227DEDE47E32DD4B42087B9B5904D0AA55C8EE6255EFD518B51A2A7 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:29:34.0678 0x1568  !SASCORE - ok
11:29:34.0948 0x1568  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:29:34.0958 0x1568  1394ohci - ok
11:29:35.0018 0x1568  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:29:35.0048 0x1568  ACPI - ok
11:29:35.0068 0x1568  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:29:35.0078 0x1568  AcpiPmi - ok
11:29:35.0148 0x1568  [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:29:35.0158 0x1568  AdobeARMservice - ok
11:29:35.0238 0x1568  [ EF3FA1EEC533C8B1B12CB3BAEBD0E84F, 88A53496F4E56A3993C419D71C2AC9A177CE7E92B289A6F736C15691692A4779 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:29:35.0258 0x1568  AdobeFlashPlayerUpdateSvc - ok
11:29:35.0338 0x1568  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:29:35.0368 0x1568  adp94xx - ok
11:29:35.0398 0x1568  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:29:35.0418 0x1568  adpahci - ok
11:29:35.0448 0x1568  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:29:35.0458 0x1568  adpu320 - ok
11:29:35.0508 0x1568  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:29:35.0518 0x1568  AeLookupSvc - ok
11:29:35.0608 0x1568  [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters     C:\Program Files\IDT\WDM\aestsrv.exe
11:29:35.0608 0x1568  AESTFilters - ok
11:29:35.0678 0x1568  [ F582FC7976F1248AC5FBD6875C626B41, E65532B4E9924ECFF892C0A62312CBC070BFF7B1C4737E6CF8C4ED638BCD030F ] AFD             C:\Windows\system32\drivers\afd.sys
11:29:35.0718 0x1568  AFD - ok
11:29:35.0788 0x1568  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
11:29:35.0798 0x1568  agp440 - ok
11:29:35.0838 0x1568  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
11:29:35.0878 0x1568  aic78xx - ok
11:29:35.0928 0x1568  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
11:29:35.0938 0x1568  ALG - ok
11:29:35.0978 0x1568  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:29:35.0978 0x1568  aliide - ok
11:29:36.0008 0x1568  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
11:29:36.0008 0x1568  amdagp - ok
11:29:36.0018 0x1568  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:29:36.0028 0x1568  amdide - ok
11:29:36.0088 0x1568  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:29:36.0088 0x1568  AmdK8 - ok
11:29:36.0148 0x1568  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:29:36.0148 0x1568  AmdPPM - ok
11:29:36.0198 0x1568  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:29:36.0208 0x1568  amdsata - ok
11:29:36.0238 0x1568  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:29:36.0248 0x1568  amdsbs - ok
11:29:36.0298 0x1568  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:29:36.0308 0x1568  amdxata - ok
11:29:36.0368 0x1568  [ 20D93E913BBE39E50BB10CC7BA651910, FAAC055B7A2D3B8A93EED76636FFCCD3E76AF82B1E2F414432DCBB1AEDB42CCB ] AppID           C:\Windows\system32\drivers\appid.sys
11:29:36.0378 0x1568  AppID - ok
11:29:36.0408 0x1568  [ 60D471309978F58FCE00A0C62AF746EA, C10285768838355ED00D313A11B354F03958E21500E637356EBB833AB56097A5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:29:36.0418 0x1568  AppIDSvc - ok
11:29:36.0448 0x1568  [ 5EDA6BA186D1B05D5EF4E96F81F3F3EF, B815998ED90E4AC8F4394992082E1F05076CA07C868A15E616C291DCAAF8A000 ] Appinfo         C:\Windows\System32\appinfo.dll
11:29:36.0458 0x1568  Appinfo - ok
11:29:36.0498 0x1568  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
11:29:36.0498 0x1568  arc - ok
11:29:36.0558 0x1568  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:29:36.0568 0x1568  arcsas - ok
11:29:36.0728 0x1568  [ 03FD2243A539C7153EF62CE10D1816F1, BE72DD2CB62B27F6BF0CEC03AE23A7D63876D6442A781E2E595EE3E64C18EBD4 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:29:36.0798 0x1568  aspnet_state - ok
11:29:36.0838 0x1568  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:29:36.0848 0x1568  AsyncMac - ok
11:29:36.0918 0x1568  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:29:36.0918 0x1568  atapi - ok
11:29:36.0958 0x1568  [ 0EC9C66DAB2C69E5484E3E3400C5BFF4, C5F2F78C79C12BE4C63D8AA2DFC94E226426FC8994D2AFB09444A55C2B5D5E32 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
11:29:36.0968 0x1568  AthBTPort - ok
11:29:37.0058 0x1568  [ 6B02E787AC0DAF4F52EEB53813509988, D71F04980E04A8B3CF14BB1FA221EEBD986CBFD387E101614CB1C64F5C64F983 ] AtherosSvc      C:\Program Files\Bluetooth Suite\adminservice.exe
11:29:37.0068 0x1568  AtherosSvc - ok
11:29:37.0298 0x1568  [ D4D138399DD3F8F2B65BBF95D70B72A0, 8618C24FC538BA2A1B6AA87ABC90B18689ECFD3712FF651548C9BB478F29749F ] athr            C:\Windows\system32\DRIVERS\athr.sys
11:29:37.0498 0x1568  athr - ok
11:29:37.0578 0x1568  [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:29:37.0618 0x1568  AudioEndpointBuilder - ok
11:29:37.0658 0x1568  [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:29:37.0678 0x1568  Audiosrv - ok
11:29:37.0728 0x1568  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:29:37.0738 0x1568  AxInstSV - ok
11:29:37.0808 0x1568  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
11:29:37.0838 0x1568  b06bdrv - ok
11:29:37.0908 0x1568  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
11:29:37.0918 0x1568  b57nd60x - ok
11:29:38.0038 0x1568  [ EB7C2DADF52F50F69F198C14C3556DC1, ABA6964B443B7A041C18E09376AC7F7C87122738BA71328F02510CD1D76ACBB0 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
11:29:38.0118 0x1568  BCM43XX - ok
11:29:38.0178 0x1568  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
11:29:38.0178 0x1568  BDESVC - ok
11:29:38.0218 0x1568  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:29:38.0228 0x1568  Beep - ok
11:29:38.0288 0x1568  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
11:29:38.0328 0x1568  BFE - ok
11:29:38.0378 0x1568  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
11:29:38.0428 0x1568  BITS - ok
11:29:38.0448 0x1568  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
11:29:38.0448 0x1568  blbdrive - ok
11:29:38.0488 0x1568  [ 28AF7D4427868B7CE4C00CAB1864C7F6, AAE5303878AF0F7AA18069A8FCD99639EBC34622B456AF86C5E4F27858196E06 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:29:38.0498 0x1568  bowser - ok
11:29:38.0528 0x1568  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:29:38.0528 0x1568  BrFiltLo - ok
11:29:38.0548 0x1568  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:29:38.0548 0x1568  BrFiltUp - ok
11:29:38.0588 0x1568  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
11:29:38.0598 0x1568  Browser - ok
11:29:38.0628 0x1568  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:29:38.0648 0x1568  Brserid - ok
11:29:38.0658 0x1568  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:29:38.0668 0x1568  BrSerWdm - ok
11:29:38.0678 0x1568  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:29:38.0678 0x1568  BrUsbMdm - ok
11:29:38.0698 0x1568  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:29:38.0698 0x1568  BrUsbSer - ok
11:29:38.0768 0x1568  [ 4697E7AF9C920B8DDD7BB647ABBD1F6E, CD8141CCA87220A9EC1F5B35D77D7CB530E51B7B8E90139CA7F77027B3FAE0D3 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
11:29:38.0808 0x1568  BTATH_A2DP - ok
11:29:38.0848 0x1568  [ 807E13C94775CBFD70215766687E957A, 87B9E76B08DC583F060AD326CE05A121B05BCDCDE833BC804F3E17BE3D99C5FC ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
11:29:38.0848 0x1568  btath_avdt - ok
11:29:38.0888 0x1568  [ C32FB5FDE56302258C2A44A57116979F, EE041B057C9F72DA7CFB719153AD65569C44427588E8E706A1D66B9C4F8C1473 ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
11:29:38.0898 0x1568  BTATH_BUS - ok
11:29:38.0928 0x1568  [ F7A1B8334EF7D99EA9D894D995553D3E, 56E28D3DE5E60F8F295832ECD711E2F999F2F9966A549C69F2150B4FC4CDDD27 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
11:29:38.0938 0x1568  BTATH_HCRP - ok
11:29:38.0968 0x1568  [ B0EE9045FF2EB7519C93B63FAA0A2570, 6FC4C77F6BA0077818C0EFDC97AB7A1F2842E7B42A77920001FEF211C3689C39 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
11:29:38.0978 0x1568  BTATH_LWFLT - ok
11:29:39.0018 0x1568  [ 92A08096BF01937847063D43CDB72F2A, 22DE4960279A798DA239829D174D4416BDB80C82CCCB9637D06E183064AE6D1C ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
11:29:39.0038 0x1568  BTATH_RCP - ok
11:29:39.0118 0x1568  [ 2CAB1D9CB981CA0C7E2ED21F50830C16, CF23682B07F178BDE4BC34C7C451FD1321FBAA21A87DD7EACBDBDD555E5377F9 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
11:29:39.0148 0x1568  BtFilter - ok
11:29:39.0188 0x1568  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
11:29:39.0188 0x1568  BthEnum - ok
11:29:39.0218 0x1568  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:29:39.0218 0x1568  BTHMODEM - ok
11:29:39.0268 0x1568  [ F6AA1FE6ECB2C175E9BA14D30C739FD3, F133F29F8AAA5E3AB148E71A5232FD31B1E1EBC350C899369AE8BFD84022F03F ] BthPan          C:\Windows\system32\drivers\bthpan.sys
11:29:39.0278 0x1568  BthPan - ok
11:29:39.0328 0x1568  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:29:39.0368 0x1568  BTHPORT - ok
11:29:39.0418 0x1568  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
11:29:39.0418 0x1568  bthserv - ok
11:29:39.0448 0x1568  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:29:39.0458 0x1568  BTHUSB - ok
11:29:39.0498 0x1568  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:29:39.0508 0x1568  cdfs - ok
11:29:39.0568 0x1568  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:29:39.0578 0x1568  cdrom - ok
11:29:39.0618 0x1568  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:29:39.0628 0x1568  CertPropSvc - ok
11:29:39.0648 0x1568  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:29:39.0648 0x1568  circlass - ok
11:29:39.0708 0x1568  [ 000B58009E5D0962C0A71D6477029A3F, 2696398A42B399AEE9F9F0FB26610BB9F50F9EC784EC80F78FF6DD3D6E892ADA ] CLFS            C:\Windows\system32\CLFS.sys
11:29:39.0738 0x1568  CLFS - ok
11:29:39.0808 0x1568  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:29:39.0808 0x1568  clr_optimization_v2.0.50727_32 - ok
11:29:39.0868 0x1568  [ 2BA609641FA64BAB02ACD3C0095672F5, FD1FE403864F0564CA4A2F1D7415649B8FFE16F8ED33C4B44ACB21767118AD5F ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:29:39.0948 0x1568  clr_optimization_v4.0.30319_32 - ok
11:29:40.0048 0x1568  [ E322060FD79BB3ABD58B35B9FF8FF30F, 35B0A7ABEE4AA0513D666B3E99FA86E7F393676D37F719119EC89B91658DA2C3 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
11:29:40.0058 0x1568  clwvd - ok
11:29:40.0098 0x1568  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:29:40.0098 0x1568  CmBatt - ok
11:29:40.0178 0x1568  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:29:40.0178 0x1568  cmdide - ok
11:29:40.0258 0x1568  [ 7F7D4B16389CEF932950F6B2604D2601, E7C32734DAA75A00866A0F961C945BF7CC7A29D3A9806041D0046BC9FD3ACC5A ] CNG             C:\Windows\system32\Drivers\cng.sys
11:29:40.0328 0x1568  CNG - ok
11:29:40.0368 0x1568  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:29:40.0378 0x1568  Compbatt - ok
11:29:40.0408 0x1568  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:29:40.0408 0x1568  CompositeBus - ok
11:29:40.0428 0x1568  COMSysApp - ok
11:29:40.0458 0x1568  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:29:40.0458 0x1568  crcdisk - ok
11:29:40.0528 0x1568  [ AAE96A2A48C7332310C1C28A1D466761, 7279E23A46353BC3D8A1B949B14F11DA689E73D033CD24C8E82613CCFD76E4EA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:29:40.0538 0x1568  CryptSvc - ok
11:29:40.0658 0x1568  [ 0395B42B3885269C039C6705D5A49BE3, A87697AFC9D4478DCD0A0053DBE378F3F84961BCF1A911DBB4161EEB350CB064 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:29:40.0678 0x1568  DcomLaunch - ok
11:29:41.0478 0x1568  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
11:29:41.0488 0x1568  defragsvc - ok
11:29:41.0908 0x1568  [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:29:41.0918 0x1568  DfsC - ok
11:29:43.0680 0x1568  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:29:43.0730 0x1568  Dhcp - ok
11:29:45.0590 0x1568  [ 58F9BFBAE3C25D1A349DF0C6ECE8F9DF, FF1CFC9B323BCE2CFC06F9B2A98A29396832134FD61A570C1971A7240899E526 ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:29:45.0750 0x1568  DiagTrack - ok
11:29:46.0072 0x1568  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
11:29:46.0072 0x1568  discache - ok
11:29:46.0382 0x1568  [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk            C:\Windows\system32\drivers\disk.sys
11:29:46.0382 0x1568  Disk - ok
11:29:46.0502 0x1568  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:29:46.0512 0x1568  Dnscache - ok
11:29:46.0622 0x1568  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:29:46.0642 0x1568  dot3svc - ok
11:29:46.0792 0x1568  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
11:29:46.0802 0x1568  DPS - ok
11:29:46.0952 0x1568  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:29:46.0962 0x1568  drmkaud - ok
11:29:47.0332 0x1568  [ 897AE9430D037B056CF76A49CF588542, 02767A3CF7AFF9ECF251808DF2B3B4CABFBDF3EF59E15498B0985298991D8B91 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:29:47.0412 0x1568  DXGKrnl - ok
11:29:48.0152 0x1568  [ 43B9B412F20DDA760D3ED54B47034960, 9C33376522F88B25647182D75B765CB9549A25D1B274A2AA24609C18BE028909 ] Dynamsoft WebTWAIN Service C:\Windows\System32\Dynamsoft\DynamicWebTwain\ForChrome\WebTWAINService.exe
11:29:48.0302 0x1568  Dynamsoft WebTWAIN Service - ok
11:29:48.0382 0x1568  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
11:29:48.0382 0x1568  EapHost - ok
11:29:48.0852 0x1568  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
11:29:49.0102 0x1568  ebdrv - ok
11:29:49.0293 0x1568  [ C9744493B99249CA8BEDE9190EB58344, 0A9EDD80C4D1ADC974BCB622773673A284D2AF81F8D9195B6E2B5B9CB5D326E0 ] EFS             C:\Windows\System32\lsass.exe
11:29:49.0307 0x1568  EFS - ok
11:29:49.0801 0x1568  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:29:49.0868 0x1568  ehRecvr - ok
11:29:49.0933 0x1568  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
11:29:50.0022 0x1568  ehSched - ok
11:29:50.0180 0x1568  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:29:50.0229 0x1568  elxstor - ok
11:29:50.0349 0x1568  [ CEFDBBD7A1F6D0905E441F679107023B, 870D849B978939B8245E6CE4E1E0862E6018FE1666063881FEE815E45F09DB9C ] epp             C:\EEK\bin32\epp.sys
11:29:50.0449 0x1568  epp - ok
11:29:50.0468 0x1568  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:29:50.0472 0x1568  ErrDev - ok
11:29:50.0677 0x1568  [ 543C7E1D278BA84B1F0C1EBCF7FD4CF8, 930F7EEC8E871AAD7C0D56CF481F3B207C8D52F73E42B65600768A4E9DD87D38 ] ESProtectionDriver C:\Windows\system32\drivers\mbae.sys
11:29:50.0718 0x1568  ESProtectionDriver - ok
11:29:50.0822 0x1568  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
11:29:50.0844 0x1568  EventSystem - ok
11:29:50.0946 0x1568  [ 53E8732CC70CC0991839DF9FC8996E4A, D14F6CAAF1F71647F12C6BDF1CD3EE7ADFAB0B292760AC197B876F0868853A72 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:29:50.0956 0x1568  exfat - ok
11:29:50.0996 0x1568  [ 24F422E5D7517FEBDA2324116F1A7BE6, 3D54FFB59F7E4F9CC1189D8808B1F17EE7C4A6DE2A13C74CA5B6A47D5E759C53 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:29:51.0006 0x1568  fastfat - ok
11:29:51.0116 0x1568  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
11:29:51.0186 0x1568  Fax - ok
11:29:51.0266 0x1568  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
11:29:51.0276 0x1568  fdc - ok
11:29:51.0296 0x1568  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
11:29:51.0306 0x1568  fdPHost - ok
11:29:51.0326 0x1568  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:29:51.0336 0x1568  FDResPub - ok
11:29:51.0356 0x1568  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:29:51.0366 0x1568  FileInfo - ok
11:29:51.0376 0x1568  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:29:51.0386 0x1568  Filetrace - ok
11:29:51.0416 0x1568  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:29:51.0416 0x1568  flpydisk - ok
11:29:51.0446 0x1568  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:29:51.0466 0x1568  FltMgr - ok
11:29:51.0566 0x1568  [ B5259B75BFDE00A5CDFD8D70444C8E3C, 3526602AA212B43351644AFB91E0D9CEFB778461BAAD2331B6BBF76FB14EEE86 ] FontCache       C:\Windows\system32\FntCache.dll
11:29:51.0646 0x1568  FontCache - ok
11:29:51.0756 0x1568  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:29:51.0756 0x1568  FontCache3.0.0.0 - ok
11:29:51.0836 0x1568  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:29:51.0836 0x1568  FsDepends - ok
11:29:51.0886 0x1568  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:29:51.0896 0x1568  Fs_Rec - ok
11:29:51.0946 0x1568  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:29:51.0966 0x1568  fvevol - ok
11:29:52.0016 0x1568  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:29:52.0026 0x1568  gagp30kx - ok
11:29:52.0096 0x1568  [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:29:52.0156 0x1568  gpsvc - ok
11:29:52.0176 0x1568  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:29:52.0186 0x1568  hcw85cir - ok
11:29:52.0296 0x1568  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:29:52.0326 0x1568  HdAudAddService - ok
11:29:52.0376 0x1568  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:29:52.0386 0x1568  HDAudBus - ok
11:29:52.0426 0x1568  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:29:52.0426 0x1568  HidBatt - ok
11:29:52.0486 0x1568  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:29:52.0486 0x1568  HidBth - ok
11:29:52.0536 0x1568  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:29:52.0546 0x1568  HidIr - ok
11:29:52.0626 0x1568  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
11:29:52.0626 0x1568  hidserv - ok
11:29:52.0696 0x1568  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:29:52.0706 0x1568  HidUsb - ok
11:29:52.0736 0x1568  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:29:52.0746 0x1568  hkmsvc - ok
11:29:52.0806 0x1568  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:29:52.0816 0x1568  HomeGroupListener - ok
11:29:52.0866 0x1568  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:29:52.0916 0x1568  HomeGroupProvider - ok
11:29:53.0006 0x1568  [ DFEC85328A07E518B4DBDF43BBBA5740, 86AB2ED9A234D26A05B1F7953B8BA555C9D4B0C6AE4D9DE707976AFB35C955CF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
11:29:53.0016 0x1568  HPClientSvc - ok
11:29:53.0166 0x1568  [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
11:29:53.0256 0x1568  hpqwmiex - ok
11:29:53.0306 0x1568  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:29:53.0316 0x1568  HpSAMD - ok
11:29:53.0426 0x1568  [ 7E32BB97B5A18FD522D587540DA730B1, 11C53736A8438C568C296ADEB710BE6F5B7EC3ADD64A5C1FD3209C7B8D2A84D7 ] HPSupportSolutionsFrameworkService C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
11:29:53.0496 0x1568  HPSupportSolutionsFrameworkService - ok
11:29:53.0546 0x1568  [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC        C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
11:29:53.0556 0x1568  HPWMISVC - ok
11:29:53.0626 0x1568  [ 2F50E2780F16E00369F1311B086C3E42, F3FAE2D965D055810775B7AAE7BF1C4C39961A64E42B345FC604D32F3AC7E7DA ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:29:53.0666 0x1568  HTTP - ok
11:29:53.0706 0x1568  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:29:53.0706 0x1568  hwpolicy - ok
11:29:53.0756 0x1568  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:29:53.0766 0x1568  i8042prt - ok
11:29:53.0826 0x1568  [ F4037A3FEDB92DD97C95F320766EA5C9, 3872166AA17E9C19D9F5BBCBC6CA202F6D5CCB1F9E04ED2AA0D43F642B9C85FD ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
11:29:53.0846 0x1568  iaStor - ok
11:29:53.0936 0x1568  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:29:53.0936 0x1568  IAStorDataMgrSvc - ok
11:29:53.0986 0x1568  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:29:54.0036 0x1568  iaStorV - ok
11:29:54.0116 0x1568  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:29:54.0186 0x1568  idsvc - ok
11:29:54.0236 0x1568  IEEtwCollectorService - ok
11:29:54.0346 0x1568  [ 1D9E962D06B8B9F520EC8224AC883774, F47A40D5FBAD0BDC4FA7FA29E397FEB4D3AB184C1B64B37E7F6314026D88F7F1 ] igddim32        C:\Windows\system32\DRIVERS\igddim32.sys
11:29:54.0436 0x1568  igddim32 - ok
11:29:54.0496 0x1568  [ 8AA45FAE254B395F79794F698AC6DB81, 7BDD5BA67F26B2C9F65A4A8C68E4148383C6ED91B3D48C07BA80E9D9DBAF3B5A ] igdkmd32        C:\Windows\system32\DRIVERS\igdkmd32.sys
11:29:54.0536 0x1568  igdkmd32 - ok
11:29:54.0566 0x1568  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:29:54.0566 0x1568  iirsp - ok
11:29:54.0656 0x1568  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:29:54.0706 0x1568  IKEEXT - ok
11:29:54.0756 0x1568  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:29:54.0766 0x1568  intelide - ok
11:29:54.0796 0x1568  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:29:54.0796 0x1568  intelppm - ok
11:29:54.0846 0x1568  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:29:54.0856 0x1568  IPBusEnum - ok
11:29:54.0876 0x1568  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:29:54.0876 0x1568  IpFilterDriver - ok
11:29:54.0946 0x1568  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:29:54.0986 0x1568  iphlpsvc - ok
11:29:55.0006 0x1568  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:29:55.0016 0x1568  IPMIDRV - ok
11:29:55.0056 0x1568  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:29:55.0066 0x1568  IPNAT - ok
11:29:55.0086 0x1568  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:29:55.0096 0x1568  IRENUM - ok
11:29:55.0126 0x1568  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:29:55.0136 0x1568  isapnp - ok
11:29:55.0176 0x1568  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:29:55.0206 0x1568  iScsiPrt - ok
11:29:55.0246 0x1568  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:29:55.0256 0x1568  kbdclass - ok
11:29:55.0296 0x1568  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:29:55.0296 0x1568  kbdhid - ok
11:29:55.0316 0x1568  [ C9744493B99249CA8BEDE9190EB58344, 0A9EDD80C4D1ADC974BCB622773673A284D2AF81F8D9195B6E2B5B9CB5D326E0 ] KeyIso          C:\Windows\system32\lsass.exe
11:29:55.0326 0x1568  KeyIso - ok
11:29:55.0376 0x1568  [ AD7A45E1A91028B0005EDDE9112D9357, E5E930917D2DFB6292613E1C2EF20BF10C2FDB84B91C8F5452DE5A67F2711DFF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:29:55.0376 0x1568  KSecDD - ok
11:29:55.0406 0x1568  [ D598526763D02DE0FB14FF148933F5BC, A50667D3F39043067D6DD123174F816720721E5E763E85C1C1315792E1BD821D ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:29:55.0416 0x1568  KSecPkg - ok
11:29:55.0466 0x1568  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:29:55.0516 0x1568  KtmRm - ok
11:29:55.0596 0x1568  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:29:55.0616 0x1568  LanmanServer - ok
11:29:55.0646 0x1568  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:29:55.0666 0x1568  LanmanWorkstation - ok
11:29:55.0726 0x1568  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:29:55.0736 0x1568  lltdio - ok
11:29:55.0816 0x1568  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:29:55.0826 0x1568  lltdsvc - ok
11:29:55.0856 0x1568  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:29:55.0866 0x1568  lmhosts - ok
11:29:55.0906 0x1568  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:29:55.0916 0x1568  LSI_FC - ok
11:29:55.0936 0x1568  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:29:55.0946 0x1568  LSI_SAS - ok
11:29:55.0976 0x1568  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:29:55.0986 0x1568  LSI_SAS2 - ok
11:29:56.0016 0x1568  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:29:56.0026 0x1568  LSI_SCSI - ok
11:29:56.0056 0x1568  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:29:56.0066 0x1568  luafv - ok
11:29:56.0126 0x1568  [ D0CB688352ECD3BB964B72773F9B5456, 62F12D76C6C49435E8DB0F38D15CE2EC00360F89B4398B83C4FD08AD0651F051 ] MBAMChameleon   C:\Windows\System32\Drivers\MbamChameleon.sys
11:29:56.0146 0x1568  MBAMChameleon - ok
11:29:56.0216 0x1568  [ 3131B2ED5445509D41FEBAFA35012B0C, AFAADA1BC072DA48E4739794F253AA629809508E73964A00D59910CE00F3C031 ] MBAMFarflt      C:\Windows\system32\DRIVERS\farflt.sys
11:29:56.0226 0x1568  MBAMFarflt - ok
11:29:56.0286 0x1568  [ A6CC068FCE07A98EAD5AC8922B39262F, 33C3F0E943675CA999FAA465633D124638E66518E50D19FE1F1C9372BDC936A3 ] MBAMProtection  C:\Windows\system32\DRIVERS\mbam.sys
11:29:56.0286 0x1568  MBAMProtection - ok
11:29:56.0606 0x1568  [ 116A7D69BAA96E330639BCF759C8664B, B3AEA7451A2A16B3FBFABF1032DBA08D4041670F32AD1EF79309D587CD3C25F1 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
11:29:56.0866 0x1568  MBAMService - ok
11:29:56.0976 0x1568  [ 87377B69CF0B716CA33E4406E763FBB0, A554A548A0B77B0A42468EF2A4EA052016423D56C49832A05918821525928082 ] MBAMSwissArmy   C:\Windows\System32\Drivers\mbamswissarmy.sys
11:29:56.0986 0x1568  MBAMSwissArmy - ok
11:29:57.0046 0x1568  [ BF0A9B9F217A5C4E412A8758A2FB157E, 1F6C4E05A207D6BB8374D25BB2A97039823ED1243EBA7A11EDA0C552AC9BF8A2 ] MBAMWebProtection C:\Windows\system32\DRIVERS\mwac.sys
11:29:57.0056 0x1568  MBAMWebProtection - ok
11:29:57.0106 0x1568  [ 8FD868E32459ECE2A1BB0169F513D31E, F28E47FBEC8EC8424FFFB359668E0FEEA66A69E9D737D75472934FAC39770390 ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
11:29:57.0116 0x1568  mcdbus - ok
11:29:57.0176 0x1568  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:29:57.0176 0x1568  Mcx2Svc - ok
11:29:57.0236 0x1568  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:29:57.0236 0x1568  megasas - ok
11:29:57.0266 0x1568  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:29:57.0276 0x1568  MegaSR - ok
11:29:57.0316 0x1568  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
11:29:57.0316 0x1568  MMCSS - ok
11:29:57.0336 0x1568  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
11:29:57.0346 0x1568  Modem - ok
11:29:57.0356 0x1568  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:29:57.0366 0x1568  monitor - ok
11:29:57.0396 0x1568  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:29:57.0396 0x1568  mouclass - ok
11:29:57.0426 0x1568  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:29:57.0426 0x1568  mouhid - ok
11:29:57.0466 0x1568  [ 9664F55623B43FD85D5642A202976AEE, 9349DADF639BBF7478EFA2398696FEC416554865AD4DEA91BD9A5E7D9F0C3D49 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:29:57.0476 0x1568  mountmgr - ok
11:29:57.0546 0x1568  [ 4391ABB3A02FE809088E2C7F875E5889, 01C45EFBB0BC6670B6953A69958613E195671A3CD5A36CB1930983C3775B201B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:29:57.0556 0x1568  MozillaMaintenance - ok
11:29:57.0596 0x1568  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:29:57.0606 0x1568  mpio - ok
11:29:57.0666 0x1568  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:29:57.0676 0x1568  mpsdrv - ok
11:29:57.0736 0x1568  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:29:57.0786 0x1568  MpsSvc - ok
11:29:57.0826 0x1568  [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:29:57.0836 0x1568  MRxDAV - ok
11:29:57.0866 0x1568  [ CED9A2CB76D01C817B067DEF638AA26D, 7DB851F68F741464C0BCAF2D67B70312A1E42CEC1500F72C5C9C39440ECF1C9D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:29:57.0876 0x1568  mrxsmb - ok
11:29:57.0926 0x1568  [ 7063F786FEEB116B1E0CCE8FD4D2DCC8, 9023AE7589DE6408F53A7B8BE5657795A80294A4BDF9FFD1808CCD11F3104C16 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:29:57.0946 0x1568  mrxsmb10 - ok
11:29:57.0976 0x1568  [ 2A325EC0931F389944A1C012DC6EB23F, E6FD5AAE2D834319287B6D8BFA36F7C5D25BBDCACFA212BF9C52CDE63D91ADEB ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:29:57.0986 0x1568  mrxsmb20 - ok
11:29:58.0016 0x1568  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:29:58.0016 0x1568  msahci - ok
11:29:58.0046 0x1568  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:29:58.0056 0x1568  msdsm - ok
11:29:58.0086 0x1568  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
11:29:58.0096 0x1568  MSDTC - ok
11:29:58.0146 0x1568  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:29:58.0146 0x1568  Msfs - ok
11:29:58.0176 0x1568  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:29:58.0176 0x1568  mshidkmdf - ok
11:29:58.0206 0x1568  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:29:58.0206 0x1568  msisadrv - ok
11:29:58.0256 0x1568  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:29:58.0276 0x1568  MSiSCSI - ok
11:29:58.0286 0x1568  msiserver - ok
11:29:58.0346 0x1568  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:29:58.0346 0x1568  MSKSSRV - ok
11:29:58.0386 0x1568  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:29:58.0386 0x1568  MSPCLOCK - ok
11:29:58.0406 0x1568  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:29:58.0406 0x1568  MSPQM - ok
11:29:58.0436 0x1568  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:29:58.0446 0x1568  MsRPC - ok
11:29:58.0476 0x1568  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:29:58.0486 0x1568  mssmbios - ok
11:29:58.0506 0x1568  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:29:58.0506 0x1568  MSTEE - ok
11:29:58.0536 0x1568  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:29:58.0546 0x1568  MTConfig - ok
11:29:58.0566 0x1568  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:29:58.0576 0x1568  Mup - ok
11:29:58.0626 0x1568  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
11:29:58.0666 0x1568  napagent - ok
11:29:58.0726 0x1568  [ 5F2B9CD280C48A8015AD70FCF4DFB758, F50D118BDCE35654CCA153CA2FC9123D014038494FBCBAFE0514D956DCB2D44D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:29:58.0796 0x1568  NativeWifiP - ok
11:29:58.0876 0x1568  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:29:58.0926 0x1568  NDIS - ok
11:29:58.0966 0x1568  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:29:58.0966 0x1568  NdisCap - ok
11:29:59.0016 0x1568  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:29:59.0016 0x1568  NdisTapi - ok
11:29:59.0046 0x1568  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:29:59.0056 0x1568  Ndisuio - ok
11:29:59.0116 0x1568  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:29:59.0116 0x1568  NdisWan - ok
11:29:59.0166 0x1568  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:29:59.0176 0x1568  NDProxy - ok
11:29:59.0226 0x1568  [ 4BFD93796488C95122D4797E043275F6, 802B3F575F8CD20589567FC318984AFE2ECA218B5E55A7FC531A39BEA0659FAE ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:29:59.0236 0x1568  Net Driver HPZ12 - ok
11:29:59.0266 0x1568  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:29:59.0276 0x1568  NetBIOS - ok
11:29:59.0316 0x1568  [ 2E226E666C6E11DC8C850071A90BE2DC, 5BE2ADBBEA0E5C20031FADB85461D6F68788095B6553B4EBC7A031D7EE1995AD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:29:59.0326 0x1568  NetBT - ok
11:29:59.0356 0x1568  [ C9744493B99249CA8BEDE9190EB58344, 0A9EDD80C4D1ADC974BCB622773673A284D2AF81F8D9195B6E2B5B9CB5D326E0 ] Netlogon        C:\Windows\system32\lsass.exe
11:29:59.0356 0x1568  Netlogon - ok
11:29:59.0406 0x1568  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
11:29:59.0446 0x1568  Netman - ok
11:29:59.0496 0x1568  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:29:59.0556 0x1568  NetMsmqActivator - ok
11:29:59.0586 0x1568  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:29:59.0586 0x1568  NetPipeActivator - ok
11:29:59.0636 0x1568  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
11:29:59.0676 0x1568  netprofm - ok
11:29:59.0696 0x1568  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:29:59.0706 0x1568  NetTcpActivator - ok
11:29:59.0716 0x1568  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:29:59.0726 0x1568  NetTcpPortSharing - ok
11:29:59.0786 0x1568  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:29:59.0786 0x1568  nfrd960 - ok
11:29:59.0836 0x1568  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:29:59.0876 0x1568  NlaSvc - ok
11:29:59.0906 0x1568  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:29:59.0906 0x1568  Npfs - ok
11:29:59.0926 0x1568  [ 6937652377C07F86EF195F1BF5423143, 02F109ABC3543296E70541367A7A6103F38704DAF9A5CDBA2D798EF5592CF663 ] nsi             C:\Windows\system32\nsisvc.dll
11:29:59.0936 0x1568  nsi - ok
11:29:59.0976 0x1568  [ C68AA651F93450ECA51A60D45A8E266C, 0AF79071CE5007F968D4028158200312F0C6B6A2114CF0990A638DBFE897E009 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:29:59.0986 0x1568  nsiproxy - ok
11:30:00.0086 0x1568  [ 767AE2613E92DD8DE8A92C06E1628027, A08B8B2EBB7C162EC81D33A68C322A0F4E09140989BE3EA9FF340E853A3B8178 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:30:00.0186 0x1568  Ntfs - ok
11:30:00.0216 0x1568  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
11:30:00.0226 0x1568  Null - ok
11:30:00.0276 0x1568  [ B5E37E31C053BC9950455A257526514B, 16E2880621F3AA12BDADE71CD7682CA79E2A199D3C9E3E5927C49DCEF0F6183B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
11:30:00.0326 0x1568  NVENETFD - ok
11:30:00.0356 0x1568  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:30:00.0366 0x1568  nvraid - ok
11:30:00.0396 0x1568  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:30:00.0406 0x1568  nvstor - ok
11:30:00.0436 0x1568  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:30:00.0446 0x1568  nv_agp - ok
11:30:00.0456 0x1568  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:30:00.0466 0x1568  ohci1394 - ok
11:30:00.0576 0x1568  [ D30981DA22F2EDB8678AF50B634A9587, 0758ACE093D62226EF045CF080A038A16CAA42FD007B4133052828DB28ABBC60 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:30:00.0586 0x1568  ose - ok
11:30:00.0926 0x1568  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:30:01.0206 0x1568  osppsvc - ok
11:30:01.0286 0x1568  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:30:01.0326 0x1568  p2pimsvc - ok
11:30:01.0376 0x1568  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:30:01.0406 0x1568  p2psvc - ok
11:30:01.0436 0x1568  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
11:30:01.0446 0x1568  Parport - ok
11:30:01.0496 0x1568  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:30:01.0496 0x1568  partmgr - ok
11:30:01.0526 0x1568  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
11:30:01.0526 0x1568  Parvdm - ok
11:30:01.0576 0x1568  [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:30:01.0586 0x1568  PcaSvc - ok
11:30:01.0616 0x1568  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
11:30:01.0626 0x1568  pci - ok
11:30:01.0656 0x1568  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:30:01.0656 0x1568  pciide - ok
11:30:01.0686 0x1568  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:30:01.0696 0x1568  pcmcia - ok
11:30:01.0726 0x1568  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:30:01.0726 0x1568  pcw - ok
11:30:01.0786 0x1568  [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:30:01.0836 0x1568  PEAUTH - ok
11:30:01.0986 0x1568  [ 09B61B4894B05723BACE59F46EF892D4, 1BEA7E4A38935C2F1DF4AF503704E4B3A19B0E5658D83F5C36013DF0D6F3BC6D ] pla             C:\Windows\system32\pla.dll
11:30:02.0086 0x1568  pla - ok
11:30:02.0166 0x1568  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:30:02.0206 0x1568  PlugPlay - ok
11:30:02.0276 0x1568  [ 3C30665CC5A60713B0C75F102E14AC6B, B30892BA85401CEDBC6FC2D58B7DE9B54DA9EA08A0339B19906D4278AFEB707A ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:30:02.0286 0x1568  Pml Driver HPZ12 - ok
11:30:02.0326 0x1568  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:30:02.0336 0x1568  PNRPAutoReg - ok
11:30:02.0406 0x1568  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:30:02.0426 0x1568  PNRPsvc - ok
11:30:02.0486 0x1568  [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:30:02.0536 0x1568  PolicyAgent - ok
11:30:02.0606 0x1568  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
11:30:02.0626 0x1568  Power - ok
11:30:02.0706 0x1568  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:30:02.0716 0x1568  PptpMiniport - ok
11:30:02.0736 0x1568  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
11:30:02.0746 0x1568  Processor - ok
11:30:02.0786 0x1568  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:30:02.0806 0x1568  ProfSvc - ok
11:30:02.0816 0x1568  [ C9744493B99249CA8BEDE9190EB58344, 0A9EDD80C4D1ADC974BCB622773673A284D2AF81F8D9195B6E2B5B9CB5D326E0 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:30:02.0826 0x1568  ProtectedStorage - ok
11:30:02.0856 0x1568  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:30:02.0866 0x1568  Psched - ok
11:30:02.0966 0x1568  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:30:03.0056 0x1568  ql2300 - ok
11:30:03.0116 0x1568  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:30:03.0126 0x1568  ql40xx - ok
11:30:03.0176 0x1568  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
11:30:03.0216 0x1568  QWAVE - ok
11:30:03.0246 0x1568  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:30:03.0256 0x1568  QWAVEdrv - ok
11:30:03.0316 0x1568  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:30:03.0316 0x1568  RasAcd - ok
11:30:03.0406 0x1568  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:30:03.0406 0x1568  RasAgileVpn - ok
11:30:03.0436 0x1568  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
11:30:03.0446 0x1568  RasAuto - ok
11:30:03.0476 0x1568  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:30:03.0486 0x1568  Rasl2tp - ok
11:30:03.0526 0x1568  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
11:30:03.0566 0x1568  RasMan - ok
11:30:03.0596 0x1568  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:30:03.0596 0x1568  RasPppoe - ok
11:30:03.0636 0x1568  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:30:03.0656 0x1568  RasSstp - ok
11:30:03.0696 0x1568  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:30:03.0716 0x1568  rdbss - ok
11:30:03.0746 0x1568  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:30:03.0746 0x1568  rdpbus - ok
11:30:03.0766 0x1568  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:30:03.0766 0x1568  RDPCDD - ok
11:30:03.0816 0x1568  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:30:03.0816 0x1568  RDPENCDD - ok
11:30:03.0846 0x1568  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:30:03.0856 0x1568  RDPREFMP - ok
11:30:03.0936 0x1568  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:30:03.0946 0x1568  RdpVideoMiniport - ok
11:30:04.0026 0x1568  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:30:04.0036 0x1568  RDPWD - ok
11:30:04.0086 0x1568  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:30:04.0096 0x1568  rdyboost - ok
11:30:04.0146 0x1568  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:30:04.0156 0x1568  RemoteAccess - ok
11:30:04.0206 0x1568  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:30:04.0226 0x1568  RemoteRegistry - ok
11:30:04.0286 0x1568  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:30:04.0296 0x1568  RFCOMM - ok
11:30:04.0356 0x1568  [ C4F4FCD5AE48BDD31648981DDF8EF993, B2C8586D5F09AB2FBCE8BBACC9B1C74D6E1A25A8264A4218E80354C4470C750F ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial.sys
11:30:04.0366 0x1568  RimVSerPort - ok
11:30:04.0446 0x1568  [ 564297827D213F52C7A3A2FF749568CA, B09A78D3B3F0BF47818BBEEDEF73BD6ACB9C5E367592BB90C85FD262BE521876 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
11:30:04.0446 0x1568  ROOTMODEM - ok
11:30:04.0496 0x1568  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:30:04.0506 0x1568  RpcEptMapper - ok
11:30:04.0536 0x1568  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
11:30:04.0546 0x1568  RpcLocator - ok
11:30:04.0596 0x1568  [ 0395B42B3885269C039C6705D5A49BE3, A87697AFC9D4478DCD0A0053DBE378F3F84961BCF1A911DBB4161EEB350CB064 ] RpcSs           C:\Windows\system32\rpcss.dll
11:30:04.0626 0x1568  RpcSs - ok
11:30:04.0656 0x1568  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:30:04.0666 0x1568  rspndr - ok
11:30:04.0726 0x1568  [ C5ACB4D2CA623F678257B0844BD1AC8A, F6CDB5B517B16D38012CC02A842AA5758C3EEEE5A6B35CA26C9C10E2E79B7978 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
11:30:04.0746 0x1568  RSUSBSTOR - ok
11:30:04.0896 0x1568  [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
11:30:04.0916 0x1568  RTL8167 - ok
11:30:04.0966 0x1568  [ C9744493B99249CA8BEDE9190EB58344, 0A9EDD80C4D1ADC974BCB622773673A284D2AF81F8D9195B6E2B5B9CB5D326E0 ] SamSs           C:\Windows\system32\lsass.exe
11:30:04.0976 0x1568  SamSs - ok
11:30:05.0026 0x1568  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:30:05.0036 0x1568  SASDIFSV - ok
11:30:05.0056 0x1568  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:30:05.0056 0x1568  SASKUTIL - ok
11:30:05.0106 0x1568  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:30:05.0106 0x1568  sbp2port - ok
11:30:05.0176 0x1568  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:30:05.0196 0x1568  SCardSvr - ok
11:30:05.0236 0x1568  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:30:05.0236 0x1568  scfilter - ok
11:30:05.0326 0x1568  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
11:30:05.0386 0x1568  Schedule - ok
11:30:05.0416 0x1568  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:30:05.0426 0x1568  SCPolicySvc - ok
11:30:05.0466 0x1568  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
11:30:05.0476 0x1568  sdbus - ok
11:30:05.0516 0x1568  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:30:05.0536 0x1568  SDRSVC - ok
11:30:05.0576 0x1568  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:30:05.0576 0x1568  secdrv - ok
11:30:05.0616 0x1568  [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon        C:\Windows\system32\seclogon.dll
11:30:05.0626 0x1568  seclogon - ok
11:30:05.0656 0x1568  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
11:30:05.0666 0x1568  SENS - ok
11:30:05.0726 0x1568  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:30:05.0736 0x1568  SensrSvc - ok
11:30:05.0766 0x1568  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:30:05.0766 0x1568  Serenum - ok
11:30:05.0796 0x1568  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
11:30:05.0806 0x1568  Serial - ok
11:30:05.0826 0x1568  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:30:05.0836 0x1568  sermouse - ok
11:30:05.0923 0x1568  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:30:05.0942 0x1568  SessionEnv - ok
11:30:06.0004 0x1568  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:30:06.0009 0x1568  sffdisk - ok
11:30:06.0027 0x1568  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:30:06.0034 0x1568  sffp_mmc - ok
11:30:06.0056 0x1568  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:30:06.0064 0x1568  sffp_sd - ok
11:30:06.0085 0x1568  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:30:06.0091 0x1568  sfloppy - ok
11:30:06.0251 0x1568  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:30:06.0299 0x1568  SharedAccess - ok
11:30:06.0452 0x1568  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:30:06.0508 0x1568  ShellHWDetection - ok
11:30:06.0551 0x1568  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
11:30:06.0558 0x1568  sisagp - ok
11:30:06.0621 0x1568  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:30:06.0628 0x1568  SiSRaid2 - ok
11:30:06.0670 0x1568  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:30:06.0682 0x1568  SiSRaid4 - ok
11:30:06.0806 0x1568  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
11:30:06.0852 0x1568  SkypeUpdate - ok
11:30:06.0928 0x1568  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:30:06.0938 0x1568  Smb - ok
11:30:07.0027 0x1568  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:30:07.0039 0x1568  SNMPTRAP - ok
11:30:07.0095 0x1568  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:30:07.0104 0x1568  spldr - ok
11:30:07.0222 0x1568  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
11:30:07.0290 0x1568  Spooler - ok
11:30:08.0611 0x1568  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
11:30:08.0821 0x1568  sppsvc - ok
11:30:08.0921 0x1568  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:30:08.0931 0x1568  sppuinotify - ok
11:30:09.0111 0x1568  [ 381C074173702C92080AAD489F1EC6DC, 87814B491D151085C734DA4EAE0B0DD982E084A1BAC0E855F50FB580A7D7FA27 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:30:09.0121 0x1568  srv - ok
11:30:09.0251 0x1568  [ FC411046A1391AE7206DD513061C6FDF, 5D544F6EAD5B889194B60642B9C3FA9856BCEFF093E06460C65D026890EB871D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:30:09.0271 0x1568  srv2 - ok
11:30:09.0509 0x1568  [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
11:30:09.0551 0x1568  SrvHsfHDA - ok
11:30:09.0725 0x1568  [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
11:30:09.0802 0x1568  SrvHsfV92 - ok
11:30:09.0948 0x1568  [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
11:30:09.0993 0x1568  SrvHsfWinac - ok
11:30:10.0132 0x1568  [ 765C4FFF0E69F7466411C7EC3724188A, D158AD402FB26B3237760F91277716C52203B05A2F4AE16CF06833C776FF19D6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:30:10.0146 0x1568  srvnet - ok
11:30:10.0295 0x1568  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:30:10.0325 0x1568  SSDPSRV - ok
11:30:10.0413 0x1568  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:30:10.0432 0x1568  SstpSvc - ok
11:30:10.0749 0x1568  [ 9D2B5CA1F040443BEF75493F32EB8451, 82CF25E430CA6C86D6682AD3CFA82FB6828C77E8FC666752E8FA377820D91721 ] STacSV          C:\Program Files\IDT\WDM\STacSV.exe
11:30:10.0759 0x1568  STacSV - ok
11:30:10.0889 0x1568  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:30:10.0899 0x1568  stexstor - ok
11:30:10.0979 0x1568  [ E112B3D5B9891443969B23F80169CB49, 2F80691CFEC8DCB22D7EB57D49C6C4B3F7B3030D0A9C46FCEC10DF3F4C8F3C52 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
11:30:10.0999 0x1568  STHDA - ok
11:30:11.0219 0x1568  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
11:30:11.0259 0x1568  StiSvc - ok
11:30:11.0299 0x1568  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:30:11.0309 0x1568  swenum - ok
11:30:11.0511 0x1568  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
11:30:11.0547 0x1568  swprv - ok
11:30:11.0673 0x1568  [ 828E985E1989BC137CF0AF5BA99AA4DF, 415BA5E84E9E17732203DB99425B446CDD9E5FF327E628B130CC82E56A86588D ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:30:11.0713 0x1568  SynTP - ok
11:30:12.0093 0x1568  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
11:30:12.0313 0x1568  SysMain - ok
11:30:12.0563 0x1568  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
11:30:12.0573 0x1568  TabletInputService - ok
11:30:12.0783 0x1568  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:30:12.0823 0x1568  TapiSrv - ok
11:30:13.0713 0x1568  [ C25848DB4A86839A7EDD1077F62AD980, C0C6AADA83BD21DF1243B2BEBA83AC295F49B5C02B2639EF473BBDD3A31AF4C5 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:30:13.0846 0x1568  Tcpip - ok
11:30:14.0004 0x1568  [ C25848DB4A86839A7EDD1077F62AD980, C0C6AADA83BD21DF1243B2BEBA83AC295F49B5C02B2639EF473BBDD3A31AF4C5 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:30:14.0100 0x1568  TCPIP6 - ok
11:30:14.0186 0x1568  [ A4BF8BE9D1F7D563C7868AC7B2561545, E3C2FFE53373E5255DC388E0C81CCE965E432EFAF52C85B5B3B3918815114073 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:30:14.0193 0x1568  tcpipreg - ok
11:30:14.0312 0x1568  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:30:14.0318 0x1568  TDPIPE - ok
11:30:14.0376 0x1568  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:30:14.0382 0x1568  TDTCP - ok
11:30:14.0450 0x1568  [ 8F143F86FDD8CF4F7BD25973C5983F9D, D3ECB70C5ACAFB6C07CB2104FBEA3FA965299F1BE84D33334DB0FAAA88F738A5 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:30:14.0460 0x1568  tdx - ok
11:30:14.0615 0x1568  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:30:14.0615 0x1568  TermDD - ok
11:30:15.0019 0x1568  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
11:30:15.0101 0x1568  TermService - ok
11:30:15.0391 0x1568  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
11:30:15.0411 0x1568  Themes - ok
11:30:15.0461 0x1568  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:30:15.0491 0x1568  THREADORDER - ok
11:30:16.0041 0x1568  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
11:30:16.0061 0x1568  TrkWks - ok
11:30:16.0331 0x1568  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:30:16.0381 0x1568  TrustedInstaller - ok
11:30:16.0465 0x1568  [ 6841C85446F906E4584D43A70484E318, 5B1FD34DC82EC534F4527A4019F3BC910147CA3A54E3F36984C0712307329089 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:30:16.0471 0x1568  tssecsrv - ok
11:30:16.0554 0x1568  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:30:16.0562 0x1568  TsUsbFlt - ok
11:30:16.0663 0x1568  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:30:16.0670 0x1568  TsUsbGD - ok
11:30:16.0773 0x1568  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:30:16.0783 0x1568  tunnel - ok
11:30:16.0813 0x1568  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:30:16.0823 0x1568  uagp35 - ok
11:30:16.0873 0x1568  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:30:16.0913 0x1568  udfs - ok
11:30:16.0993 0x1568  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:30:17.0013 0x1568  UI0Detect - ok
11:30:17.0053 0x1568  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:30:17.0053 0x1568  uliagpkx - ok
11:30:17.0173 0x1568  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:30:17.0173 0x1568  umbus - ok
11:30:17.0203 0x1568  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:30:17.0213 0x1568  UmPass - ok
11:30:17.0273 0x1568  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
11:30:17.0313 0x1568  upnphost - ok
11:30:17.0363 0x1568  [ 325A69967CC7B4BFB170F5636143A94A, E0341360827B9B3E244F24D0BC01D3B3C0CC97E232A361960849F799A16AD540 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:30:17.0363 0x1568  usbccgp - ok
11:30:17.0443 0x1568  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:30:17.0453 0x1568  usbcir - ok
11:30:17.0483 0x1568  [ 5D57798CAE5A0DD0B8F61C52B8E7C3D1, 5097997508E1406AD5B018C5006D82F8BFC7B157C6CAF1B4D80C7D6DB722A77A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:30:17.0493 0x1568  usbehci - ok
11:30:17.0563 0x1568  [ 3835ECC1E928042F92D7AA1963D40523, 60237CB8C3F935544006621255FFD53C9E09C0AF4741D0C50968CB4D647336D5 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
11:30:17.0613 0x1568  usbhub - ok
11:30:17.0663 0x1568  [ 81E1E90305A4C7A13BADC5DFA22ABA37, 9EF3F5CD2FCF22A5BCC668778C8340D8C80719E9B43FB6C4484BFC98280B8BD9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:30:17.0663 0x1568  usbohci - ok
11:30:17.0703 0x1568  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
11:30:17.0713 0x1568  usbprint - ok
11:30:17.0753 0x1568  [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:30:17.0763 0x1568  USBSTOR - ok
11:30:17.0803 0x1568  [ B4A1789BE90403D9549EF9DBAD37A429, 1F590F8DE0081953B944A076FFEB5FF3BCF7E2BEE4ABD97236A29C00B9242163 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:30:17.0803 0x1568  usbuhci - ok
11:30:17.0903 0x1568  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2, F9B72DE82078FDB5551D48988190F46EECA9B99655C591B7865FEA1AFB31F637 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
11:30:17.0913 0x1568  usbvideo - ok
11:30:17.0973 0x1568  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
11:30:17.0983 0x1568  UxSms - ok
11:30:18.0023 0x1568  [ C9744493B99249CA8BEDE9190EB58344, 0A9EDD80C4D1ADC974BCB622773673A284D2AF81F8D9195B6E2B5B9CB5D326E0 ] VaultSvc        C:\Windows\system32\lsass.exe
11:30:18.0023 0x1568  VaultSvc - ok
11:30:18.0083 0x1568  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:30:18.0093 0x1568  vdrvroot - ok
11:30:18.0253 0x1568  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
11:30:18.0283 0x1568  vds - ok
11:30:18.0373 0x1568  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:30:18.0373 0x1568  vga - ok
11:30:18.0413 0x1568  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:30:18.0413 0x1568  VgaSave - ok
11:30:18.0503 0x1568  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:30:18.0523 0x1568  vhdmp - ok
11:30:18.0573 0x1568  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
11:30:18.0573 0x1568  viaagp - ok
11:30:18.0593 0x1568  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
11:30:18.0603 0x1568  ViaC7 - ok
11:30:18.0643 0x1568  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:30:18.0653 0x1568  viaide - ok
11:30:18.0683 0x1568  vmci - ok
11:30:18.0733 0x1568  VMnetAdapter - ok
11:30:18.0783 0x1568  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:30:18.0783 0x1568  volmgr - ok
11:30:18.0963 0x1568  [ 21D83DD717E8D681364A5E44A5459717, 2D938D07132A2D37FB164CA322A93951729D6AF65BA8BAF8493D02B203F13243 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:30:18.0973 0x1568  volmgrx - ok
11:30:19.0153 0x1568  [ C37AEE5966EB5929E2051AC7409B5730, 95701CDFCD57D3832E007BC7E6F00AA3A8080601317278EA6F0C4ADF0EF27A2C ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:30:19.0173 0x1568  volsnap - ok
11:30:19.0283 0x1568  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:30:19.0293 0x1568  vsmraid - ok
11:30:19.0543 0x1568  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
11:30:19.0653 0x1568  VSS - ok
11:30:19.0693 0x1568  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:30:19.0703 0x1568  vwifibus - ok
11:30:19.0763 0x1568  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:30:19.0773 0x1568  vwififlt - ok
11:30:19.0873 0x1568  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:30:19.0883 0x1568  vwifimp - ok
11:30:20.0013 0x1568  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
11:30:20.0043 0x1568  W32Time - ok
11:30:20.0093 0x1568  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:30:20.0103 0x1568  WacomPen - ok
11:30:20.0153 0x1568  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:30:20.0163 0x1568  WANARP - ok
11:30:20.0183 0x1568  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:30:20.0213 0x1568  Wanarpv6 - ok
11:30:20.0413 0x1568  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
11:30:20.0483 0x1568  wbengine - ok
11:30:20.0593 0x1568  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:30:20.0603 0x1568  WbioSrvc - ok
11:30:20.0703 0x1568  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:30:20.0723 0x1568  wcncsvc - ok
11:30:20.0823 0x1568  [ D9DF5C53DFE502D88A726DD6EFB3CCC3, 2804FA28CEF1A15C1E1BAAB440F7546A497C3B894313521750380F789678BC0C ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:30:20.0823 0x1568  WcsPlugInService - ok
11:30:20.0903 0x1568  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
11:30:20.0903 0x1568  Wd - ok
11:30:21.0113 0x1568  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:30:21.0143 0x1568  Wdf01000 - ok
11:30:21.0263 0x1568  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:30:21.0273 0x1568  WdiServiceHost - ok
11:30:21.0293 0x1568  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:30:21.0313 0x1568  WdiSystemHost - ok
11:30:21.0423 0x1568  [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient       C:\Windows\System32\webclnt.dll
11:30:21.0453 0x1568  WebClient - ok
11:30:21.0573 0x1568  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:30:21.0593 0x1568  Wecsvc - ok
11:30:21.0623 0x1568  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:30:21.0633 0x1568  wercplsupport - ok
11:30:21.0693 0x1568  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
11:30:21.0703 0x1568  WerSvc - ok
11:30:21.0793 0x1568  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:30:21.0803 0x1568  WfpLwf - ok
11:30:22.0053 0x1568  [ 1F71D38B556EE2A96C3A0B6811ADCC7B, C1CBC5947DE5E606CB79F36603FEE214721D45E79B0077D0B33A34C8C1F2FF8F ] WIMMount        C:\Program Files\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\x86\DISM\wimmount.sys
11:30:22.0063 0x1568  WIMMount - ok
11:30:22.0323 0x1568  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
11:30:22.0363 0x1568  WinDefend - ok
11:30:22.0443 0x1568  WinHttpAutoProxySvc - ok
11:30:22.0593 0x1568  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:30:22.0613 0x1568  Winmgmt - ok
11:30:22.0813 0x1568  WinPrivacySvc - ok
11:30:22.0933 0x1568  [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:30:23.0023 0x1568  WinRM - ok
11:30:23.0123 0x1568  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:30:23.0123 0x1568  WinUsb - ok
11:30:23.0253 0x1568  [ BB5D5249C49DB0D9B08AFB220019E1CF, 5DD01888BC303891FC5690D3F4EA795F185B934D985FC0F48DC30CC0718E5123 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:30:23.0323 0x1568  Wlansvc - ok
11:30:23.0413 0x1568  [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:30:23.0423 0x1568  wlcrasvc - ok
11:30:23.0583 0x1568  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:30:23.0723 0x1568  wlidsvc - ok
11:30:23.0753 0x1568  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:30:23.0763 0x1568  WmiAcpi - ok
11:30:23.0813 0x1568  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:30:23.0823 0x1568  wmiApSrv - ok
11:30:23.0953 0x1568  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
11:30:24.0023 0x1568  WMPNetworkSvc - ok
11:30:24.0063 0x1568  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:30:24.0073 0x1568  WPCSvc - ok
11:30:24.0093 0x1568  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:30:24.0113 0x1568  WPDBusEnum - ok
11:30:24.0143 0x1568  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:30:24.0153 0x1568  ws2ifsl - ok
11:30:24.0173 0x1568  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:30:24.0193 0x1568  wscsvc - ok
11:30:24.0203 0x1568  WSearch - ok
11:30:24.0383 0x1568  [ 8E6E93DFE1C8C1732E4B2C843CE4ABA5, 354C2BC424D92AE09EADBCAD92299C392C57AFB543EAC1B0F7675A907E9BCEE5 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:30:24.0747 0x1568  wuauserv - ok
11:30:24.0842 0x1568  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:30:24.0860 0x1568  WudfPf - ok
11:30:24.0906 0x1568  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:30:24.0951 0x1568  WUDFRd - ok
11:30:25.0024 0x1568  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:30:25.0042 0x1568  wudfsvc - ok
11:30:25.0148 0x1568  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:30:25.0297 0x1568  WwanSvc - ok
11:30:25.0426 0x1568  ZAM - ok
11:30:25.0446 0x1568  ZAMSvc - ok
11:30:25.0505 0x1568  ZAM_Guard - ok
11:30:25.0665 0x1568  [ 28B051B78471FC290C1790623D5908E1, 01B711DAC7290B5DBBA5AF49E69FC906BE0A1BF40EFB372A0DA1FB59F0BA9983 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
11:30:25.0678 0x1568  ZAtheros Bt&Wlan Coex Agent - ok
11:30:25.0760 0x1568  ================ Scan global ===============================
11:30:25.0803 0x1568  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
11:30:25.0917 0x1568  [ 00B034B1F3A4201F01079E8645FD9A84, 1923F55D09052D1A5D4CD56E11E768EF78F951F669B7F93EFB648E14346F5387 ] C:\Windows\system32\winsrv.dll
11:30:25.0974 0x1568  [ 00B034B1F3A4201F01079E8645FD9A84, 1923F55D09052D1A5D4CD56E11E768EF78F951F669B7F93EFB648E14346F5387 ] C:\Windows\system32\winsrv.dll
11:30:26.0044 0x1568  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
11:30:26.0109 0x1568  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
11:30:26.0149 0x1568  [ Global ] - ok
11:30:26.0149 0x1568  ================ Scan MBR ==================================
11:30:26.0169 0x1568  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:30:26.0841 0x1568  \Device\Harddisk0\DR0 - ok
11:30:26.0841 0x1568  ================ Scan VBR ==================================
11:30:26.0851 0x1568  [ 085FA9A112BCC56106400DA755CBBE53 ] \Device\Harddisk0\DR0\Partition1
11:30:26.0861 0x1568  \Device\Harddisk0\DR0\Partition1 - ok
11:30:26.0911 0x1568  [ 6A7C2E6F1E5CC75BE74DDF31C43FCF90 ] \Device\Harddisk0\DR0\Partition2
11:30:26.0911 0x1568  \Device\Harddisk0\DR0\Partition2 - ok
11:30:26.0991 0x1568  [ D3913903A230C5C03F9F765D9BC3DF04 ] \Device\Harddisk0\DR0\Partition3
11:30:27.0001 0x1568  \Device\Harddisk0\DR0\Partition3 - ok
11:30:27.0031 0x1568  [ 68ED99A2BBAB390F2C183373BA3615E6 ] \Device\Harddisk0\DR0\Partition4
11:30:27.0041 0x1568  \Device\Harddisk0\DR0\Partition4 - ok
11:30:27.0041 0x1568  ================ Scan generic autorun ======================
11:30:27.0511 0x1568  [ 4A73AB8412D3AA6CFAD24051FF9DBFA7, 7C1F6BDECE92F2A58E88FC603F1BEE9B0F72130136AE9A368892323A9A327FD1 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
11:30:27.0531 0x1568  IAStorIcon - ok
11:30:28.0185 0x1568  [ C3ED14DACCE096FDC4258664EB7A463F, C46C647CAF9CE066A6676171A21AA08A0A72302E86906186161485B57968F341 ] C:\Program Files\IDT\WDM\sttray.exe
11:30:28.0284 0x1568  SysTrayApp - ok
11:30:28.0416 0x1568  [ 2F3663B9564A4965C93B696CDD7DB6D3, 4D7655B5F6330453D69BC1F0397DAD8B1D41A0FAC7C1861800879D2BDF413384 ] C:\Program Files\Bluetooth Suite\BtvStack.exe
11:30:28.0492 0x1568  AtherosBtStack - ok
11:30:28.0575 0x1568  [ 8CFFC92FDC8C123C2FBB904F47AA26F6, 2787B8BEAFD65C1A892F040ED399D0AB35012F4E7C0F9AB70D66CCB7C9914270 ] C:\Program Files\Bluetooth Suite\AthBtTray.exe
11:30:28.0675 0x1568  AthBtTray - ok
11:30:29.0311 0x1568  [ E00B36112AB6EFE596C40E189B65D32C, C706D04C4AB4AE1AB8C0A506BD050CDD316E94BEBCF69A72C49836FA404266BD ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
11:30:29.0521 0x1568  SynTPEnh - ok
11:30:29.0611 0x1568  [ AC581685C4CC890B42E9E9700014543D, 642DEB7AF6576D07C8D8019135338E4B45B2B17329BF376C4605E912F0CBD034 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
11:30:29.0663 0x1568  SunJavaUpdateSched - ok
11:30:29.0793 0x1568  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:30:29.0893 0x1568  Sidebar - ok
11:30:29.0943 0x1568  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:30:29.0953 0x1568  mctadmin - ok
11:30:30.0060 0x1568  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:30:30.0134 0x1568  Sidebar - ok
11:30:30.0160 0x1568  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:30:30.0175 0x1568  mctadmin - ok
11:30:30.0731 0x1568  [ 5C9960660DC2D5C8A94FFA7A8174A0BA, 0143AC161EA7BC59F6E1FC86948E9CFBC41CB068D6D118BBAB0250789222538A ] C:\Users\Me\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
11:30:30.0786 0x1568  Google Update - ok
11:30:30.0909 0x1568  [ 264FF661A5DA4211E85E55BCB0BF6D53, A7651C052DB3610A9625AE4F4A4DAAECA59EDC5A2A68F30D355475C4A9BF2717 ] C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
11:30:31.0007 0x1568  WinPatrol - ok
11:30:31.0024 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:32.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:33.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:34.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:35.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:36.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:37.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:38.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:39.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:40.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:41.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:42.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:43.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:44.0025 0x1568  Waiting for KSN requests completion. In queue: 112
11:30:45.0335 0x1568  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
11:30:45.0415 0x1568  Win FW state via NFP2: enabled ( trusted )
11:30:46.0405 0x1568  ============================================================
11:30:46.0405 0x1568  Scan finished
11:30:46.0405 0x1568  ============================================================
11:30:46.0425 0x1fe4  Detected object count: 0
11:30:46.0425 0x1fe4  Actual detected object count: 0
 


Namaste, Peace & Love,
Glenn


If I have frustrated you, then I must be a student. If I've imparted information or a skill to you, then I must be a teacher. If I've helped you, then I must be a volunteer. If I've touched your life, then I must be happy!
If you had to choose between saving just your family, or saving 10,000 GOOD people (but not your family), what would you choose?


#5 RevGAM

RevGAM
  • Topic Starter

  • Members
  • 696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Milwaukee, Wisconsin, USA
  • Local time:10:34 AM

Posted 08 November 2017 - 12:44 PM

AdwCleaner results

# AdwCleaner 7.0.4.0 - Logfile created on Wed Nov 08 17:40:46 2017
# Updated on 2017/27/10 by Malwarebytes
# Database: 11-07-2017.2
# Running on Windows 7 Home Premium (X86)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\Local\YSearchUtil
PUP.Optional.Legacy, C:\Users\Me\AppData\Local\YSearchUtil
PUP.Optional.Legacy, C:\Program Files\Yahoo!\yset


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########


Namaste, Peace & Love,
Glenn


If I have frustrated you, then I must be a student. If I've imparted information or a skill to you, then I must be a teacher. If I've helped you, then I must be a volunteer. If I've touched your life, then I must be happy!
If you had to choose between saving just your family, or saving 10,000 GOOD people (but not your family), what would you choose?


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 70,544 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:34 AM

Posted 08 November 2017 - 02:06 PM

Did you run ESET yet?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 RevGAM

RevGAM
  • Topic Starter

  • Members
  • 696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Milwaukee, Wisconsin, USA
  • Local time:10:34 AM

Posted 08 November 2017 - 05:40 PM

Sorry, it took a long time.

Results of eSet scan:

C:\Users\Me\AppData\LocalLow\Oracle\Java\jre1.8.0_77\java_sp.dll    a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application    
C:\Users\Me\Downloads\ccsetup535.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
C:\Users\Me\Downloads\Installed\AirDroid_Desktop_Client_3.4.0.0.exe    Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.L potentially unwanted application    
C:\Users\Me\Downloads\Installed\ccsetup522.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
 


Edited by RevGAM, 08 November 2017 - 05:42 PM.

Namaste, Peace & Love,
Glenn


If I have frustrated you, then I must be a student. If I've imparted information or a skill to you, then I must be a teacher. If I've helped you, then I must be a volunteer. If I've touched your life, then I must be happy!
If you had to choose between saving just your family, or saving 10,000 GOOD people (but not your family), what would you choose?


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 70,544 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:34 AM

Posted 09 November 2017 - 10:57 AM

Thanks, yes it can take long..

Lets remove what was found

The ESET Online Scanner saves a log file after running, which can be examined or sent in to ESET for further analysis. To view the log file, Show hidden files and folders must be enabled. New logs are appended to the existing log files when multiple scans are run. 

The path to the log file is the following: C:\users\%userprofile%\appdata\local\temp\log.txt 

Select All.. and Clean..

>>>>

Now ADWCleaner
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwCleaner, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

    Restart and see how it is.





How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 RevGAM

RevGAM
  • Topic Starter

  • Members
  • 696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Milwaukee, Wisconsin, USA
  • Local time:10:34 AM

Posted 10 November 2017 - 05:09 PM

Thanks, yes it can take long..

Lets remove what was found

The ESET Online Scanner saves a log file after running, which can be examined or sent in to ESET for further analysis. To view the log file, Show hidden files and folders must be enabled. New logs are appended to the existing log files when multiple scans are run. 

The path to the log file is the following: C:\users\%userprofile%\appdata\local\temp\log.txt 

Select All.. and Clean..

How do I do this?  Do you mean I need to rerun the scan?  If not, how do I use the log to get ESET to remove those files?  I didn't see an option in ESET for that...?


Namaste, Peace & Love,
Glenn


If I have frustrated you, then I must be a student. If I've imparted information or a skill to you, then I must be a teacher. If I've helped you, then I must be a volunteer. If I've touched your life, then I must be happy!
If you had to choose between saving just your family, or saving 10,000 GOOD people (but not your family), what would you choose?


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 70,544 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:34 AM

Posted 14 November 2017 - 02:11 PM

Sorry for the delay.. Looks like a rerun and clean
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 RevGAM

RevGAM
  • Topic Starter

  • Members
  • 696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Milwaukee, Wisconsin, USA
  • Local time:10:34 AM

Posted 16 November 2017 - 11:28 PM

I've just started rerunning ESET.  Sorry, I got distracted. :) I'll update you in the morning when it's done, then run AdwCleaner.


Edited by RevGAM, 16 November 2017 - 11:30 PM.

Namaste, Peace & Love,
Glenn


If I have frustrated you, then I must be a student. If I've imparted information or a skill to you, then I must be a teacher. If I've helped you, then I must be a volunteer. If I've touched your life, then I must be happy!
If you had to choose between saving just your family, or saving 10,000 GOOD people (but not your family), what would you choose?


#12 RevGAM

RevGAM
  • Topic Starter

  • Members
  • 696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Milwaukee, Wisconsin, USA
  • Local time:10:34 AM

Posted 17 November 2017 - 06:33 PM

I apologize for not getting this info to you faster.  My mom had an urgent situation I needed to handle.

Here's the ESET log.  Since there was no way to use the history, I set it to clean automatically.
 

11:46:37 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu.exe=2.0.19.0
# EOSSerial=4039a59b2986f343af613cbb06ddb45b
# end=init
# utc_time=2017-11-08 17:46:35
# local_time=2017-11-08 11:46:35 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
11:47:44 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu.exe=2.0.19.0
# EOSSerial=4039a59b2986f343af613cbb06ddb45b
# end=init
# utc_time=2017-11-08 17:47:43
# local_time=2017-11-08 11:47:43 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
11:50:29 Call m_esets_charon_setup_create
11:50:29 Call m_esets_charon_create
11:50:30 m_esets_charon_create OK
11:50:30 Call m_esets_charon_start_send_thread
11:50:31 Call m_esets_charon_setup_set
11:50:31 m_esets_charon_setup_set OK
11:50:49 Updating
11:50:49 Update Init
11:51:11 Call m_esets_charon_setup_create
11:51:12 Call m_esets_charon_create
11:51:12 m_esets_charon_setup_set ERROR
11:51:12 Update Download
11:53:51 esets_scanner_reload returned 0
11:53:51 g_uiModuleBuild: 35335
11:53:51 Update Finalize
11:53:51 Call m_esets_charon_send
11:53:51 Call m_esets_charon_destroy
11:53:52 Updated modules version: 35335
11:54:08 Call m_esets_charon_setup_create
11:54:08 Call m_esets_charon_create
11:54:08 m_esets_charon_setup_set ERROR
11:54:08 Scanner engine: 35335
16:07:37 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu.exe=2.0.19.0
# EOSSerial=4039a59b2986f343af613cbb06ddb45b
# engine=35335
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2017-11-08 22:07:35
# local_time=2017-11-08 16:07:35 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 36679059 261723646 0 0
# scanned=2
# found=4
# cleaned=0
# scan_time=15221
sh=C01DA6A964D428D13426BF690481552B608D3208 ft=1 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application" ac=I fn="C:\Users\Me\AppData\LocalLow\Oracle\Java\jre1.8.0_77\java_sp.dll"
sh=F94E391EAF75FC564A32262872369C2D8F7EDBCD ft=1 fh=0000000000000000 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Me\Downloads\ccsetup535.exe"
sh=A7F4C4533A638FF2E2864A255C836A59C7DD642A ft=1 fh=0000000000000000 vn="Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.L potentially unwanted application" ac=I fn="C:\Users\Me\Downloads\Installed\AirDroid_Desktop_Client_3.4.0.0.exe"
sh=261B03A8D6F66A7096ACE2441C17837564ADF08E ft=1 fh=0000000000000000 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Me\Downloads\Installed\ccsetup522.exe"
16:41:45 Call m_esets_charon_send
16:41:45 Call m_esets_charon_destroy
16:41:46 Cleaning up
16:41:46 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Me\AppData\Local\ESET\ESETOnlineScanner\Modules\
16:41:47 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Me\AppData\Local\ESET\ESETOnlineScanner\OldModules\
16:41:47 DeleteEstsApi: C:\Users\Me\AppData\Local\ESET\ESETOnlineScanner
16:41:47 DeleteApiStgFile: C:\Users\Me\AppData\Local\ESET\ESETOnlineScanner
16:41:47 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Me\AppData\Local\ESET\ESETOnlineScanner\Char_Cache\
15:54:46 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu.exe=2.0.19.0
# EOSSerial=4039a59b2986f343af613cbb06ddb45b
# end=init
# utc_time=2017-11-10 21:54:44
# local_time=2017-11-10 15:54:44 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
15:55:11 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu.exe=2.0.19.0
# EOSSerial=4039a59b2986f343af613cbb06ddb45b
# end=init
# utc_time=2017-11-10 21:55:09
# local_time=2017-11-10 15:55:09 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
16:06:56 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Me\AppData\Local\ESET\ESETOnlineScanner\Quarantine\
22:26:04 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu(1).exe=2.0.19.0
# EOSSerial=4039a59b2986f343af613cbb06ddb45b
# end=init
# utc_time=2017-11-17 04:26:03
# local_time=2017-11-16 22:26:03 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
22:26:25 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu(1).exe=2.0.19.0
# EOSSerial=4039a59b2986f343af613cbb06ddb45b
# end=init
# utc_time=2017-11-17 04:26:24
# local_time=2017-11-16 22:26:24 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
22:28:09 Updating
22:28:09 Update Init
22:28:10 Update Download
22:30:38 esets_scanner_reload returned 0
22:30:38 g_uiModuleBuild: 35429
22:30:38 Update Finalize
22:30:38 Call m_esets_charon_send
22:30:38 Call m_esets_charon_destroy
22:30:39 Updated modules version: 35429
22:30:55 Call m_esets_charon_setup_create
22:30:55 Call m_esets_charon_create
22:30:55 m_esets_charon_create OK
22:30:55 Call m_esets_charon_start_send_thread
22:30:55 Call m_esets_charon_setup_set
22:30:55 m_esets_charon_setup_set OK
22:30:55 Scanner engine: 35429
02:10:24 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu(1).exe=2.0.19.0
# EOSSerial=4039a59b2986f343af613cbb06ddb45b
# engine=35429
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2017-11-17 08:10:23
# local_time=2017-11-17 02:10:23 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 37406427 262451014 0 0
# scanned=2
# found=4
# cleaned=4
# scan_time=13183
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Me\AppData\LocalLow\Oracle\Java\jre1.8.0_77\java_sp.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Me\Downloads\ccsetup535.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.L potentially unwanted application (cleaned by deleting)" ac=C fn="C:\Users\Me\Downloads\Installed\AirDroid_Desktop_Client_3.4.0.0.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Me\Downloads\Installed\ccsetup522.exe"
07:04:35 Call m_esets_charon_send
07:04:35 Call m_esets_charon_destroy
 

 

This is the AdwCleaner log.  Please note your instructions do not match the current incarnation.  A log file automatically opened in Notepad.

# AdwCleaner 7.0.4.0 - Logfile created on Fri Nov 17 13:12:24 2017
# Updated on 2017/27/10 by Malwarebytes
# Database: 11-17-2017.1
# Running on Windows 7 Home Premium (X86)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\Local\YSearchUtil
PUP.Optional.Legacy, C:\Users\Me\AppData\Local\YSearchUtil
PUP.Optional.Legacy, C:\Program Files\Yahoo!\yset


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1193 B] - [2017/11/8 17:40:46]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########


Namaste, Peace & Love,
Glenn


If I have frustrated you, then I must be a student. If I've imparted information or a skill to you, then I must be a teacher. If I've helped you, then I must be a volunteer. If I've touched your life, then I must be happy!
If you had to choose between saving just your family, or saving 10,000 GOOD people (but not your family), what would you choose?


#13 RevGAM

RevGAM
  • Topic Starter

  • Members
  • 696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Milwaukee, Wisconsin, USA
  • Local time:10:34 AM

Posted 18 November 2017 - 03:32 AM

Bad news!

Following the ESET instructions, I exited MBAM and, once done with the tasks you gave me, I forgot to turn it back on (forgetful these days).  Stupid me!

A while ago, I noticed a CLI window open with the name taskeng.exe.  Since this sort of thing never happens, I used task manager to end it and tried to reopen MBAM. It wouldn't open so I restarted.  Upon restart, MBAM should've loaded but didn't.  I selected switch to MBAM tray app via taskmgr, but the screen went black. It took a long time to load up MBAM and a scan revealed nothing.

I looked at taskeng.exe in the task scheduler, and the history has been disabled.  It is set to trigger at 7:04 PM every day and the trigger expires on 7/18 at 7:04:51 PM, which seems odd.  It starts up msfeedssync.exe sync in system32 folder.

I also went into WinPatrol and deleted a couple of startups that had missing files (programs I got rid of).  I then added MBAM and MBAM tray to the startup list, since it was missing.  I also checked MBAM's settings and noted that scan for rootkits was turned off, so I turned it on.  Firefox just updated to the new version, so I cannot tell if the computer speed is affected by that.

I loaded up SAS, which I keep loaded just in case, and it's already detected Trojan-Downloader-Winlogon/FAS in the recycle bin.  It's still scanning.  After SAS is done, I will rerun MBAM and then ESET and AdwCleaner.


Namaste, Peace & Love,
Glenn


If I have frustrated you, then I must be a student. If I've imparted information or a skill to you, then I must be a teacher. If I've helped you, then I must be a volunteer. If I've touched your life, then I must be happy!
If you had to choose between saving just your family, or saving 10,000 GOOD people (but not your family), what would you choose?


#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 70,544 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:34 AM

Posted 18 November 2017 - 09:16 AM

Ok.. Delete or Remove what is found.. after that reboot computer and see how it is.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 RevGAM

RevGAM
  • Topic Starter

  • Members
  • 696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Milwaukee, Wisconsin, USA
  • Local time:10:34 AM

Posted 18 November 2017 - 03:29 PM

Ok.. Delete or Remove what is found.. after that reboot computer and see how it is.

Done with SAS, which only found the 1 trojan, and now I am rerunning ESET and AdwCleaner.


Namaste, Peace & Love,
Glenn


If I have frustrated you, then I must be a student. If I've imparted information or a skill to you, then I must be a teacher. If I've helped you, then I must be a volunteer. If I've touched your life, then I must be happy!
If you had to choose between saving just your family, or saving 10,000 GOOD people (but not your family), what would you choose?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users