WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

No desktop and Explorer.exe application failed to initalize 0xc0000005

Started by elmkd , Sep 24 2014 01:12 PM

This topic is locked

35 replies to this topic

#16 elmkd

Authentic Member

Authentic Member
138 posts

Posted 29 September 2014 - 10:39 AM

Here are the logs:

Checking file system on C:

The type of the file system is NTFS.

Volume label is SQ004286V02.

A disk check has been scheduled.

Windows will now check the disk.

181184 file records processed. 1284 large file records processed. 0 bad file records processed. 0 EA records processed. 44 reparse records processed. 224054 index entries processed. 0 unindexed files processed. 181184 security descriptors processed. Cleaning up 8330 unused index entries from index $SII of file 0x9.

Cleaning up 8330 unused index entries from index $SDH of file 0x9.

Cleaning up 8330 unused security descriptors.

CHKDSK is compacting the security descriptor stream...

21436 data files processed. CHKDSK is verifying Usn Journal...

35702168 USN bytes processed. Usn Journal verification completed.

CHKDSK is verifying file data (stage 4 of 5)...

181168 files processed. File data verification completed.

CHKDSK is verifying free space (stage 5 of 5)...

13669731 free clusters processed. Free space verification is complete.

Correcting errors in the master file table's (MFT) BITMAP attribute.

Correcting errors in the Volume Bitmap.

Write failure with status 0xc0000185 at offset 0x0 for 0x200 bytes.

The first NTFS boot sector is unwriteable.

Windows has made corrections to the file system.

96148479 KB total disk space.

41104328 KB in 114823 files.

70068 KB in 21439 indexes.

0 KB in bad sectors.

295155 KB in use by the system.

65536 KB occupied by the log file.

54678928 KB available on disk.

4096 bytes in each allocation unit.

24037119 total allocation units on disk.

13669732 allocation units available on disk.

Internal Info:

c0 c3 02 00 50 14 02 00 de a6 03 00 00 00 00 00 ....P...........

32 0d 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 2...,...........

42 00 00 00 e2 73 f9 76 c8 82 4f 00 c8 7a 4f 00 B....s.v..O..zO.

Windows has finished checking your disk.

Please wait while your computer restarts.

===================================================

2014-09-24 08:15:55, Info CSI 00000006 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:15:55, Info CSI 00000007 [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:05, Info CSI 00000009 [SR] Verify complete

2014-09-24 08:16:07, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:07, Info CSI 0000000b [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:17, Info CSI 0000000d [SR] Verify complete

2014-09-24 08:16:19, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:19, Info CSI 0000000f [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:20, Info CSI 00000011 [SR] Verify complete

2014-09-24 08:16:22, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:22, Info CSI 00000013 [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:24, Info CSI 00000015 [SR] Verify complete

2014-09-24 08:16:26, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:26, Info CSI 00000017 [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:28, Info CSI 00000019 [SR] Verify complete

2014-09-24 08:16:30, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:30, Info CSI 0000001b [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:32, Info CSI 0000001d [SR] Verify complete

2014-09-24 08:16:34, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:34, Info CSI 0000001f [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:35, Info CSI 00000021 [SR] Verify complete

2014-09-24 08:16:38, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:38, Info CSI 00000023 [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:40, Info CSI 00000025 [SR] Verify complete

2014-09-24 08:16:41, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:41, Info CSI 00000027 [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:44, Info CSI 00000029 [SR] Verify complete

2014-09-24 08:16:45, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:45, Info CSI 0000002b [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:48, Info CSI 0000002d [SR] Verify complete

2014-09-24 08:16:49, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:49, Info CSI 0000002f [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:51, Info CSI 00000031 [SR] Verify complete

2014-09-24 08:16:53, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:53, Info CSI 00000033 [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:55, Info CSI 00000035 [SR] Verify complete

2014-09-24 08:16:56, Info CSI 00000036 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:16:56, Info CSI 00000037 [SR] Beginning Verify and Repair transaction

2014-09-24 08:16:58, Info CSI 00000039 [SR] Verify complete

2014-09-24 08:17:00, Info CSI 0000003a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:00, Info CSI 0000003b [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:02, Info CSI 0000003d [SR] Verify complete

2014-09-24 08:17:03, Info CSI 0000003e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:03, Info CSI 0000003f [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:06, Info CSI 00000041 [SR] Verify complete

2014-09-24 08:17:07, Info CSI 00000042 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:07, Info CSI 00000043 [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:10, Info CSI 00000045 [SR] Verify complete

2014-09-24 08:17:11, Info CSI 00000046 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:11, Info CSI 00000047 [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:13, Info CSI 00000049 [SR] Verify complete

2014-09-24 08:17:15, Info CSI 0000004a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:15, Info CSI 0000004b [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:17, Info CSI 0000004d [SR] Verify complete

2014-09-24 08:17:19, Info CSI 0000004e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:19, Info CSI 0000004f [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:21, Info CSI 00000051 [SR] Verify complete

2014-09-24 08:17:22, Info CSI 00000052 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:22, Info CSI 00000053 [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:24, Info CSI 00000055 [SR] Verify complete

2014-09-24 08:17:26, Info CSI 00000056 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:26, Info CSI 00000057 [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:28, Info CSI 00000059 [SR] Verify complete

2014-09-24 08:17:30, Info CSI 0000005a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:30, Info CSI 0000005b [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:31, Info CSI 0000005d [SR] Verify complete

2014-09-24 08:17:33, Info CSI 0000005e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:33, Info CSI 0000005f [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:36, Info CSI 00000061 [SR] Verify complete

2014-09-24 08:17:37, Info CSI 00000062 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:37, Info CSI 00000063 [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:41, Info CSI 00000065 [SR] Verify complete

2014-09-24 08:17:43, Info CSI 00000066 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:43, Info CSI 00000067 [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:45, Info CSI 00000069 [SR] Verify complete

2014-09-24 08:17:46, Info CSI 0000006a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:46, Info CSI 0000006b [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:50, Info CSI 0000006d [SR] Verify complete

2014-09-24 08:17:51, Info CSI 0000006e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:51, Info CSI 0000006f [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:53, Info CSI 00000071 [SR] Verify complete

2014-09-24 08:17:55, Info CSI 00000072 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:55, Info CSI 00000073 [SR] Beginning Verify and Repair transaction

2014-09-24 08:17:58, Info CSI 00000075 [SR] Verify complete

2014-09-24 08:17:59, Info CSI 00000076 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:17:59, Info CSI 00000077 [SR] Beginning Verify and Repair transaction

2014-09-24 08:18:01, Info CSI 00000079 [SR] Verify complete

2014-09-24 08:18:03, Info CSI 0000007a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:18:03, Info CSI 0000007b [SR] Beginning Verify and Repair transaction

2014-09-24 08:18:07, Info CSI 0000007d [SR] Verify complete

2014-09-24 08:18:09, Info CSI 0000007e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:18:09, Info CSI 0000007f [SR] Beginning Verify and Repair transaction

2014-09-24 08:18:11, Info CSI 00000081 [SR] Verify complete

2014-09-24 08:18:12, Info CSI 00000082 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:18:12, Info CSI 00000083 [SR] Beginning Verify and Repair transaction

2014-09-24 08:18:14, Info CSI 00000085 [SR] Verify complete

2014-09-24 08:18:16, Info CSI 00000086 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:18:16, Info CSI 00000087 [SR] Beginning Verify and Repair transaction

2014-09-24 08:18:18, Info CSI 00000089 [SR] Verify complete

2014-09-24 08:18:20, Info CSI 0000008a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:18:20, Info CSI 0000008b [SR] Beginning Verify and Repair transaction

2014-09-24 08:18:23, Info CSI 0000008d [SR] Verify complete

2014-09-24 08:18:24, Info CSI 0000008e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:18:24, Info CSI 0000008f [SR] Beginning Verify and Repair transaction

2014-09-24 08:18:34, Info CSI 00000091 [SR] Verify complete

2014-09-24 08:18:35, Info CSI 00000092 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:18:35, Info CSI 00000093 [SR] Beginning Verify and Repair transaction

2014-09-24 08:18:45, Info CSI 00000095 [SR] Verify complete

2014-09-24 08:18:46, Info CSI 00000096 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:18:46, Info CSI 00000097 [SR] Beginning Verify and Repair transaction

2014-09-24 08:18:57, Info CSI 0000009a [SR] Verify complete

2014-09-24 08:18:59, Info CSI 0000009b [SR] Verifying 100 (0x00000064) components

2014-09-24 08:18:59, Info CSI 0000009c [SR] Beginning Verify and Repair transaction

2014-09-24 08:19:06, Info CSI 0000009e [SR] Verify complete

2014-09-24 08:19:08, Info CSI 0000009f [SR] Verifying 100 (0x00000064) components

2014-09-24 08:19:08, Info CSI 000000a0 [SR] Beginning Verify and Repair transaction

2014-09-24 08:19:16, Info CSI 000000a3 [SR] Verify complete

2014-09-24 08:19:17, Info CSI 000000a4 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:19:17, Info CSI 000000a5 [SR] Beginning Verify and Repair transaction

2014-09-24 08:19:28, Info CSI 000000a7 [SR] Verify complete

2014-09-24 08:19:30, Info CSI 000000a8 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:19:30, Info CSI 000000a9 [SR] Beginning Verify and Repair transaction

2014-09-24 08:19:46, Info CSI 000000b3 [SR] Verify complete

2014-09-24 08:19:47, Info CSI 000000b4 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:19:47, Info CSI 000000b5 [SR] Beginning Verify and Repair transaction

2014-09-24 08:19:57, Info CSI 000000b7 [SR] Verify complete

2014-09-24 08:19:58, Info CSI 000000b8 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:19:58, Info CSI 000000b9 [SR] Beginning Verify and Repair transaction

2014-09-24 08:20:06, Info CSI 000000bb [SR] Verify complete

2014-09-24 08:20:08, Info CSI 000000bc [SR] Verifying 100 (0x00000064) components

2014-09-24 08:20:08, Info CSI 000000bd [SR] Beginning Verify and Repair transaction

2014-09-24 08:20:18, Info CSI 000000bf [SR] Verify complete

2014-09-24 08:20:19, Info CSI 000000c0 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:20:19, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction

2014-09-24 08:20:33, Info CSI 000000c3 [SR] Verify complete

2014-09-24 08:20:34, Info CSI 000000c4 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:20:34, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction

2014-09-24 08:20:48, Info CSI 000000c9 [SR] Verify complete

2014-09-24 08:20:50, Info CSI 000000ca [SR] Verifying 100 (0x00000064) components

2014-09-24 08:20:50, Info CSI 000000cb [SR] Beginning Verify and Repair transaction

2014-09-24 08:21:08, Info CSI 000000cd [SR] Verify complete

2014-09-24 08:21:09, Info CSI 000000ce [SR] Verifying 100 (0x00000064) components

2014-09-24 08:21:09, Info CSI 000000cf [SR] Beginning Verify and Repair transaction

2014-09-24 08:21:32, Info CSI 000000d1 [SR] Verify complete

2014-09-24 08:21:33, Info CSI 000000d2 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:21:33, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction

2014-09-24 08:21:42, Info CSI 000000d5 [SR] Verify complete

2014-09-24 08:21:43, Info CSI 000000d6 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:21:43, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction

2014-09-24 08:21:46, Info CSI 000000d9 [SR] Verify complete

2014-09-24 08:21:47, Info CSI 000000da [SR] Verifying 100 (0x00000064) components

2014-09-24 08:21:47, Info CSI 000000db [SR] Beginning Verify and Repair transaction

2014-09-24 08:21:51, Info CSI 000000dd [SR] Verify complete

2014-09-24 08:21:52, Info CSI 000000de [SR] Verifying 100 (0x00000064) components

2014-09-24 08:21:52, Info CSI 000000df [SR] Beginning Verify and Repair transaction

2014-09-24 08:22:06, Info CSI 000000fc [SR] Verify complete

2014-09-24 08:22:07, Info CSI 000000fd [SR] Verifying 100 (0x00000064) components

2014-09-24 08:22:07, Info CSI 000000fe [SR] Beginning Verify and Repair transaction

2014-09-24 08:22:14, Info CSI 00000101 [SR] Verify complete

2014-09-24 08:22:15, Info CSI 00000102 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:22:15, Info CSI 00000103 [SR] Beginning Verify and Repair transaction

2014-09-24 08:22:19, Info CSI 00000105 [SR] Verify complete

2014-09-24 08:22:19, Info CSI 00000106 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:22:19, Info CSI 00000107 [SR] Beginning Verify and Repair transaction

2014-09-24 08:22:27, Info CSI 00000109 [SR] Verify complete

2014-09-24 08:22:28, Info CSI 0000010a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:22:28, Info CSI 0000010b [SR] Beginning Verify and Repair transaction

2014-09-24 08:22:37, Info CSI 0000010d [SR] Verify complete

2014-09-24 08:22:39, Info CSI 0000010e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:22:39, Info CSI 0000010f [SR] Beginning Verify and Repair transaction

2014-09-24 08:22:57, Info CSI 00000112 [SR] Verify complete

2014-09-24 08:22:58, Info CSI 00000113 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:22:58, Info CSI 00000114 [SR] Beginning Verify and Repair transaction

2014-09-24 08:23:05, Info CSI 00000116 [SR] Verify complete

2014-09-24 08:23:06, Info CSI 00000117 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:23:06, Info CSI 00000118 [SR] Beginning Verify and Repair transaction

2014-09-24 08:23:12, Info CSI 0000011a [SR] Verify complete

2014-09-24 08:23:13, Info CSI 0000011b [SR] Verifying 100 (0x00000064) components

2014-09-24 08:23:13, Info CSI 0000011c [SR] Beginning Verify and Repair transaction

2014-09-24 08:23:29, Info CSI 0000011e [SR] Verify complete

2014-09-24 08:23:30, Info CSI 0000011f [SR] Verifying 100 (0x00000064) components

2014-09-24 08:23:30, Info CSI 00000120 [SR] Beginning Verify and Repair transaction

2014-09-24 08:23:40, Info CSI 00000122 [SR] Verify complete

2014-09-24 08:23:41, Info CSI 00000123 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:23:41, Info CSI 00000124 [SR] Beginning Verify and Repair transaction

2014-09-24 08:23:55, Info CSI 00000126 [SR] Verify complete

2014-09-24 08:23:56, Info CSI 00000127 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:23:56, Info CSI 00000128 [SR] Beginning Verify and Repair transaction

2014-09-24 08:24:14, Info CSI 0000014d [SR] Verify complete

2014-09-24 08:24:15, Info CSI 0000014e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:24:15, Info CSI 0000014f [SR] Beginning Verify and Repair transaction

2014-09-24 08:24:30, Info CSI 00000151 [SR] Verify complete

2014-09-24 08:24:31, Info CSI 00000152 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:24:31, Info CSI 00000153 [SR] Beginning Verify and Repair transaction

2014-09-24 08:25:06, Info CSI 00000155 [SR] Verify complete

2014-09-24 08:25:06, Info CSI 00000156 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:25:06, Info CSI 00000157 [SR] Beginning Verify and Repair transaction

2014-09-24 08:25:28, Info CSI 00000159 [SR] Verify complete

2014-09-24 08:25:29, Info CSI 0000015a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:25:29, Info CSI 0000015b [SR] Beginning Verify and Repair transaction

2014-09-24 08:25:41, Info CSI 0000015d [SR] Verify complete

2014-09-24 08:25:42, Info CSI 0000015e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:25:42, Info CSI 0000015f [SR] Beginning Verify and Repair transaction

2014-09-24 08:25:52, Info CSI 00000161 [SR] Verify complete

2014-09-24 08:25:54, Info CSI 00000162 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:25:54, Info CSI 00000163 [SR] Beginning Verify and Repair transaction

2014-09-24 08:26:03, Info CSI 00000166 [SR] Verify complete

2014-09-24 08:26:05, Info CSI 00000167 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:26:05, Info CSI 00000168 [SR] Beginning Verify and Repair transaction

2014-09-24 08:26:23, Info CSI 0000016a [SR] Verify complete

2014-09-24 08:26:24, Info CSI 0000016b [SR] Verifying 100 (0x00000064) components

2014-09-24 08:26:24, Info CSI 0000016c [SR] Beginning Verify and Repair transaction

2014-09-24 08:26:39, Info CSI 0000016e [SR] Verify complete

2014-09-24 08:26:40, Info CSI 0000016f [SR] Verifying 100 (0x00000064) components

2014-09-24 08:26:40, Info CSI 00000170 [SR] Beginning Verify and Repair transaction

2014-09-24 08:26:51, Info CSI 00000172 [SR] Verify complete

2014-09-24 08:26:52, Info CSI 00000173 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:26:52, Info CSI 00000174 [SR] Beginning Verify and Repair transaction

2014-09-24 08:27:12, Info CSI 00000176 [SR] Verify complete

2014-09-24 08:27:13, Info CSI 00000177 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:27:13, Info CSI 00000178 [SR] Beginning Verify and Repair transaction

2014-09-24 08:27:24, Info CSI 0000017a [SR] Verify complete

2014-09-24 08:27:25, Info CSI 0000017b [SR] Verifying 100 (0x00000064) components

2014-09-24 08:27:25, Info CSI 0000017c [SR] Beginning Verify and Repair transaction

2014-09-24 08:27:35, Info CSI 0000017e [SR] Verify complete

2014-09-24 08:27:36, Info CSI 0000017f [SR] Verifying 100 (0x00000064) components

2014-09-24 08:27:36, Info CSI 00000180 [SR] Beginning Verify and Repair transaction

2014-09-24 08:27:54, Info CSI 00000183 [SR] Verify complete

2014-09-24 08:27:55, Info CSI 00000184 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:27:55, Info CSI 00000185 [SR] Beginning Verify and Repair transaction

2014-09-24 08:28:09, Info CSI 00000187 [SR] Verify complete

2014-09-24 08:28:10, Info CSI 00000188 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:28:10, Info CSI 00000189 [SR] Beginning Verify and Repair transaction

2014-09-24 08:28:20, Info CSI 0000018b [SR] Verify complete

2014-09-24 08:28:21, Info CSI 0000018c [SR] Verifying 100 (0x00000064) components

2014-09-24 08:28:21, Info CSI 0000018d [SR] Beginning Verify and Repair transaction

2014-09-24 08:28:33, Info CSI 0000018f [SR] Verify complete

2014-09-24 08:28:34, Info CSI 00000190 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:28:34, Info CSI 00000191 [SR] Beginning Verify and Repair transaction

2014-09-24 08:28:48, Info CSI 00000195 [SR] Verify complete

2014-09-24 08:28:50, Info CSI 00000196 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:28:50, Info CSI 00000197 [SR] Beginning Verify and Repair transaction

2014-09-24 08:29:02, Info CSI 00000199 [SR] Verify complete

2014-09-24 08:29:03, Info CSI 0000019a [SR] Verifying 100 (0x00000064) components

2014-09-24 08:29:03, Info CSI 0000019b [SR] Beginning Verify and Repair transaction

2014-09-24 08:29:18, Info CSI 0000019d [SR] Verify complete

2014-09-24 08:29:19, Info CSI 0000019e [SR] Verifying 100 (0x00000064) components

2014-09-24 08:29:19, Info CSI 0000019f [SR] Beginning Verify and Repair transaction

2014-09-24 08:29:26, Info CSI 000001a1 [SR] Verify complete

2014-09-24 08:29:26, Info CSI 000001a2 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:29:26, Info CSI 000001a3 [SR] Beginning Verify and Repair transaction

2014-09-24 08:29:36, Info CSI 000001a5 [SR] Verify complete

2014-09-24 08:29:37, Info CSI 000001a6 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:29:37, Info CSI 000001a7 [SR] Beginning Verify and Repair transaction

2014-09-24 08:29:50, Info CSI 000001a9 [SR] Verify complete

2014-09-24 08:29:51, Info CSI 000001aa [SR] Verifying 100 (0x00000064) components

2014-09-24 08:29:51, Info CSI 000001ab [SR] Beginning Verify and Repair transaction

2014-09-24 08:30:02, Info CSI 000001ad [SR] Verify complete

2014-09-24 08:30:02, Info CSI 000001ae [SR] Verifying 100 (0x00000064) components

2014-09-24 08:30:02, Info CSI 000001af [SR] Beginning Verify and Repair transaction

2014-09-24 08:30:11, Info CSI 000001b1 [SR] Verify complete

2014-09-24 08:30:12, Info CSI 000001b2 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:30:12, Info CSI 000001b3 [SR] Beginning Verify and Repair transaction

2014-09-24 08:30:44, Info CSI 000001b5 [SR] Verify complete

2014-09-24 08:30:44, Info CSI 000001b6 [SR] Verifying 100 (0x00000064) components

2014-09-24 08:30:44, Info CSI 000001b7 [SR] Beginning Verify and Repair transaction

2014-09-24 08:30:53, Info CSI 000001b9 [SR] Verify complete

2014-09-24 08:30:55, Info CSI 000001ba [SR] Verifying 100 (0x00000064) components

2014-09-24 08:30:55, Info CSI 000001bb [SR] Beginning Verify and Repair transaction

2014-09-24 08:31:09, Info CSI 000001c6 [SR] Verify complete

2014-09-24 08:31:09, Info CSI 000001c7 [SR] Verifying 55 (0x00000037) components

2014-09-24 08:31:09, Info CSI 000001c8 [SR] Beginning Verify and Repair transaction

2014-09-24 08:31:15, Info CSI 000001ca [SR] Verify complete

2014-09-24 08:31:15, Info CSI 000001cb [SR] Repairing 0 components

2014-09-24 08:31:15, Info CSI 000001cc [SR] Beginning Verify and Repair transaction

2014-09-24 08:31:15, Info CSI 000001ce [SR] Repair complete

2014-09-29 10:50:29, Info CSI 00000006 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:50:29, Info CSI 00000007 [SR] Beginning Verify and Repair transaction

2014-09-29 10:50:50, Info CSI 00000009 [SR] Verify complete

2014-09-29 10:50:54, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components

2014-09-29 10:50:54, Info CSI 0000000b [SR] Beginning Verify and Repair transaction

2014-09-29 10:51:18, Info CSI 0000000d [SR] Verify complete

2014-09-29 10:51:22, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components

2014-09-29 10:51:22, Info CSI 0000000f [SR] Beginning Verify and Repair transaction

2014-09-29 10:51:26, Info CSI 00000011 [SR] Verify complete

2014-09-29 10:51:29, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:51:29, Info CSI 00000013 [SR] Beginning Verify and Repair transaction

2014-09-29 10:51:32, Info CSI 00000015 [SR] Verify complete

2014-09-29 10:51:33, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:51:33, Info CSI 00000017 [SR] Beginning Verify and Repair transaction

2014-09-29 10:51:36, Info CSI 00000019 [SR] Verify complete

2014-09-29 10:51:38, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components

2014-09-29 10:51:38, Info CSI 0000001b [SR] Beginning Verify and Repair transaction

2014-09-29 10:51:40, Info CSI 0000001d [SR] Verify complete

2014-09-29 10:51:41, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components

2014-09-29 10:51:41, Info CSI 0000001f [SR] Beginning Verify and Repair transaction

2014-09-29 10:51:43, Info CSI 00000021 [SR] Verify complete

2014-09-29 10:51:45, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:51:45, Info CSI 00000023 [SR] Beginning Verify and Repair transaction

2014-09-29 10:51:47, Info CSI 00000025 [SR] Verify complete

2014-09-29 10:51:48, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:51:48, Info CSI 00000027 [SR] Beginning Verify and Repair transaction

2014-09-29 10:51:50, Info CSI 00000029 [SR] Verify complete

2014-09-29 10:51:52, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components

2014-09-29 10:51:52, Info CSI 0000002b [SR] Beginning Verify and Repair transaction

2014-09-29 10:51:54, Info CSI 0000002d [SR] Verify complete

2014-09-29 10:51:56, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components

2014-09-29 10:51:56, Info CSI 0000002f [SR] Beginning Verify and Repair transaction

2014-09-29 10:51:58, Info CSI 00000031 [SR] Verify complete

2014-09-29 10:51:59, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:51:59, Info CSI 00000033 [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:01, Info CSI 00000035 [SR] Verify complete

2014-09-29 10:52:03, Info CSI 00000036 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:03, Info CSI 00000037 [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:04, Info CSI 00000039 [SR] Verify complete

2014-09-29 10:52:06, Info CSI 0000003a [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:06, Info CSI 0000003b [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:08, Info CSI 0000003d [SR] Verify complete

2014-09-29 10:52:09, Info CSI 0000003e [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:09, Info CSI 0000003f [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:12, Info CSI 00000041 [SR] Verify complete

2014-09-29 10:52:13, Info CSI 00000042 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:13, Info CSI 00000043 [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:15, Info CSI 00000045 [SR] Verify complete

2014-09-29 10:52:17, Info CSI 00000046 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:17, Info CSI 00000047 [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:19, Info CSI 00000049 [SR] Verify complete

2014-09-29 10:52:20, Info CSI 0000004a [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:20, Info CSI 0000004b [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:23, Info CSI 0000004d [SR] Verify complete

2014-09-29 10:52:25, Info CSI 0000004e [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:25, Info CSI 0000004f [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:27, Info CSI 00000051 [SR] Verify complete

2014-09-29 10:52:29, Info CSI 00000052 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:29, Info CSI 00000053 [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:30, Info CSI 00000055 [SR] Verify complete

2014-09-29 10:52:32, Info CSI 00000056 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:32, Info CSI 00000057 [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:34, Info CSI 00000059 [SR] Verify complete

2014-09-29 10:52:35, Info CSI 0000005a [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:35, Info CSI 0000005b [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:37, Info CSI 0000005d [SR] Verify complete

2014-09-29 10:52:39, Info CSI 0000005e [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:39, Info CSI 0000005f [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:42, Info CSI 00000061 [SR] Verify complete

2014-09-29 10:52:43, Info CSI 00000062 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:43, Info CSI 00000063 [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:47, Info CSI 00000065 [SR] Verify complete

2014-09-29 10:52:49, Info CSI 00000066 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:49, Info CSI 00000067 [SR] Beginning Verify and Repair transaction

2014-09-29 10:52:53, Info CSI 00000069 [SR] Verify complete

2014-09-29 10:52:54, Info CSI 0000006a [SR] Verifying 100 (0x00000064) components

2014-09-29 10:52:54, Info CSI 0000006b [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:00, Info CSI 0000006d [SR] Verify complete

2014-09-29 10:53:02, Info CSI 0000006e [SR] Verifying 100 (0x00000064) components

2014-09-29 10:53:02, Info CSI 0000006f [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:05, Info CSI 00000071 [SR] Verify complete

2014-09-29 10:53:06, Info CSI 00000072 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:53:06, Info CSI 00000073 [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:10, Info CSI 00000075 [SR] Verify complete

2014-09-29 10:53:12, Info CSI 00000076 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:53:12, Info CSI 00000077 [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:14, Info CSI 00000079 [SR] Verify complete

2014-09-29 10:53:15, Info CSI 0000007a [SR] Verifying 100 (0x00000064) components

2014-09-29 10:53:15, Info CSI 0000007b [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:20, Info CSI 0000007d [SR] Verify complete

2014-09-29 10:53:22, Info CSI 0000007e [SR] Verifying 100 (0x00000064) components

2014-09-29 10:53:22, Info CSI 0000007f [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:25, Info CSI 00000081 [SR] Verify complete

2014-09-29 10:53:27, Info CSI 00000082 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:53:27, Info CSI 00000083 [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:29, Info CSI 00000085 [SR] Verify complete

2014-09-29 10:53:30, Info CSI 00000086 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:53:30, Info CSI 00000087 [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:33, Info CSI 00000089 [SR] Verify complete

2014-09-29 10:53:35, Info CSI 0000008a [SR] Verifying 100 (0x00000064) components

2014-09-29 10:53:35, Info CSI 0000008b [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:38, Info CSI 0000008d [SR] Verify complete

2014-09-29 10:53:39, Info CSI 0000008e [SR] Verifying 100 (0x00000064) components

2014-09-29 10:53:39, Info CSI 0000008f [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:49, Info CSI 00000091 [SR] Verify complete

2014-09-29 10:53:50, Info CSI 00000092 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:53:50, Info CSI 00000093 [SR] Beginning Verify and Repair transaction

2014-09-29 10:53:59, Info CSI 00000095 [SR] Verify complete

2014-09-29 10:54:01, Info CSI 00000096 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:54:01, Info CSI 00000097 [SR] Beginning Verify and Repair transaction

2014-09-29 10:54:18, Info CSI 0000009a [SR] Verify complete

2014-09-29 10:54:19, Info CSI 0000009b [SR] Verifying 100 (0x00000064) components

2014-09-29 10:54:19, Info CSI 0000009c [SR] Beginning Verify and Repair transaction

2014-09-29 10:54:27, Info CSI 0000009e [SR] Verify complete

2014-09-29 10:54:28, Info CSI 0000009f [SR] Verifying 100 (0x00000064) components

2014-09-29 10:54:28, Info CSI 000000a0 [SR] Beginning Verify and Repair transaction

2014-09-29 10:54:36, Info CSI 000000a3 [SR] Verify complete

2014-09-29 10:54:37, Info CSI 000000a4 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:54:37, Info CSI 000000a5 [SR] Beginning Verify and Repair transaction

2014-09-29 10:54:47, Info CSI 000000a7 [SR] Verify complete

2014-09-29 10:54:48, Info CSI 000000a8 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:54:48, Info CSI 000000a9 [SR] Beginning Verify and Repair transaction

2014-09-29 10:55:04, Info CSI 000000b3 [SR] Verify complete

2014-09-29 10:55:05, Info CSI 000000b4 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:55:05, Info CSI 000000b5 [SR] Beginning Verify and Repair transaction

2014-09-29 10:55:15, Info CSI 000000b7 [SR] Verify complete

2014-09-29 10:55:16, Info CSI 000000b8 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:55:16, Info CSI 000000b9 [SR] Beginning Verify and Repair transaction

2014-09-29 10:55:32, Info CSI 000000bb [SR] Verify complete

2014-09-29 10:55:34, Info CSI 000000bc [SR] Verifying 100 (0x00000064) components

2014-09-29 10:55:34, Info CSI 000000bd [SR] Beginning Verify and Repair transaction

2014-09-29 10:55:48, Info CSI 000000bf [SR] Verify complete

2014-09-29 10:55:49, Info CSI 000000c0 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:55:49, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction

2014-09-29 10:56:04, Info CSI 000000c3 [SR] Verify complete

2014-09-29 10:56:04, Info CSI 000000c4 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:56:04, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction

2014-09-29 10:56:18, Info CSI 000000c9 [SR] Verify complete

2014-09-29 10:56:19, Info CSI 000000ca [SR] Verifying 100 (0x00000064) components

2014-09-29 10:56:19, Info CSI 000000cb [SR] Beginning Verify and Repair transaction

2014-09-29 10:56:39, Info CSI 000000cd [SR] Verify complete

2014-09-29 10:56:40, Info CSI 000000ce [SR] Verifying 100 (0x00000064) components

2014-09-29 10:56:40, Info CSI 000000cf [SR] Beginning Verify and Repair transaction

2014-09-29 10:57:06, Info CSI 000000d1 [SR] Verify complete

2014-09-29 10:57:07, Info CSI 000000d2 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:57:07, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction

2014-09-29 10:57:28, Info CSI 000000d5 [SR] Verify complete

2014-09-29 10:57:29, Info CSI 000000d6 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:57:29, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction

2014-09-29 10:57:33, Info CSI 000000d9 [SR] Verify complete

2014-09-29 10:57:33, Info CSI 000000da [SR] Verifying 100 (0x00000064) components

2014-09-29 10:57:33, Info CSI 000000db [SR] Beginning Verify and Repair transaction

2014-09-29 10:57:37, Info CSI 000000dd [SR] Verify complete

2014-09-29 10:57:38, Info CSI 000000de [SR] Verifying 100 (0x00000064) components

2014-09-29 10:57:38, Info CSI 000000df [SR] Beginning Verify and Repair transaction

2014-09-29 10:57:54, Info CSI 000000fc [SR] Verify complete

2014-09-29 10:57:55, Info CSI 000000fd [SR] Verifying 100 (0x00000064) components

2014-09-29 10:57:55, Info CSI 000000fe [SR] Beginning Verify and Repair transaction

2014-09-29 10:58:03, Info CSI 00000101 [SR] Verify complete

2014-09-29 10:58:03, Info CSI 00000102 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:58:03, Info CSI 00000103 [SR] Beginning Verify and Repair transaction

2014-09-29 10:58:08, Info CSI 00000105 [SR] Verify complete

2014-09-29 10:58:08, Info CSI 00000106 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:58:08, Info CSI 00000107 [SR] Beginning Verify and Repair transaction

2014-09-29 10:58:16, Info CSI 00000109 [SR] Verify complete

2014-09-29 10:58:17, Info CSI 0000010a [SR] Verifying 100 (0x00000064) components

2014-09-29 10:58:17, Info CSI 0000010b [SR] Beginning Verify and Repair transaction

2014-09-29 10:58:29, Info CSI 0000010d [SR] Verify complete

2014-09-29 10:58:31, Info CSI 0000010e [SR] Verifying 100 (0x00000064) components

2014-09-29 10:58:31, Info CSI 0000010f [SR] Beginning Verify and Repair transaction

2014-09-29 10:58:49, Info CSI 00000112 [SR] Verify complete

2014-09-29 10:58:51, Info CSI 00000113 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:58:51, Info CSI 00000114 [SR] Beginning Verify and Repair transaction

2014-09-29 10:59:00, Info CSI 00000116 [SR] Verify complete

2014-09-29 10:59:01, Info CSI 00000117 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:59:01, Info CSI 00000118 [SR] Beginning Verify and Repair transaction

2014-09-29 10:59:08, Info CSI 0000011a [SR] Verify complete

2014-09-29 10:59:09, Info CSI 0000011b [SR] Verifying 100 (0x00000064) components

2014-09-29 10:59:09, Info CSI 0000011c [SR] Beginning Verify and Repair transaction

2014-09-29 10:59:30, Info CSI 0000011e [SR] Verify complete

2014-09-29 10:59:31, Info CSI 0000011f [SR] Verifying 100 (0x00000064) components

2014-09-29 10:59:31, Info CSI 00000120 [SR] Beginning Verify and Repair transaction

2014-09-29 10:59:47, Info CSI 00000122 [SR] Verify complete

2014-09-29 10:59:49, Info CSI 00000123 [SR] Verifying 100 (0x00000064) components

2014-09-29 10:59:49, Info CSI 00000124 [SR] Beginning Verify and Repair transaction

2014-09-29 11:00:08, Info CSI 00000126 [SR] Verify complete

2014-09-29 11:00:10, Info CSI 00000127 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:00:10, Info CSI 00000128 [SR] Beginning Verify and Repair transaction

2014-09-29 11:00:30, Info CSI 0000014d [SR] Verify complete

2014-09-29 11:00:31, Info CSI 0000014e [SR] Verifying 100 (0x00000064) components

2014-09-29 11:00:31, Info CSI 0000014f [SR] Beginning Verify and Repair transaction

2014-09-29 11:00:46, Info CSI 00000151 [SR] Verify complete

2014-09-29 11:00:47, Info CSI 00000152 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:00:47, Info CSI 00000153 [SR] Beginning Verify and Repair transaction

2014-09-29 11:01:41, Info CSI 00000155 [SR] Verify complete

2014-09-29 11:01:42, Info CSI 00000156 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:01:42, Info CSI 00000157 [SR] Beginning Verify and Repair transaction

2014-09-29 11:02:11, Info CSI 00000159 [SR] Verify complete

2014-09-29 11:02:12, Info CSI 0000015a [SR] Verifying 100 (0x00000064) components

2014-09-29 11:02:12, Info CSI 0000015b [SR] Beginning Verify and Repair transaction

2014-09-29 11:02:27, Info CSI 0000015d [SR] Verify complete

2014-09-29 11:02:28, Info CSI 0000015e [SR] Verifying 100 (0x00000064) components

2014-09-29 11:02:28, Info CSI 0000015f [SR] Beginning Verify and Repair transaction

2014-09-29 11:02:37, Info CSI 00000161 [SR] Verify complete

2014-09-29 11:02:38, Info CSI 00000162 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:02:38, Info CSI 00000163 [SR] Beginning Verify and Repair transaction

2014-09-29 11:02:51, Info CSI 00000166 [SR] Verify complete

2014-09-29 11:02:52, Info CSI 00000167 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:02:52, Info CSI 00000168 [SR] Beginning Verify and Repair transaction

2014-09-29 11:03:11, Info CSI 0000016a [SR] Verify complete

2014-09-29 11:03:11, Info CSI 0000016b [SR] Verifying 100 (0x00000064) components

2014-09-29 11:03:11, Info CSI 0000016c [SR] Beginning Verify and Repair transaction

2014-09-29 11:03:25, Info CSI 0000016e [SR] Verify complete

2014-09-29 11:03:27, Info CSI 0000016f [SR] Verifying 100 (0x00000064) components

2014-09-29 11:03:27, Info CSI 00000170 [SR] Beginning Verify and Repair transaction

2014-09-29 11:03:38, Info CSI 00000172 [SR] Verify complete

2014-09-29 11:03:39, Info CSI 00000173 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:03:39, Info CSI 00000174 [SR] Beginning Verify and Repair transaction

2014-09-29 11:04:04, Info CSI 00000176 [SR] Verify complete

2014-09-29 11:04:05, Info CSI 00000177 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:04:05, Info CSI 00000178 [SR] Beginning Verify and Repair transaction

2014-09-29 11:04:19, Info CSI 0000017a [SR] Verify complete

2014-09-29 11:04:20, Info CSI 0000017b [SR] Verifying 100 (0x00000064) components

2014-09-29 11:04:20, Info CSI 0000017c [SR] Beginning Verify and Repair transaction

2014-09-29 11:04:31, Info CSI 0000017e [SR] Verify complete

2014-09-29 11:04:32, Info CSI 0000017f [SR] Verifying 100 (0x00000064) components

2014-09-29 11:04:32, Info CSI 00000180 [SR] Beginning Verify and Repair transaction

2014-09-29 11:04:55, Info CSI 00000183 [SR] Verify complete

2014-09-29 11:04:56, Info CSI 00000184 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:04:56, Info CSI 00000185 [SR] Beginning Verify and Repair transaction

2014-09-29 11:05:19, Info CSI 00000187 [SR] Verify complete

2014-09-29 11:05:20, Info CSI 00000188 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:05:20, Info CSI 00000189 [SR] Beginning Verify and Repair transaction

2014-09-29 11:05:30, Info CSI 0000018b [SR] Verify complete

2014-09-29 11:05:31, Info CSI 0000018c [SR] Verifying 100 (0x00000064) components

2014-09-29 11:05:31, Info CSI 0000018d [SR] Beginning Verify and Repair transaction

2014-09-29 11:05:42, Info CSI 0000018f [SR] Verify complete

2014-09-29 11:05:44, Info CSI 00000190 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:05:44, Info CSI 00000191 [SR] Beginning Verify and Repair transaction

2014-09-29 11:06:05, Info CSI 00000195 [SR] Verify complete

2014-09-29 11:06:10, Info CSI 00000196 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:06:10, Info CSI 00000197 [SR] Beginning Verify and Repair transaction

2014-09-29 11:06:25, Info CSI 00000199 [SR] Verify complete

2014-09-29 11:06:27, Info CSI 0000019a [SR] Verifying 100 (0x00000064) components

2014-09-29 11:06:27, Info CSI 0000019b [SR] Beginning Verify and Repair transaction

2014-09-29 11:06:45, Info CSI 0000019d [SR] Verify complete

2014-09-29 11:06:45, Info CSI 0000019e [SR] Verifying 100 (0x00000064) components

2014-09-29 11:06:45, Info CSI 0000019f [SR] Beginning Verify and Repair transaction

2014-09-29 11:06:52, Info CSI 000001a1 [SR] Verify complete

2014-09-29 11:06:53, Info CSI 000001a2 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:06:53, Info CSI 000001a3 [SR] Beginning Verify and Repair transaction

2014-09-29 11:07:02, Info CSI 000001a5 [SR] Verify complete

2014-09-29 11:07:04, Info CSI 000001a6 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:07:04, Info CSI 000001a7 [SR] Beginning Verify and Repair transaction

2014-09-29 11:07:17, Info CSI 000001a9 [SR] Verify complete

2014-09-29 11:07:18, Info CSI 000001aa [SR] Verifying 100 (0x00000064) components

2014-09-29 11:07:18, Info CSI 000001ab [SR] Beginning Verify and Repair transaction

2014-09-29 11:07:32, Info CSI 000001ad [SR] Verify complete

2014-09-29 11:07:32, Info CSI 000001ae [SR] Verifying 100 (0x00000064) components

2014-09-29 11:07:32, Info CSI 000001af [SR] Beginning Verify and Repair transaction

2014-09-29 11:07:42, Info CSI 000001b1 [SR] Verify complete

2014-09-29 11:07:43, Info CSI 000001b2 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:07:43, Info CSI 000001b3 [SR] Beginning Verify and Repair transaction

2014-09-29 11:08:13, Info CSI 000001b5 [SR] Verify complete

2014-09-29 11:08:14, Info CSI 000001b6 [SR] Verifying 100 (0x00000064) components

2014-09-29 11:08:14, Info CSI 000001b7 [SR] Beginning Verify and Repair transaction

2014-09-29 11:08:22, Info CSI 000001b9 [SR] Verify complete

2014-09-29 11:08:23, Info CSI 000001ba [SR] Verifying 100 (0x00000064) components

2014-09-29 11:08:23, Info CSI 000001bb [SR] Beginning Verify and Repair transaction

2014-09-29 11:08:35, Info CSI 000001c6 [SR] Verify complete

2014-09-29 11:08:35, Info CSI 000001c7 [SR] Verifying 55 (0x00000037) components

2014-09-29 11:08:35, Info CSI 000001c8 [SR] Beginning Verify and Repair transaction

2014-09-29 11:08:40, Info CSI 000001ca [SR] Verify complete

2014-09-29 11:08:40, Info CSI 000001cb [SR] Repairing 0 components

2014-09-29 11:08:40, Info CSI 000001cc [SR] Beginning Verify and Repair transaction

2014-09-29 11:08:40, Info CSI 000001ce [SR] Repair complete

Advertisements

Register to Remove

#17 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 29 September 2014 - 10:46 AM

Good job.

Try to boot into Windows normally. What happens? Does Explorer still crash?

Would you like to help others with malware removal? Join our Classroom and learn how!

#18 elmkd

Authentic Member

Authentic Member
138 posts

Posted 29 September 2014 - 11:04 AM

Unfortunately, the problem is still there. Explorer crashes.

Regards,

Marcel Dunn

#19 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 29 September 2014 - 11:27 AM

Hello,

Thank you for letting me know. We'll get back to directly troubleshooting your issue with Explorer once you have a clean set of FRST logs.

Do you recognise the following programmes?

Desktop Dialer
imasinstall

STEP 1
Revo Uninstaller

Please download and install Revo Uninstaller Free.
Double-click Revo Uninstaller to run the programme.
From the list of programmes, locate the following, or anything similar and carry out the steps below one at a time.
- Bandoo
- iLivid (and anything similar)
- Internet Offers
- MediaBar
- Music Toolbar for Chrome
- Music Toolbar for Firefox
- Music Toolbar for Internet Explorer
- Windows iLivid Toolbar
- Desktop Dialer (if you do not recognise)
- imasinstall (if you do not recognise)
Double-click the programme.
When prompted if you want to uninstall click Yes.
Ensure the Moderate option is selected and click Next.
The programme will run. If prompted again click Yes.
Once the built-in uninstaller is finished click Next.
Once the programme has searched for leftovers click Next.
Check items in bold only in the list and click Delete. You may have to expand folders by clicking the "+" mark.
When prompted click Yes, followed by Next.
Click Select all, followed by Delete.
When prompted click Yes, followed by Next.
Once done click Finish.

STEP 2
AdwCleaner

Please download AdwCleaner and save the file to your Desktop.
Right-Click AdwCleaner.exe and select Run as administrator to run the programme.
Follow the prompts.
Click Scan.
Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
Follow the prompts and allow your computer to reboot.
After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

STEP 3
Junkware Removal Tool (JRT)

Please download Junkware Removal Tool and save the file to your Desktop.
Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.
Temporarily disable your anti-virus software. For instructions, please refer to the following link.
Right-Click JRT.exe and select Run as administrator to run the programme.
Follow the prompts and allow the scan to run uninterrupted.
Upon completion, a log (JRT.txt) will open on your desktop.
Re-enable your anti-virus software.
Copy the contents of JRT.txt and paste in your next reply.

STEP 4
Farbar Recovery Scan Tool (FRST) Scan

Right-Click FRST.exe and select Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

======================================================

STEP 5
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

Did the programmes uninstall OK in Revo?
AdwCleaner[S0].txt
JRT.txt
FRST.txt
Addition.txt

Would you like to help others with malware removal? Join our Classroom and learn how!

#20 elmkd

Authentic Member

Authentic Member
138 posts

Posted 29 September 2014 - 01:19 PM

Hello:

I had some problems with the Log files. Please see below.

Did the programmes uninstall OK in Revo? Yes they uninstalled without a problem.
AdwCleaner[S0].txt: The Log file did not open. If it was created, I cannot find it. I tried the desktop folder, I tried the downloads folder, and I tried C:\
JRT.txt: The Log file did not open. If it was created, I cannot find it. I tried the desktop folder, I tried the downloads folder, and I tried C:\
FRST.txt: Please see the log file below.
Addition.txt: Please see the log file below.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-09-2014 02
Ran by Dennis (administrator) on DENNIS-PC on 29-09-2014 14:08:56
Running from C:\Users\Dennis\Downloads
Loaded Profile: Dennis (Available profiles: Dennis)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-10-27] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [3784704 2006-11-09] (Realtek Semiconductor)
HKLM\...\Run: [LtMoh] => C:\Program Files\ltmoh\Ltmoh.exe [188416 2005-12-16] (Agere Systems)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411768 2006-12-20] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [448632 2006-12-11] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [530552 2006-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] => NDSTray.exe
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [413696 2006-11-01] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [SVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [421888 2006-01-18] (TOSHIBA)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [PINGER] => C:\TOSHIBA\IVP\ISM\pinger.exe [151552 2006-07-20] (TOSHIBA Corporation)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [1831936 2007-05-12] (Google)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKLM\...\Run: [avast5] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2815192 2010-05-06] (ALWIL Software)
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] => C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [1312080 2009-09-10] (Malwarebytes Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\Run: [TOSCDSPD] => TOSCDSPD.EXE
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\Run: [cdloader] => C:\Users\Dennis\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\Run: [Google Update] => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-07] (Google Inc.)
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\Run: [UIExec] => C:\Program Files\Digicel Broadband CM\cm\UIExec.exe [132096 2010-03-17] ()
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S0].txt [8502 2014-09-29] ()
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll => c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [144896 2007-05-12] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com.jm/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
SearchScopes: HKLM - {0A84C32F-E900-4159-B60B-E35CED490D6B} URL = http://www.google.com
SearchScopes: HKCU - {0A84C32F-E900-4159-B60B-E35CED490D6B} URL = http://www.google.com
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> c:\program files\google\googletoolbar2.dll (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKCU - &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {173D9E48-B527-4AA0-A929-30B446002AA8} http://65.183.11.202/DVRemoteAx.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 65.183.0.84 8.8.8.8 65.183.0.78

FireFox:
========
FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\xjtyhc6i.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\xjtyhc6i.default\Extensions\LogMeInClient@logmein.com [2009-12-17]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\xjtyhc6i.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2013-02-25]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-16]

Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> google.com.jm
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Dennis\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Dennis\AppData\Local\Google\Chrome\Application\25.0.1364.97\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Dennis\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dennis\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Users\Dennis\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR CustomProfile: C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
S3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
S3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE [2041536 2006-01-19] (Symantec Corporation)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-06] (Skype Technologies S.A.)
S3 Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [40960 2006-07-20] () [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
R2 TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [77824 2006-11-01] (TOSHIBA CORPORATION) [File not signed]
S3 UpgradeManager; C:\Program Files\GLDS\UpgradeManager\UpgradeManagerSvc.exe [2009867 2007-12-05] (Great Lakes Data Systems, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [19024 2010-05-06] (ALWIL Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [51792 2010-05-06] (ALWIL Software)
R1 aswRdr; C:\Windows\system32\Drivers\aswRdr.sys [23376 2010-05-06] (ALWIL Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [164048 2010-05-06] (ALWIL Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [46672 2010-05-06] (ALWIL Software)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314.sys [194048 2010-03-17] (ZTE Corporation)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr.sys [28160 2010-03-17] (ZTE Corporation)
S2 DgiVecp; C:\Windows\System32\Drivers\DgiVecp.sys [40448 2003-07-29] (DeviceGuys, Inc.) [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-09-23] (LogMeIn, Inc.)
S4 KR10I; C:\Windows\system32\drivers\kr10i.sys [216320 2006-02-14] (TOSHIBA CORPORATION) [File not signed]
S4 KR10N; C:\Windows\system32\drivers\kr10n.sys [207104 2005-09-27] (TOSHIBA CORPORATION) [File not signed]
S4 KR3NPXP; C:\Windows\system32\drivers\kr3npxp.sys [479488 2006-09-27] (TOSHIBA CORPORATION) [File not signed]
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 usbws320; C:\Windows\System32\DRIVERS\usbws320.sys [7680 2010-03-17] (ZTE Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 Tosrfusb; C:\Windows\System32\Drivers\Tosrfusb.sys [40960 2006-10-28] (TOSHIBA CORPORATION)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 14:03 - 2014-09-29 14:03 - 00000000 ____D () C:\Windows\ERUNT
2014-09-29 14:01 - 2014-09-29 14:01 - 01699276 _____ (Thisisu) C:\Users\Dennis\Downloads\JRT.exe
2014-09-29 13:33 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-29 13:32 - 2014-09-29 13:44 - 00000000 ____D () C:\AdwCleaner
2014-09-29 13:30 - 2014-09-29 13:30 - 01373475 _____ () C:\Users\Dennis\Desktop\AdwCleaner.exe
2014-09-29 13:00 - 2014-09-29 13:00 - 00001068 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-29 13:00 - 2014-09-29 13:00 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-29 12:58 - 2014-09-29 12:58 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup.exe
2014-09-29 11:39 - 2014-09-29 11:39 - 00053144 _____ () C:\Users\Dennis\Downloads\sfcdetails.txt
2014-09-29 10:47 - 2014-09-29 10:47 - 00002425 _____ () C:\Users\Dennis\Downloads\chkdsk.txt
2014-09-25 16:11 - 2014-09-29 14:08 - 00000000 ____D () C:\Users\Dennis\Downloads\FRST-OlderVersion
2014-09-25 09:09 - 2014-09-25 09:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-25 08:11 - 2014-09-25 08:12 - 00036686 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-25 08:08 - 2014-09-29 14:09 - 00018569 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-25 08:07 - 2014-09-29 14:09 - 00000000 ____D () C:\FRST
2014-09-25 08:07 - 2014-09-29 14:08 - 01100288 _____ (Farbar) C:\Users\Dennis\Downloads\FRST.exe
2014-09-24 14:10 - 2014-09-24 14:10 - 00009391 _____ () C:\Users\Dennis\Downloads\hijackthis.log
2014-09-24 14:07 - 2014-09-24 14:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Dennis\Downloads\HiJackThis.exe
2014-09-24 09:23 - 2014-09-24 09:44 - 00000000 ____D () C:\Windows\pss
2014-09-24 07:31 - 2014-09-24 07:31 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-09-24 07:31 - 2014-09-24 07:31 - 00000000 ____D () C:\Program Files\HP Photo Creations
2014-09-24 07:29 - 2014-09-24 07:29 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HpUpdate
2014-09-24 07:23 - 2014-09-24 07:23 - 00000000 ____D () C:\ProgramData\HP
2014-09-24 07:02 - 2014-09-24 07:02 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HP

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 14:09 - 2007-02-14 13:40 - 01289220 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 14:05 - 2012-09-07 15:23 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000UA.job
2014-09-29 13:54 - 2006-11-02 05:33 - 00690960 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-29 13:49 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\tracing
2014-09-29 13:47 - 2014-06-09 05:47 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-09-29 13:47 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-29 13:46 - 2007-01-05 18:36 - 00403952 _____ () C:\Windows\PFRO.log
2014-09-29 13:46 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-29 13:46 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-29 13:45 - 2006-11-02 08:01 - 00032550 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-25 16:39 - 2013-02-25 13:10 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-24 23:05 - 2012-09-07 15:23 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000Core.job
2014-09-24 13:58 - 2006-11-02 07:47 - 00316560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 13:42 - 2006-11-02 05:22 - 38797312 _____ () C:\Windows\system32\config\system_previous
2014-09-24 13:42 - 2006-11-02 05:22 - 37748736 _____ () C:\Windows\system32\config\software_previous
2014-09-24 13:41 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\spool
2014-09-24 13:41 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-09-24 13:41 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\registration
2014-09-24 13:36 - 2006-11-02 05:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-09-24 13:36 - 2006-11-02 05:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-09-24 11:46 - 2013-07-10 08:28 - 00002142 _____ () C:\Windows\setupact.log
2014-09-24 10:47 - 2007-04-21 22:38 - 00000000 ____D () C:\Users\Dennis
2014-09-24 10:33 - 2006-11-02 05:22 - 36962304 _____ () C:\Windows\system32\config\components_previous
2014-09-24 10:33 - 2006-11-02 05:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-09-24 07:31 - 2011-11-11 11:10 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-09-24 07:29 - 2007-06-12 13:49 - 00000000 ____D () C:\Program Files\Hp
2014-09-24 07:23 - 2006-11-02 07:37 - 00000000 ____D () C:\Windows\twain_32

Some content of TEMP:
====================
C:\Users\Dennis\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-29 13:55

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-09-2014 02
Ran by Dennis at 2014-09-29 14:09:51
Running from C:\Users\Dennis\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {C37D8F93-0602-E43C-40AA-47DAD597F308}
AS: avast! Antivirus (Disabled - Up to date) {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM\...\{553255F3-78FD-40F1-A6F8-6882140265FE}) (Version: 1.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5C3B892-0849-476C-9F46-B12F84819D57}) (Version: 3.0.0.102 - Apple Inc.)
Apple Software Update (HKLM\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 5.0 - Atheros)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v5.00.10(T) - )
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.00.02 - TOSHIBA)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Digicel Broadband CM (HKLM\...\{C2A6CFA5-08A1-4072-B520-7C67DD7D85EC}) (Version: 1.0.0.1 - ZTE)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - )
Google Toolbar for Internet Explorer (Version: 4.0.0.002 - Google Inc.) Hidden
HP Driver Diagnostics (HKLM\...\{ED3F469E-D9EC-4DF1-968F-5812CE2F30F8}) (Version: 1.02.0008 - Hewlett-Packard Company)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Internet Offers (HKLM\...\Internet Offers from Toshiba) (Version: 6.2 - PeoplePC, Inc.)
Java™ SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
LiveReg (Symantec Corporation) (HKLM\...\LiveReg) (Version: 2.4.2.2295 - Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.0.0.154 - Symantec Corporation)
magicJack (HKCU\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
Malwarebytes' Anti-Malware (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2000 Premium (HKLM\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2000 SR-1 (HKLM\...\{00170409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Microsoft XML Parser (Version: 8.20.8730.4 - Microsoft Corporation) Hidden
Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.300.05.03.407 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.8 - Frank Heindörfer, Philip Chinery)
QuickTime (HKLM\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5322 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13307 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.0.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}) (Version: 1.23.0000 - Texas Instruments Inc.)
TIPCI (Version: 1.23.0000 - Texas Instruments Inc.) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.00.00 - )
TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 7.00.21 - TOSHIBA)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.0.0a - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.00.00 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.00.00 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.45.50.1C - TOSHIBA)
TOSHIBA Flash Cards Support Utility (Version: 1.45.50.1C - TOSHIBA) Hidden
TOSHIBA Game Console (HKLM\...\TOSHIBA Game Console) (Version: - WildTangent)
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.45.50.8C - TOSHIBA)
TOSHIBA Hardware Setup (Version: 1.45.50.8C - TOSHIBA) Hidden
TOSHIBA Media Center Game Console (HKLM\...\TOSHIBA Media Center Game Console) (Version: - WildTangent)
Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.6 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.0 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.45.50.5C - TOSHIBA)
TOSHIBA Supervisor Password (Version: 1.45.50.5C - TOSHIBA) Hidden
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.0.8 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.0.8 - TOSHIBA Corporation) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Utility Common Driver (Version: 0.0.50.4C - TOSHIBA) Hidden
VNC Free Edition 4.1.2 (HKLM\...\RealVNC_is1) (Version: 4.1.2 - RealVNC Ltd.)
WinCable Client 1.101.7.1 (HKLM\...\WinCable Client 1.101.7.1) (Version: - )
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinDVD for TOSHIBA (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.107 - InterVideo Inc.)
WinDVD for TOSHIBA (Version: 8.0-B6.107 - InterVideo Inc.) Hidden
Xerox Phaser 3117 (HKLM\...\Xerox Phaser 3117) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{008B6020-1F3D-11D1-B0C8-00A0C9055D74}\localserver32 -> C:\Windows\system32\VFP6RUN.EXE (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{008B6021-1F3D-11D1-B0C8-00A0C9055D74}\InprocServer32 -> C:\Windows\system32\VFP6R.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Chrome\Application\37.0.2062.120\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{B95059D8-6AAC-11D1-8632-00A0C903A97F}\InprocServer32 -> C:\Windows\system32\foxhhelpps.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{B95059D9-6AAC-11D1-8632-00A0C903A97F}\localserver32 -> C:\Windows\system32\FOXHHELP.EXE (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)

==================== Restore Points =========================

10-07-2014 03:21:20 Scheduled Checkpoint
23-07-2014 04:33:23 Scheduled Checkpoint
24-07-2014 01:49:36 Scheduled Checkpoint
18-08-2014 14:06:18 Scheduled Checkpoint
25-08-2014 04:44:30 Windows Defender Checkpoint
24-09-2014 12:24:47 Device Driver Package Install: HP Printers
24-09-2014 12:25:53 Device Driver Package Install: Hewlett-Packard Imaging devices
24-09-2014 12:26:32 Device Driver Package Install: HP Printers
24-09-2014 12:27:21 Device Driver Package Install: Hewlett-Packard Universal Serial Bus controllers
24-09-2014 14:47:24 Restore Operation
25-09-2014 05:00:00 Scheduled Checkpoint
29-09-2014 17:38:38 Scheduled Checkpoint
29-09-2014 18:02:35 Revo Uninstaller's restore point - Bandoo
29-09-2014 18:09:12 Revo Uninstaller's restore point - iLivid
29-09-2014 18:16:13 Revo Uninstaller's restore point - MediaBar
29-09-2014 18:19:00 Revo Uninstaller's restore point - Music Toolbar for Chrome (Dist. by Bandoo Media, Inc.)
29-09-2014 18:20:24 Revo Uninstaller's restore point - Music Toolbar for Firefox (Dist. by Bandoo Media, Inc.)
29-09-2014 18:21:36 Revo Uninstaller's restore point - Music Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.)
29-09-2014 18:23:04 Revo Uninstaller's restore point - Windows iLivid Toolbar
29-09-2014 18:24:07 Revo Uninstaller's restore point - Desktop Dialer
29-09-2014 18:25:56 Revo Uninstaller's restore point - imasinstall
29-09-2014 18:26:30 Removed imasinstall
29-09-2014 18:27:38 Revo Uninstaller's restore point - imasinstall

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3A081115-499A-4699-8AA0-CC1A0459ADB9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {46E83144-6947-44D0-87D8-DF2C0087FEFB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000UA => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-07] (Google Inc.)
Task: {5D336D87-5237-443C-88B5-CFACE78F5C9D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22] (Apple Inc.)
Task: {8EAE4D2C-FB70-42DA-8E9C-7C1E0DCABC70} - System32\Tasks\{30F1A963-83DD-48AB-8A77-B90A61A30390} => C:\Program Files\Skype\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {98188A40-0B13-4382-B3BB-913EC619EB2A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {C5E64EEE-4915-4281-8A72-B9BADB623FD9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000Core => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-07] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000Core.job => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000UA.job => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2005-01-04 00:15 - 2013-10-22 06:40 - 02105856 _____ () C:\Program Files\Alwil Software\Avast5\defs\13102200\algo.dll
2009-10-14 08:59 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2006-08-10 18:00 - 2006-08-10 18:00 - 00094208 _____ () C:\Windows\System32\TosBtHcrpAPI.dll
2011-11-11 10:08 - 2010-05-13 23:47 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2006-11-02 05:25 - 2006-11-28 23:17 - 00061440 _____ () C:\Windows\system32\igfxTMM.dll
2014-09-25 09:09 - 2014-09-25 09:10 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-2432310436-2327922484-3749071562-500 - Administrator - Disabled)
Dennis (S-1-5-21-2432310436-2327922484-3749071562-1000 - Administrator - Enabled) => C:\Users\Dennis
Guest (S-1-5-21-2432310436-2327922484-3749071562-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2014 00:42:58 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2014 10:49:51 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2014 08:48:22 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/24/2014 07:57:19 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (08/17/2014 10:46:23 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DENNIS\DOCUMENTS\NEW FOLDER\UNIA.DOC> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (07/02/2014 05:33:53 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={F4ED5008-86EC-46E4-A218-8693306082AC}: The user Dennis-PC\Dennis dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.

Error: (06/30/2014 08:34:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application WINWORD.EXE, version 9.0.0.3822, time stamp 0x38b56792, faulting module MSO9.DLL, version 9.0.0.3821, time stamp 0x38b34b1c, exception code 0xc0000005, fault offset 0x0011e334,
process id 0x15e4, application start time 0xWINWORD.EXE0.

Error: (06/22/2014 09:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application GoogleUpdate.exe, version 1.3.21.103, time stamp 0x4f3c6d6c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x00044a10,
process id 0x474, application start time 0xGoogleUpdate.exe0.

Error: (06/22/2014 09:42:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application WINWORD.EXE, version 9.0.0.3822, time stamp 0x38b56792, faulting module WINWORD.EXE, version 9.0.0.3822, time stamp 0x38b56792, exception code 0xc0000005, fault offset 0x000ab8b1,
process id 0x3c8, application start time 0xWINWORD.EXE0.

Error: (06/22/2014 09:41:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application WINWORD.EXE, version 9.0.0.3822, time stamp 0x38b56792, faulting module WINWORD.EXE, version 9.0.0.3822, time stamp 0x38b56792, exception code 0xc0000005, fault offset 0x000ab7b8,
process id 0x11d4, application start time 0xWINWORD.EXE0.

System errors:
=============
Error: (09/29/2014 01:48:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Tosrfcom

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Microsoft Office Sessions:
=========================
Error: (09/29/2014 00:42:58 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2014 10:49:51 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2014 08:48:22 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/24/2014 07:57:19 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (08/17/2014 10:46:23 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\DENNIS\DOCUMENTS\NEW FOLDER\UNIA.DOC

Error: (07/02/2014 05:33:53 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {F4ED5008-86EC-46E4-A218-8693306082AC}Dennis-PC\DennisBroadband Connection0

Error: (06/30/2014 08:34:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE9.0.0.382238b56792MSO9.DLL9.0.0.382138b34b1cc00000050011e33415e401cf94b50285bce1

Error: (06/22/2014 09:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.0.6002.185414ec3e3d5c000000500044a1047401cf8e1eb88e6264

Error: (06/22/2014 09:42:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE9.0.0.382238b56792WINWORD.EXE9.0.0.382238b56792c0000005000ab8b13c801cf8e281e10b7b4

Error: (06/22/2014 09:41:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE9.0.0.382238b56792WINWORD.EXE9.0.0.382238b56792c0000005000ab7b811d401cf8e1f43e2df34

CodeIntegrity Errors:
===================================
Date: 2013-02-18 12:17:09.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-18 12:17:09.130
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-18 12:17:08.864
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-18 12:17:08.584
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-18 12:17:08.240
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-18 12:17:08.006
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-18 12:17:07.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-18 12:17:07.445
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-18 12:17:07.055
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-18 12:17:06.790
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™ Duo CPU T2250 @ 1.73GHz
Percentage of memory in use: 39%
Total physical RAM: 2037.38 MB
Available physical RAM: 1228.33 MB
Total Pagefile: 4320.04 MB
Available Pagefile: 3554.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.73 MB

==================== Drives ================================

Drive c: (SQ004286V02) (Fixed) (Total:91.69 GB) (Free:49.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93.2 GB) (Disk ID: 6D702ECC)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=91.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#21 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 29 September 2014 - 01:48 PM

Hi Ian,

Don't worry about the AdwCleaner or JRT logs. Please confirm the programmes ran without error.
Internet Offers is still installed. I would suggest uninstalling.

Lets take a deeper look.

STEP 1
VirusTotal Upload

Please go to VirusTotal.com.
Click Choose File and locate the following file:
- C:\Windows\system32\Ikeext.etl
Click Scan it!.
If you receive the following notification: File already analysed click Reanalyse.
Once the file has been analyzed, copy the page URL at the top of the window and paste in your next reply.

STEP 2
TDSSKiller Scan

Please download TDSSKiller and save the file to your Desktop.
Right-Click TDSSKiller.exe and select Run as administrator to run the programme.
Click Change parameters. Place a checkmark next to:
- Detect TDLFS file system
- Verify file digital signatures
Note: If you receive the following message: Extended Monitoring Driver is required, click Reboot now, and continue from here following the reboot.
Click Start Scan. Do not use the computer during the scan.
If objects are found, change the action to skip.
Click Continue and close the window.
A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.

STEP 3
aswMBR

Please download aswMBR and save the file to your Desktop.
Temporarily disable your anti-virus software. For instructions, please refer to the following link.
Right-Click aswMBR.exe and select Run as administrator to run the programme.
Click Yes when prompted to download avast! virus definitions. Wait until AVAST engine defs: ### appears.
If you are prompted to enable the use of "Virtualization Technology", click Yes.
Click the AV Scan: drop down box and click C:\.
Click Scan.
Upon completion, you will see Scan finished successfully. Click Save log. Save the log to your Desktop.
Re-enable your anti-virus software.
Copy the contents of the log and paste in your next reply.

Note: Do NOT click Fix or FixMBR.
Note: A file (MBR.dat) will be created on your Desktop. Do NOT click or delete it.

======================================================

STEP 4
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

VirusTotal Results
TDSSKiller log
aswMBR log

Would you like to help others with malware removal? Join our Classroom and learn how!

#22 elmkd

Authentic Member

Authentic Member
138 posts

Posted 30 September 2014 - 06:13 AM

Hello:

The programmes in the previous instructions ran without errors. I uninstalled Internet Offers as well.

Step 1:

https://www.virustot...sis/1412021614/

Step 2

15:27:51.0342 0x08a0 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:28:04.0696 0x08a0 ============================================================
15:28:04.0696 0x08a0 Current date / time: 2014/09/29 15:28:04.0696
15:28:04.0696 0x08a0 SystemInfo:
15:28:04.0696 0x08a0
15:28:04.0696 0x08a0 OS Version: 6.0.6002 ServicePack: 2.0
15:28:04.0696 0x08a0 Product type: Workstation
15:28:04.0696 0x08a0 ComputerName: DENNIS-PC
15:28:04.0696 0x08a0 UserName: Dennis
15:28:04.0696 0x08a0 Windows directory: C:\Windows
15:28:04.0696 0x08a0 System windows directory: C:\Windows
15:28:04.0696 0x08a0 Processor architecture: Intel x86
15:28:04.0696 0x08a0 Number of processors: 2
15:28:04.0696 0x08a0 Page size: 0x1000
15:28:04.0696 0x08a0 Boot type: Normal boot
15:28:04.0696 0x08a0 ============================================================
15:28:08.0190 0x08a0 KLMD registered as C:\Windows\system32\drivers\29471025.sys
15:28:08.0424 0x08a0 System UUID: {9C1AA64B-C043-A1C7-18F3-74B90EE2593A}
15:28:09.0360 0x08a0 Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 ( 93.16 Gb ), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:28:09.0360 0x08a0 ============================================================
15:28:09.0360 0x08a0 \Device\Harddisk0\DR0:
15:28:09.0360 0x08a0 MBR partitions:
15:28:09.0360 0x08a0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xB763800
15:28:09.0360 0x08a0 ============================================================
15:28:09.0391 0x08a0 C: <-> \Device\Harddisk0\DR0\Partition1
15:28:09.0391 0x08a0 ============================================================
15:28:09.0391 0x08a0 Initialize success
15:28:09.0391 0x08a0 ============================================================
15:31:53.0093 0x0d20 ============================================================
15:31:53.0093 0x0d20 Scan started
15:31:53.0093 0x0d20 Mode: Manual; SigCheck; TDLFS;
15:31:53.0093 0x0d20 ============================================================
15:31:53.0093 0x0d20 KSN ping started
15:32:04.0699 0x0d20 KSN ping finished: true
15:32:05.0791 0x0d20 ================ Scan system memory ========================
15:32:05.0791 0x0d20 System memory - ok
15:32:05.0791 0x0d20 ================ Scan services =============================
15:32:06.0010 0x0d20 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:32:06.0166 0x0d20 ACPI - ok
15:32:06.0244 0x0d20 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:32:06.0275 0x0d20 adp94xx - ok
15:32:06.0353 0x0d20 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:32:06.0384 0x0d20 adpahci - ok
15:32:06.0415 0x0d20 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:32:06.0431 0x0d20 adpu160m - ok
15:32:06.0462 0x0d20 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:32:06.0478 0x0d20 adpu320 - ok
15:32:06.0540 0x0d20 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:32:06.0587 0x0d20 AeLookupSvc - ok
15:32:06.0665 0x0d20 [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
15:32:06.0696 0x0d20 AFD - ok
15:32:06.0805 0x0d20 [ 1CB677BF1DABD3BAF4F944E2C90D6C73, 099466E899BB7BA176C42DB15D0D4946DC15845CA051BDACF3BE767157AB90BD ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
15:32:06.0821 0x0d20 AgereModemAudio - ok
15:32:06.0961 0x0d20 [ 4E6294A06BE883C9BD685A8DFD9FCD4E, 981293F10047FEB0DA7D421E0F36653360BCF709F7BB8F0750CE6D298F739D73 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
15:32:07.0039 0x0d20 AgereSoftModem - ok
15:32:07.0117 0x0d20 [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:32:07.0133 0x0d20 agp440 - ok
15:32:07.0180 0x0d20 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:32:07.0195 0x0d20 aic78xx - ok
15:32:07.0242 0x0d20 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
15:32:07.0289 0x0d20 ALG - ok
15:32:07.0367 0x0d20 [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:32:07.0383 0x0d20 aliide - ok
15:32:07.0398 0x0d20 [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:32:07.0414 0x0d20 amdagp - ok
15:32:07.0445 0x0d20 [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:32:07.0461 0x0d20 amdide - ok
15:32:07.0523 0x0d20 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
15:32:07.0585 0x0d20 AmdK7 - ok
15:32:07.0617 0x0d20 [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:32:07.0679 0x0d20 AmdK8 - ok
15:32:07.0757 0x0d20 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
15:32:07.0788 0x0d20 Appinfo - ok
15:32:07.0975 0x0d20 [ ACB095E7E1663F1B83A41C22C5D75F90, 18405B7B7D90CD7A2AD17F4D1B7688B49048CB0EBD10A98C53349E6286138418 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:32:07.0991 0x0d20 Apple Mobile Device - ok
15:32:08.0069 0x0d20 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
15:32:08.0085 0x0d20 arc - ok
15:32:08.0131 0x0d20 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:32:08.0147 0x0d20 arcsas - ok
15:32:08.0225 0x0d20 [ 1B6ED99291DDF5D2501554CC5757AAB6, EAE44C7E15554334F6F8CA0B4A5DDA42D5F91A67EDA0CAB8A111CFFB9F4C27F0 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
15:32:08.0256 0x0d20 aswFsBlk - ok
15:32:08.0272 0x0d20 [ 58254E06B36B984E33AE314C0EA8F1A5, D37FEA26999310862C42AFB5FF197CB6CED944C741944BC00E4960CB7E7E54C1 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:32:08.0287 0x0d20 aswMonFlt - ok
15:32:08.0319 0x0d20 [ 3E2B6112D2766F87EDA8466FDE86A986, 02479A494B95AE6CC250BEF7501A849875C531AA1E32A8610931EEBEFB66543A ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
15:32:08.0334 0x0d20 aswRdr - ok
15:32:08.0350 0x0d20 [ D78B644816DB540E103D0B0766FD9967, EEF9BBE28FF28F51A320A695A9299CC9F488A662761BFB050780D235E9F6E5E9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:32:08.0381 0x0d20 aswSP - ok
15:32:08.0412 0x0d20 [ 606D731008D98B6EF946730C597C1642, 1F3595451EDA90027D87A52D90E469B5FAC546D1E1AC841AD10BE1ADFE15F82C ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
15:32:08.0428 0x0d20 aswTdi - ok
15:32:08.0490 0x0d20 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:32:08.0521 0x0d20 AsyncMac - ok
15:32:08.0537 0x0d20 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
15:32:08.0568 0x0d20 atapi - ok
15:32:08.0662 0x0d20 [ 889E7F06279FD16549B77628918FF666, 3872FE09049D61A2428E95E223555B8A137780F837B8EDF6FE5CFAF873C917C2 ] athr            C:\Windows\system32\DRIVERS\athr.sys
15:32:08.0709 0x0d20 athr - ok
15:32:08.0787 0x0d20 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:32:08.0833 0x0d20 AudioEndpointBuilder - ok
15:32:08.0849 0x0d20 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:32:08.0896 0x0d20 Audiosrv - ok
15:32:08.0974 0x0d20 [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:32:08.0989 0x0d20 avast! Antivirus - ok
15:32:09.0005 0x0d20 [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:32:09.0005 0x0d20 avast! Mail Scanner - ok
15:32:09.0021 0x0d20 [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:32:09.0036 0x0d20 avast! Web Scanner - ok
15:32:09.0114 0x0d20 [ 4BDF4504D21C2F43E3BE06FDA5DF5FA7, 198893ABBE7E077D86E74DFA5E8A3E8CD8172FA811FF6C54BFC07FF93AF8BC03 ] bcm             C:\Windows\system32\DRIVERS\drxvi314.sys
15:32:09.0145 0x0d20 bcm - ok
15:32:09.0192 0x0d20 [ 557AF83FEC9CF88C896D29F4D40E6522, 3153F74DCC62547E410C384C20EE9C1273AFBD9D55A54B92B32F454D4DD5BCBB ] bcmbusctr       C:\Windows\system32\DRIVERS\BcmBusCtr.sys
15:32:09.0208 0x0d20 bcmbusctr - ok
15:32:09.0270 0x0d20 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:32:09.0317 0x0d20 Beep - ok
15:32:09.0395 0x0d20 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
15:32:09.0442 0x0d20 BFE - ok
15:32:09.0567 0x0d20 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
15:32:09.0645 0x0d20 BITS - ok
15:32:09.0645 0x0d20 blbdrive - ok
15:32:09.0691 0x0d20 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:32:09.0707 0x0d20 bowser - ok
15:32:09.0769 0x0d20 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:32:09.0801 0x0d20 BrFiltLo - ok
15:32:09.0816 0x0d20 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:32:09.0847 0x0d20 BrFiltUp - ok
15:32:09.0894 0x0d20 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
15:32:09.0941 0x0d20 Browser - ok
15:32:09.0988 0x0d20 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:32:10.0050 0x0d20 Brserid - ok
15:32:10.0081 0x0d20 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:32:10.0144 0x0d20 BrSerWdm - ok
15:32:10.0159 0x0d20 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:32:10.0222 0x0d20 BrUsbMdm - ok
15:32:10.0253 0x0d20 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:32:10.0315 0x0d20 BrUsbSer - ok
15:32:10.0331 0x0d20 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:32:10.0393 0x0d20 BTHMODEM - ok
15:32:10.0471 0x0d20 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:32:10.0503 0x0d20 cdfs - ok
15:32:10.0596 0x0d20 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:32:10.0627 0x0d20 cdrom - ok
15:32:10.0705 0x0d20 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
15:32:10.0737 0x0d20 CertPropSvc - ok
15:32:10.0846 0x0d20 [ C82162949BBA6CC5D006C7BD008F3CF1, 635E5B5C5AF3ACECA6115DAC8E576390B258C6590EE9727DB6FA68B13FD85297 ] CFSvcs          C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
15:32:10.0846 0x0d20 CFSvcs - detected UnsignedFile.Multi.Generic ( 1 )
15:32:11.0314 0x0d20 Detect skipped due to KSN trusted
15:32:11.0314 0x0d20 CFSvcs - ok
15:32:11.0361 0x0d20 [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:32:11.0423 0x0d20 circlass - ok
15:32:11.0485 0x0d20 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
15:32:11.0501 0x0d20 CLFS - ok
15:32:11.0579 0x0d20 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:32:11.0595 0x0d20 clr_optimization_v2.0.50727_32 - ok
15:32:11.0657 0x0d20 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:32:11.0704 0x0d20 CmBatt - ok
15:32:11.0719 0x0d20 [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:32:11.0735 0x0d20 cmdide - ok
15:32:11.0766 0x0d20 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:32:11.0782 0x0d20 Compbatt - ok
15:32:11.0782 0x0d20 COMSysApp - ok
15:32:11.0813 0x0d20 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:32:11.0829 0x0d20 crcdisk - ok
15:32:11.0844 0x0d20 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
15:32:11.0907 0x0d20 Crusoe - ok
15:32:12.0016 0x0d20 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:32:12.0031 0x0d20 CryptSvc - ok
15:32:12.0156 0x0d20 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:32:12.0250 0x0d20 DcomLaunch - ok
15:32:12.0312 0x0d20 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:32:12.0328 0x0d20 DfsC - ok
15:32:12.0546 0x0d20 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
15:32:12.0687 0x0d20 DFSR - ok
15:32:12.0858 0x0d20 [ 1EC27A51A2F9DF052BC2B4C8376C8FEA, 6B903263C4E5A26FE161EF829FD5C597485DFE1E9DBADD60FBEECE9F6605E79F ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
15:32:12.0858 0x0d20 DgiVecp - detected UnsignedFile.Multi.Generic ( 1 )
15:32:13.0342 0x0d20 Detect skipped due to KSN trusted
15:32:13.0342 0x0d20 DgiVecp - ok
15:32:13.0498 0x0d20 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:32:13.0529 0x0d20 Dhcp - ok
15:32:13.0607 0x0d20 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
15:32:13.0638 0x0d20 disk - ok
15:32:13.0701 0x0d20 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:32:13.0716 0x0d20 Dnscache - ok
15:32:13.0779 0x0d20 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
15:32:13.0810 0x0d20 dot3svc - ok
15:32:13.0888 0x0d20 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
15:32:13.0919 0x0d20 DPS - ok
15:32:13.0966 0x0d20 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:32:13.0981 0x0d20 drmkaud - ok
15:32:14.0075 0x0d20 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:32:14.0122 0x0d20 DXGKrnl - ok
15:32:14.0200 0x0d20 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
15:32:14.0262 0x0d20 E1G60 - ok
15:32:14.0340 0x0d20 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
15:32:14.0371 0x0d20 EapHost - ok
15:32:14.0481 0x0d20 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:32:14.0496 0x0d20 Ecache - ok
15:32:14.0605 0x0d20 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:32:14.0621 0x0d20 ehRecvr - ok
15:32:14.0668 0x0d20 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
15:32:14.0683 0x0d20 ehSched - ok
15:32:14.0715 0x0d20 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
15:32:14.0730 0x0d20 ehstart - ok
15:32:14.0793 0x0d20 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:32:14.0824 0x0d20 elxstor - ok
15:32:14.0886 0x0d20 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:32:14.0949 0x0d20 EMDMgmt - ok
15:32:15.0011 0x0d20 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
15:32:15.0058 0x0d20 EventSystem - ok
15:32:15.0151 0x0d20 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:32:15.0183 0x0d20 exfat - ok
15:32:15.0214 0x0d20 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:32:15.0245 0x0d20 fastfat - ok
15:32:15.0323 0x0d20 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:32:15.0385 0x0d20 fdc - ok
15:32:15.0401 0x0d20 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
15:32:15.0432 0x0d20 fdPHost - ok
15:32:15.0495 0x0d20 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:32:15.0557 0x0d20 FDResPub - ok
15:32:15.0635 0x0d20 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:32:15.0651 0x0d20 FileInfo - ok
15:32:15.0682 0x0d20 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:32:15.0729 0x0d20 Filetrace - ok
15:32:15.0744 0x0d20 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:32:15.0807 0x0d20 flpydisk - ok
15:32:15.0853 0x0d20 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:32:15.0885 0x0d20 FltMgr - ok
15:32:16.0041 0x0d20 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
15:32:16.0150 0x0d20 FontCache - ok
15:32:16.0290 0x0d20 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:32:16.0306 0x0d20 FontCache3.0.0.0 - ok
15:32:16.0368 0x0d20 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:32:16.0384 0x0d20 Fs_Rec - ok
15:32:16.0415 0x0d20 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:32:16.0431 0x0d20 gagp30kx - ok
15:32:16.0509 0x0d20 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
15:32:16.0571 0x0d20 gpsvc - ok
15:32:16.0727 0x0d20 [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C, 8F62DF65DB30770448E297D000B570683DEA454A5D84B5BCB1478D91030212DB ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:32:16.0743 0x0d20 gusvc - ok
15:32:16.0805 0x0d20 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
15:32:16.0821 0x0d20 hamachi - ok
15:32:16.0883 0x0d20 [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:32:16.0961 0x0d20 HdAudAddService - ok
15:32:17.0023 0x0d20 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:32:17.0117 0x0d20 HDAudBus - ok
15:32:17.0179 0x0d20 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:32:17.0242 0x0d20 HidBth - ok
15:32:17.0289 0x0d20 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:32:17.0351 0x0d20 HidIr - ok
15:32:17.0429 0x0d20 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
15:32:17.0445 0x0d20 hidserv - ok
15:32:17.0507 0x0d20 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:32:17.0523 0x0d20 HidUsb - ok
15:32:17.0569 0x0d20 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:32:17.0601 0x0d20 hkmsvc - ok
15:32:17.0647 0x0d20 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:32:17.0663 0x0d20 HpCISSs - ok
15:32:17.0725 0x0d20 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:32:17.0819 0x0d20 HTTP - ok
15:32:17.0944 0x0d20 [ 348C3A9D01E68A0222A246346924AA55, 6F8803BA37760043A78DC1E0D4E20853E5ABEF55B0201676B281EC2685E951DD ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:32:17.0959 0x0d20 hwdatacard - ok
15:32:18.0037 0x0d20 [ 460B1945C3E6B0419A76E1B507B90B71, C78B32ABB98ABAFF647500CD70AFA78C9848A4978E79EEE83D654E69F51D5F93 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
15:32:18.0053 0x0d20 hwusbdev - ok
15:32:18.0100 0x0d20 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:32:18.0115 0x0d20 i2omp - ok
15:32:18.0193 0x0d20 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:32:18.0209 0x0d20 i8042prt - ok
15:32:18.0334 0x0d20 [ 14F477463246E35F1DC932BE6225598C, 0295EEB75D818C18CC3A27C9FBB6213EFD30D599D98D3923152FE0853E6711AF ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
15:32:18.0427 0x0d20 ialm - ok
15:32:18.0505 0x0d20 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:32:18.0537 0x0d20 iaStorV - ok
15:32:18.0630 0x0d20 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:32:18.0646 0x0d20 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:32:19.0114 0x0d20 Detect skipped due to KSN trusted
15:32:19.0114 0x0d20 IDriverT - ok
15:32:19.0239 0x0d20 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:32:19.0301 0x0d20 idsvc - ok
15:32:19.0488 0x0d20 [ 14F477463246E35F1DC932BE6225598C, 0295EEB75D818C18CC3A27C9FBB6213EFD30D599D98D3923152FE0853E6711AF ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
15:32:19.0629 0x0d20 igfx - ok
15:32:19.0769 0x0d20 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:32:19.0785 0x0d20 iirsp - ok
15:32:19.0878 0x0d20 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:32:19.0925 0x0d20 IKEEXT - ok
15:32:20.0112 0x0d20 [ A47B2875680AD67B35C6150BD0203056, 2087CF6D1EEA7C0DB09EB3211713B2D0F36877960878A08CF6CEC99252316417 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:32:20.0221 0x0d20 IntcAzAudAddService - ok
15:32:20.0284 0x0d20 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
15:32:20.0299 0x0d20 intelide - ok
15:32:20.0377 0x0d20 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:32:20.0409 0x0d20 intelppm - ok
15:32:20.0455 0x0d20 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:32:20.0487 0x0d20 IPBusEnum - ok
15:32:20.0518 0x0d20 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:32:20.0565 0x0d20 IpFilterDriver - ok
15:32:20.0643 0x0d20 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:32:20.0674 0x0d20 iphlpsvc - ok
15:32:20.0674 0x0d20 IpInIp - ok
15:32:20.0721 0x0d20 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:32:20.0783 0x0d20 IPMIDRV - ok
15:32:20.0830 0x0d20 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:32:20.0861 0x0d20 IPNAT - ok
15:32:20.0877 0x0d20 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:32:20.0908 0x0d20 IRENUM - ok
15:32:20.0939 0x0d20 [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:32:20.0955 0x0d20 isapnp - ok
15:32:21.0033 0x0d20 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:32:21.0064 0x0d20 iScsiPrt - ok
15:32:21.0079 0x0d20 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:32:21.0095 0x0d20 iteatapi - ok
15:32:21.0157 0x0d20 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:32:21.0173 0x0d20 iteraid - ok
15:32:21.0204 0x0d20 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:32:21.0235 0x0d20 kbdclass - ok
15:32:21.0267 0x0d20 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:32:21.0298 0x0d20 kbdhid - ok
15:32:21.0391 0x0d20 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
15:32:21.0407 0x0d20 KeyIso - ok
15:32:21.0563 0x0d20 [ 1E0D65F7FFEB4E99B2EEC1CCB5754CC8, FE56EA89A4D7751EAB089C58514A824FBEDB44065CF3132B897AC613E211B46B ] KR10I           C:\Windows\system32\drivers\kr10i.sys
15:32:21.0579 0x0d20 KR10I - detected UnsignedFile.Multi.Generic ( 1 )
15:32:22.0047 0x0d20 Detect skipped due to KSN trusted
15:32:22.0047 0x0d20 KR10I - ok
15:32:22.0125 0x0d20 [ A1963360E74931222A67356C8AD48378, E7BEFE90D55CBD434D564F3CEA39B1D708150F6814EF9801479B652859789475 ] KR10N           C:\Windows\system32\drivers\kr10n.sys
15:32:22.0140 0x0d20 KR10N - detected UnsignedFile.Multi.Generic ( 1 )
15:32:22.0577 0x0d20 Detect skipped due to KSN trusted
15:32:22.0577 0x0d20 KR10N - ok
15:32:22.0655 0x0d20 [ 485E005CD51FF502FB16483EB4B69C17, 8294524C21C18BA5A32B926BD497C67A4ED49FB3654C93D11681C01D30769998 ] KR3NPXP         C:\Windows\system32\drivers\kr3npxp.sys
15:32:22.0717 0x0d20 KR3NPXP - detected UnsignedFile.Multi.Generic ( 1 )
15:32:23.0201 0x0d20 Detect skipped due to KSN trusted
15:32:23.0201 0x0d20 KR3NPXP - ok
15:32:23.0295 0x0d20 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:32:23.0326 0x0d20 KSecDD - ok
15:32:23.0435 0x0d20 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:32:23.0482 0x0d20 KtmRm - ok
15:32:23.0544 0x0d20 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:32:23.0575 0x0d20 LanmanServer - ok
15:32:23.0638 0x0d20 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:32:23.0669 0x0d20 LanmanWorkstation - ok
15:32:23.0841 0x0d20 [ FF7075265691C741AFD2F756559A10D5, 084A1F3E6717CDD7523E0CB309CFBBB8515607D6BBA4E30054F8A5424F0A08F1 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
15:32:23.0965 0x0d20 LiveUpdate - ok
15:32:24.0043 0x0d20 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:32:24.0075 0x0d20 lltdio - ok
15:32:24.0106 0x0d20 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:32:24.0153 0x0d20 lltdsvc - ok
15:32:24.0184 0x0d20 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:32:24.0246 0x0d20 lmhosts - ok
15:32:24.0324 0x0d20 [ 515FC18CABEE0158A324B08B1C2667CF, E044C731C795EB27E85DDD09F574D7002BC230D6341340078655892CAB3BA2E6 ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
15:32:24.0340 0x0d20 LPCFilter - ok
15:32:24.0371 0x0d20 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:32:24.0387 0x0d20 LSI_FC - ok
15:32:24.0433 0x0d20 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:32:24.0449 0x0d20 LSI_SAS - ok
15:32:24.0480 0x0d20 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:32:24.0496 0x0d20 LSI_SCSI - ok
15:32:24.0527 0x0d20 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:32:24.0574 0x0d20 luafv - ok
15:32:24.0589 0x0d20 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:32:24.0621 0x0d20 Mcx2Svc - ok
15:32:24.0667 0x0d20 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:32:24.0683 0x0d20 megasas - ok
15:32:24.0714 0x0d20 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
15:32:24.0745 0x0d20 MMCSS - ok
15:32:24.0792 0x0d20 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
15:32:24.0823 0x0d20 Modem - ok
15:32:24.0839 0x0d20 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:32:24.0886 0x0d20 monitor - ok
15:32:24.0933 0x0d20 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:32:24.0948 0x0d20 mouclass - ok
15:32:24.0979 0x0d20 [ A3A6DFF7E9E757DB3DF51A833BC28885, 3285FD0176722B1098ECDA4098FCF55A39829C3A81462097BACB5B558883B027 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
15:32:25.0042 0x0d20 mouhid - ok
15:32:25.0073 0x0d20 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:32:25.0089 0x0d20 MountMgr - ok
15:32:25.0198 0x0d20 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:32:25.0213 0x0d20 MozillaMaintenance - ok
15:32:25.0245 0x0d20 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:32:25.0260 0x0d20 mpio - ok
15:32:25.0307 0x0d20 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:32:25.0338 0x0d20 mpsdrv - ok
15:32:25.0401 0x0d20 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:32:25.0447 0x0d20 MpsSvc - ok
15:32:25.0494 0x0d20 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:32:25.0510 0x0d20 Mraid35x - ok
15:32:25.0557 0x0d20 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:32:25.0572 0x0d20 MRxDAV - ok
15:32:25.0619 0x0d20 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:32:25.0635 0x0d20 mrxsmb - ok
15:32:25.0666 0x0d20 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:32:25.0697 0x0d20 mrxsmb10 - ok
15:32:25.0713 0x0d20 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:32:25.0744 0x0d20 mrxsmb20 - ok
15:32:25.0759 0x0d20 [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:32:25.0775 0x0d20 msahci - ok
15:32:25.0806 0x0d20 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:32:25.0822 0x0d20 msdsm - ok
15:32:25.0837 0x0d20 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
15:32:25.0884 0x0d20 MSDTC - ok
15:32:25.0931 0x0d20 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:32:25.0978 0x0d20 Msfs - ok
15:32:26.0025 0x0d20 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:32:26.0056 0x0d20 msisadrv - ok
15:32:26.0087 0x0d20 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:32:26.0118 0x0d20 MSiSCSI - ok
15:32:26.0134 0x0d20 msiserver - ok
15:32:26.0181 0x0d20 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:32:26.0212 0x0d20 MSKSSRV - ok
15:32:26.0259 0x0d20 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:32:26.0290 0x0d20 MSPCLOCK - ok
15:32:26.0321 0x0d20 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:32:26.0352 0x0d20 MSPQM - ok
15:32:26.0399 0x0d20 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:32:26.0415 0x0d20 MsRPC - ok
15:32:26.0461 0x0d20 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:32:26.0477 0x0d20 mssmbios - ok
15:32:26.0508 0x0d20 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:32:26.0539 0x0d20 MSTEE - ok
15:32:26.0571 0x0d20 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:32:26.0586 0x0d20 Mup - ok
15:32:26.0664 0x0d20 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
15:32:26.0711 0x0d20 napagent - ok
15:32:26.0773 0x0d20 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:32:26.0805 0x0d20 NativeWifiP - ok
15:32:26.0883 0x0d20 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:32:26.0961 0x0d20 NDIS - ok
15:32:27.0132 0x0d20 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:32:27.0163 0x0d20 NdisTapi - ok
15:32:27.0195 0x0d20 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:32:27.0241 0x0d20 Ndisuio - ok
15:32:27.0273 0x0d20 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:32:27.0304 0x0d20 NdisWan - ok
15:32:27.0319 0x0d20 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:32:27.0351 0x0d20 NDProxy - ok
15:32:27.0413 0x0d20 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:32:27.0444 0x0d20 NetBIOS - ok
15:32:27.0491 0x0d20 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:32:27.0538 0x0d20 netbt - ok
15:32:27.0553 0x0d20 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
15:32:27.0585 0x0d20 Netlogon - ok
15:32:27.0600 0x0d20 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
15:32:27.0663 0x0d20 Netman - ok
15:32:27.0709 0x0d20 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
15:32:27.0756 0x0d20 netprofm - ok
15:32:27.0803 0x0d20 [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:32:27.0819 0x0d20 NetTcpPortSharing - ok
15:32:27.0990 0x0d20 [ A15F219208843A5A210C8CB391384453, E333018B7A841F1E1E6E4A56BA05B4A4FDF46866B3697747ADCF4CA0F43D8A1D ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
15:32:28.0162 0x0d20 NETw3v32 - ok
15:32:28.0177 0x0d20 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:32:28.0193 0x0d20 nfrd960 - ok
15:32:28.0240 0x0d20 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:32:28.0287 0x0d20 NlaSvc - ok
15:32:28.0333 0x0d20 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:32:28.0365 0x0d20 Npfs - ok
15:32:28.0380 0x0d20 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
15:32:28.0427 0x0d20 nsi - ok
15:32:28.0443 0x0d20 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:32:28.0474 0x0d20 nsiproxy - ok
15:32:28.0599 0x0d20 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:32:28.0708 0x0d20 Ntfs - ok
15:32:28.0770 0x0d20 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
15:32:28.0833 0x0d20 ntrigdigi - ok
15:32:28.0911 0x0d20 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
15:32:28.0942 0x0d20 Null - ok
15:32:28.0973 0x0d20 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:32:28.0989 0x0d20 nvraid - ok
15:32:29.0004 0x0d20 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:32:29.0035 0x0d20 nvstor - ok
15:32:29.0051 0x0d20 [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:32:29.0067 0x0d20 nv_agp - ok
15:32:29.0082 0x0d20 NwlnkFlt - ok
15:32:29.0082 0x0d20 NwlnkFwd - ok
15:32:29.0191 0x0d20 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:32:29.0223 0x0d20 ohci1394 - ok
15:32:29.0285 0x0d20 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:32:29.0347 0x0d20 p2pimsvc - ok
15:32:29.0394 0x0d20 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:32:29.0457 0x0d20 p2psvc - ok
15:32:29.0488 0x0d20 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
15:32:29.0550 0x0d20 Parport - ok
15:32:29.0597 0x0d20 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:32:29.0628 0x0d20 partmgr - ok
15:32:29.0644 0x0d20 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:32:29.0706 0x0d20 Parvdm - ok
15:32:29.0753 0x0d20 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:32:29.0769 0x0d20 PcaSvc - ok
15:32:29.0800 0x0d20 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
15:32:29.0831 0x0d20 pci - ok
15:32:29.0862 0x0d20 [ 3B1901E401473E03EB8C874271E50C26, 3C7931F419E29FDD0155D8D05D97289430A2852FCB3DBAD1B338FE2241458E72 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:32:29.0862 0x0d20 pciide - ok
15:32:29.0925 0x0d20 [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:32:29.0940 0x0d20 pcmcia - ok
15:32:30.0065 0x0d20 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:32:30.0190 0x0d20 PEAUTH - ok
15:32:30.0346 0x0d20 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
15:32:30.0455 0x0d20 pla - ok
15:32:30.0517 0x0d20 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:32:30.0564 0x0d20 PlugPlay - ok
15:32:30.0611 0x0d20 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:32:30.0673 0x0d20 PNRPAutoReg - ok
15:32:30.0705 0x0d20 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:32:30.0767 0x0d20 PNRPsvc - ok
15:32:30.0829 0x0d20 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:32:30.0876 0x0d20 PolicyAgent - ok
15:32:30.0923 0x0d20 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:32:30.0954 0x0d20 PptpMiniport - ok
15:32:31.0017 0x0d20 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
15:32:31.0079 0x0d20 Processor - ok
15:32:31.0095 0x0d20 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
15:32:31.0141 0x0d20 ProfSvc - ok
15:32:31.0173 0x0d20 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
15:32:31.0188 0x0d20 ProtectedStorage - ok
15:32:31.0219 0x0d20 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:32:31.0251 0x0d20 PSched - ok
15:32:31.0375 0x0d20 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:32:31.0438 0x0d20 ql2300 - ok
15:32:31.0485 0x0d20 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:32:31.0500 0x0d20 ql40xx - ok
15:32:31.0547 0x0d20 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
15:32:31.0578 0x0d20 QWAVE - ok
15:32:31.0609 0x0d20 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:32:31.0625 0x0d20 QWAVEdrv - ok
15:32:31.0656 0x0d20 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:32:31.0687 0x0d20 RasAcd - ok
15:32:31.0734 0x0d20 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
15:32:31.0765 0x0d20 RasAuto - ok
15:32:31.0797 0x0d20 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:32:31.0828 0x0d20 Rasl2tp - ok
15:32:31.0875 0x0d20 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
15:32:31.0906 0x0d20 RasMan - ok
15:32:31.0953 0x0d20 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:32:31.0968 0x0d20 RasPppoe - ok
15:32:31.0984 0x0d20 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:32:31.0999 0x0d20 RasSstp - ok
15:32:32.0046 0x0d20 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:32:32.0093 0x0d20 rdbss - ok
15:32:32.0140 0x0d20 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:32:32.0171 0x0d20 RDPCDD - ok
15:32:32.0218 0x0d20 [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:32:32.0296 0x0d20 rdpdr - ok
15:32:32.0327 0x0d20 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:32:32.0358 0x0d20 RDPENCDD - ok
15:32:32.0467 0x0d20 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:32:32.0483 0x0d20 RDPWD - ok
15:32:32.0592 0x0d20 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:32:32.0639 0x0d20 RemoteAccess - ok
15:32:32.0670 0x0d20 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:32:32.0701 0x0d20 RemoteRegistry - ok
15:32:32.0733 0x0d20 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
15:32:32.0748 0x0d20 RpcLocator - ok
15:32:32.0795 0x0d20 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
15:32:32.0857 0x0d20 RpcSs - ok
15:32:32.0935 0x0d20 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:32:32.0967 0x0d20 rspndr - ok
15:32:33.0013 0x0d20 [ 455F7F7974211EA11B81F0F4E528E258, BB66099D66046F85BFFE6618C0970611CEF9BE4C970B1FDFB9F47BE0A7809780 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
15:32:33.0045 0x0d20 RTL8169 - ok
15:32:33.0091 0x0d20 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
15:32:33.0107 0x0d20 SamSs - ok
15:32:33.0154 0x0d20 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:32:33.0169 0x0d20 sbp2port - ok
15:32:33.0247 0x0d20 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:32:33.0279 0x0d20 SCardSvr - ok
15:32:33.0372 0x0d20 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
15:32:33.0450 0x0d20 Schedule - ok
15:32:33.0513 0x0d20 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:32:33.0544 0x0d20 SCPolicySvc - ok
15:32:33.0575 0x0d20 [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:32:33.0606 0x0d20 sdbus - ok
15:32:33.0653 0x0d20 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:32:33.0684 0x0d20 SDRSVC - ok
15:32:33.0715 0x0d20 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:32:33.0778 0x0d20 secdrv - ok
15:32:33.0825 0x0d20 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
15:32:33.0856 0x0d20 seclogon - ok
15:32:33.0871 0x0d20 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
15:32:33.0918 0x0d20 SENS - ok
15:32:33.0934 0x0d20 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:32:33.0996 0x0d20 Serenum - ok
15:32:34.0027 0x0d20 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
15:32:34.0090 0x0d20 Serial - ok
15:32:34.0121 0x0d20 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:32:34.0168 0x0d20 sermouse - ok
15:32:34.0215 0x0d20 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:32:34.0246 0x0d20 SessionEnv - ok
15:32:34.0277 0x0d20 [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:32:34.0339 0x0d20 sffdisk - ok
15:32:34.0355 0x0d20 [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:32:34.0417 0x0d20 sffp_mmc - ok
15:32:34.0449 0x0d20 [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:32:34.0511 0x0d20 sffp_sd - ok
15:32:34.0527 0x0d20 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:32:34.0589 0x0d20 sfloppy - ok
15:32:34.0651 0x0d20 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:32:34.0698 0x0d20 SharedAccess - ok
15:32:34.0745 0x0d20 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:32:34.0776 0x0d20 ShellHWDetection - ok
15:32:34.0823 0x0d20 [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:32:34.0839 0x0d20 sisagp - ok
15:32:34.0839 0x0d20 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:32:34.0854 0x0d20 SiSRaid2 - ok
15:32:34.0885 0x0d20 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:32:34.0901 0x0d20 SiSRaid4 - ok
15:32:35.0275 0x0d20 [ B9F101C40A8631B20778B46D1A6F6DAF, BB754078BAFC14FF8843D3465FE7C20477901CE4A3124549F74E01A1DFB799A3 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:32:35.0681 0x0d20 Skype C2C Service - ok
15:32:35.0790 0x0d20 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
15:32:35.0821 0x0d20 SkypeUpdate - ok
15:32:36.0055 0x0d20 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
15:32:36.0414 0x0d20 slsvc - ok
15:32:36.0508 0x0d20 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:32:36.0539 0x0d20 SLUINotify - ok
15:32:36.0570 0x0d20 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:32:36.0601 0x0d20 Smb - ok
15:32:36.0648 0x0d20 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:32:36.0664 0x0d20 SNMPTRAP - ok
15:32:36.0695 0x0d20 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:32:36.0711 0x0d20 spldr - ok
15:32:36.0757 0x0d20 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
15:32:36.0789 0x0d20 Spooler - ok
15:32:36.0851 0x0d20 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:32:36.0882 0x0d20 srv - ok
15:32:36.0929 0x0d20 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:32:36.0960 0x0d20 srv2 - ok
15:32:36.0991 0x0d20 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:32:37.0007 0x0d20 srvnet - ok
15:32:37.0054 0x0d20 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:32:37.0101 0x0d20 SSDPSRV - ok
15:32:37.0179 0x0d20 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:32:37.0210 0x0d20 SstpSvc - ok
15:32:37.0272 0x0d20 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
15:32:37.0303 0x0d20 stisvc - ok
15:32:37.0428 0x0d20 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:32:37.0444 0x0d20 swenum - ok
15:32:37.0475 0x0d20 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
15:32:37.0522 0x0d20 swprv - ok
15:32:37.0647 0x0d20 [ 7330D477B7496CB42BF11EFF2D374C6A, 080AAE6294358A96BE5EE0D16F5631354DF5FB8E313A51C486876739423AC5CF ] Swupdtmr        c:\Toshiba\IVP\swupdate\swupdtmr.exe
15:32:37.0662 0x0d20 Swupdtmr - detected UnsignedFile.Multi.Generic ( 1 )
15:32:37.0881 0x0d20 Detect skipped due to KSN trusted
15:32:37.0881 0x0d20 Swupdtmr - ok
15:32:37.0974 0x0d20 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:32:38.0005 0x0d20 Symc8xx - ok
15:32:38.0068 0x0d20 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:32:38.0083 0x0d20 Sym_hi - ok
15:32:38.0115 0x0d20 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:32:38.0130 0x0d20 Sym_u3 - ok
15:32:38.0208 0x0d20 [ 2D2C815364A878C7E358D5F549711197, 791E473C1A81EF56E98A1C32CD9787205216118A5638EC120A0001424532A5CD ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:32:38.0239 0x0d20 SynTP - ok
15:32:38.0317 0x0d20 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
15:32:38.0380 0x0d20 SysMain - ok
15:32:38.0458 0x0d20 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:32:38.0473 0x0d20 TabletInputService - ok
15:32:38.0520 0x0d20 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:32:38.0567 0x0d20 TapiSrv - ok
15:32:38.0598 0x0d20 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
15:32:38.0629 0x0d20 TBS - ok
15:32:38.0754 0x0d20 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:32:38.0848 0x0d20 Tcpip - ok
15:32:38.0957 0x0d20 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:32:39.0051 0x0d20 Tcpip6 - ok
15:32:39.0144 0x0d20 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:32:39.0160 0x0d20 tcpipreg - ok
15:32:39.0222 0x0d20 [ 1825BCEB47BF41C5A9F0E44DE82FC27A, 6E5F2654852060A61728686A1877A1EA93645EEED0D2612842D951B4E83750A3 ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
15:32:39.0238 0x0d20 tdcmdpst - ok
15:32:39.0285 0x0d20 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:32:39.0316 0x0d20 TDPIPE - ok
15:32:39.0347 0x0d20 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:32:39.0378 0x0d20 TDTCP - ok
15:32:39.0425 0x0d20 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:32:39.0456 0x0d20 tdx - ok
15:32:39.0472 0x0d20 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:32:39.0503 0x0d20 TermDD - ok
15:32:39.0550 0x0d20 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
15:32:39.0643 0x0d20 TermService - ok
15:32:39.0721 0x0d20 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
15:32:39.0753 0x0d20 Themes - ok
15:32:39.0784 0x0d20 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:32:39.0815 0x0d20 THREADORDER - ok
15:32:39.0877 0x0d20 [ F779BA4CD37963AB4600C9871B7752A3, 57CDADC5F089D03A800EF52F02C0B2F77B0AA9EFDF3CFD837452D699404A058E ] tifm21          C:\Windows\system32\drivers\tifm21.sys
15:32:39.0909 0x0d20 tifm21 - ok
15:32:39.0940 0x0d20 [ D540858E65BFA6FDED41AD2495ECE344, DB85A860F4C07D1370F34AA7F39FAE5DF7E47C1BE65B4D39954FC37CA703A199 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
15:32:39.0955 0x0d20 TODDSrv - detected UnsignedFile.Multi.Generic ( 1 )
15:32:40.0330 0x0d20 Detect skipped due to KSN trusted
15:32:40.0330 0x0d20 TODDSrv - ok
15:32:40.0439 0x0d20 [ AF41337C08D1C240AF14BA4CAB02BF02, C95FB998440582A62B0DACDFEB81D85F2D9972C705CBBC53BD6C50D5D208397F ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
15:32:40.0470 0x0d20 TosCoSrv - ok
15:32:40.0595 0x0d20 [ 76148C3159718B701252F87B067904A6, 90DDCF15A9A447D00213CAFF9FEF24720703EB5398388126DA8F58AFE7DF09BE ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
15:32:40.0611 0x0d20 TOSHIBA Bluetooth Service - detected UnsignedFile.Multi.Generic ( 1 )
15:32:41.0094 0x0d20 Detect skipped due to KSN trusted
15:32:41.0094 0x0d20 TOSHIBA Bluetooth Service - ok
15:32:41.0250 0x0d20 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2, 52D7505291268878712B4E6AE9B3E440D8D6125E2D61AA3F6719300B931385E0 ] Tosrfcom        C:\Windows\system32\drivers\Tosrfcom.sys
15:32:41.0281 0x0d20 Tosrfcom - ok
15:32:41.0281 0x0d20 [ 5C4103544612E5011EF46301B93D1AA6, B26BBDE22AB60A7B692A8D6F11F40343146D0D3FD0099E3E0DB8ECCF87ECD2B3 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
15:32:41.0297 0x0d20 tosrfec - ok
15:32:41.0391 0x0d20 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
15:32:41.0437 0x0d20 TrkWks - ok
15:32:41.0500 0x0d20 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:32:41.0531 0x0d20 TrustedInstaller - ok
15:32:41.0593 0x0d20 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:32:41.0609 0x0d20 tssecsrv - ok
15:32:41.0687 0x0d20 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:32:41.0703 0x0d20 tunmp - ok
15:32:41.0796 0x0d20 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:32:41.0812 0x0d20 tunnel - ok
15:32:41.0890 0x0d20 [ 521C5F39829875ADF5466DD94C6282C7, E6E420566C29ABAF4B49E50935B12552FF835A9808930BFDB6F2B77F246F9AFC ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
15:32:41.0905 0x0d20 TVALZ - ok
15:32:41.0952 0x0d20 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:32:41.0968 0x0d20 uagp35 - ok
15:32:42.0030 0x0d20 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:32:42.0077 0x0d20 udfs - ok
15:32:42.0124 0x0d20 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:32:42.0155 0x0d20 UI0Detect - ok
15:32:42.0171 0x0d20 [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:32:42.0186 0x0d20 uliagpkx - ok
15:32:42.0233 0x0d20 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:32:42.0249 0x0d20 uliahci - ok
15:32:42.0280 0x0d20 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:32:42.0295 0x0d20 UlSata - ok
15:32:42.0327 0x0d20 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:32:42.0342 0x0d20 ulsata2 - ok
15:32:42.0389 0x0d20 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:32:42.0436 0x0d20 umbus - ok
15:32:42.0654 0x0d20 [ 88F659B04497A6D34E2D180A52F15829, A941C89D660ACB3480ED26269F9F2634B72088C00283CE400FB04752EE2D8DA8 ] UpgradeManager C:\Program Files\GLDS\UpgradeManager\UpgradeManagerSvc.exe
15:32:42.0779 0x0d20 UpgradeManager - detected UnsignedFile.Multi.Generic ( 1 )
15:32:43.0341 0x0d20 UpgradeManager ( UnsignedFile.Multi.Generic ) - warning
15:32:43.0668 0x0d20 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
15:32:43.0715 0x0d20 upnphost - ok
15:32:43.0793 0x0d20 [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:32:43.0809 0x0d20 usbaudio - ok
15:32:43.0887 0x0d20 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:32:43.0902 0x0d20 usbccgp - ok
15:32:43.0949 0x0d20 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:32:44.0011 0x0d20 usbcir - ok
15:32:44.0074 0x0d20 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:32:44.0089 0x0d20 usbehci - ok
15:32:44.0121 0x0d20 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:32:44.0152 0x0d20 usbhub - ok
15:32:44.0167 0x0d20 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:32:44.0230 0x0d20 usbohci - ok
15:32:44.0277 0x0d20 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:32:44.0308 0x0d20 usbprint - ok
15:32:44.0370 0x0d20 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:32:44.0386 0x0d20 usbscan - ok
15:32:44.0448 0x0d20 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:32:44.0479 0x0d20 USBSTOR - ok
15:32:44.0542 0x0d20 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:32:44.0557 0x0d20 usbuhci - ok
15:32:44.0604 0x0d20 [ 2069A21A5F5A6497CD36460F734276DB, FB2F1E74BDF625086CC5ECC24C72CF872EB7D39D863A7C22896805C04F805E9A ] usbws320        C:\Windows\system32\DRIVERS\usbws320.sys
15:32:44.0620 0x0d20 usbws320 - ok
15:32:44.0635 0x0d20 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
15:32:44.0667 0x0d20 UxSms - ok
15:32:44.0729 0x0d20 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
15:32:44.0807 0x0d20 vds - ok
15:32:44.0885 0x0d20 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:32:44.0947 0x0d20 vga - ok
15:32:44.0994 0x0d20 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:32:45.0041 0x0d20 VgaSave - ok
15:32:45.0057 0x0d20 [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:32:45.0072 0x0d20 viaagp - ok
15:32:45.0088 0x0d20 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:32:45.0150 0x0d20 ViaC7 - ok
15:32:45.0166 0x0d20 [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:32:45.0181 0x0d20 viaide - ok
15:32:45.0197 0x0d20 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:32:45.0213 0x0d20 volmgr - ok
15:32:45.0275 0x0d20 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:32:45.0291 0x0d20 volmgrx - ok
15:32:45.0369 0x0d20 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:32:45.0400 0x0d20 volsnap - ok
15:32:45.0431 0x0d20 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:32:45.0447 0x0d20 vsmraid - ok
15:32:45.0571 0x0d20 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
15:32:45.0665 0x0d20 VSS - ok
15:32:45.0743 0x0d20 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
15:32:45.0790 0x0d20 W32Time - ok
15:32:45.0837 0x0d20 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:32:45.0899 0x0d20 WacomPen - ok
15:32:45.0946 0x0d20 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:32:45.0961 0x0d20 Wanarp - ok
15:32:45.0977 0x0d20 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:32:46.0008 0x0d20 Wanarpv6 - ok
15:32:46.0071 0x0d20 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:32:46.0117 0x0d20 wcncsvc - ok
15:32:46.0180 0x0d20 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:32:46.0211 0x0d20 WcsPlugInService - ok
15:32:46.0227 0x0d20 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
15:32:46.0242 0x0d20 Wd - ok
15:32:46.0336 0x0d20 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:32:46.0398 0x0d20 Wdf01000 - ok
15:32:46.0476 0x0d20 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:32:46.0523 0x0d20 WdiServiceHost - ok
15:32:46.0539 0x0d20 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:32:46.0585 0x0d20 WdiSystemHost - ok
15:32:46.0632 0x0d20 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
15:32:46.0663 0x0d20 WebClient - ok
15:32:46.0710 0x0d20 [ 905214925A88311FCE52F66153DE7610, 5D18C6E835A2EA4108C93D9E6AA976142119860C8FC8ECB2DFA961A241B6E61C ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:32:46.0757 0x0d20 Wecsvc - ok
15:32:46.0773 0x0d20 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:32:46.0804 0x0d20 wercplsupport - ok
15:32:46.0851 0x0d20 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:32:46.0882 0x0d20 WerSvc - ok
15:32:46.0960 0x0d20 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:32:46.0991 0x0d20 WinDefend - ok
15:32:46.0991 0x0d20 WinHttpAutoProxySvc - ok
15:32:47.0069 0x0d20 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:32:47.0100 0x0d20 Winmgmt - ok
15:32:47.0178 0x0d20 [ 01874D4689C212460FBABF0ECD7CB7F7, 8FC46BAD704A1E057DC4A8DC7374AAB93A96CC4A46E06FF9C2E06A6D62820469 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:32:47.0256 0x0d20 WinRM - ok
15:32:47.0490 0x0d20 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:32:47.0537 0x0d20 Wlansvc - ok
15:32:47.0631 0x0d20 [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:32:47.0693 0x0d20 WmiAcpi - ok
15:32:47.0802 0x0d20 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:32:47.0833 0x0d20 wmiApSrv - ok
15:32:48.0114 0x0d20 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:32:48.0192 0x0d20 WMPNetworkSvc - ok
15:32:48.0286 0x0d20 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:32:48.0317 0x0d20 WPCSvc - ok
15:32:48.0364 0x0d20 [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:32:48.0379 0x0d20 WPDBusEnum - ok
15:32:48.0426 0x0d20 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:32:48.0457 0x0d20 ws2ifsl - ok
15:32:48.0504 0x0d20 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:32:48.0535 0x0d20 wscsvc - ok
15:32:48.0535 0x0d20 WSearch - ok
15:32:49.0035 0x0d20 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:32:49.0144 0x0d20 wuauserv - ok
15:32:49.0206 0x0d20 [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:32:49.0237 0x0d20 WUDFRd - ok
15:32:49.0269 0x0d20 [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:32:49.0300 0x0d20 wudfsvc - ok
15:32:49.0315 0x0d20 ================ Scan global ===============================
15:32:49.0378 0x0d20 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
15:32:49.0456 0x0d20 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:32:49.0487 0x0d20 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:32:49.0565 0x0d20 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
15:32:49.0581 0x0d20 [ Global ] - ok
15:32:49.0581 0x0d20 ================ Scan MBR ==================================
15:32:49.0612 0x0d20 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
15:32:50.0314 0x0d20 \Device\Harddisk0\DR0 - ok
15:32:50.0314 0x0d20 ================ Scan VBR ==================================
15:32:50.0345 0x0d20 [ BE600F1B8B0EB7EB567B49A730241B99 ] \Device\Harddisk0\DR0\Partition1
15:32:50.0361 0x0d20 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
15:32:50.0361 0x0d20 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
15:32:50.0657 0x0d20 ================ Scan generic autorun ======================
15:32:50.0688 0x0d20 [ 93CB29692E746BAC5C6764E83348DADA, 04DEB59198038F518F3DE1DCA321FD3D95A14A6F4CCEC1E07F111991563323AB ] C:\Windows\system32\igfxtray.exe
15:32:50.0735 0x0d20 IgfxTray - ok
15:32:50.0766 0x0d20 [ 8987E5C9AF94AF94258E747103511C5F, 960A039DC0561627548540EE04136AAAEA81329918C8F8850413C12AFA195CF5 ] C:\Windows\system32\hkcmd.exe
15:32:50.0782 0x0d20 HotKeysCmds - ok
15:32:50.0797 0x0d20 [ D395D12815EAA1EAF50BA2B4F252959F, 7D8894FF1497BFB7515DCF704CB4D8C66EC1C542EF9E4371CB0F01446DEF4612 ] C:\Windows\system32\igfxpers.exe
15:32:50.0860 0x0d20 Persistence - ok
15:32:50.0969 0x0d20 [ F98281EF23616F751FABE97A6EC5DBE6, E5F12D24BE1D11519DFDF3C99172641C0E141313A4FED527E0CEE2BBE2651D01 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
15:32:51.0141 0x0d20 SynTPEnh - ok
15:32:51.0281 0x0d20 [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
15:32:51.0375 0x0d20 Windows Defender - ok
15:32:51.0687 0x0d20 [ A503A47A5E7EA8024379A8CC6059B74A, 8DEEC50E21924D21DD6383FA7FB3714ECA5AD45C576E0FF0431EE0DB25194620 ] C:\Windows\RtHDVCpl.exe
15:32:52.0030 0x0d20 RtHDVCpl - ok
15:32:52.0108 0x0d20 [ 7DC4E93F9BE692E29B1E1D27B6A389DC, 951D34EB7DEDBE33807DAB3EAF477364C0764F0C3D6A7309732A42509A26B031 ] C:\Program Files\ltmoh\Ltmoh.exe
15:32:52.0123 0x0d20 LtMoh - detected UnsignedFile.Multi.Generic ( 1 )
15:32:52.0591 0x0d20 Detect skipped due to KSN trusted
15:32:52.0591 0x0d20 LtMoh - ok
15:32:52.0638 0x0d20 [ 424C1ADB34F9F1B2BC947D8BF0D5FBE3, 5E462434A693A831910E3D5D4D8B939C4441E62735EC4CB2039DEAED5EC363D9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE
15:32:52.0669 0x0d20 TPwrMain - ok
15:32:52.0747 0x0d20 [ 15058804D8A48C67C007DD1D797CC72A, 6E5DBE00B526DE76A32B01618D8E853EC93221B91C62FB19C611067D897EE90B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
15:32:52.0763 0x0d20 HSON - ok
15:32:52.0825 0x0d20 [ D1093014C17EFB8E5D84F78297F9699B, 41F6ABDF33CCAFF8E17572928F76B2A5476500226BA6E62E3D3CA1BC29126B89 ] C:\Program Files\Toshiba\SmoothView\SmoothView.exe
15:32:52.0872 0x0d20 SmoothView - ok
15:32:52.0950 0x0d20 [ 842691D383157CDF5D3D81E06BC1FC71, 3E43E530C5D8FF93216E61F923AEC6CA7D0370F071DE8C055B9CFE4FE189EA7A ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
15:32:52.0981 0x0d20 00TCrdMain - ok
15:32:52.0997 0x0d20 NDSTray.exe - ok
15:32:53.0122 0x0d20 [ 910B7CFD6E23D6E0A7370525B5AE5B7A, 9087A771A2BE22A95FB4BD9845B67D87F7FBC39F3427734FFCCD5648E67F9A34 ] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
15:32:53.0184 0x0d20 HWSetup - detected UnsignedFile.Multi.Generic ( 1 )
15:32:53.0668 0x0d20 Detect skipped due to KSN trusted
15:32:53.0668 0x0d20 HWSetup - ok
15:32:53.0715 0x0d20 [ 104B2D030A592D4B2FC87D49B3ED62D6, 1BE247A89E21D5D4CEE91690AE4B86D50B6D9F5572C6CB5F1224EED5B91049EC ] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
15:32:53.0793 0x0d20 SVPWUTIL - detected UnsignedFile.Multi.Generic ( 1 )
15:32:53.0995 0x0d20 Detect skipped due to KSN trusted
15:32:53.0995 0x0d20 SVPWUTIL - ok
15:32:54.0027 0x0d20 [ AFD400AEBCAB252C99E60991FF00D9D2, E0BC1528A92E2484C220DDA55582E96BC088DFEEFFE360C169E4FC2C85F1519C ] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
15:32:54.0027 0x0d20 KeNotify - ok
15:32:54.0089 0x0d20 [ FF0727AB2E7B019026D9034F643752B0, 7969B601C55BC848BF341448AB9329DB40E3B694434030EEADFA7BE2D061E90B ] C:\TOSHIBA\IVP\ISM\pinger.exe
15:32:54.0105 0x0d20 PINGER - detected UnsignedFile.Multi.Generic ( 1 )
15:32:54.0479 0x0d20 Detect skipped due to KSN trusted
15:32:54.0479 0x0d20 PINGER - ok
15:32:54.0713 0x0d20 [ 2FD9412F2790BC43E5C545D575DBC4A5, 8F0BE6A350408C5099E577CCC4DDCD4B9B3CDBBDC916123D0D136A768C3319B6 ] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
15:32:54.0900 0x0d20 Google Desktop Search - detected UnsignedFile.Multi.Generic ( 1 )
15:32:55.0384 0x0d20 Detect skipped due to KSN trusted
15:32:55.0384 0x0d20 Google Desktop Search - ok
15:32:55.0462 0x0d20 [ ED7A6D40B20DC34BE06F4AE196AE7D50, 6BE8E459AB2957B443F03419B5A765B61DEB946F1056CEB9C43FB26EB800A835 ] C:\Program Files\QuickTime\QTTask.exe
15:32:55.0540 0x0d20 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
15:32:55.0992 0x0d20 Detect skipped due to KSN trusted
15:32:55.0992 0x0d20 QuickTime Task - ok
15:32:56.0242 0x0d20 [ 3C6C546F303C1B956C6F5C436C97CB8F, 60587AC1828410C819DD6D7022B9FE954E58D55EFC7D84DD5FB29854DCF04FA6 ] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
15:32:56.0554 0x0d20 avast5 - ok
15:32:56.0710 0x0d20 [ C5FCC0B761069FABD59E41B7C3280DDF, 2A43F0C1A753CFF4F2FC2B3AFE9F6D4B549C6ABC4623D8D8BCAADDDAB8557AA6 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
15:32:56.0803 0x0d20 Malwarebytes Anti-Malware (reboot) - ok
15:32:56.0991 0x0d20 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:32:57.0147 0x0d20 Sidebar - ok
15:32:57.0162 0x0d20 WindowsWelcomeCenter - ok
15:32:57.0287 0x0d20 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:32:57.0381 0x0d20 Sidebar - ok
15:32:57.0381 0x0d20 WindowsWelcomeCenter - ok
15:32:57.0396 0x0d20 TOSCDSPD - ok
15:32:57.0552 0x0d20 [ BC0DF782D8C5C446C2AC7D16D2F3312C, 2702873FDC1B8DEA46F3B6B98BC93ED0EA199FA30F0AA22C0E50D8B6B5381FEE ] C:\Users\Dennis\AppData\Roaming\mjusbsp\cdloader2.exe
15:32:57.0568 0x0d20 cdloader - ok
15:32:57.0708 0x0d20 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe
15:32:57.0724 0x0d20 Google Update - ok
15:32:57.0802 0x0d20 [ F29FB319665A76CAD5C0370D814BEB66, C0E3C6A1A1ABC03EB0EB340F2B866A8080728AC900DEC0E2DDBAE044339E35BF ] C:\Program Files\Digicel Broadband CM\cm\UIExec.exe
15:32:57.0833 0x0d20 UIExec - detected UnsignedFile.Multi.Generic ( 1 )
15:32:58.0317 0x0d20 Detect skipped due to KSN trusted
15:32:58.0317 0x0d20 UIExec - ok
15:32:58.0379 0x0d20 [ 1EF5F5C22258C60C896B092066C2E628, B0B367266120440E4CBD3A06CC3DCD45F703DCB71FD2BD0EDC1B8E8D6012A9C8 ] C:\AdwCleaner\AdwCleaner[S0].txt
15:32:58.0395 0x0d20 Report - detected UnsignedFile.Multi.Generic ( 1 )
15:32:58.0863 0x0d20 Report ( UnsignedFile.Multi.Generic ) - warning
15:32:59.0175 0x0d20 Waiting for KSN requests completion. In queue: 6
15:33:00.0423 0x0d20 AV detected via SS2: avast! Antivirus, C:\Program Files\Alwil Software\Avast5\VisthAux.exe ( 5.0.121.0 ), 0x40000 ( disabled : updated )
15:33:00.0423 0x0d20 Win FW state via NFP2: enabled
15:33:00.0688 0x0d20 ============================================================
15:33:00.0688 0x0d20 Scan finished
15:33:00.0688 0x0d20 ============================================================
15:33:00.0688 0x0e88 Detected object count: 3
15:33:00.0688 0x0e88 Actual detected object count: 3
15:33:47.0862 0x0e88 UpgradeManager ( UnsignedFile.Multi.Generic ) - skipped by user
15:33:47.0862 0x0e88 UpgradeManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:33:47.0878 0x0e88 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
15:33:47.0878 0x0e88 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
15:33:47.0878 0x0e88 Report ( UnsignedFile.Multi.Generic ) - skipped by user
15:33:47.0878 0x0e88 Report ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:34:03.0727 0x0c60 Deinitialize success

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-29 15:37:30
-----------------------------
15:37:30.081    OS Version: Windows 6.0.6002 Service Pack 2
15:37:30.082    Number of processors: 2 586 0xE0C
15:37:30.083    ComputerName: DENNIS-PC UserName: Dennis
15:37:43.752    Initialize success
15:37:43.784    VM: initialized successfully
15:37:43.784    VM: Intel CPU virtualization not supported
15:37:43.955    AVAST engine defs: 13102200
15:40:15.899    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:40:15.899    Disk 0 Vendor: Hitachi_HTS541610J9SA00 SBCOC7DP Size: 95396MB BusType: 3
15:40:16.086    Disk 0 MBR read successfully
15:40:16.102    Disk 0 MBR scan
15:40:16.102    Disk 0 Windows VISTA default MBR code
15:40:16.118    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS         1500 MB offset 2048
15:40:16.133    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        93895 MB offset 3074048
15:40:16.149    Disk 0 scanning sectors +195371008
15:40:16.227    Disk 0 scanning C:\Windows\system32\drivers
15:40:28.442    Service scanning
15:41:02.793    Modules scanning
15:41:14.321    Disk 0 trace - called modules:
15:41:14.368    ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys ntoskrnl.exe hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys dxgkrnl.sys igdkmd32.sys
15:41:14.368    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864a7968]
15:41:14.368    3 CLASSPNP.SYS[891b08b3] -> nt!IofCallDriver -> [0x85de9c48]
15:41:14.368    5 acpi.sys[8364c6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85deb6c0]
15:41:15.257    AVAST engine scan C:\
15:42:43.553    File: C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\cwncmuup.exe.xBAD **INFECTED** Win32:Evo-gen [Susp]
15:42:50.058    File: C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\xgdegqqp.exe.xBAD **INFECTED** Win32:Evo-gen [Susp]
15:48:04.601    File: C:\Program Files\Realtek\Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista\lansetv.exe **INFECTED** Win32:Evo-gen [Susp]
15:49:01.853    File: C:\Program Files\Toshiba\PCDiag\dialtonetest.exe **INFECTED** Win32:Evo-gen [Susp]
20:43:11.062    Scan finished successfully
07:05:29.805    Disk 0 MBR has been saved successfully to "C:\Users\Dennis\Desktop\MBR.dat"
07:05:29.820    The log file has been saved successfully to "C:\Users\Dennis\Desktop\aswMBR.txt"

#23 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 30 September 2014 - 06:21 AM

Great, we've found the culprit.
Lets now remove the bootkit.

TDSSKiller Fix

Right-Click TDSSKiller.exe and select Run as administrator to run the programme.
Click Change parameters. Ensure a checkmark is placed next to:
- Detect TDLFS file system
- Verify file digital signatures
Click Start Scan. Do not use the computer during the scan.
Upon completion, select Cure for the following items:
```
Rootkit.Boot.Cidox.b
```
Click Continue and close the window.
A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.
Please re-run a TDSSKiller scan with the options above, and confirm the detection (Rootkit.Boot.Cidox.b) is no longer present.

Would you like to help others with malware removal? Join our Classroom and learn how!

#24 elmkd

Authentic Member

Authentic Member
138 posts

Posted 30 September 2014 - 06:31 AM

07:29:31.0615 0x0ef8 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
07:30:05.0464 0x0ef8 ============================================================
07:30:05.0464 0x0ef8 Current date / time: 2014/09/30 07:30:05.0464
07:30:05.0464 0x0ef8 SystemInfo:
07:30:05.0464 0x0ef8
07:30:05.0464 0x0ef8 OS Version: 6.0.6002 ServicePack: 2.0
07:30:05.0464 0x0ef8 Product type: Workstation
07:30:05.0464 0x0ef8 ComputerName: DENNIS-PC
07:30:05.0464 0x0ef8 UserName: Dennis
07:30:05.0464 0x0ef8 Windows directory: C:\Windows
07:30:05.0464 0x0ef8 System windows directory: C:\Windows
07:30:05.0464 0x0ef8 Processor architecture: Intel x86
07:30:05.0464 0x0ef8 Number of processors: 2
07:30:05.0464 0x0ef8 Page size: 0x1000
07:30:05.0464 0x0ef8 Boot type: Normal boot
07:30:05.0464 0x0ef8 ============================================================
07:30:08.0772 0x0ef8 KLMD registered as C:\Windows\system32\drivers\20036768.sys
07:30:08.0896 0x0ef8 System UUID: {9C1AA64B-C043-A1C7-18F3-74B90EE2593A}
07:30:09.0864 0x0ef8 Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 ( 93.16 Gb ), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:30:09.0879 0x0ef8 ============================================================
07:30:09.0879 0x0ef8 \Device\Harddisk0\DR0:
07:30:09.0879 0x0ef8 MBR partitions:
07:30:09.0879 0x0ef8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xB763800
07:30:09.0879 0x0ef8 ============================================================
07:30:09.0910 0x0ef8 C: <-> \Device\Harddisk0\DR0\Partition1
07:30:09.0910 0x0ef8 ============================================================
07:30:09.0910 0x0ef8 Initialize success
07:30:09.0910 0x0ef8 ============================================================
07:30:44.0854 0x0aa8 ============================================================
07:30:44.0854 0x0aa8 Scan started
07:30:44.0854 0x0aa8 Mode: Manual; SigCheck; TDLFS;
07:30:44.0854 0x0aa8 ============================================================
07:30:44.0854 0x0aa8 KSN ping started
07:30:56.0336 0x0aa8 KSN ping finished: true
07:30:57.0163 0x0aa8 ================ Scan system memory ========================
07:30:57.0163 0x0aa8 System memory - ok
07:30:57.0163 0x0aa8 ================ Scan services =============================
07:30:57.0381 0x0aa8 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
07:30:57.0537 0x0aa8 ACPI - ok
07:30:57.0802 0x0aa8 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
07:30:57.0849 0x0aa8 adp94xx - ok
07:30:57.0880 0x0aa8 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
07:30:57.0912 0x0aa8 adpahci - ok
07:30:57.0943 0x0aa8 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
07:30:57.0958 0x0aa8 adpu160m - ok
07:30:57.0990 0x0aa8 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
07:30:58.0021 0x0aa8 adpu320 - ok
07:30:58.0099 0x0aa8 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
07:30:58.0224 0x0aa8 AeLookupSvc - ok
07:30:58.0286 0x0aa8 [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
07:30:58.0348 0x0aa8 AFD - ok
07:30:58.0426 0x0aa8 [ 1CB677BF1DABD3BAF4F944E2C90D6C73, 099466E899BB7BA176C42DB15D0D4946DC15845CA051BDACF3BE767157AB90BD ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
07:30:58.0473 0x0aa8 AgereModemAudio - ok
07:30:58.0598 0x0aa8 [ 4E6294A06BE883C9BD685A8DFD9FCD4E, 981293F10047FEB0DA7D421E0F36653360BCF709F7BB8F0750CE6D298F739D73 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
07:30:58.0770 0x0aa8 AgereSoftModem - ok
07:30:58.0832 0x0aa8 [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
07:30:58.0848 0x0aa8 agp440 - ok
07:30:58.0863 0x0aa8 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
07:30:58.0879 0x0aa8 aic78xx - ok
07:30:58.0910 0x0aa8 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
07:30:59.0019 0x0aa8 ALG - ok
07:30:59.0050 0x0aa8 [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
07:30:59.0066 0x0aa8 aliide - ok
07:30:59.0113 0x0aa8 [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
07:30:59.0144 0x0aa8 amdagp - ok
07:30:59.0160 0x0aa8 [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
07:30:59.0175 0x0aa8 amdide - ok
07:30:59.0238 0x0aa8 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
07:30:59.0378 0x0aa8 AmdK7 - ok
07:30:59.0409 0x0aa8 [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
07:30:59.0518 0x0aa8 AmdK8 - ok
07:30:59.0581 0x0aa8 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
07:30:59.0659 0x0aa8 Appinfo - ok
07:30:59.0830 0x0aa8 [ ACB095E7E1663F1B83A41C22C5D75F90, 18405B7B7D90CD7A2AD17F4D1B7688B49048CB0EBD10A98C53349E6286138418 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:30:59.0846 0x0aa8 Apple Mobile Device - ok
07:30:59.0924 0x0aa8 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
07:30:59.0940 0x0aa8 arc - ok
07:31:00.0018 0x0aa8 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
07:31:00.0033 0x0aa8 arcsas - ok
07:31:00.0096 0x0aa8 [ 1B6ED99291DDF5D2501554CC5757AAB6, EAE44C7E15554334F6F8CA0B4A5DDA42D5F91A67EDA0CAB8A111CFFB9F4C27F0 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
07:31:00.0111 0x0aa8 aswFsBlk - ok
07:31:00.0127 0x0aa8 [ 58254E06B36B984E33AE314C0EA8F1A5, D37FEA26999310862C42AFB5FF197CB6CED944C741944BC00E4960CB7E7E54C1 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
07:31:00.0142 0x0aa8 aswMonFlt - ok
07:31:00.0174 0x0aa8 [ 3E2B6112D2766F87EDA8466FDE86A986, 02479A494B95AE6CC250BEF7501A849875C531AA1E32A8610931EEBEFB66543A ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
07:31:00.0189 0x0aa8 aswRdr - ok
07:31:00.0236 0x0aa8 [ D78B644816DB540E103D0B0766FD9967, EEF9BBE28FF28F51A320A695A9299CC9F488A662761BFB050780D235E9F6E5E9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
07:31:00.0252 0x0aa8 aswSP - ok
07:31:00.0283 0x0aa8 [ 606D731008D98B6EF946730C597C1642, 1F3595451EDA90027D87A52D90E469B5FAC546D1E1AC841AD10BE1ADFE15F82C ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
07:31:00.0298 0x0aa8 aswTdi - ok
07:31:00.0470 0x0aa8 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:31:00.0532 0x0aa8 AsyncMac - ok
07:31:00.0595 0x0aa8 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
07:31:00.0610 0x0aa8 atapi - ok
07:31:00.0735 0x0aa8 [ 889E7F06279FD16549B77628918FF666, 3872FE09049D61A2428E95E223555B8A137780F837B8EDF6FE5CFAF873C917C2 ] athr            C:\Windows\system32\DRIVERS\athr.sys
07:31:00.0876 0x0aa8 athr - ok
07:31:01.0032 0x0aa8 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:31:01.0094 0x0aa8 AudioEndpointBuilder - ok
07:31:01.0110 0x0aa8 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
07:31:01.0172 0x0aa8 Audiosrv - ok
07:31:01.0250 0x0aa8 [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
07:31:01.0266 0x0aa8 avast! Antivirus - ok
07:31:01.0281 0x0aa8 [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
07:31:01.0297 0x0aa8 avast! Mail Scanner - ok
07:31:01.0297 0x0aa8 [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
07:31:01.0312 0x0aa8 avast! Web Scanner - ok
07:31:01.0437 0x0aa8 [ 4BDF4504D21C2F43E3BE06FDA5DF5FA7, 198893ABBE7E077D86E74DFA5E8A3E8CD8172FA811FF6C54BFC07FF93AF8BC03 ] bcm             C:\Windows\system32\DRIVERS\drxvi314.sys
07:31:01.0531 0x0aa8 bcm - ok
07:31:01.0578 0x0aa8 [ 557AF83FEC9CF88C896D29F4D40E6522, 3153F74DCC62547E410C384C20EE9C1273AFBD9D55A54B92B32F454D4DD5BCBB ] bcmbusctr       C:\Windows\system32\DRIVERS\BcmBusCtr.sys
07:31:01.0640 0x0aa8 bcmbusctr - ok
07:31:01.0702 0x0aa8 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:31:01.0827 0x0aa8 Beep - ok
07:31:01.0905 0x0aa8 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
07:31:02.0030 0x0aa8 BFE - ok
07:31:02.0155 0x0aa8 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
07:31:02.0311 0x0aa8 BITS - ok
07:31:02.0326 0x0aa8 blbdrive - ok
07:31:02.0358 0x0aa8 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:31:02.0404 0x0aa8 bowser - ok
07:31:02.0451 0x0aa8 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
07:31:02.0498 0x0aa8 BrFiltLo - ok
07:31:02.0514 0x0aa8 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
07:31:02.0592 0x0aa8 BrFiltUp - ok
07:31:02.0638 0x0aa8 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
07:31:02.0701 0x0aa8 Browser - ok
07:31:02.0748 0x0aa8 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
07:31:02.0841 0x0aa8 Brserid - ok
07:31:02.0888 0x0aa8 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
07:31:02.0982 0x0aa8 BrSerWdm - ok
07:31:03.0013 0x0aa8 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
07:31:03.0106 0x0aa8 BrUsbMdm - ok
07:31:03.0138 0x0aa8 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
07:31:03.0200 0x0aa8 BrUsbSer - ok
07:31:03.0216 0x0aa8 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
07:31:03.0309 0x0aa8 BTHMODEM - ok
07:31:03.0387 0x0aa8 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:31:03.0465 0x0aa8 cdfs - ok
07:31:03.0528 0x0aa8 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
07:31:03.0590 0x0aa8 cdrom - ok
07:31:03.0668 0x0aa8 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
07:31:03.0730 0x0aa8 CertPropSvc - ok
07:31:03.0886 0x0aa8 [ C82162949BBA6CC5D006C7BD008F3CF1, 635E5B5C5AF3ACECA6115DAC8E576390B258C6590EE9727DB6FA68B13FD85297 ] CFSvcs          C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
07:31:03.0933 0x0aa8 CFSvcs - detected UnsignedFile.Multi.Generic ( 1 )
07:31:04.0339 0x0aa8 Detect skipped due to KSN trusted
07:31:04.0339 0x0aa8 CFSvcs - ok
07:31:04.0386 0x0aa8 [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
07:31:04.0464 0x0aa8 circlass - ok
07:31:04.0526 0x0aa8 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
07:31:04.0557 0x0aa8 CLFS - ok
07:31:04.0651 0x0aa8 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:31:04.0666 0x0aa8 clr_optimization_v2.0.50727_32 - ok
07:31:04.0729 0x0aa8 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
07:31:04.0791 0x0aa8 CmBatt - ok
07:31:04.0838 0x0aa8 [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
07:31:04.0854 0x0aa8 cmdide - ok
07:31:04.0900 0x0aa8 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
07:31:04.0916 0x0aa8 Compbatt - ok
07:31:04.0932 0x0aa8 COMSysApp - ok
07:31:04.0947 0x0aa8 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
07:31:04.0947 0x0aa8 crcdisk - ok
07:31:04.0994 0x0aa8 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
07:31:05.0072 0x0aa8 Crusoe - ok
07:31:05.0181 0x0aa8 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:31:05.0259 0x0aa8 CryptSvc - ok
07:31:05.0384 0x0aa8 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:31:05.0462 0x0aa8 DcomLaunch - ok
07:31:05.0493 0x0aa8 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:31:05.0556 0x0aa8 DfsC - ok
07:31:05.0805 0x0aa8 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
07:31:06.0024 0x0aa8 DFSR - ok
07:31:06.0102 0x0aa8 [ 1EC27A51A2F9DF052BC2B4C8376C8FEA, 6B903263C4E5A26FE161EF829FD5C597485DFE1E9DBADD60FBEECE9F6605E79F ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
07:31:06.0133 0x0aa8 DgiVecp - detected UnsignedFile.Multi.Generic ( 1 )
07:31:06.0554 0x0aa8 Detect skipped due to KSN trusted
07:31:06.0554 0x0aa8 DgiVecp - ok
07:31:06.0757 0x0aa8 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
07:31:06.0819 0x0aa8 Dhcp - ok
07:31:06.0928 0x0aa8 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
07:31:07.0006 0x0aa8 disk - ok
07:31:07.0069 0x0aa8 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:31:07.0100 0x0aa8 Dnscache - ok
07:31:07.0178 0x0aa8 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
07:31:07.0240 0x0aa8 dot3svc - ok
07:31:07.0318 0x0aa8 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
07:31:07.0428 0x0aa8 DPS - ok
07:31:07.0490 0x0aa8 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
07:31:07.0584 0x0aa8 drmkaud - ok
07:31:07.0662 0x0aa8 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
07:31:07.0724 0x0aa8 DXGKrnl - ok
07:31:07.0880 0x0aa8 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
07:31:08.0020 0x0aa8 E1G60 - ok
07:31:08.0083 0x0aa8 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
07:31:08.0145 0x0aa8 EapHost - ok
07:31:08.0270 0x0aa8 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
07:31:08.0286 0x0aa8 Ecache - ok
07:31:08.0566 0x0aa8 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
07:31:08.0722 0x0aa8 ehRecvr - ok
07:31:08.0769 0x0aa8 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
07:31:08.0878 0x0aa8 ehSched - ok
07:31:08.0910 0x0aa8 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
07:31:08.0941 0x0aa8 ehstart - ok
07:31:09.0003 0x0aa8 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
07:31:09.0034 0x0aa8 elxstor - ok
07:31:09.0112 0x0aa8 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
07:31:09.0190 0x0aa8 EMDMgmt - ok
07:31:09.0253 0x0aa8 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
07:31:09.0315 0x0aa8 EventSystem - ok
07:31:09.0424 0x0aa8 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
07:31:09.0487 0x0aa8 exfat - ok
07:31:09.0534 0x0aa8 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
07:31:09.0612 0x0aa8 fastfat - ok
07:31:09.0674 0x0aa8 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
07:31:09.0768 0x0aa8 fdc - ok
07:31:09.0799 0x0aa8 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
07:31:09.0830 0x0aa8 fdPHost - ok
07:31:09.0892 0x0aa8 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
07:31:10.0002 0x0aa8 FDResPub - ok
07:31:10.0048 0x0aa8 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:31:10.0080 0x0aa8 FileInfo - ok
07:31:10.0111 0x0aa8 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
07:31:10.0173 0x0aa8 Filetrace - ok
07:31:10.0220 0x0aa8 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
07:31:10.0314 0x0aa8 flpydisk - ok
07:31:10.0392 0x0aa8 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:31:10.0423 0x0aa8 FltMgr - ok
07:31:10.0579 0x0aa8 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
07:31:10.0719 0x0aa8 FontCache - ok
07:31:10.0938 0x0aa8 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:31:10.0953 0x0aa8 FontCache3.0.0.0 - ok
07:31:11.0000 0x0aa8 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:31:11.0047 0x0aa8 Fs_Rec - ok
07:31:11.0094 0x0aa8 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
07:31:11.0109 0x0aa8 gagp30kx - ok
07:31:11.0172 0x0aa8 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
07:31:11.0265 0x0aa8 gpsvc - ok
07:31:11.0421 0x0aa8 [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C, 8F62DF65DB30770448E297D000B570683DEA454A5D84B5BCB1478D91030212DB ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:31:11.0452 0x0aa8 gusvc - ok
07:31:11.0530 0x0aa8 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
07:31:11.0546 0x0aa8 hamachi - ok
07:31:11.0608 0x0aa8 [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:31:11.0702 0x0aa8 HdAudAddService - ok
07:31:11.0780 0x0aa8 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
07:31:11.0842 0x0aa8 HDAudBus - ok
07:31:11.0889 0x0aa8 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
07:31:11.0983 0x0aa8 HidBth - ok
07:31:12.0030 0x0aa8 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
07:31:12.0139 0x0aa8 HidIr - ok
07:31:12.0186 0x0aa8 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
07:31:12.0264 0x0aa8 hidserv - ok
07:31:12.0295 0x0aa8 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
07:31:12.0357 0x0aa8 HidUsb - ok
07:31:12.0404 0x0aa8 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:31:12.0451 0x0aa8 hkmsvc - ok
07:31:12.0482 0x0aa8 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
07:31:12.0498 0x0aa8 HpCISSs - ok
07:31:12.0576 0x0aa8 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:31:12.0638 0x0aa8 HTTP - ok
07:31:12.0810 0x0aa8 [ 348C3A9D01E68A0222A246346924AA55, 6F8803BA37760043A78DC1E0D4E20853E5ABEF55B0201676B281EC2685E951DD ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
07:31:12.0888 0x0aa8 hwdatacard - ok
07:31:12.0934 0x0aa8 [ 460B1945C3E6B0419A76E1B507B90B71, C78B32ABB98ABAFF647500CD70AFA78C9848A4978E79EEE83D654E69F51D5F93 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
07:31:12.0981 0x0aa8 hwusbdev - ok
07:31:13.0028 0x0aa8 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
07:31:13.0044 0x0aa8 i2omp - ok
07:31:13.0153 0x0aa8 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
07:31:13.0215 0x0aa8 i8042prt - ok
07:31:13.0356 0x0aa8 [ 14F477463246E35F1DC932BE6225598C, 0295EEB75D818C18CC3A27C9FBB6213EFD30D599D98D3923152FE0853E6711AF ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
07:31:13.0558 0x0aa8 ialm - ok
07:31:13.0621 0x0aa8 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
07:31:13.0652 0x0aa8 iaStorV - ok
07:31:13.0746 0x0aa8 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
07:31:13.0792 0x0aa8 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
07:31:14.0026 0x0aa8 Detect skipped due to KSN trusted
07:31:14.0026 0x0aa8 IDriverT - ok
07:31:14.0198 0x0aa8 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:31:14.0276 0x0aa8 idsvc - ok
07:31:14.0479 0x0aa8 [ 14F477463246E35F1DC932BE6225598C, 0295EEB75D818C18CC3A27C9FBB6213EFD30D599D98D3923152FE0853E6711AF ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
07:31:14.0604 0x0aa8 igfx - ok
07:31:14.0697 0x0aa8 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
07:31:14.0713 0x0aa8 iirsp - ok
07:31:14.0822 0x0aa8 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
07:31:14.0916 0x0aa8 IKEEXT - ok
07:31:15.0103 0x0aa8 [ A47B2875680AD67B35C6150BD0203056, 2087CF6D1EEA7C0DB09EB3211713B2D0F36877960878A08CF6CEC99252316417 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
07:31:15.0212 0x0aa8 IntcAzAudAddService - ok
07:31:15.0321 0x0aa8 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
07:31:15.0337 0x0aa8 intelide - ok
07:31:15.0368 0x0aa8 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
07:31:15.0477 0x0aa8 intelppm - ok
07:31:15.0524 0x0aa8 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
07:31:15.0602 0x0aa8 IPBusEnum - ok
07:31:15.0649 0x0aa8 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:31:15.0711 0x0aa8 IpFilterDriver - ok
07:31:15.0820 0x0aa8 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
07:31:15.0867 0x0aa8 iphlpsvc - ok
07:31:15.0867 0x0aa8 IpInIp - ok
07:31:15.0898 0x0aa8 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
07:31:16.0008 0x0aa8 IPMIDRV - ok
07:31:16.0054 0x0aa8 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
07:31:16.0117 0x0aa8 IPNAT - ok
07:31:16.0148 0x0aa8 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:31:16.0226 0x0aa8 IRENUM - ok
07:31:16.0273 0x0aa8 [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
07:31:16.0304 0x0aa8 isapnp - ok
07:31:16.0382 0x0aa8 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
07:31:16.0413 0x0aa8 iScsiPrt - ok
07:31:16.0444 0x0aa8 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
07:31:16.0476 0x0aa8 iteatapi - ok
07:31:16.0491 0x0aa8 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
07:31:16.0507 0x0aa8 iteraid - ok
07:31:16.0554 0x0aa8 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
07:31:16.0569 0x0aa8 kbdclass - ok
07:31:16.0616 0x0aa8 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
07:31:16.0647 0x0aa8 kbdhid - ok
07:31:16.0678 0x0aa8 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
07:31:16.0756 0x0aa8 KeyIso - ok
07:31:16.0803 0x0aa8 [ 1E0D65F7FFEB4E99B2EEC1CCB5754CC8, FE56EA89A4D7751EAB089C58514A824FBEDB44065CF3132B897AC613E211B46B ] KR10I           C:\Windows\system32\drivers\kr10i.sys
07:31:16.0834 0x0aa8 KR10I - detected UnsignedFile.Multi.Generic ( 1 )
07:31:17.0193 0x0aa8 Detect skipped due to KSN trusted
07:31:17.0193 0x0aa8 KR10I - ok
07:31:17.0240 0x0aa8 [ A1963360E74931222A67356C8AD48378, E7BEFE90D55CBD434D564F3CEA39B1D708150F6814EF9801479B652859789475 ] KR10N           C:\Windows\system32\drivers\kr10n.sys
07:31:17.0271 0x0aa8 KR10N - detected UnsignedFile.Multi.Generic ( 1 )
07:31:17.0646 0x0aa8 Detect skipped due to KSN trusted
07:31:17.0646 0x0aa8 KR10N - ok
07:31:17.0708 0x0aa8 [ 485E005CD51FF502FB16483EB4B69C17, 8294524C21C18BA5A32B926BD497C67A4ED49FB3654C93D11681C01D30769998 ] KR3NPXP         C:\Windows\system32\drivers\kr3npxp.sys
07:31:17.0770 0x0aa8 KR3NPXP - detected UnsignedFile.Multi.Generic ( 1 )
07:31:18.0192 0x0aa8 Detect skipped due to KSN trusted
07:31:18.0192 0x0aa8 KR3NPXP - ok
07:31:18.0472 0x0aa8 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:31:18.0519 0x0aa8 KSecDD - ok
07:31:18.0628 0x0aa8 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
07:31:18.0738 0x0aa8 KtmRm - ok
07:31:18.0831 0x0aa8 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
07:31:18.0894 0x0aa8 LanmanServer - ok
07:31:18.0972 0x0aa8 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:31:19.0034 0x0aa8 LanmanWorkstation - ok
07:31:19.0237 0x0aa8 [ FF7075265691C741AFD2F756559A10D5, 084A1F3E6717CDD7523E0CB309CFBBB8515607D6BBA4E30054F8A5424F0A08F1 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
07:31:19.0455 0x0aa8 LiveUpdate - ok
07:31:19.0518 0x0aa8 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:31:19.0580 0x0aa8 lltdio - ok
07:31:19.0627 0x0aa8 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
07:31:19.0720 0x0aa8 lltdsvc - ok
07:31:19.0752 0x0aa8 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
07:31:19.0814 0x0aa8 lmhosts - ok
07:31:19.0876 0x0aa8 [ 515FC18CABEE0158A324B08B1C2667CF, E044C731C795EB27E85DDD09F574D7002BC230D6341340078655892CAB3BA2E6 ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
07:31:19.0908 0x0aa8 LPCFilter - ok
07:31:19.0939 0x0aa8 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
07:31:19.0954 0x0aa8 LSI_FC - ok
07:31:19.0986 0x0aa8 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
07:31:20.0001 0x0aa8 LSI_SAS - ok
07:31:20.0032 0x0aa8 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
07:31:20.0048 0x0aa8 LSI_SCSI - ok
07:31:20.0095 0x0aa8 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
07:31:20.0157 0x0aa8 luafv - ok
07:31:20.0204 0x0aa8 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
07:31:20.0251 0x0aa8 Mcx2Svc - ok
07:31:20.0282 0x0aa8 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
07:31:20.0298 0x0aa8 megasas - ok
07:31:20.0344 0x0aa8 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
07:31:20.0407 0x0aa8 MMCSS - ok
07:31:20.0469 0x0aa8 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
07:31:20.0532 0x0aa8 Modem - ok
07:31:20.0578 0x0aa8 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
07:31:20.0641 0x0aa8 monitor - ok
07:31:20.0703 0x0aa8 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
07:31:20.0719 0x0aa8 mouclass - ok
07:31:20.0781 0x0aa8 [ A3A6DFF7E9E757DB3DF51A833BC28885, 3285FD0176722B1098ECDA4098FCF55A39829C3A81462097BACB5B558883B027 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
07:31:20.0890 0x0aa8 mouhid - ok
07:31:20.0922 0x0aa8 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
07:31:20.0937 0x0aa8 MountMgr - ok
07:31:21.0046 0x0aa8 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:31:21.0078 0x0aa8 MozillaMaintenance - ok
07:31:21.0093 0x0aa8 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
07:31:21.0124 0x0aa8 mpio - ok
07:31:21.0171 0x0aa8 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:31:21.0202 0x0aa8 mpsdrv - ok
07:31:21.0265 0x0aa8 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:31:21.0312 0x0aa8 MpsSvc - ok
07:31:21.0374 0x0aa8 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
07:31:21.0390 0x0aa8 Mraid35x - ok
07:31:21.0421 0x0aa8 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:31:21.0468 0x0aa8 MRxDAV - ok
07:31:21.0499 0x0aa8 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:31:21.0546 0x0aa8 mrxsmb - ok
07:31:21.0608 0x0aa8 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:31:21.0639 0x0aa8 mrxsmb10 - ok
07:31:21.0655 0x0aa8 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:31:21.0717 0x0aa8 mrxsmb20 - ok
07:31:21.0748 0x0aa8 [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
07:31:21.0764 0x0aa8 msahci - ok
07:31:21.0795 0x0aa8 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
07:31:21.0811 0x0aa8 msdsm - ok
07:31:21.0842 0x0aa8 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
07:31:21.0904 0x0aa8 MSDTC - ok
07:31:21.0951 0x0aa8 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:31:21.0998 0x0aa8 Msfs - ok
07:31:22.0060 0x0aa8 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
07:31:22.0076 0x0aa8 msisadrv - ok
07:31:22.0107 0x0aa8 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
07:31:22.0185 0x0aa8 MSiSCSI - ok
07:31:22.0185 0x0aa8 msiserver - ok
07:31:22.0232 0x0aa8 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
07:31:22.0310 0x0aa8 MSKSSRV - ok
07:31:22.0341 0x0aa8 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:31:22.0419 0x0aa8 MSPCLOCK - ok
07:31:22.0435 0x0aa8 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
07:31:22.0497 0x0aa8 MSPQM - ok
07:31:22.0544 0x0aa8 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
07:31:22.0575 0x0aa8 MsRPC - ok
07:31:22.0622 0x0aa8 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
07:31:22.0638 0x0aa8 mssmbios - ok
07:31:22.0653 0x0aa8 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
07:31:22.0700 0x0aa8 MSTEE - ok
07:31:22.0731 0x0aa8 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
07:31:22.0747 0x0aa8 Mup - ok
07:31:22.0825 0x0aa8 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
07:31:22.0872 0x0aa8 napagent - ok
07:31:22.0965 0x0aa8 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
07:31:23.0012 0x0aa8 NativeWifiP - ok
07:31:23.0106 0x0aa8 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:31:23.0152 0x0aa8 NDIS - ok
07:31:23.0230 0x0aa8 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:31:23.0262 0x0aa8 NdisTapi - ok
07:31:23.0293 0x0aa8 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
07:31:23.0355 0x0aa8 Ndisuio - ok
07:31:23.0402 0x0aa8 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
07:31:23.0449 0x0aa8 NdisWan - ok
07:31:23.0480 0x0aa8 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
07:31:23.0511 0x0aa8 NDProxy - ok
07:31:23.0558 0x0aa8 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
07:31:23.0620 0x0aa8 NetBIOS - ok
07:31:23.0652 0x0aa8 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
07:31:23.0714 0x0aa8 netbt - ok
07:31:23.0730 0x0aa8 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
07:31:23.0745 0x0aa8 Netlogon - ok
07:31:23.0808 0x0aa8 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
07:31:23.0870 0x0aa8 Netman - ok
07:31:23.0917 0x0aa8 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
07:31:23.0995 0x0aa8 netprofm - ok
07:31:24.0057 0x0aa8 [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:31:24.0073 0x0aa8 NetTcpPortSharing - ok
07:31:24.0260 0x0aa8 [ A15F219208843A5A210C8CB391384453, E333018B7A841F1E1E6E4A56BA05B4A4FDF46866B3697747ADCF4CA0F43D8A1D ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
07:31:24.0541 0x0aa8 NETw3v32 - ok
07:31:24.0588 0x0aa8 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
07:31:24.0603 0x0aa8 nfrd960 - ok
07:31:24.0666 0x0aa8 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:31:24.0728 0x0aa8 NlaSvc - ok
07:31:24.0790 0x0aa8 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:31:24.0853 0x0aa8 Npfs - ok
07:31:24.0900 0x0aa8 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
07:31:24.0978 0x0aa8 nsi - ok
07:31:24.0993 0x0aa8 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:31:25.0071 0x0aa8 nsiproxy - ok
07:31:25.0243 0x0aa8 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:31:25.0352 0x0aa8 Ntfs - ok
07:31:25.0446 0x0aa8 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
07:31:25.0539 0x0aa8 ntrigdigi - ok
07:31:25.0570 0x0aa8 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
07:31:25.0664 0x0aa8 Null - ok
07:31:25.0695 0x0aa8 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
07:31:25.0726 0x0aa8 nvraid - ok
07:31:25.0742 0x0aa8 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
07:31:25.0758 0x0aa8 nvstor - ok
07:31:25.0789 0x0aa8 [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
07:31:25.0820 0x0aa8 nv_agp - ok
07:31:25.0820 0x0aa8 NwlnkFlt - ok
07:31:25.0836 0x0aa8 NwlnkFwd - ok
07:31:25.0882 0x0aa8 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
07:31:25.0945 0x0aa8 ohci1394 - ok
07:31:26.0038 0x0aa8 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
07:31:26.0194 0x0aa8 p2pimsvc - ok
07:31:26.0226 0x0aa8 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
07:31:26.0304 0x0aa8 p2psvc - ok
07:31:26.0382 0x0aa8 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
07:31:26.0475 0x0aa8 Parport - ok
07:31:26.0538 0x0aa8 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
07:31:26.0569 0x0aa8 partmgr - ok
07:31:26.0600 0x0aa8 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
07:31:26.0662 0x0aa8 Parvdm - ok
07:31:26.0709 0x0aa8 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
07:31:26.0787 0x0aa8 PcaSvc - ok
07:31:26.0834 0x0aa8 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
07:31:26.0865 0x0aa8 pci - ok
07:31:26.0912 0x0aa8 [ 3B1901E401473E03EB8C874271E50C26, 3C7931F419E29FDD0155D8D05D97289430A2852FCB3DBAD1B338FE2241458E72 ] pciide          C:\Windows\system32\drivers\pciide.sys
07:31:26.0928 0x0aa8 pciide - ok
07:31:26.0974 0x0aa8 [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
07:31:26.0990 0x0aa8 pcmcia - ok
07:31:27.0099 0x0aa8 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:31:27.0271 0x0aa8 PEAUTH - ok
07:31:27.0427 0x0aa8 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
07:31:27.0614 0x0aa8 pla - ok
07:31:27.0661 0x0aa8 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:31:27.0708 0x0aa8 PlugPlay - ok
07:31:27.0770 0x0aa8 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
07:31:27.0817 0x0aa8 PNRPAutoReg - ok
07:31:27.0864 0x0aa8 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
07:31:27.0926 0x0aa8 PNRPsvc - ok
07:31:27.0988 0x0aa8 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
07:31:28.0098 0x0aa8 PolicyAgent - ok
07:31:28.0160 0x0aa8 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:31:28.0222 0x0aa8 PptpMiniport - ok
07:31:28.0269 0x0aa8 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
07:31:28.0363 0x0aa8 Processor - ok
07:31:28.0410 0x0aa8 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
07:31:28.0456 0x0aa8 ProfSvc - ok
07:31:28.0488 0x0aa8 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
07:31:28.0503 0x0aa8 ProtectedStorage - ok
07:31:28.0550 0x0aa8 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
07:31:28.0581 0x0aa8 PSched - ok
07:31:28.0706 0x0aa8 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
07:31:28.0800 0x0aa8 ql2300 - ok
07:31:28.0846 0x0aa8 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
07:31:28.0878 0x0aa8 ql40xx - ok
07:31:28.0940 0x0aa8 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
07:31:29.0002 0x0aa8 QWAVE - ok
07:31:29.0018 0x0aa8 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:31:29.0049 0x0aa8 QWAVEdrv - ok
07:31:29.0080 0x0aa8 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:31:29.0143 0x0aa8 RasAcd - ok
07:31:29.0174 0x0aa8 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
07:31:29.0252 0x0aa8 RasAuto - ok
07:31:29.0299 0x0aa8 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
07:31:29.0361 0x0aa8 Rasl2tp - ok
07:31:29.0392 0x0aa8 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
07:31:29.0486 0x0aa8 RasMan - ok
07:31:29.0517 0x0aa8 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:31:29.0564 0x0aa8 RasPppoe - ok
07:31:29.0580 0x0aa8 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
07:31:29.0626 0x0aa8 RasSstp - ok
07:31:29.0704 0x0aa8 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
07:31:29.0767 0x0aa8 rdbss - ok
07:31:29.0798 0x0aa8 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:31:29.0860 0x0aa8 RDPCDD - ok
07:31:29.0907 0x0aa8 [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
07:31:30.0001 0x0aa8 rdpdr - ok
07:31:30.0016 0x0aa8 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:31:30.0079 0x0aa8 RDPENCDD - ok
07:31:30.0141 0x0aa8 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
07:31:30.0188 0x0aa8 RDPWD - ok
07:31:30.0266 0x0aa8 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:31:30.0344 0x0aa8 RemoteAccess - ok
07:31:30.0375 0x0aa8 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:31:30.0438 0x0aa8 RemoteRegistry - ok
07:31:30.0484 0x0aa8 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
07:31:30.0531 0x0aa8 RpcLocator - ok
07:31:30.0625 0x0aa8 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
07:31:30.0672 0x0aa8 RpcSs - ok
07:31:30.0796 0x0aa8 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:31:30.0937 0x0aa8 rspndr - ok
07:31:30.0984 0x0aa8 [ 455F7F7974211EA11B81F0F4E528E258, BB66099D66046F85BFFE6618C0970611CEF9BE4C970B1FDFB9F47BE0A7809780 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
07:31:31.0046 0x0aa8 RTL8169 - ok
07:31:31.0077 0x0aa8 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
07:31:31.0093 0x0aa8 SamSs - ok
07:31:31.0140 0x0aa8 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
07:31:31.0155 0x0aa8 sbp2port - ok
07:31:31.0249 0x0aa8 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:31:31.0296 0x0aa8 SCardSvr - ok
07:31:31.0389 0x0aa8 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
07:31:31.0530 0x0aa8 Schedule - ok
07:31:31.0561 0x0aa8 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
07:31:31.0608 0x0aa8 SCPolicySvc - ok
07:31:31.0639 0x0aa8 [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
07:31:31.0686 0x0aa8 sdbus - ok
07:31:31.0732 0x0aa8 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:31:31.0779 0x0aa8 SDRSVC - ok
07:31:31.0810 0x0aa8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:31:31.0935 0x0aa8 secdrv - ok
07:31:31.0982 0x0aa8 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
07:31:32.0060 0x0aa8 seclogon - ok
07:31:32.0076 0x0aa8 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
07:31:32.0122 0x0aa8 SENS - ok
07:31:32.0154 0x0aa8 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
07:31:32.0247 0x0aa8 Serenum - ok
07:31:32.0263 0x0aa8 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
07:31:32.0356 0x0aa8 Serial - ok
07:31:32.0388 0x0aa8 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
07:31:32.0419 0x0aa8 sermouse - ok
07:31:32.0481 0x0aa8 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
07:31:32.0559 0x0aa8 SessionEnv - ok
07:31:32.0622 0x0aa8 [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
07:31:32.0684 0x0aa8 sffdisk - ok
07:31:32.0700 0x0aa8 [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
07:31:32.0762 0x0aa8 sffp_mmc - ok
07:31:32.0778 0x0aa8 [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
07:31:32.0887 0x0aa8 sffp_sd - ok
07:31:32.0918 0x0aa8 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
07:31:32.0980 0x0aa8 sfloppy - ok
07:31:33.0027 0x0aa8 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
07:31:33.0090 0x0aa8 SharedAccess - ok
07:31:33.0136 0x0aa8 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:31:33.0230 0x0aa8 ShellHWDetection - ok
07:31:33.0261 0x0aa8 [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
07:31:33.0292 0x0aa8 sisagp - ok
07:31:33.0292 0x0aa8 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
07:31:33.0308 0x0aa8 SiSRaid2 - ok
07:31:33.0339 0x0aa8 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
07:31:33.0355 0x0aa8 SiSRaid4 - ok
07:31:33.0760 0x0aa8 [ B9F101C40A8631B20778B46D1A6F6DAF, BB754078BAFC14FF8843D3465FE7C20477901CE4A3124549F74E01A1DFB799A3 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
07:31:34.0353 0x0aa8 Skype C2C Service - ok
07:31:34.0478 0x0aa8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
07:31:34.0494 0x0aa8 SkypeUpdate - ok
07:31:34.0743 0x0aa8 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
07:31:35.0118 0x0aa8 slsvc - ok
07:31:35.0196 0x0aa8 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
07:31:35.0242 0x0aa8 SLUINotify - ok
07:31:35.0289 0x0aa8 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
07:31:35.0320 0x0aa8 Smb - ok
07:31:35.0352 0x0aa8 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:31:35.0383 0x0aa8 SNMPTRAP - ok
07:31:35.0414 0x0aa8 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
07:31:35.0430 0x0aa8 spldr - ok
07:31:35.0492 0x0aa8 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
07:31:35.0586 0x0aa8 Spooler - ok
07:31:35.0882 0x0aa8 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
07:31:35.0944 0x0aa8 srv - ok
07:31:36.0007 0x0aa8 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:31:36.0054 0x0aa8 srv2 - ok
07:31:36.0100 0x0aa8 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:31:36.0132 0x0aa8 srvnet - ok
07:31:36.0178 0x0aa8 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
07:31:36.0225 0x0aa8 SSDPSRV - ok
07:31:36.0303 0x0aa8 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
07:31:36.0334 0x0aa8 SstpSvc - ok
07:31:36.0381 0x0aa8 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
07:31:36.0506 0x0aa8 stisvc - ok
07:31:36.0568 0x0aa8 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
07:31:36.0584 0x0aa8 swenum - ok
07:31:36.0615 0x0aa8 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
07:31:36.0693 0x0aa8 swprv - ok
07:31:36.0787 0x0aa8 [ 7330D477B7496CB42BF11EFF2D374C6A, 080AAE6294358A96BE5EE0D16F5631354DF5FB8E313A51C486876739423AC5CF ] Swupdtmr        c:\Toshiba\IVP\swupdate\swupdtmr.exe
07:31:36.0818 0x0aa8 Swupdtmr - detected UnsignedFile.Multi.Generic ( 1 )
07:31:37.0255 0x0aa8 Detect skipped due to KSN trusted
07:31:37.0255 0x0aa8 Swupdtmr - ok
07:31:37.0364 0x0aa8 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
07:31:37.0380 0x0aa8 Symc8xx - ok
07:31:37.0426 0x0aa8 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
07:31:37.0442 0x0aa8 Sym_hi - ok
07:31:37.0458 0x0aa8 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
07:31:37.0473 0x0aa8 Sym_u3 - ok
07:31:37.0567 0x0aa8 [ 2D2C815364A878C7E358D5F549711197, 791E473C1A81EF56E98A1C32CD9787205216118A5638EC120A0001424532A5CD ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
07:31:37.0582 0x0aa8 SynTP - ok
07:31:37.0645 0x0aa8 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
07:31:37.0707 0x0aa8 SysMain - ok
07:31:37.0770 0x0aa8 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:31:37.0832 0x0aa8 TabletInputService - ok
07:31:37.0910 0x0aa8 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
07:31:37.0941 0x0aa8 TapiSrv - ok
07:31:37.0988 0x0aa8 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
07:31:38.0050 0x0aa8 TBS - ok
07:31:38.0160 0x0aa8 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
07:31:38.0238 0x0aa8 Tcpip - ok
07:31:38.0284 0x0aa8 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
07:31:38.0347 0x0aa8 Tcpip6 - ok
07:31:38.0425 0x0aa8 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:31:38.0456 0x0aa8 tcpipreg - ok
07:31:38.0503 0x0aa8 [ 1825BCEB47BF41C5A9F0E44DE82FC27A, 6E5F2654852060A61728686A1877A1EA93645EEED0D2612842D951B4E83750A3 ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
07:31:38.0518 0x0aa8 tdcmdpst - ok
07:31:38.0550 0x0aa8 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:31:38.0596 0x0aa8 TDPIPE - ok
07:31:38.0628 0x0aa8 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
07:31:38.0674 0x0aa8 TDTCP - ok
07:31:38.0721 0x0aa8 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
07:31:38.0768 0x0aa8 tdx - ok
07:31:38.0799 0x0aa8 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
07:31:38.0815 0x0aa8 TermDD - ok
07:31:38.0862 0x0aa8 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
07:31:38.0908 0x0aa8 TermService - ok
07:31:38.0955 0x0aa8 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
07:31:38.0986 0x0aa8 Themes - ok
07:31:39.0018 0x0aa8 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
07:31:39.0049 0x0aa8 THREADORDER - ok
07:31:39.0111 0x0aa8 [ F779BA4CD37963AB4600C9871B7752A3, 57CDADC5F089D03A800EF52F02C0B2F77B0AA9EFDF3CFD837452D699404A058E ] tifm21          C:\Windows\system32\drivers\tifm21.sys
07:31:39.0158 0x0aa8 tifm21 - ok
07:31:39.0205 0x0aa8 [ D540858E65BFA6FDED41AD2495ECE344, DB85A860F4C07D1370F34AA7F39FAE5DF7E47C1BE65B4D39954FC37CA703A199 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
07:31:39.0252 0x0aa8 TODDSrv - detected UnsignedFile.Multi.Generic ( 1 )
07:31:39.0657 0x0aa8 Detect skipped due to KSN trusted
07:31:39.0657 0x0aa8 TODDSrv - ok
07:31:39.0813 0x0aa8 [ AF41337C08D1C240AF14BA4CAB02BF02, C95FB998440582A62B0DACDFEB81D85F2D9972C705CBBC53BD6C50D5D208397F ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
07:31:39.0844 0x0aa8 TosCoSrv - ok
07:31:39.0922 0x0aa8 [ 76148C3159718B701252F87B067904A6, 90DDCF15A9A447D00213CAFF9FEF24720703EB5398388126DA8F58AFE7DF09BE ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
07:31:39.0985 0x0aa8 TOSHIBA Bluetooth Service - detected UnsignedFile.Multi.Generic ( 1 )
07:31:40.0422 0x0aa8 Detect skipped due to KSN trusted
07:31:40.0422 0x0aa8 TOSHIBA Bluetooth Service - ok
07:31:40.0484 0x0aa8 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2, 52D7505291268878712B4E6AE9B3E440D8D6125E2D61AA3F6719300B931385E0 ] Tosrfcom        C:\Windows\system32\drivers\Tosrfcom.sys
07:31:40.0531 0x0aa8 Tosrfcom - ok
07:31:40.0609 0x0aa8 [ 5C4103544612E5011EF46301B93D1AA6, B26BBDE22AB60A7B692A8D6F11F40343146D0D3FD0099E3E0DB8ECCF87ECD2B3 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
07:31:40.0640 0x0aa8 tosrfec - ok
07:31:40.0734 0x0aa8 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
07:31:40.0827 0x0aa8 TrkWks - ok
07:31:40.0905 0x0aa8 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:31:40.0936 0x0aa8 TrustedInstaller - ok
07:31:40.0999 0x0aa8 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:31:41.0046 0x0aa8 tssecsrv - ok
07:31:41.0108 0x0aa8 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
07:31:41.0139 0x0aa8 tunmp - ok
07:31:41.0202 0x0aa8 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:31:41.0233 0x0aa8 tunnel - ok
07:31:41.0311 0x0aa8 [ 521C5F39829875ADF5466DD94C6282C7, E6E420566C29ABAF4B49E50935B12552FF835A9808930BFDB6F2B77F246F9AFC ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
07:31:41.0358 0x0aa8 TVALZ - ok
07:31:41.0436 0x0aa8 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
07:31:41.0451 0x0aa8 uagp35 - ok
07:31:41.0514 0x0aa8 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:31:41.0545 0x0aa8 udfs - ok
07:31:41.0592 0x0aa8 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
07:31:41.0670 0x0aa8 UI0Detect - ok
07:31:41.0701 0x0aa8 [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
07:31:41.0716 0x0aa8 uliagpkx - ok
07:31:41.0748 0x0aa8 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
07:31:41.0779 0x0aa8 uliahci - ok
07:31:41.0810 0x0aa8 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
07:31:41.0826 0x0aa8 UlSata - ok
07:31:41.0872 0x0aa8 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
07:31:41.0904 0x0aa8 ulsata2 - ok
07:31:41.0935 0x0aa8 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
07:31:41.0997 0x0aa8 umbus - ok
07:31:42.0200 0x0aa8 [ 88F659B04497A6D34E2D180A52F15829, A941C89D660ACB3480ED26269F9F2634B72088C00283CE400FB04752EE2D8DA8 ] UpgradeManager C:\Program Files\GLDS\UpgradeManager\UpgradeManagerSvc.exe
07:31:42.0434 0x0aa8 UpgradeManager - detected UnsignedFile.Multi.Generic ( 1 )
07:31:42.0762 0x0aa8 UpgradeManager ( UnsignedFile.Multi.Generic ) - warning
07:31:43.0261 0x0aa8 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
07:31:43.0339 0x0aa8 upnphost - ok
07:31:43.0417 0x0aa8 [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
07:31:43.0464 0x0aa8 usbaudio - ok
07:31:43.0526 0x0aa8 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
07:31:43.0557 0x0aa8 usbccgp - ok
07:31:43.0604 0x0aa8 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
07:31:43.0698 0x0aa8 usbcir - ok
07:31:43.0791 0x0aa8 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
07:31:43.0838 0x0aa8 usbehci - ok
07:31:43.0900 0x0aa8 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:31:43.0947 0x0aa8 usbhub - ok
07:31:43.0978 0x0aa8 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
07:31:44.0088 0x0aa8 usbohci - ok
07:31:44.0134 0x0aa8 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
07:31:44.0166 0x0aa8 usbprint - ok
07:31:44.0212 0x0aa8 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
07:31:44.0290 0x0aa8 usbscan - ok
07:31:44.0368 0x0aa8 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:31:44.0431 0x0aa8 USBSTOR - ok
07:31:44.0478 0x0aa8 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
07:31:44.0524 0x0aa8 usbuhci - ok
07:31:44.0571 0x0aa8 [ 2069A21A5F5A6497CD36460F734276DB, FB2F1E74BDF625086CC5ECC24C72CF872EB7D39D863A7C22896805C04F805E9A ] usbws320        C:\Windows\system32\DRIVERS\usbws320.sys
07:31:44.0602 0x0aa8 usbws320 - ok
07:31:44.0618 0x0aa8 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
07:31:44.0665 0x0aa8 UxSms - ok
07:31:44.0727 0x0aa8 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
07:31:44.0805 0x0aa8 vds - ok
07:31:44.0883 0x0aa8 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
07:31:44.0946 0x0aa8 vga - ok
07:31:44.0992 0x0aa8 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
07:31:45.0039 0x0aa8 VgaSave - ok
07:31:45.0070 0x0aa8 [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
07:31:45.0086 0x0aa8 viaagp - ok
07:31:45.0117 0x0aa8 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
07:31:45.0180 0x0aa8 ViaC7 - ok
07:31:45.0211 0x0aa8 [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
07:31:45.0242 0x0aa8 viaide - ok
07:31:45.0242 0x0aa8 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
07:31:45.0258 0x0aa8 volmgr - ok
07:31:45.0320 0x0aa8 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
07:31:45.0351 0x0aa8 volmgrx - ok
07:31:45.0429 0x0aa8 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
07:31:45.0445 0x0aa8 volsnap - ok
07:31:45.0492 0x0aa8 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
07:31:45.0507 0x0aa8 vsmraid - ok
07:31:45.0616 0x0aa8 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
07:31:45.0726 0x0aa8 VSS - ok
07:31:45.0819 0x0aa8 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
07:31:45.0897 0x0aa8 W32Time - ok
07:31:45.0960 0x0aa8 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
07:31:46.0038 0x0aa8 WacomPen - ok
07:31:46.0084 0x0aa8 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
07:31:46.0116 0x0aa8 Wanarp - ok
07:31:46.0116 0x0aa8 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:31:46.0147 0x0aa8 Wanarpv6 - ok
07:31:46.0225 0x0aa8 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
07:31:46.0272 0x0aa8 wcncsvc - ok
07:31:46.0303 0x0aa8 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:31:46.0365 0x0aa8 WcsPlugInService - ok
07:31:46.0428 0x0aa8 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
07:31:46.0443 0x0aa8 Wd - ok
07:31:46.0521 0x0aa8 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:31:46.0568 0x0aa8 Wdf01000 - ok
07:31:46.0615 0x0aa8 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:31:46.0708 0x0aa8 WdiServiceHost - ok
07:31:46.0724 0x0aa8 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
07:31:46.0771 0x0aa8 WdiSystemHost - ok
07:31:46.0818 0x0aa8 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
07:31:46.0864 0x0aa8 WebClient - ok
07:31:46.0911 0x0aa8 [ 905214925A88311FCE52F66153DE7610, 5D18C6E835A2EA4108C93D9E6AA976142119860C8FC8ECB2DFA961A241B6E61C ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:31:46.0974 0x0aa8 Wecsvc - ok
07:31:47.0005 0x0aa8 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
07:31:47.0067 0x0aa8 wercplsupport - ok
07:31:47.0114 0x0aa8 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
07:31:47.0161 0x0aa8 WerSvc - ok
07:31:47.0239 0x0aa8 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
07:31:47.0270 0x0aa8 WinDefend - ok
07:31:47.0286 0x0aa8 WinHttpAutoProxySvc - ok
07:31:47.0364 0x0aa8 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
07:31:47.0395 0x0aa8 Winmgmt - ok
07:31:47.0457 0x0aa8 [ 01874D4689C212460FBABF0ECD7CB7F7, 8FC46BAD704A1E057DC4A8DC7374AAB93A96CC4A46E06FF9C2E06A6D62820469 ] WinRM           C:\Windows\system32\WsmSvc.dll
07:31:47.0551 0x0aa8 WinRM - ok
07:31:47.0644 0x0aa8 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
07:31:47.0754 0x0aa8 Wlansvc - ok
07:31:47.0863 0x0aa8 [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
07:31:47.0925 0x0aa8 WmiAcpi - ok
07:31:47.0972 0x0aa8 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:31:48.0034 0x0aa8 wmiApSrv - ok
07:31:48.0159 0x0aa8 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
07:31:48.0284 0x0aa8 WMPNetworkSvc - ok
07:31:48.0346 0x0aa8 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:31:48.0378 0x0aa8 WPCSvc - ok
07:31:48.0424 0x0aa8 [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:31:48.0471 0x0aa8 WPDBusEnum - ok
07:31:48.0502 0x0aa8 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
07:31:48.0549 0x0aa8 ws2ifsl - ok
07:31:48.0580 0x0aa8 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
07:31:48.0596 0x0aa8 wscsvc - ok
07:31:48.0612 0x0aa8 WSearch - ok
07:31:48.0768 0x0aa8 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
07:31:48.0892 0x0aa8 wuauserv - ok
07:31:49.0002 0x0aa8 [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:31:49.0064 0x0aa8 WUDFRd - ok
07:31:49.0095 0x0aa8 [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
07:31:49.0142 0x0aa8 wudfsvc - ok
07:31:49.0158 0x0aa8 ================ Scan global ===============================
07:31:49.0204 0x0aa8 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
07:31:49.0282 0x0aa8 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
07:31:49.0314 0x0aa8 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
07:31:49.0392 0x0aa8 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
07:31:49.0407 0x0aa8 [ Global ] - ok
07:31:49.0407 0x0aa8 ================ Scan MBR ==================================
07:31:49.0423 0x0aa8 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
07:31:50.0094 0x0aa8 \Device\Harddisk0\DR0 - ok
07:31:50.0094 0x0aa8 ================ Scan VBR ==================================
07:31:50.0094 0x0aa8 [ BE600F1B8B0EB7EB567B49A730241B99 ] \Device\Harddisk0\DR0\Partition1
07:31:50.0140 0x0aa8 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
07:31:50.0140 0x0aa8 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
07:31:50.0374 0x0aa8 ================ Scan generic autorun ======================
07:31:50.0437 0x0aa8 [ 93CB29692E746BAC5C6764E83348DADA, 04DEB59198038F518F3DE1DCA321FD3D95A14A6F4CCEC1E07F111991563323AB ] C:\Windows\system32\igfxtray.exe
07:31:50.0499 0x0aa8 IgfxTray - ok
07:31:50.0530 0x0aa8 [ 8987E5C9AF94AF94258E747103511C5F, 960A039DC0561627548540EE04136AAAEA81329918C8F8850413C12AFA195CF5 ] C:\Windows\system32\hkcmd.exe
07:31:50.0546 0x0aa8 HotKeysCmds - ok
07:31:50.0562 0x0aa8 [ D395D12815EAA1EAF50BA2B4F252959F, 7D8894FF1497BFB7515DCF704CB4D8C66EC1C542EF9E4371CB0F01446DEF4612 ] C:\Windows\system32\igfxpers.exe
07:31:50.0608 0x0aa8 Persistence - ok
07:31:50.0842 0x0aa8 [ F98281EF23616F751FABE97A6EC5DBE6, E5F12D24BE1D11519DFDF3C99172641C0E141313A4FED527E0CEE2BBE2651D01 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
07:31:51.0030 0x0aa8 SynTPEnh - ok
07:31:51.0139 0x0aa8 [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
07:31:51.0232 0x0aa8 Windows Defender - ok
07:31:52.0683 0x0aa8 [ A503A47A5E7EA8024379A8CC6059B74A, 8DEEC50E21924D21DD6383FA7FB3714ECA5AD45C576E0FF0431EE0DB25194620 ] C:\Windows\RtHDVCpl.exe
07:31:53.0120 0x0aa8 RtHDVCpl - ok
07:31:53.0338 0x0aa8 [ 7DC4E93F9BE692E29B1E1D27B6A389DC, 951D34EB7DEDBE33807DAB3EAF477364C0764F0C3D6A7309732A42509A26B031 ] C:\Program Files\ltmoh\Ltmoh.exe
07:31:53.0448 0x0aa8 LtMoh - detected UnsignedFile.Multi.Generic ( 1 )
07:31:53.0791 0x0aa8 Detect skipped due to KSN trusted
07:31:53.0791 0x0aa8 LtMoh - ok
07:31:53.0962 0x0aa8 [ 424C1ADB34F9F1B2BC947D8BF0D5FBE3, 5E462434A693A831910E3D5D4D8B939C4441E62735EC4CB2039DEAED5EC363D9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE
07:31:54.0009 0x0aa8 TPwrMain - ok
07:31:54.0103 0x0aa8 [ 15058804D8A48C67C007DD1D797CC72A, 6E5DBE00B526DE76A32B01618D8E853EC93221B91C62FB19C611067D897EE90B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
07:31:54.0118 0x0aa8 HSON - ok
07:31:54.0165 0x0aa8 [ D1093014C17EFB8E5D84F78297F9699B, 41F6ABDF33CCAFF8E17572928F76B2A5476500226BA6E62E3D3CA1BC29126B89 ] C:\Program Files\Toshiba\SmoothView\SmoothView.exe
07:31:54.0212 0x0aa8 SmoothView - ok
07:31:54.0290 0x0aa8 [ 842691D383157CDF5D3D81E06BC1FC71, 3E43E530C5D8FF93216E61F923AEC6CA7D0370F071DE8C055B9CFE4FE189EA7A ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
07:31:54.0337 0x0aa8 00TCrdMain - ok
07:31:54.0337 0x0aa8 NDSTray.exe - ok
07:31:54.0415 0x0aa8 [ 910B7CFD6E23D6E0A7370525B5AE5B7A, 9087A771A2BE22A95FB4BD9845B67D87F7FBC39F3427734FFCCD5648E67F9A34 ] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
07:31:54.0524 0x0aa8 HWSetup - detected UnsignedFile.Multi.Generic ( 1 )
07:31:54.0961 0x0aa8 Detect skipped due to KSN trusted
07:31:54.0961 0x0aa8 HWSetup - ok
07:31:55.0039 0x0aa8 [ 104B2D030A592D4B2FC87D49B3ED62D6, 1BE247A89E21D5D4CEE91690AE4B86D50B6D9F5572C6CB5F1224EED5B91049EC ] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
07:31:55.0101 0x0aa8 SVPWUTIL - detected UnsignedFile.Multi.Generic ( 1 )
07:31:55.0522 0x0aa8 Detect skipped due to KSN trusted
07:31:55.0522 0x0aa8 SVPWUTIL - ok
07:31:55.0554 0x0aa8 [ AFD400AEBCAB252C99E60991FF00D9D2, E0BC1528A92E2484C220DDA55582E96BC088DFEEFFE360C169E4FC2C85F1519C ] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
07:31:55.0569 0x0aa8 KeNotify - ok
07:31:55.0616 0x0aa8 [ FF0727AB2E7B019026D9034F643752B0, 7969B601C55BC848BF341448AB9329DB40E3B694434030EEADFA7BE2D061E90B ] C:\TOSHIBA\IVP\ISM\pinger.exe
07:31:55.0647 0x0aa8 PINGER - detected UnsignedFile.Multi.Generic ( 1 )
07:31:56.0053 0x0aa8 Detect skipped due to KSN trusted
07:31:56.0053 0x0aa8 PINGER - ok
07:31:56.0271 0x0aa8 [ 2FD9412F2790BC43E5C545D575DBC4A5, 8F0BE6A350408C5099E577CCC4DDCD4B9B3CDBBDC916123D0D136A768C3319B6 ] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
07:31:56.0490 0x0aa8 Google Desktop Search - detected UnsignedFile.Multi.Generic ( 1 )
07:32:06.0505 0x0aa8 Google Desktop Search ( UnsignedFile.Multi.Generic ) - warning
07:32:06.0505 0x0aa8 Force sending object to P2P due to detect: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
07:32:07.0987 0x0aa8 Object send P2P result: true
07:32:08.0330 0x0aa8 [ ED7A6D40B20DC34BE06F4AE196AE7D50, 6BE8E459AB2957B443F03419B5A765B61DEB946F1056CEB9C43FB26EB800A835 ] C:\Program Files\QuickTime\QTTask.exe
07:32:08.0392 0x0aa8 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
07:32:08.0782 0x0aa8 Detect skipped due to KSN trusted
07:32:08.0782 0x0aa8 QuickTime Task - ok
07:32:09.0079 0x0aa8 [ 3C6C546F303C1B956C6F5C436C97CB8F, 60587AC1828410C819DD6D7022B9FE954E58D55EFC7D84DD5FB29854DCF04FA6 ] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
07:32:09.0297 0x0aa8 avast5 - ok
07:32:09.0562 0x0aa8 [ C5FCC0B761069FABD59E41B7C3280DDF, 2A43F0C1A753CFF4F2FC2B3AFE9F6D4B549C6ABC4623D8D8BCAADDDAB8557AA6 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
07:32:09.0672 0x0aa8 Malwarebytes Anti-Malware (reboot) - ok
07:32:09.0828 0x0aa8 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:32:09.0984 0x0aa8 Sidebar - ok
07:32:09.0999 0x0aa8 WindowsWelcomeCenter - ok
07:32:10.0062 0x0aa8 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:32:10.0171 0x0aa8 Sidebar - ok
07:32:10.0186 0x0aa8 WindowsWelcomeCenter - ok
07:32:10.0202 0x0aa8 TOSCDSPD - ok
07:32:10.0342 0x0aa8 [ BC0DF782D8C5C446C2AC7D16D2F3312C, 2702873FDC1B8DEA46F3B6B98BC93ED0EA199FA30F0AA22C0E50D8B6B5381FEE ] C:\Users\Dennis\AppData\Roaming\mjusbsp\cdloader2.exe
07:32:10.0358 0x0aa8 cdloader - ok
07:32:10.0436 0x0aa8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe
07:32:10.0452 0x0aa8 Google Update - ok
07:32:10.0545 0x0aa8 [ F29FB319665A76CAD5C0370D814BEB66, C0E3C6A1A1ABC03EB0EB340F2B866A8080728AC900DEC0E2DDBAE044339E35BF ] C:\Program Files\Digicel Broadband CM\cm\UIExec.exe
07:32:10.0576 0x0aa8 UIExec - detected UnsignedFile.Multi.Generic ( 1 )
07:32:10.0951 0x0aa8 Detect skipped due to KSN trusted
07:32:10.0951 0x0aa8 UIExec - ok
07:32:11.0029 0x0aa8 [ 1EF5F5C22258C60C896B092066C2E628, B0B367266120440E4CBD3A06CC3DCD45F703DCB71FD2BD0EDC1B8E8D6012A9C8 ] C:\AdwCleaner\AdwCleaner[S0].txt
07:32:11.0044 0x0aa8 Report - detected UnsignedFile.Multi.Generic ( 1 )
07:32:11.0528 0x0aa8 Report ( UnsignedFile.Multi.Generic ) - warning
07:32:11.0778 0x0aa8 Waiting for KSN requests completion. In queue: 6
07:32:12.0994 0x0aa8 AV detected via SS2: avast! Antivirus, C:\Program Files\Alwil Software\Avast5\VisthAux.exe ( 5.0.121.0 ), 0x40000 ( disabled : updated )
07:32:13.0010 0x0aa8 Win FW state via NFP2: enabled
07:32:13.0275 0x0aa8 ============================================================
07:32:13.0275 0x0aa8 Scan finished
07:32:13.0275 0x0aa8 ============================================================
07:32:13.0291 0x0fac Detected object count: 4
07:32:13.0291 0x0fac Actual detected object count: 4
07:32:51.0277 0x0fac UpgradeManager ( UnsignedFile.Multi.Generic ) - skipped by user
07:32:51.0277 0x0fac UpgradeManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:32:51.0386 0x0fac \Device\Harddisk0\DR0\Partition1 - copied to quarantine
07:32:51.0402 0x0fac \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
07:32:51.0417 0x0fac \Device\Harddisk0\DR0\Partition1 - ok
07:32:51.0417 0x0fac \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
07:32:51.0417 0x0fac Google Desktop Search ( UnsignedFile.Multi.Generic ) - skipped by user
07:32:51.0417 0x0fac Google Desktop Search ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:32:51.0433 0x0fac Report ( UnsignedFile.Multi.Generic ) - skipped by user
07:32:51.0433 0x0fac Report ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:32:52.0993 0x0fac KLMD registered as C:\Windows\system32\drivers\10385479.sys

#25 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 30 September 2014 - 06:34 AM

Good job. Have you rerun TDSSKiller, and confirmed the detection of Cidox is gone?

Does Explorer still crash?

Would you like to help others with malware removal? Join our Classroom and learn how!

Advertisements

Register to Remove

#26 elmkd

Authentic Member

Authentic Member
138 posts

Posted 30 September 2014 - 06:45 AM

Good Day:

You are a STAR!!! I re-ran TDSSKiller and verified that Rootkit.Boot.Cidox.b has been removed. Also explorer no longer crashes. The icons and Start Button are back. This is an excellent result, it really is. Thank you for your help. I await your further instructions.

Regards,

Elmkd

#27 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 30 September 2014 - 07:02 AM

Great!

Lets check for malware remnants.

STEP 1

Malwarebytes Anti-Malware (MBAM)

Please download Malwarebytes Anti-Malware 2.0 to your Desktop if you haven't already done so.
Double-click mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme.
Launch the programme and click Update.
Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
Upon completion of the scan (or after the reboot), click the History tab.
Click Application Logs and double-click the Scan Log.
Click Copy to Clipboard and paste the log in your next reply.

STEP 2
ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

Please download ESET Online Scan and save the file to your Desktop.
Temporarily disable your anti-virus software. For instructions, please refer to the following link.
Double-click esetsmartinstaller_enu.exe to run the programme.
Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
Agree to the Terms of Use once more and click Start. Allow components to download.
Place a checkmark next to Enable detection of potentially unwanted applications.
Click Hide advanced settings. Place a checkmark next to:
- Scan archives
- Scan for potentially unsafe applications
- Enable Anti-Stealth technology
Ensure Remove found threats is unchecked.
Click Start.
Wait for the scan to finish. Please be patient as this can take some time.
Upon completion, click . If no threats were found, skip the next two bullet points.
Click and save the file to your Desktop, naming it something unique such as MyEsetScan.
Push the Back button.
Place a checkmark next to and click .
Re-enable your anti-virus software.
Copy the contents of the log and paste in your next reply.

======================================================

STEP 3
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

MBAM Scan log
ESET Online Scan log

Would you like to help others with malware removal? Join our Classroom and learn how!

#28 elmkd

Authentic Member

Authentic Member
138 posts

Posted 30 September 2014 - 12:20 PM

Here are the logs:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/30/2014
Scan Time: 8:27:13 AM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.30.04
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Dennis

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 292267
Time Elapsed: 14 min, 42 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.MusicToolBar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\bandoomusictoolbar, Quarantined, [ff866f80275489ada73984bf709350b0],
Trojan.Banker, HKU\S-1-5-21-2432310436-2327922484-3749071562-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\dark, Quarantined, [12732dc2e6950e28f530c8e8ac579d63],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\bandoomusictoolbar, Quarantined, [1273c7282358a690faf57e7e8f73db25],

Files: 9
PUP.Optional.Searchqu.A, C:\Users\Dennis\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}, Quarantined, [067f49a66219ec4a5686f366a36151af],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\apnuserid.dat, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\appid.dat, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\geodata.xml, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\guid.dat, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\setupCfg.xml, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\sysid.dat, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\trackid.dat, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\bandoomusictoolbar\dtx.ini, Quarantined, [1273c7282358a690faf57e7e8f73db25],

Physical Sectors: 0
(No malicious items detected)

(end)

C:\FRST\Quarantine\C\Program Files\Bandoo\Bandoo.exe   a variant of Win32/Adware.Bandoo.AC application
C:\FRST\Quarantine\C\Program Files\Bandoo\BandooUI.exe   a variant of Win32/Adware.Bandoo.AB application
C:\FRST\Quarantine\C\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsbandmltbpi.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\apcrtldr.dll   Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\Datamngr.dll   Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe   Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\DatamngrUI.exe   Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\del_DM_DLL_nsxBC45.dll   Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\del_DM_LL_nsxBC45.dll   Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\del_mg_nsxBC45.dll   Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\Helper.dll   a variant of Win32/Toolbar.SearchSuite.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\IEBHO.dll   Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\Internet Explorer Settings.exe   Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\mgrldr.dll   Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~1\IE\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~1\IE\searchresultsDx.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~1\IE\searchresultstb.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~2\IE\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~2\IE\searchresultsDx.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~2\IE\searchresultstb.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~3\IE\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~3\IE\searchresultsDx.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~3\IE\searchresultstb.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~4\IE\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~4\IE\searchresultsDx.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~4\IE\searchresultstb.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~5\IE\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~5\IE\searchresultsDx.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~5\IE\searchresultstb.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~1\IE\searchresultstb.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~2\IE\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~2\IE\searchresultstb.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~3\IE\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~3\IE\searchresultsDx.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~3\IE\searchresultstb.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~4\IE\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~4\IE\searchresultsDx.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~4\IE\searchresultstb.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll   a variant of Win32/Toolbar.SearchSuite potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe   a variant of Win32/Toolbar.SearchSuite potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll   a variant of Win32/Toolbar.SearchSuite potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe   a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll   a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll   a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\Wincert\win32cert.dll   Win32/Toolbar.SearchSuite.M potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\Wincert\win32prop.dll   Win32/Toolbar.SearchSuite.M potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\Wincert\win64cert.dll   Win64/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\Wincert\win64prop.dll   Win64/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\cwncmuup.exe.xBAD   a variant of Win32/Kryptik.CJPS trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\jmkaplvm.exe.xBAD   Win32/TrojanDownloader.Zortob.H trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\xgdegqqp.exe.xBAD   a variant of Win32/Kryptik.CJPS trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\Temp\AskSLib.dll.xBAD   a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\Temp\BandooV6.exe.xBAD   multiple threats
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\Temp\nsc91F8.tmp.exe.xBAD   multiple threats
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\Temp\SetupDataMngr_Searchqu.exe.xBAD   a variant of Win32/Toolbar.SearchSuite potentially unwanted application
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\Temp\UpdateFlashPlayer_eadea7d5.exe.xBAD   a variant of Win32/Injector.BKNG trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Roaming\Imokyhry\ilutk.exe.vir   Win32/Spy.Zbot.ABA trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Roaming\Ydbudaog\meutewb.exe.vir   Win32/Spy.Zbot.ABA trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Roaming\Zyudaki\ewubpu.exe.vir   Win32/Spy.Zbot.ABA trojan

#29 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 30 September 2014 - 12:28 PM

Looks good.
All of those ESET detections are files we've already removed, and pose no threat to your computer.

Please provide an update. Are there any outstanding issues?

If not, we can proceed by updating your vulnerable software and removing the tools we've used.

Would you like to help others with malware removal? Join our Classroom and learn how!

#30 elmkd

Authentic Member

Authentic Member
138 posts

Posted 30 September 2014 - 12:31 PM

I can confirm that there are no further issues. This is a great result. Once again, thank you.

Regards,

Elmkd

Body Background

skin color theme

No desktop and Explorer.exe application failed to initalize 0xc0000005

#16 elmkd

Advertisements

Register to Remove

#17 LiquidTension

#18 elmkd

#19 LiquidTension

#20 elmkd

#21 LiquidTension

#22 elmkd

#23 LiquidTension

#24 elmkd

#25 LiquidTension

Advertisements

Register to Remove

#26 elmkd

#27 LiquidTension

#28 elmkd

#29 LiquidTension

#30 elmkd

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

No desktop and Explorer.exe application failed to initalize 0xc0000005

#16 elmkd

Advertisements Register to Remove

#17 LiquidTension

#18 elmkd

#19 LiquidTension

#20 elmkd

#21 LiquidTension

#22 elmkd

#23 LiquidTension

#24 elmkd

#25 LiquidTension

Advertisements Register to Remove

#26 elmkd

#27 LiquidTension

#28 elmkd

#29 LiquidTension

#30 elmkd

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove

Advertisements

Register to Remove