Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

No desktop and Explorer.exe application failed to initalize 0xc0000005


  • This topic is locked This topic is locked
35 replies to this topic

#16 elmkd

elmkd

    Authentic Member

  • Authentic Member
  • PipPip
  • 138 posts

Posted 29 September 2014 - 10:39 AM

Here are the logs:

 

 
 
Checking file system on C:
The type of the file system is NTFS.
Volume label is SQ004286V02.
 
A disk check has been scheduled.
Windows will now check the disk.                         
  181184 file records processed.                                     1284 large file records processed.                               0 bad file records processed.                                 0 EA records processed.                                       44 reparse records processed.                                  224054 index entries processed.                                    0 unindexed files processed.                                  181184 security descriptors processed.                           Cleaning up 8330 unused index entries from index $SII of file 0x9.
Cleaning up 8330 unused index entries from index $SDH of file 0x9.
Cleaning up 8330 unused security descriptors.
CHKDSK is compacting the security descriptor stream...
  21436 data files processed.                                     CHKDSK is verifying Usn Journal...
  35702168 USN bytes processed.                                      Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  181168 files processed.                                          File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  13669731 free clusters processed.                                  Free space verification is complete.
Correcting errors in the master file table's (MFT) BITMAP attribute.
Correcting errors in the Volume Bitmap.
Write failure with status 0xc0000185 at offset 0x0 for 0x200 bytes.
The first NTFS boot sector is unwriteable.
Windows has made corrections to the file system.
 
  96148479 KB total disk space.
  41104328 KB in 114823 files.
     70068 KB in 21439 indexes.
         0 KB in bad sectors.
    295155 KB in use by the system.
     65536 KB occupied by the log file.
  54678928 KB available on disk.
 
      4096 bytes in each allocation unit.
  24037119 total allocation units on disk.
  13669732 allocation units available on disk.
 
Internal Info:
c0 c3 02 00 50 14 02 00 de a6 03 00 00 00 00 00  ....P...........
32 0d 00 00 2c 00 00 00 00 00 00 00 00 00 00 00  2...,...........
42 00 00 00 e2 73 f9 76 c8 82 4f 00 c8 7a 4f 00  B....s.v..O..zO.
 
Windows has finished checking your disk.
Please wait while your computer restarts.
 
===================================================
 
 
2014-09-24 08:15:55, Info                  CSI    00000006 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:15:55, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:05, Info                  CSI    00000009 [SR] Verify complete
2014-09-24 08:16:07, Info                  CSI    0000000a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:07, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:17, Info                  CSI    0000000d [SR] Verify complete
2014-09-24 08:16:19, Info                  CSI    0000000e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:19, Info                  CSI    0000000f [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:20, Info                  CSI    00000011 [SR] Verify complete
2014-09-24 08:16:22, Info                  CSI    00000012 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:22, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:24, Info                  CSI    00000015 [SR] Verify complete
2014-09-24 08:16:26, Info                  CSI    00000016 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:26, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:28, Info                  CSI    00000019 [SR] Verify complete
2014-09-24 08:16:30, Info                  CSI    0000001a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:30, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:32, Info                  CSI    0000001d [SR] Verify complete
2014-09-24 08:16:34, Info                  CSI    0000001e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:34, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:35, Info                  CSI    00000021 [SR] Verify complete
2014-09-24 08:16:38, Info                  CSI    00000022 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:38, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:40, Info                  CSI    00000025 [SR] Verify complete
2014-09-24 08:16:41, Info                  CSI    00000026 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:41, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:44, Info                  CSI    00000029 [SR] Verify complete
2014-09-24 08:16:45, Info                  CSI    0000002a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:45, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:48, Info                  CSI    0000002d [SR] Verify complete
2014-09-24 08:16:49, Info                  CSI    0000002e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:49, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:51, Info                  CSI    00000031 [SR] Verify complete
2014-09-24 08:16:53, Info                  CSI    00000032 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:53, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:55, Info                  CSI    00000035 [SR] Verify complete
2014-09-24 08:16:56, Info                  CSI    00000036 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:16:56, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2014-09-24 08:16:58, Info                  CSI    00000039 [SR] Verify complete
2014-09-24 08:17:00, Info                  CSI    0000003a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:00, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:02, Info                  CSI    0000003d [SR] Verify complete
2014-09-24 08:17:03, Info                  CSI    0000003e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:03, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:06, Info                  CSI    00000041 [SR] Verify complete
2014-09-24 08:17:07, Info                  CSI    00000042 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:07, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:10, Info                  CSI    00000045 [SR] Verify complete
2014-09-24 08:17:11, Info                  CSI    00000046 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:11, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:13, Info                  CSI    00000049 [SR] Verify complete
2014-09-24 08:17:15, Info                  CSI    0000004a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:15, Info                  CSI    0000004b [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:17, Info                  CSI    0000004d [SR] Verify complete
2014-09-24 08:17:19, Info                  CSI    0000004e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:19, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:21, Info                  CSI    00000051 [SR] Verify complete
2014-09-24 08:17:22, Info                  CSI    00000052 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:22, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:24, Info                  CSI    00000055 [SR] Verify complete
2014-09-24 08:17:26, Info                  CSI    00000056 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:26, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:28, Info                  CSI    00000059 [SR] Verify complete
2014-09-24 08:17:30, Info                  CSI    0000005a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:30, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:31, Info                  CSI    0000005d [SR] Verify complete
2014-09-24 08:17:33, Info                  CSI    0000005e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:33, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:36, Info                  CSI    00000061 [SR] Verify complete
2014-09-24 08:17:37, Info                  CSI    00000062 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:37, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:41, Info                  CSI    00000065 [SR] Verify complete
2014-09-24 08:17:43, Info                  CSI    00000066 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:43, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:45, Info                  CSI    00000069 [SR] Verify complete
2014-09-24 08:17:46, Info                  CSI    0000006a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:46, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:50, Info                  CSI    0000006d [SR] Verify complete
2014-09-24 08:17:51, Info                  CSI    0000006e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:51, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:53, Info                  CSI    00000071 [SR] Verify complete
2014-09-24 08:17:55, Info                  CSI    00000072 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:55, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2014-09-24 08:17:58, Info                  CSI    00000075 [SR] Verify complete
2014-09-24 08:17:59, Info                  CSI    00000076 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:17:59, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2014-09-24 08:18:01, Info                  CSI    00000079 [SR] Verify complete
2014-09-24 08:18:03, Info                  CSI    0000007a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:18:03, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2014-09-24 08:18:07, Info                  CSI    0000007d [SR] Verify complete
2014-09-24 08:18:09, Info                  CSI    0000007e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:18:09, Info                  CSI    0000007f [SR] Beginning Verify and Repair transaction
2014-09-24 08:18:11, Info                  CSI    00000081 [SR] Verify complete
2014-09-24 08:18:12, Info                  CSI    00000082 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:18:12, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2014-09-24 08:18:14, Info                  CSI    00000085 [SR] Verify complete
2014-09-24 08:18:16, Info                  CSI    00000086 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:18:16, Info                  CSI    00000087 [SR] Beginning Verify and Repair transaction
2014-09-24 08:18:18, Info                  CSI    00000089 [SR] Verify complete
2014-09-24 08:18:20, Info                  CSI    0000008a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:18:20, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2014-09-24 08:18:23, Info                  CSI    0000008d [SR] Verify complete
2014-09-24 08:18:24, Info                  CSI    0000008e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:18:24, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2014-09-24 08:18:34, Info                  CSI    00000091 [SR] Verify complete
2014-09-24 08:18:35, Info                  CSI    00000092 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:18:35, Info                  CSI    00000093 [SR] Beginning Verify and Repair transaction
2014-09-24 08:18:45, Info                  CSI    00000095 [SR] Verify complete
2014-09-24 08:18:46, Info                  CSI    00000096 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:18:46, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2014-09-24 08:18:57, Info                  CSI    0000009a [SR] Verify complete
2014-09-24 08:18:59, Info                  CSI    0000009b [SR] Verifying 100 (0x00000064) components
2014-09-24 08:18:59, Info                  CSI    0000009c [SR] Beginning Verify and Repair transaction
2014-09-24 08:19:06, Info                  CSI    0000009e [SR] Verify complete
2014-09-24 08:19:08, Info                  CSI    0000009f [SR] Verifying 100 (0x00000064) components
2014-09-24 08:19:08, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction
2014-09-24 08:19:16, Info                  CSI    000000a3 [SR] Verify complete
2014-09-24 08:19:17, Info                  CSI    000000a4 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:19:17, Info                  CSI    000000a5 [SR] Beginning Verify and Repair transaction
2014-09-24 08:19:28, Info                  CSI    000000a7 [SR] Verify complete
2014-09-24 08:19:30, Info                  CSI    000000a8 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:19:30, Info                  CSI    000000a9 [SR] Beginning Verify and Repair transaction
2014-09-24 08:19:46, Info                  CSI    000000b3 [SR] Verify complete
2014-09-24 08:19:47, Info                  CSI    000000b4 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:19:47, Info                  CSI    000000b5 [SR] Beginning Verify and Repair transaction
2014-09-24 08:19:57, Info                  CSI    000000b7 [SR] Verify complete
2014-09-24 08:19:58, Info                  CSI    000000b8 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:19:58, Info                  CSI    000000b9 [SR] Beginning Verify and Repair transaction
2014-09-24 08:20:06, Info                  CSI    000000bb [SR] Verify complete
2014-09-24 08:20:08, Info                  CSI    000000bc [SR] Verifying 100 (0x00000064) components
2014-09-24 08:20:08, Info                  CSI    000000bd [SR] Beginning Verify and Repair transaction
2014-09-24 08:20:18, Info                  CSI    000000bf [SR] Verify complete
2014-09-24 08:20:19, Info                  CSI    000000c0 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:20:19, Info                  CSI    000000c1 [SR] Beginning Verify and Repair transaction
2014-09-24 08:20:33, Info                  CSI    000000c3 [SR] Verify complete
2014-09-24 08:20:34, Info                  CSI    000000c4 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:20:34, Info                  CSI    000000c5 [SR] Beginning Verify and Repair transaction
2014-09-24 08:20:48, Info                  CSI    000000c9 [SR] Verify complete
2014-09-24 08:20:50, Info                  CSI    000000ca [SR] Verifying 100 (0x00000064) components
2014-09-24 08:20:50, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2014-09-24 08:21:08, Info                  CSI    000000cd [SR] Verify complete
2014-09-24 08:21:09, Info                  CSI    000000ce [SR] Verifying 100 (0x00000064) components
2014-09-24 08:21:09, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2014-09-24 08:21:32, Info                  CSI    000000d1 [SR] Verify complete
2014-09-24 08:21:33, Info                  CSI    000000d2 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:21:33, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2014-09-24 08:21:42, Info                  CSI    000000d5 [SR] Verify complete
2014-09-24 08:21:43, Info                  CSI    000000d6 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:21:43, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2014-09-24 08:21:46, Info                  CSI    000000d9 [SR] Verify complete
2014-09-24 08:21:47, Info                  CSI    000000da [SR] Verifying 100 (0x00000064) components
2014-09-24 08:21:47, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2014-09-24 08:21:51, Info                  CSI    000000dd [SR] Verify complete
2014-09-24 08:21:52, Info                  CSI    000000de [SR] Verifying 100 (0x00000064) components
2014-09-24 08:21:52, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2014-09-24 08:22:06, Info                  CSI    000000fc [SR] Verify complete
2014-09-24 08:22:07, Info                  CSI    000000fd [SR] Verifying 100 (0x00000064) components
2014-09-24 08:22:07, Info                  CSI    000000fe [SR] Beginning Verify and Repair transaction
2014-09-24 08:22:14, Info                  CSI    00000101 [SR] Verify complete
2014-09-24 08:22:15, Info                  CSI    00000102 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:22:15, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction
2014-09-24 08:22:19, Info                  CSI    00000105 [SR] Verify complete
2014-09-24 08:22:19, Info                  CSI    00000106 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:22:19, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2014-09-24 08:22:27, Info                  CSI    00000109 [SR] Verify complete
2014-09-24 08:22:28, Info                  CSI    0000010a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:22:28, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2014-09-24 08:22:37, Info                  CSI    0000010d [SR] Verify complete
2014-09-24 08:22:39, Info                  CSI    0000010e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:22:39, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2014-09-24 08:22:57, Info                  CSI    00000112 [SR] Verify complete
2014-09-24 08:22:58, Info                  CSI    00000113 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:22:58, Info                  CSI    00000114 [SR] Beginning Verify and Repair transaction
2014-09-24 08:23:05, Info                  CSI    00000116 [SR] Verify complete
2014-09-24 08:23:06, Info                  CSI    00000117 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:23:06, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction
2014-09-24 08:23:12, Info                  CSI    0000011a [SR] Verify complete
2014-09-24 08:23:13, Info                  CSI    0000011b [SR] Verifying 100 (0x00000064) components
2014-09-24 08:23:13, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2014-09-24 08:23:29, Info                  CSI    0000011e [SR] Verify complete
2014-09-24 08:23:30, Info                  CSI    0000011f [SR] Verifying 100 (0x00000064) components
2014-09-24 08:23:30, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction
2014-09-24 08:23:40, Info                  CSI    00000122 [SR] Verify complete
2014-09-24 08:23:41, Info                  CSI    00000123 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:23:41, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2014-09-24 08:23:55, Info                  CSI    00000126 [SR] Verify complete
2014-09-24 08:23:56, Info                  CSI    00000127 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:23:56, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2014-09-24 08:24:14, Info                  CSI    0000014d [SR] Verify complete
2014-09-24 08:24:15, Info                  CSI    0000014e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:24:15, Info                  CSI    0000014f [SR] Beginning Verify and Repair transaction
2014-09-24 08:24:30, Info                  CSI    00000151 [SR] Verify complete
2014-09-24 08:24:31, Info                  CSI    00000152 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:24:31, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2014-09-24 08:25:06, Info                  CSI    00000155 [SR] Verify complete
2014-09-24 08:25:06, Info                  CSI    00000156 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:25:06, Info                  CSI    00000157 [SR] Beginning Verify and Repair transaction
2014-09-24 08:25:28, Info                  CSI    00000159 [SR] Verify complete
2014-09-24 08:25:29, Info                  CSI    0000015a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:25:29, Info                  CSI    0000015b [SR] Beginning Verify and Repair transaction
2014-09-24 08:25:41, Info                  CSI    0000015d [SR] Verify complete
2014-09-24 08:25:42, Info                  CSI    0000015e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:25:42, Info                  CSI    0000015f [SR] Beginning Verify and Repair transaction
2014-09-24 08:25:52, Info                  CSI    00000161 [SR] Verify complete
2014-09-24 08:25:54, Info                  CSI    00000162 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:25:54, Info                  CSI    00000163 [SR] Beginning Verify and Repair transaction
2014-09-24 08:26:03, Info                  CSI    00000166 [SR] Verify complete
2014-09-24 08:26:05, Info                  CSI    00000167 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:26:05, Info                  CSI    00000168 [SR] Beginning Verify and Repair transaction
2014-09-24 08:26:23, Info                  CSI    0000016a [SR] Verify complete
2014-09-24 08:26:24, Info                  CSI    0000016b [SR] Verifying 100 (0x00000064) components
2014-09-24 08:26:24, Info                  CSI    0000016c [SR] Beginning Verify and Repair transaction
2014-09-24 08:26:39, Info                  CSI    0000016e [SR] Verify complete
2014-09-24 08:26:40, Info                  CSI    0000016f [SR] Verifying 100 (0x00000064) components
2014-09-24 08:26:40, Info                  CSI    00000170 [SR] Beginning Verify and Repair transaction
2014-09-24 08:26:51, Info                  CSI    00000172 [SR] Verify complete
2014-09-24 08:26:52, Info                  CSI    00000173 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:26:52, Info                  CSI    00000174 [SR] Beginning Verify and Repair transaction
2014-09-24 08:27:12, Info                  CSI    00000176 [SR] Verify complete
2014-09-24 08:27:13, Info                  CSI    00000177 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:27:13, Info                  CSI    00000178 [SR] Beginning Verify and Repair transaction
2014-09-24 08:27:24, Info                  CSI    0000017a [SR] Verify complete
2014-09-24 08:27:25, Info                  CSI    0000017b [SR] Verifying 100 (0x00000064) components
2014-09-24 08:27:25, Info                  CSI    0000017c [SR] Beginning Verify and Repair transaction
2014-09-24 08:27:35, Info                  CSI    0000017e [SR] Verify complete
2014-09-24 08:27:36, Info                  CSI    0000017f [SR] Verifying 100 (0x00000064) components
2014-09-24 08:27:36, Info                  CSI    00000180 [SR] Beginning Verify and Repair transaction
2014-09-24 08:27:54, Info                  CSI    00000183 [SR] Verify complete
2014-09-24 08:27:55, Info                  CSI    00000184 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:27:55, Info                  CSI    00000185 [SR] Beginning Verify and Repair transaction
2014-09-24 08:28:09, Info                  CSI    00000187 [SR] Verify complete
2014-09-24 08:28:10, Info                  CSI    00000188 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:28:10, Info                  CSI    00000189 [SR] Beginning Verify and Repair transaction
2014-09-24 08:28:20, Info                  CSI    0000018b [SR] Verify complete
2014-09-24 08:28:21, Info                  CSI    0000018c [SR] Verifying 100 (0x00000064) components
2014-09-24 08:28:21, Info                  CSI    0000018d [SR] Beginning Verify and Repair transaction
2014-09-24 08:28:33, Info                  CSI    0000018f [SR] Verify complete
2014-09-24 08:28:34, Info                  CSI    00000190 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:28:34, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2014-09-24 08:28:48, Info                  CSI    00000195 [SR] Verify complete
2014-09-24 08:28:50, Info                  CSI    00000196 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:28:50, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2014-09-24 08:29:02, Info                  CSI    00000199 [SR] Verify complete
2014-09-24 08:29:03, Info                  CSI    0000019a [SR] Verifying 100 (0x00000064) components
2014-09-24 08:29:03, Info                  CSI    0000019b [SR] Beginning Verify and Repair transaction
2014-09-24 08:29:18, Info                  CSI    0000019d [SR] Verify complete
2014-09-24 08:29:19, Info                  CSI    0000019e [SR] Verifying 100 (0x00000064) components
2014-09-24 08:29:19, Info                  CSI    0000019f [SR] Beginning Verify and Repair transaction
2014-09-24 08:29:26, Info                  CSI    000001a1 [SR] Verify complete
2014-09-24 08:29:26, Info                  CSI    000001a2 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:29:26, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2014-09-24 08:29:36, Info                  CSI    000001a5 [SR] Verify complete
2014-09-24 08:29:37, Info                  CSI    000001a6 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:29:37, Info                  CSI    000001a7 [SR] Beginning Verify and Repair transaction
2014-09-24 08:29:50, Info                  CSI    000001a9 [SR] Verify complete
2014-09-24 08:29:51, Info                  CSI    000001aa [SR] Verifying 100 (0x00000064) components
2014-09-24 08:29:51, Info                  CSI    000001ab [SR] Beginning Verify and Repair transaction
2014-09-24 08:30:02, Info                  CSI    000001ad [SR] Verify complete
2014-09-24 08:30:02, Info                  CSI    000001ae [SR] Verifying 100 (0x00000064) components
2014-09-24 08:30:02, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2014-09-24 08:30:11, Info                  CSI    000001b1 [SR] Verify complete
2014-09-24 08:30:12, Info                  CSI    000001b2 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:30:12, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2014-09-24 08:30:44, Info                  CSI    000001b5 [SR] Verify complete
2014-09-24 08:30:44, Info                  CSI    000001b6 [SR] Verifying 100 (0x00000064) components
2014-09-24 08:30:44, Info                  CSI    000001b7 [SR] Beginning Verify and Repair transaction
2014-09-24 08:30:53, Info                  CSI    000001b9 [SR] Verify complete
2014-09-24 08:30:55, Info                  CSI    000001ba [SR] Verifying 100 (0x00000064) components
2014-09-24 08:30:55, Info                  CSI    000001bb [SR] Beginning Verify and Repair transaction
2014-09-24 08:31:09, Info                  CSI    000001c6 [SR] Verify complete
2014-09-24 08:31:09, Info                  CSI    000001c7 [SR] Verifying 55 (0x00000037) components
2014-09-24 08:31:09, Info                  CSI    000001c8 [SR] Beginning Verify and Repair transaction
2014-09-24 08:31:15, Info                  CSI    000001ca [SR] Verify complete
2014-09-24 08:31:15, Info                  CSI    000001cb [SR] Repairing 0 components
2014-09-24 08:31:15, Info                  CSI    000001cc [SR] Beginning Verify and Repair transaction
2014-09-24 08:31:15, Info                  CSI    000001ce [SR] Repair complete
2014-09-29 10:50:29, Info                  CSI    00000006 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:50:29, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2014-09-29 10:50:50, Info                  CSI    00000009 [SR] Verify complete
2014-09-29 10:50:54, Info                  CSI    0000000a [SR] Verifying 100 (0x00000064) components
2014-09-29 10:50:54, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2014-09-29 10:51:18, Info                  CSI    0000000d [SR] Verify complete
2014-09-29 10:51:22, Info                  CSI    0000000e [SR] Verifying 100 (0x00000064) components
2014-09-29 10:51:22, Info                  CSI    0000000f [SR] Beginning Verify and Repair transaction
2014-09-29 10:51:26, Info                  CSI    00000011 [SR] Verify complete
2014-09-29 10:51:29, Info                  CSI    00000012 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:51:29, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2014-09-29 10:51:32, Info                  CSI    00000015 [SR] Verify complete
2014-09-29 10:51:33, Info                  CSI    00000016 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:51:33, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2014-09-29 10:51:36, Info                  CSI    00000019 [SR] Verify complete
2014-09-29 10:51:38, Info                  CSI    0000001a [SR] Verifying 100 (0x00000064) components
2014-09-29 10:51:38, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2014-09-29 10:51:40, Info                  CSI    0000001d [SR] Verify complete
2014-09-29 10:51:41, Info                  CSI    0000001e [SR] Verifying 100 (0x00000064) components
2014-09-29 10:51:41, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction
2014-09-29 10:51:43, Info                  CSI    00000021 [SR] Verify complete
2014-09-29 10:51:45, Info                  CSI    00000022 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:51:45, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2014-09-29 10:51:47, Info                  CSI    00000025 [SR] Verify complete
2014-09-29 10:51:48, Info                  CSI    00000026 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:51:48, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2014-09-29 10:51:50, Info                  CSI    00000029 [SR] Verify complete
2014-09-29 10:51:52, Info                  CSI    0000002a [SR] Verifying 100 (0x00000064) components
2014-09-29 10:51:52, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction
2014-09-29 10:51:54, Info                  CSI    0000002d [SR] Verify complete
2014-09-29 10:51:56, Info                  CSI    0000002e [SR] Verifying 100 (0x00000064) components
2014-09-29 10:51:56, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2014-09-29 10:51:58, Info                  CSI    00000031 [SR] Verify complete
2014-09-29 10:51:59, Info                  CSI    00000032 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:51:59, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:01, Info                  CSI    00000035 [SR] Verify complete
2014-09-29 10:52:03, Info                  CSI    00000036 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:03, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:04, Info                  CSI    00000039 [SR] Verify complete
2014-09-29 10:52:06, Info                  CSI    0000003a [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:06, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:08, Info                  CSI    0000003d [SR] Verify complete
2014-09-29 10:52:09, Info                  CSI    0000003e [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:09, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:12, Info                  CSI    00000041 [SR] Verify complete
2014-09-29 10:52:13, Info                  CSI    00000042 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:13, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:15, Info                  CSI    00000045 [SR] Verify complete
2014-09-29 10:52:17, Info                  CSI    00000046 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:17, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:19, Info                  CSI    00000049 [SR] Verify complete
2014-09-29 10:52:20, Info                  CSI    0000004a [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:20, Info                  CSI    0000004b [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:23, Info                  CSI    0000004d [SR] Verify complete
2014-09-29 10:52:25, Info                  CSI    0000004e [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:25, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:27, Info                  CSI    00000051 [SR] Verify complete
2014-09-29 10:52:29, Info                  CSI    00000052 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:29, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:30, Info                  CSI    00000055 [SR] Verify complete
2014-09-29 10:52:32, Info                  CSI    00000056 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:32, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:34, Info                  CSI    00000059 [SR] Verify complete
2014-09-29 10:52:35, Info                  CSI    0000005a [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:35, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:37, Info                  CSI    0000005d [SR] Verify complete
2014-09-29 10:52:39, Info                  CSI    0000005e [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:39, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:42, Info                  CSI    00000061 [SR] Verify complete
2014-09-29 10:52:43, Info                  CSI    00000062 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:43, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:47, Info                  CSI    00000065 [SR] Verify complete
2014-09-29 10:52:49, Info                  CSI    00000066 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:49, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2014-09-29 10:52:53, Info                  CSI    00000069 [SR] Verify complete
2014-09-29 10:52:54, Info                  CSI    0000006a [SR] Verifying 100 (0x00000064) components
2014-09-29 10:52:54, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:00, Info                  CSI    0000006d [SR] Verify complete
2014-09-29 10:53:02, Info                  CSI    0000006e [SR] Verifying 100 (0x00000064) components
2014-09-29 10:53:02, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:05, Info                  CSI    00000071 [SR] Verify complete
2014-09-29 10:53:06, Info                  CSI    00000072 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:53:06, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:10, Info                  CSI    00000075 [SR] Verify complete
2014-09-29 10:53:12, Info                  CSI    00000076 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:53:12, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:14, Info                  CSI    00000079 [SR] Verify complete
2014-09-29 10:53:15, Info                  CSI    0000007a [SR] Verifying 100 (0x00000064) components
2014-09-29 10:53:15, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:20, Info                  CSI    0000007d [SR] Verify complete
2014-09-29 10:53:22, Info                  CSI    0000007e [SR] Verifying 100 (0x00000064) components
2014-09-29 10:53:22, Info                  CSI    0000007f [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:25, Info                  CSI    00000081 [SR] Verify complete
2014-09-29 10:53:27, Info                  CSI    00000082 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:53:27, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:29, Info                  CSI    00000085 [SR] Verify complete
2014-09-29 10:53:30, Info                  CSI    00000086 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:53:30, Info                  CSI    00000087 [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:33, Info                  CSI    00000089 [SR] Verify complete
2014-09-29 10:53:35, Info                  CSI    0000008a [SR] Verifying 100 (0x00000064) components
2014-09-29 10:53:35, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:38, Info                  CSI    0000008d [SR] Verify complete
2014-09-29 10:53:39, Info                  CSI    0000008e [SR] Verifying 100 (0x00000064) components
2014-09-29 10:53:39, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:49, Info                  CSI    00000091 [SR] Verify complete
2014-09-29 10:53:50, Info                  CSI    00000092 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:53:50, Info                  CSI    00000093 [SR] Beginning Verify and Repair transaction
2014-09-29 10:53:59, Info                  CSI    00000095 [SR] Verify complete
2014-09-29 10:54:01, Info                  CSI    00000096 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:54:01, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2014-09-29 10:54:18, Info                  CSI    0000009a [SR] Verify complete
2014-09-29 10:54:19, Info                  CSI    0000009b [SR] Verifying 100 (0x00000064) components
2014-09-29 10:54:19, Info                  CSI    0000009c [SR] Beginning Verify and Repair transaction
2014-09-29 10:54:27, Info                  CSI    0000009e [SR] Verify complete
2014-09-29 10:54:28, Info                  CSI    0000009f [SR] Verifying 100 (0x00000064) components
2014-09-29 10:54:28, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction
2014-09-29 10:54:36, Info                  CSI    000000a3 [SR] Verify complete
2014-09-29 10:54:37, Info                  CSI    000000a4 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:54:37, Info                  CSI    000000a5 [SR] Beginning Verify and Repair transaction
2014-09-29 10:54:47, Info                  CSI    000000a7 [SR] Verify complete
2014-09-29 10:54:48, Info                  CSI    000000a8 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:54:48, Info                  CSI    000000a9 [SR] Beginning Verify and Repair transaction
2014-09-29 10:55:04, Info                  CSI    000000b3 [SR] Verify complete
2014-09-29 10:55:05, Info                  CSI    000000b4 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:55:05, Info                  CSI    000000b5 [SR] Beginning Verify and Repair transaction
2014-09-29 10:55:15, Info                  CSI    000000b7 [SR] Verify complete
2014-09-29 10:55:16, Info                  CSI    000000b8 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:55:16, Info                  CSI    000000b9 [SR] Beginning Verify and Repair transaction
2014-09-29 10:55:32, Info                  CSI    000000bb [SR] Verify complete
2014-09-29 10:55:34, Info                  CSI    000000bc [SR] Verifying 100 (0x00000064) components
2014-09-29 10:55:34, Info                  CSI    000000bd [SR] Beginning Verify and Repair transaction
2014-09-29 10:55:48, Info                  CSI    000000bf [SR] Verify complete
2014-09-29 10:55:49, Info                  CSI    000000c0 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:55:49, Info                  CSI    000000c1 [SR] Beginning Verify and Repair transaction
2014-09-29 10:56:04, Info                  CSI    000000c3 [SR] Verify complete
2014-09-29 10:56:04, Info                  CSI    000000c4 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:56:04, Info                  CSI    000000c5 [SR] Beginning Verify and Repair transaction
2014-09-29 10:56:18, Info                  CSI    000000c9 [SR] Verify complete
2014-09-29 10:56:19, Info                  CSI    000000ca [SR] Verifying 100 (0x00000064) components
2014-09-29 10:56:19, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2014-09-29 10:56:39, Info                  CSI    000000cd [SR] Verify complete
2014-09-29 10:56:40, Info                  CSI    000000ce [SR] Verifying 100 (0x00000064) components
2014-09-29 10:56:40, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2014-09-29 10:57:06, Info                  CSI    000000d1 [SR] Verify complete
2014-09-29 10:57:07, Info                  CSI    000000d2 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:57:07, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2014-09-29 10:57:28, Info                  CSI    000000d5 [SR] Verify complete
2014-09-29 10:57:29, Info                  CSI    000000d6 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:57:29, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2014-09-29 10:57:33, Info                  CSI    000000d9 [SR] Verify complete
2014-09-29 10:57:33, Info                  CSI    000000da [SR] Verifying 100 (0x00000064) components
2014-09-29 10:57:33, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2014-09-29 10:57:37, Info                  CSI    000000dd [SR] Verify complete
2014-09-29 10:57:38, Info                  CSI    000000de [SR] Verifying 100 (0x00000064) components
2014-09-29 10:57:38, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2014-09-29 10:57:54, Info                  CSI    000000fc [SR] Verify complete
2014-09-29 10:57:55, Info                  CSI    000000fd [SR] Verifying 100 (0x00000064) components
2014-09-29 10:57:55, Info                  CSI    000000fe [SR] Beginning Verify and Repair transaction
2014-09-29 10:58:03, Info                  CSI    00000101 [SR] Verify complete
2014-09-29 10:58:03, Info                  CSI    00000102 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:58:03, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction
2014-09-29 10:58:08, Info                  CSI    00000105 [SR] Verify complete
2014-09-29 10:58:08, Info                  CSI    00000106 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:58:08, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2014-09-29 10:58:16, Info                  CSI    00000109 [SR] Verify complete
2014-09-29 10:58:17, Info                  CSI    0000010a [SR] Verifying 100 (0x00000064) components
2014-09-29 10:58:17, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2014-09-29 10:58:29, Info                  CSI    0000010d [SR] Verify complete
2014-09-29 10:58:31, Info                  CSI    0000010e [SR] Verifying 100 (0x00000064) components
2014-09-29 10:58:31, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2014-09-29 10:58:49, Info                  CSI    00000112 [SR] Verify complete
2014-09-29 10:58:51, Info                  CSI    00000113 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:58:51, Info                  CSI    00000114 [SR] Beginning Verify and Repair transaction
2014-09-29 10:59:00, Info                  CSI    00000116 [SR] Verify complete
2014-09-29 10:59:01, Info                  CSI    00000117 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:59:01, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction
2014-09-29 10:59:08, Info                  CSI    0000011a [SR] Verify complete
2014-09-29 10:59:09, Info                  CSI    0000011b [SR] Verifying 100 (0x00000064) components
2014-09-29 10:59:09, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2014-09-29 10:59:30, Info                  CSI    0000011e [SR] Verify complete
2014-09-29 10:59:31, Info                  CSI    0000011f [SR] Verifying 100 (0x00000064) components
2014-09-29 10:59:31, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction
2014-09-29 10:59:47, Info                  CSI    00000122 [SR] Verify complete
2014-09-29 10:59:49, Info                  CSI    00000123 [SR] Verifying 100 (0x00000064) components
2014-09-29 10:59:49, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2014-09-29 11:00:08, Info                  CSI    00000126 [SR] Verify complete
2014-09-29 11:00:10, Info                  CSI    00000127 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:00:10, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2014-09-29 11:00:30, Info                  CSI    0000014d [SR] Verify complete
2014-09-29 11:00:31, Info                  CSI    0000014e [SR] Verifying 100 (0x00000064) components
2014-09-29 11:00:31, Info                  CSI    0000014f [SR] Beginning Verify and Repair transaction
2014-09-29 11:00:46, Info                  CSI    00000151 [SR] Verify complete
2014-09-29 11:00:47, Info                  CSI    00000152 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:00:47, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2014-09-29 11:01:41, Info                  CSI    00000155 [SR] Verify complete
2014-09-29 11:01:42, Info                  CSI    00000156 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:01:42, Info                  CSI    00000157 [SR] Beginning Verify and Repair transaction
2014-09-29 11:02:11, Info                  CSI    00000159 [SR] Verify complete
2014-09-29 11:02:12, Info                  CSI    0000015a [SR] Verifying 100 (0x00000064) components
2014-09-29 11:02:12, Info                  CSI    0000015b [SR] Beginning Verify and Repair transaction
2014-09-29 11:02:27, Info                  CSI    0000015d [SR] Verify complete
2014-09-29 11:02:28, Info                  CSI    0000015e [SR] Verifying 100 (0x00000064) components
2014-09-29 11:02:28, Info                  CSI    0000015f [SR] Beginning Verify and Repair transaction
2014-09-29 11:02:37, Info                  CSI    00000161 [SR] Verify complete
2014-09-29 11:02:38, Info                  CSI    00000162 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:02:38, Info                  CSI    00000163 [SR] Beginning Verify and Repair transaction
2014-09-29 11:02:51, Info                  CSI    00000166 [SR] Verify complete
2014-09-29 11:02:52, Info                  CSI    00000167 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:02:52, Info                  CSI    00000168 [SR] Beginning Verify and Repair transaction
2014-09-29 11:03:11, Info                  CSI    0000016a [SR] Verify complete
2014-09-29 11:03:11, Info                  CSI    0000016b [SR] Verifying 100 (0x00000064) components
2014-09-29 11:03:11, Info                  CSI    0000016c [SR] Beginning Verify and Repair transaction
2014-09-29 11:03:25, Info                  CSI    0000016e [SR] Verify complete
2014-09-29 11:03:27, Info                  CSI    0000016f [SR] Verifying 100 (0x00000064) components
2014-09-29 11:03:27, Info                  CSI    00000170 [SR] Beginning Verify and Repair transaction
2014-09-29 11:03:38, Info                  CSI    00000172 [SR] Verify complete
2014-09-29 11:03:39, Info                  CSI    00000173 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:03:39, Info                  CSI    00000174 [SR] Beginning Verify and Repair transaction
2014-09-29 11:04:04, Info                  CSI    00000176 [SR] Verify complete
2014-09-29 11:04:05, Info                  CSI    00000177 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:04:05, Info                  CSI    00000178 [SR] Beginning Verify and Repair transaction
2014-09-29 11:04:19, Info                  CSI    0000017a [SR] Verify complete
2014-09-29 11:04:20, Info                  CSI    0000017b [SR] Verifying 100 (0x00000064) components
2014-09-29 11:04:20, Info                  CSI    0000017c [SR] Beginning Verify and Repair transaction
2014-09-29 11:04:31, Info                  CSI    0000017e [SR] Verify complete
2014-09-29 11:04:32, Info                  CSI    0000017f [SR] Verifying 100 (0x00000064) components
2014-09-29 11:04:32, Info                  CSI    00000180 [SR] Beginning Verify and Repair transaction
2014-09-29 11:04:55, Info                  CSI    00000183 [SR] Verify complete
2014-09-29 11:04:56, Info                  CSI    00000184 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:04:56, Info                  CSI    00000185 [SR] Beginning Verify and Repair transaction
2014-09-29 11:05:19, Info                  CSI    00000187 [SR] Verify complete
2014-09-29 11:05:20, Info                  CSI    00000188 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:05:20, Info                  CSI    00000189 [SR] Beginning Verify and Repair transaction
2014-09-29 11:05:30, Info                  CSI    0000018b [SR] Verify complete
2014-09-29 11:05:31, Info                  CSI    0000018c [SR] Verifying 100 (0x00000064) components
2014-09-29 11:05:31, Info                  CSI    0000018d [SR] Beginning Verify and Repair transaction
2014-09-29 11:05:42, Info                  CSI    0000018f [SR] Verify complete
2014-09-29 11:05:44, Info                  CSI    00000190 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:05:44, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2014-09-29 11:06:05, Info                  CSI    00000195 [SR] Verify complete
2014-09-29 11:06:10, Info                  CSI    00000196 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:06:10, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2014-09-29 11:06:25, Info                  CSI    00000199 [SR] Verify complete
2014-09-29 11:06:27, Info                  CSI    0000019a [SR] Verifying 100 (0x00000064) components
2014-09-29 11:06:27, Info                  CSI    0000019b [SR] Beginning Verify and Repair transaction
2014-09-29 11:06:45, Info                  CSI    0000019d [SR] Verify complete
2014-09-29 11:06:45, Info                  CSI    0000019e [SR] Verifying 100 (0x00000064) components
2014-09-29 11:06:45, Info                  CSI    0000019f [SR] Beginning Verify and Repair transaction
2014-09-29 11:06:52, Info                  CSI    000001a1 [SR] Verify complete
2014-09-29 11:06:53, Info                  CSI    000001a2 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:06:53, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2014-09-29 11:07:02, Info                  CSI    000001a5 [SR] Verify complete
2014-09-29 11:07:04, Info                  CSI    000001a6 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:07:04, Info                  CSI    000001a7 [SR] Beginning Verify and Repair transaction
2014-09-29 11:07:17, Info                  CSI    000001a9 [SR] Verify complete
2014-09-29 11:07:18, Info                  CSI    000001aa [SR] Verifying 100 (0x00000064) components
2014-09-29 11:07:18, Info                  CSI    000001ab [SR] Beginning Verify and Repair transaction
2014-09-29 11:07:32, Info                  CSI    000001ad [SR] Verify complete
2014-09-29 11:07:32, Info                  CSI    000001ae [SR] Verifying 100 (0x00000064) components
2014-09-29 11:07:32, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2014-09-29 11:07:42, Info                  CSI    000001b1 [SR] Verify complete
2014-09-29 11:07:43, Info                  CSI    000001b2 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:07:43, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2014-09-29 11:08:13, Info                  CSI    000001b5 [SR] Verify complete
2014-09-29 11:08:14, Info                  CSI    000001b6 [SR] Verifying 100 (0x00000064) components
2014-09-29 11:08:14, Info                  CSI    000001b7 [SR] Beginning Verify and Repair transaction
2014-09-29 11:08:22, Info                  CSI    000001b9 [SR] Verify complete
2014-09-29 11:08:23, Info                  CSI    000001ba [SR] Verifying 100 (0x00000064) components
2014-09-29 11:08:23, Info                  CSI    000001bb [SR] Beginning Verify and Repair transaction
2014-09-29 11:08:35, Info                  CSI    000001c6 [SR] Verify complete
2014-09-29 11:08:35, Info                  CSI    000001c7 [SR] Verifying 55 (0x00000037) components
2014-09-29 11:08:35, Info                  CSI    000001c8 [SR] Beginning Verify and Repair transaction
2014-09-29 11:08:40, Info                  CSI    000001ca [SR] Verify complete
2014-09-29 11:08:40, Info                  CSI    000001cb [SR] Repairing 0 components
2014-09-29 11:08:40, Info                  CSI    000001cc [SR] Beginning Verify and Repair transaction
2014-09-29 11:08:40, Info                  CSI    000001ce [SR] Repair complete
 

    Advertisements

Register to Remove


#17 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 29 September 2014 - 10:46 AM

Good job.

Try to boot into Windows normally. What happens? Does Explorer still crash?

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#18 elmkd

elmkd

    Authentic Member

  • Authentic Member
  • PipPip
  • 138 posts

Posted 29 September 2014 - 11:04 AM

Unfortunately, the problem is still there. Explorer crashes.

Regards,

Marcel Dunn



#19 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 29 September 2014 - 11:27 AM

Hello, 
 
Thank you for letting me know. We'll get back to directly troubleshooting your issue with Explorer once you have a clean set of FRST logs. 
 
Do you recognise the following programmes?

  • Desktop Dialer
  • imasinstall
     

STEP 1
6JO0hXH.png Revo Uninstaller

  • Please download and install Revo Uninstaller Free.
  • Double-click Revo Uninstaller to run the programme. 
  • From the list of programmes, locate the following, or anything similar and carry out the steps below one at a time.
    • Bandoo
    • iLivid (and anything similar)
    • Internet Offers
    • MediaBar
    • Music Toolbar for Chrome
    • Music Toolbar for Firefox
    • Music Toolbar for Internet Explorer
    • Windows iLivid Toolbar
    • Desktop Dialer (if you do not recognise)
    • imasinstall (if you do not recognise)
  • Double-click the programme. 
  • When prompted if you want to uninstall click Yes.
  • Ensure the Moderate option is selected and click Next.
  • The programme will run. If prompted again click Yes.
  • Once the built-in uninstaller is finished click Next.
  • Once the programme has searched for leftovers click Next.
  • Check items in bold only in the list and click Delete. You may have to expand folders by clicking the "+" mark.
  • When prompted click Yes, followed by Next.
  • Click Select all, followed by Delete.
  • When prompted click Yes, followed by Next.
  • Once done click Finish.
     

STEP 2
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 

STEP 3
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 4
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.
     

======================================================

STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did the programmes uninstall OK in Revo?
  • AdwCleaner[S0].txt
  • JRT.txt
  • FRST.txt
  • Addition.txt

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#20 elmkd

elmkd

    Authentic Member

  • Authentic Member
  • PipPip
  • 138 posts

Posted 29 September 2014 - 01:19 PM

Hello:

I had some problems with the Log files. Please see below.

  • Did the programmes uninstall OK in Revo? Yes they uninstalled without a problem.
  • AdwCleaner[S0].txt: The Log file did not open. If it was created, I cannot find it. I tried the desktop folder, I tried the downloads folder, and I tried C:\
  • JRT.txt: The Log file did not open. If it was created, I cannot find it. I tried the desktop folder, I tried the downloads folder, and I tried C:\
  • FRST.txt: Please see the log file below.
  • Addition.txt: Please see the log file below.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-09-2014 02
Ran by Dennis (administrator) on DENNIS-PC on 29-09-2014 14:08:56
Running from C:\Users\Dennis\Downloads
Loaded Profile: Dennis (Available profiles: Dennis)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-10-27] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [3784704 2006-11-09] (Realtek Semiconductor)
HKLM\...\Run: [LtMoh] => C:\Program Files\ltmoh\Ltmoh.exe [188416 2005-12-16] (Agere Systems)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411768 2006-12-20] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [448632 2006-12-11] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [530552 2006-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] => NDSTray.exe
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [413696 2006-11-01] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [SVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [421888 2006-01-18] (TOSHIBA)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [PINGER] => C:\TOSHIBA\IVP\ISM\pinger.exe [151552 2006-07-20] (TOSHIBA Corporation)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [1831936 2007-05-12] (Google)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKLM\...\Run: [avast5] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2815192 2010-05-06] (ALWIL Software)
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] => C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [1312080 2009-09-10] (Malwarebytes Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\Run: [TOSCDSPD] => TOSCDSPD.EXE
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\Run: [cdloader] => C:\Users\Dennis\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\Run: [Google Update] => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-07] (Google Inc.)
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\Run: [UIExec] => C:\Program Files\Digicel Broadband CM\cm\UIExec.exe [132096 2010-03-17] ()
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S0].txt [8502 2014-09-29] ()
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-2432310436-2327922484-3749071562-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll => c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [144896 2007-05-12] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com.jm/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
SearchScopes: HKLM - {0A84C32F-E900-4159-B60B-E35CED490D6B} URL = http://www.google.com
SearchScopes: HKCU - {0A84C32F-E900-4159-B60B-E35CED490D6B} URL = http://www.google.com
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> c:\program files\google\googletoolbar2.dll (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKCU - &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {173D9E48-B527-4AA0-A929-30B446002AA8} http://65.183.11.202/DVRemoteAx.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 65.183.0.84 8.8.8.8 65.183.0.78

FireFox:
========
FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\xjtyhc6i.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\xjtyhc6i.default\Extensions\LogMeInClient@logmein.com [2009-12-17]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\xjtyhc6i.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2013-02-25]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-16]

Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> google.com.jm
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Dennis\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Dennis\AppData\Local\Google\Chrome\Application\25.0.1364.97\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Dennis\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dennis\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Users\Dennis\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR CustomProfile: C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
S3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
S3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE [2041536 2006-01-19] (Symantec Corporation)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-06] (Skype Technologies S.A.)
S3 Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [40960 2006-07-20] () [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
R2 TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [77824 2006-11-01] (TOSHIBA CORPORATION) [File not signed]
S3 UpgradeManager; C:\Program Files\GLDS\UpgradeManager\UpgradeManagerSvc.exe [2009867 2007-12-05] (Great Lakes Data Systems, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [19024 2010-05-06] (ALWIL Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [51792 2010-05-06] (ALWIL Software)
R1 aswRdr; C:\Windows\system32\Drivers\aswRdr.sys [23376 2010-05-06] (ALWIL Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [164048 2010-05-06] (ALWIL Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [46672 2010-05-06] (ALWIL Software)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314.sys [194048 2010-03-17] (ZTE Corporation)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr.sys [28160 2010-03-17] (ZTE Corporation)
S2 DgiVecp; C:\Windows\System32\Drivers\DgiVecp.sys [40448 2003-07-29] (DeviceGuys, Inc.) [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-09-23] (LogMeIn, Inc.)
S4 KR10I; C:\Windows\system32\drivers\kr10i.sys [216320 2006-02-14] (TOSHIBA CORPORATION) [File not signed]
S4 KR10N; C:\Windows\system32\drivers\kr10n.sys [207104 2005-09-27] (TOSHIBA CORPORATION) [File not signed]
S4 KR3NPXP; C:\Windows\system32\drivers\kr3npxp.sys [479488 2006-09-27] (TOSHIBA CORPORATION) [File not signed]
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 usbws320; C:\Windows\System32\DRIVERS\usbws320.sys [7680 2010-03-17] (ZTE Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 Tosrfusb; C:\Windows\System32\Drivers\Tosrfusb.sys [40960 2006-10-28] (TOSHIBA CORPORATION)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 14:03 - 2014-09-29 14:03 - 00000000 ____D () C:\Windows\ERUNT
2014-09-29 14:01 - 2014-09-29 14:01 - 01699276 _____ (Thisisu) C:\Users\Dennis\Downloads\JRT.exe
2014-09-29 13:33 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-29 13:32 - 2014-09-29 13:44 - 00000000 ____D () C:\AdwCleaner
2014-09-29 13:30 - 2014-09-29 13:30 - 01373475 _____ () C:\Users\Dennis\Desktop\AdwCleaner.exe
2014-09-29 13:00 - 2014-09-29 13:00 - 00001068 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-29 13:00 - 2014-09-29 13:00 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-29 12:58 - 2014-09-29 12:58 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup.exe
2014-09-29 11:39 - 2014-09-29 11:39 - 00053144 _____ () C:\Users\Dennis\Downloads\sfcdetails.txt
2014-09-29 10:47 - 2014-09-29 10:47 - 00002425 _____ () C:\Users\Dennis\Downloads\chkdsk.txt
2014-09-25 16:11 - 2014-09-29 14:08 - 00000000 ____D () C:\Users\Dennis\Downloads\FRST-OlderVersion
2014-09-25 09:09 - 2014-09-25 09:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-25 08:11 - 2014-09-25 08:12 - 00036686 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-25 08:08 - 2014-09-29 14:09 - 00018569 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-25 08:07 - 2014-09-29 14:09 - 00000000 ____D () C:\FRST
2014-09-25 08:07 - 2014-09-29 14:08 - 01100288 _____ (Farbar) C:\Users\Dennis\Downloads\FRST.exe
2014-09-24 14:10 - 2014-09-24 14:10 - 00009391 _____ () C:\Users\Dennis\Downloads\hijackthis.log
2014-09-24 14:07 - 2014-09-24 14:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Dennis\Downloads\HiJackThis.exe
2014-09-24 09:23 - 2014-09-24 09:44 - 00000000 ____D () C:\Windows\pss
2014-09-24 07:31 - 2014-09-24 07:31 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-09-24 07:31 - 2014-09-24 07:31 - 00000000 ____D () C:\Program Files\HP Photo Creations
2014-09-24 07:29 - 2014-09-24 07:29 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HpUpdate
2014-09-24 07:23 - 2014-09-24 07:23 - 00000000 ____D () C:\ProgramData\HP
2014-09-24 07:02 - 2014-09-24 07:02 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HP

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 14:09 - 2007-02-14 13:40 - 01289220 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 14:05 - 2012-09-07 15:23 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000UA.job
2014-09-29 13:54 - 2006-11-02 05:33 - 00690960 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-29 13:49 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\tracing
2014-09-29 13:47 - 2014-06-09 05:47 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-09-29 13:47 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-29 13:46 - 2007-01-05 18:36 - 00403952 _____ () C:\Windows\PFRO.log
2014-09-29 13:46 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-29 13:46 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-29 13:45 - 2006-11-02 08:01 - 00032550 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-25 16:39 - 2013-02-25 13:10 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-24 23:05 - 2012-09-07 15:23 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000Core.job
2014-09-24 13:58 - 2006-11-02 07:47 - 00316560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 13:42 - 2006-11-02 05:22 - 38797312 _____ () C:\Windows\system32\config\system_previous
2014-09-24 13:42 - 2006-11-02 05:22 - 37748736 _____ () C:\Windows\system32\config\software_previous
2014-09-24 13:41 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\spool
2014-09-24 13:41 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-09-24 13:41 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\registration
2014-09-24 13:36 - 2006-11-02 05:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-09-24 13:36 - 2006-11-02 05:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-09-24 11:46 - 2013-07-10 08:28 - 00002142 _____ () C:\Windows\setupact.log
2014-09-24 10:47 - 2007-04-21 22:38 - 00000000 ____D () C:\Users\Dennis
2014-09-24 10:33 - 2006-11-02 05:22 - 36962304 _____ () C:\Windows\system32\config\components_previous
2014-09-24 10:33 - 2006-11-02 05:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-09-24 07:31 - 2011-11-11 11:10 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-09-24 07:29 - 2007-06-12 13:49 - 00000000 ____D () C:\Program Files\Hp
2014-09-24 07:23 - 2006-11-02 07:37 - 00000000 ____D () C:\Windows\twain_32

Some content of TEMP:
====================
C:\Users\Dennis\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-29 13:55

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-09-2014 02
Ran by Dennis at 2014-09-29 14:09:51
Running from C:\Users\Dennis\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {C37D8F93-0602-E43C-40AA-47DAD597F308}
AS: avast! Antivirus (Disabled - Up to date) {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM\...\{553255F3-78FD-40F1-A6F8-6882140265FE}) (Version: 1.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5C3B892-0849-476C-9F46-B12F84819D57}) (Version: 3.0.0.102 - Apple Inc.)
Apple Software Update (HKLM\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 5.0 - Atheros)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v5.00.10(T) - )
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.00.02 - TOSHIBA)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Digicel Broadband CM (HKLM\...\{C2A6CFA5-08A1-4072-B520-7C67DD7D85EC}) (Version: 1.0.0.1 - ZTE)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - )
Google Toolbar for Internet Explorer (Version: 4.0.0.002 - Google Inc.) Hidden
HP Driver Diagnostics (HKLM\...\{ED3F469E-D9EC-4DF1-968F-5812CE2F30F8}) (Version: 1.02.0008 - Hewlett-Packard Company)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Internet Offers (HKLM\...\Internet Offers from Toshiba) (Version: 6.2 - PeoplePC, Inc.)
Java™ SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
LiveReg (Symantec Corporation) (HKLM\...\LiveReg) (Version: 2.4.2.2295 - Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.0.0.154 - Symantec Corporation)
magicJack (HKCU\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
Malwarebytes' Anti-Malware (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version:  - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2000 Premium (HKLM\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2000 SR-1 (HKLM\...\{00170409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Microsoft XML Parser (Version: 8.20.8730.4 - Microsoft Corporation) Hidden
Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.300.05.03.407 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.8 - Frank Heindörfer, Philip Chinery)
QuickTime (HKLM\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5322 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13307 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.0.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}) (Version: 1.23.0000 - Texas Instruments Inc.)
TIPCI (Version: 1.23.0000 - Texas Instruments Inc.) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.00.00 - )
TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 7.00.21 - TOSHIBA)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.0.0a - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.00.00 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.00.00 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.45.50.1C - TOSHIBA)
TOSHIBA Flash Cards Support Utility (Version: 1.45.50.1C - TOSHIBA) Hidden
TOSHIBA Game Console (HKLM\...\TOSHIBA Game Console) (Version:  - WildTangent)
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.45.50.8C - TOSHIBA)
TOSHIBA Hardware Setup (Version: 1.45.50.8C - TOSHIBA) Hidden
TOSHIBA Media Center Game Console (HKLM\...\TOSHIBA Media Center Game Console) (Version:  - WildTangent)
Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.6 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.0 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version:  - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version:  - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version:  - )
TOSHIBA Supervisor Password (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.45.50.5C - TOSHIBA)
TOSHIBA Supervisor Password (Version: 1.45.50.5C - TOSHIBA) Hidden
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.0.8 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.0.8 - TOSHIBA Corporation) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Utility Common Driver (Version: 0.0.50.4C - TOSHIBA) Hidden
VNC Free Edition 4.1.2 (HKLM\...\RealVNC_is1) (Version: 4.1.2 - RealVNC Ltd.)
WinCable Client 1.101.7.1 (HKLM\...\WinCable Client 1.101.7.1) (Version:  - )
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinDVD for TOSHIBA (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.107 - InterVideo Inc.)
WinDVD for TOSHIBA (Version: 8.0-B6.107 - InterVideo Inc.) Hidden
Xerox Phaser 3117 (HKLM\...\Xerox Phaser 3117) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{008B6020-1F3D-11D1-B0C8-00A0C9055D74}\localserver32 -> C:\Windows\system32\VFP6RUN.EXE (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{008B6021-1F3D-11D1-B0C8-00A0C9055D74}\InprocServer32 -> C:\Windows\system32\VFP6R.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Chrome\Application\37.0.2062.120\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{B95059D8-6AAC-11D1-8632-00A0C903A97F}\InprocServer32 -> C:\Windows\system32\foxhhelpps.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{B95059D9-6AAC-11D1-8632-00A0C903A97F}\localserver32 -> C:\Windows\system32\FOXHHELP.EXE (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2432310436-2327922484-3749071562-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dennis\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)

==================== Restore Points  =========================

10-07-2014 03:21:20 Scheduled Checkpoint
23-07-2014 04:33:23 Scheduled Checkpoint
24-07-2014 01:49:36 Scheduled Checkpoint
18-08-2014 14:06:18 Scheduled Checkpoint
25-08-2014 04:44:30 Windows Defender Checkpoint
24-09-2014 12:24:47 Device Driver Package Install: HP Printers
24-09-2014 12:25:53 Device Driver Package Install: Hewlett-Packard Imaging devices
24-09-2014 12:26:32 Device Driver Package Install: HP Printers
24-09-2014 12:27:21 Device Driver Package Install: Hewlett-Packard Universal Serial Bus controllers
24-09-2014 14:47:24 Restore Operation
25-09-2014 05:00:00 Scheduled Checkpoint
29-09-2014 17:38:38 Scheduled Checkpoint
29-09-2014 18:02:35 Revo Uninstaller's restore point - Bandoo
29-09-2014 18:09:12 Revo Uninstaller's restore point - iLivid
29-09-2014 18:16:13 Revo Uninstaller's restore point - MediaBar
29-09-2014 18:19:00 Revo Uninstaller's restore point - Music Toolbar for Chrome (Dist. by Bandoo Media, Inc.)
29-09-2014 18:20:24 Revo Uninstaller's restore point - Music Toolbar for Firefox (Dist. by Bandoo Media, Inc.)
29-09-2014 18:21:36 Revo Uninstaller's restore point - Music Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.)
29-09-2014 18:23:04 Revo Uninstaller's restore point - Windows iLivid Toolbar
29-09-2014 18:24:07 Revo Uninstaller's restore point - Desktop Dialer
29-09-2014 18:25:56 Revo Uninstaller's restore point - imasinstall
29-09-2014 18:26:30 Removed imasinstall
29-09-2014 18:27:38 Revo Uninstaller's restore point - imasinstall

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3A081115-499A-4699-8AA0-CC1A0459ADB9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {46E83144-6947-44D0-87D8-DF2C0087FEFB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000UA => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-07] (Google Inc.)
Task: {5D336D87-5237-443C-88B5-CFACE78F5C9D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22] (Apple Inc.)
Task: {8EAE4D2C-FB70-42DA-8E9C-7C1E0DCABC70} - System32\Tasks\{30F1A963-83DD-48AB-8A77-B90A61A30390} => C:\Program Files\Skype\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {98188A40-0B13-4382-B3BB-913EC619EB2A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {C5E64EEE-4915-4281-8A72-B9BADB623FD9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000Core => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-07] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000Core.job => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2432310436-2327922484-3749071562-1000UA.job => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2005-01-04 00:15 - 2013-10-22 06:40 - 02105856 _____ () C:\Program Files\Alwil Software\Avast5\defs\13102200\algo.dll
2009-10-14 08:59 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2006-08-10 18:00 - 2006-08-10 18:00 - 00094208 _____ () C:\Windows\System32\TosBtHcrpAPI.dll
2011-11-11 10:08 - 2010-05-13 23:47 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2006-11-02 05:25 - 2006-11-28 23:17 - 00061440 _____ () C:\Windows\system32\igfxTMM.dll
2014-09-25 09:09 - 2014-09-25 09:10 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2432310436-2327922484-3749071562-500 - Administrator - Disabled)
Dennis (S-1-5-21-2432310436-2327922484-3749071562-1000 - Administrator - Enabled) => C:\Users\Dennis
Guest (S-1-5-21-2432310436-2327922484-3749071562-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2014 00:42:58 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2014 10:49:51 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2014 08:48:22 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/24/2014 07:57:19 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (08/17/2014 10:46:23 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DENNIS\DOCUMENTS\NEW FOLDER\UNIA.DOC> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (07/02/2014 05:33:53 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={F4ED5008-86EC-46E4-A218-8693306082AC}: The user Dennis-PC\Dennis dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.

Error: (06/30/2014 08:34:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application WINWORD.EXE, version 9.0.0.3822, time stamp 0x38b56792, faulting module MSO9.DLL, version 9.0.0.3821, time stamp 0x38b34b1c, exception code 0xc0000005, fault offset 0x0011e334,
process id 0x15e4, application start time 0xWINWORD.EXE0.

Error: (06/22/2014 09:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application GoogleUpdate.exe, version 1.3.21.103, time stamp 0x4f3c6d6c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x00044a10,
process id 0x474, application start time 0xGoogleUpdate.exe0.

Error: (06/22/2014 09:42:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application WINWORD.EXE, version 9.0.0.3822, time stamp 0x38b56792, faulting module WINWORD.EXE, version 9.0.0.3822, time stamp 0x38b56792, exception code 0xc0000005, fault offset 0x000ab8b1,
process id 0x3c8, application start time 0xWINWORD.EXE0.

Error: (06/22/2014 09:41:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application WINWORD.EXE, version 9.0.0.3822, time stamp 0x38b56792, faulting module WINWORD.EXE, version 9.0.0.3822, time stamp 0x38b56792, exception code 0xc0000005, fault offset 0x000ab7b8,
process id 0x11d4, application start time 0xWINWORD.EXE0.


System errors:
=============
Error: (09/29/2014 01:48:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Tosrfcom

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (09/29/2014 01:46:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.


Microsoft Office Sessions:
=========================
Error: (09/29/2014 00:42:58 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2014 10:49:51 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2014 08:48:22 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/24/2014 07:57:19 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (08/17/2014 10:46:23 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\DENNIS\DOCUMENTS\NEW FOLDER\UNIA.DOC

Error: (07/02/2014 05:33:53 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {F4ED5008-86EC-46E4-A218-8693306082AC}Dennis-PC\DennisBroadband Connection0

Error: (06/30/2014 08:34:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE9.0.0.382238b56792MSO9.DLL9.0.0.382138b34b1cc00000050011e33415e401cf94b50285bce1

Error: (06/22/2014 09:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.0.6002.185414ec3e3d5c000000500044a1047401cf8e1eb88e6264

Error: (06/22/2014 09:42:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE9.0.0.382238b56792WINWORD.EXE9.0.0.382238b56792c0000005000ab8b13c801cf8e281e10b7b4

Error: (06/22/2014 09:41:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE9.0.0.382238b56792WINWORD.EXE9.0.0.382238b56792c0000005000ab7b811d401cf8e1f43e2df34


CodeIntegrity Errors:
===================================
  Date: 2013-02-18 12:17:09.364
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 12:17:09.130
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 12:17:08.864
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 12:17:08.584
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 12:17:08.240
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 12:17:08.006
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 12:17:07.710
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 12:17:07.445
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 12:17:07.055
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 12:17:06.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ Duo CPU T2250 @ 1.73GHz
Percentage of memory in use: 39%
Total physical RAM: 2037.38 MB
Available physical RAM: 1228.33 MB
Total Pagefile: 4320.04 MB
Available Pagefile: 3554.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.73 MB

==================== Drives ================================

Drive c: (SQ004286V02) (Fixed) (Total:91.69 GB) (Free:49.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93.2 GB) (Disk ID: 6D702ECC)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=91.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#21 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 29 September 2014 - 01:48 PM

Hi Ian,
 
Don't worry about the AdwCleaner or JRT logs. Please confirm the programmes ran without error. 
Internet Offers is still installed. I would suggest uninstalling. 

 

Lets take a deeper look.

 
STEP 1
nWhGEI3.png VirusTotal Upload

  • Please go to VirusTotal.com.
  • Click Choose File and locate the following file:
    • C:\Windows\system32\Ikeext.etl
  • Click Scan it!.
  • If you receive the following notification: File already analysed click Reanalyse.
  • Once the file has been analyzed, copy the page URL at the top of the window and paste in your next reply. 
     

STEP 2
YARWD1t.png TDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to:
    • Detect TDLFS file system
    • Verify file digital signatures
  • Note: If you receive the following message: Extended Monitoring Driver is required, click Reboot now, and continue from here following the reboot.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.
     

STEP 3
aA7bkRO.png aswMBR

  • Please download aswMBR and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click aswMBR.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Yes when prompted to download avast! virus definitions. Wait until AVAST engine defs: ### appears.
  • If you are prompted to enable the use of "Virtualization Technology", click Yes.
  • Click the AV Scan: drop down box and click C:\.
  • Click Scan.
  • Upon completion, you will see Scan finished successfully. Click Save log. Save the log to your Desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.

Note: Do NOT click Fix or FixMBR.
Note: A file (MBR.dat) will be created on your Desktop. Do NOT click or delete it.
 
 
======================================================
 
STEP 4
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • VirusTotal Results
  • TDSSKiller log
  • aswMBR log

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#22 elmkd

elmkd

    Authentic Member

  • Authentic Member
  • PipPip
  • 138 posts

Posted 30 September 2014 - 06:13 AM

Hello:

The programmes in the previous instructions ran without errors. I uninstalled Internet Offers as well.

Step 1:

https://www.virustot...sis/1412021614/

Step 2

15:27:51.0342 0x08a0  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:28:04.0696 0x08a0  ============================================================
15:28:04.0696 0x08a0  Current date / time: 2014/09/29 15:28:04.0696
15:28:04.0696 0x08a0  SystemInfo:
15:28:04.0696 0x08a0  
15:28:04.0696 0x08a0  OS Version: 6.0.6002 ServicePack: 2.0
15:28:04.0696 0x08a0  Product type: Workstation
15:28:04.0696 0x08a0  ComputerName: DENNIS-PC
15:28:04.0696 0x08a0  UserName: Dennis
15:28:04.0696 0x08a0  Windows directory: C:\Windows
15:28:04.0696 0x08a0  System windows directory: C:\Windows
15:28:04.0696 0x08a0  Processor architecture: Intel x86
15:28:04.0696 0x08a0  Number of processors: 2
15:28:04.0696 0x08a0  Page size: 0x1000
15:28:04.0696 0x08a0  Boot type: Normal boot
15:28:04.0696 0x08a0  ============================================================
15:28:08.0190 0x08a0  KLMD registered as C:\Windows\system32\drivers\29471025.sys
15:28:08.0424 0x08a0  System UUID: {9C1AA64B-C043-A1C7-18F3-74B90EE2593A}
15:28:09.0360 0x08a0  Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 ( 93.16 Gb ), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:28:09.0360 0x08a0  ============================================================
15:28:09.0360 0x08a0  \Device\Harddisk0\DR0:
15:28:09.0360 0x08a0  MBR partitions:
15:28:09.0360 0x08a0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xB763800
15:28:09.0360 0x08a0  ============================================================
15:28:09.0391 0x08a0  C: <-> \Device\Harddisk0\DR0\Partition1
15:28:09.0391 0x08a0  ============================================================
15:28:09.0391 0x08a0  Initialize success
15:28:09.0391 0x08a0  ============================================================
15:31:53.0093 0x0d20  ============================================================
15:31:53.0093 0x0d20  Scan started
15:31:53.0093 0x0d20  Mode: Manual; SigCheck; TDLFS;
15:31:53.0093 0x0d20  ============================================================
15:31:53.0093 0x0d20  KSN ping started
15:32:04.0699 0x0d20  KSN ping finished: true
15:32:05.0791 0x0d20  ================ Scan system memory ========================
15:32:05.0791 0x0d20  System memory - ok
15:32:05.0791 0x0d20  ================ Scan services =============================
15:32:06.0010 0x0d20  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:32:06.0166 0x0d20  ACPI - ok
15:32:06.0244 0x0d20  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:32:06.0275 0x0d20  adp94xx - ok
15:32:06.0353 0x0d20  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:32:06.0384 0x0d20  adpahci - ok
15:32:06.0415 0x0d20  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:32:06.0431 0x0d20  adpu160m - ok
15:32:06.0462 0x0d20  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:32:06.0478 0x0d20  adpu320 - ok
15:32:06.0540 0x0d20  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:32:06.0587 0x0d20  AeLookupSvc - ok
15:32:06.0665 0x0d20  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
15:32:06.0696 0x0d20  AFD - ok
15:32:06.0805 0x0d20  [ 1CB677BF1DABD3BAF4F944E2C90D6C73, 099466E899BB7BA176C42DB15D0D4946DC15845CA051BDACF3BE767157AB90BD ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
15:32:06.0821 0x0d20  AgereModemAudio - ok
15:32:06.0961 0x0d20  [ 4E6294A06BE883C9BD685A8DFD9FCD4E, 981293F10047FEB0DA7D421E0F36653360BCF709F7BB8F0750CE6D298F739D73 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
15:32:07.0039 0x0d20  AgereSoftModem - ok
15:32:07.0117 0x0d20  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:32:07.0133 0x0d20  agp440 - ok
15:32:07.0180 0x0d20  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:32:07.0195 0x0d20  aic78xx - ok
15:32:07.0242 0x0d20  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
15:32:07.0289 0x0d20  ALG - ok
15:32:07.0367 0x0d20  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:32:07.0383 0x0d20  aliide - ok
15:32:07.0398 0x0d20  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:32:07.0414 0x0d20  amdagp - ok
15:32:07.0445 0x0d20  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:32:07.0461 0x0d20  amdide - ok
15:32:07.0523 0x0d20  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
15:32:07.0585 0x0d20  AmdK7 - ok
15:32:07.0617 0x0d20  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:32:07.0679 0x0d20  AmdK8 - ok
15:32:07.0757 0x0d20  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
15:32:07.0788 0x0d20  Appinfo - ok
15:32:07.0975 0x0d20  [ ACB095E7E1663F1B83A41C22C5D75F90, 18405B7B7D90CD7A2AD17F4D1B7688B49048CB0EBD10A98C53349E6286138418 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:32:07.0991 0x0d20  Apple Mobile Device - ok
15:32:08.0069 0x0d20  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
15:32:08.0085 0x0d20  arc - ok
15:32:08.0131 0x0d20  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:32:08.0147 0x0d20  arcsas - ok
15:32:08.0225 0x0d20  [ 1B6ED99291DDF5D2501554CC5757AAB6, EAE44C7E15554334F6F8CA0B4A5DDA42D5F91A67EDA0CAB8A111CFFB9F4C27F0 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
15:32:08.0256 0x0d20  aswFsBlk - ok
15:32:08.0272 0x0d20  [ 58254E06B36B984E33AE314C0EA8F1A5, D37FEA26999310862C42AFB5FF197CB6CED944C741944BC00E4960CB7E7E54C1 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:32:08.0287 0x0d20  aswMonFlt - ok
15:32:08.0319 0x0d20  [ 3E2B6112D2766F87EDA8466FDE86A986, 02479A494B95AE6CC250BEF7501A849875C531AA1E32A8610931EEBEFB66543A ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
15:32:08.0334 0x0d20  aswRdr - ok
15:32:08.0350 0x0d20  [ D78B644816DB540E103D0B0766FD9967, EEF9BBE28FF28F51A320A695A9299CC9F488A662761BFB050780D235E9F6E5E9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:32:08.0381 0x0d20  aswSP - ok
15:32:08.0412 0x0d20  [ 606D731008D98B6EF946730C597C1642, 1F3595451EDA90027D87A52D90E469B5FAC546D1E1AC841AD10BE1ADFE15F82C ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
15:32:08.0428 0x0d20  aswTdi - ok
15:32:08.0490 0x0d20  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:32:08.0521 0x0d20  AsyncMac - ok
15:32:08.0537 0x0d20  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
15:32:08.0568 0x0d20  atapi - ok
15:32:08.0662 0x0d20  [ 889E7F06279FD16549B77628918FF666, 3872FE09049D61A2428E95E223555B8A137780F837B8EDF6FE5CFAF873C917C2 ] athr            C:\Windows\system32\DRIVERS\athr.sys
15:32:08.0709 0x0d20  athr - ok
15:32:08.0787 0x0d20  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:32:08.0833 0x0d20  AudioEndpointBuilder - ok
15:32:08.0849 0x0d20  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:32:08.0896 0x0d20  Audiosrv - ok
15:32:08.0974 0x0d20  [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:32:08.0989 0x0d20  avast! Antivirus - ok
15:32:09.0005 0x0d20  [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:32:09.0005 0x0d20  avast! Mail Scanner - ok
15:32:09.0021 0x0d20  [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:32:09.0036 0x0d20  avast! Web Scanner - ok
15:32:09.0114 0x0d20  [ 4BDF4504D21C2F43E3BE06FDA5DF5FA7, 198893ABBE7E077D86E74DFA5E8A3E8CD8172FA811FF6C54BFC07FF93AF8BC03 ] bcm             C:\Windows\system32\DRIVERS\drxvi314.sys
15:32:09.0145 0x0d20  bcm - ok
15:32:09.0192 0x0d20  [ 557AF83FEC9CF88C896D29F4D40E6522, 3153F74DCC62547E410C384C20EE9C1273AFBD9D55A54B92B32F454D4DD5BCBB ] bcmbusctr       C:\Windows\system32\DRIVERS\BcmBusCtr.sys
15:32:09.0208 0x0d20  bcmbusctr - ok
15:32:09.0270 0x0d20  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:32:09.0317 0x0d20  Beep - ok
15:32:09.0395 0x0d20  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
15:32:09.0442 0x0d20  BFE - ok
15:32:09.0567 0x0d20  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
15:32:09.0645 0x0d20  BITS - ok
15:32:09.0645 0x0d20  blbdrive - ok
15:32:09.0691 0x0d20  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:32:09.0707 0x0d20  bowser - ok
15:32:09.0769 0x0d20  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:32:09.0801 0x0d20  BrFiltLo - ok
15:32:09.0816 0x0d20  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:32:09.0847 0x0d20  BrFiltUp - ok
15:32:09.0894 0x0d20  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
15:32:09.0941 0x0d20  Browser - ok
15:32:09.0988 0x0d20  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:32:10.0050 0x0d20  Brserid - ok
15:32:10.0081 0x0d20  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:32:10.0144 0x0d20  BrSerWdm - ok
15:32:10.0159 0x0d20  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:32:10.0222 0x0d20  BrUsbMdm - ok
15:32:10.0253 0x0d20  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:32:10.0315 0x0d20  BrUsbSer - ok
15:32:10.0331 0x0d20  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:32:10.0393 0x0d20  BTHMODEM - ok
15:32:10.0471 0x0d20  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:32:10.0503 0x0d20  cdfs - ok
15:32:10.0596 0x0d20  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:32:10.0627 0x0d20  cdrom - ok
15:32:10.0705 0x0d20  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
15:32:10.0737 0x0d20  CertPropSvc - ok
15:32:10.0846 0x0d20  [ C82162949BBA6CC5D006C7BD008F3CF1, 635E5B5C5AF3ACECA6115DAC8E576390B258C6590EE9727DB6FA68B13FD85297 ] CFSvcs          C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
15:32:10.0846 0x0d20  CFSvcs - detected UnsignedFile.Multi.Generic ( 1 )
15:32:11.0314 0x0d20  Detect skipped due to KSN trusted
15:32:11.0314 0x0d20  CFSvcs - ok
15:32:11.0361 0x0d20  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:32:11.0423 0x0d20  circlass - ok
15:32:11.0485 0x0d20  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
15:32:11.0501 0x0d20  CLFS - ok
15:32:11.0579 0x0d20  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:32:11.0595 0x0d20  clr_optimization_v2.0.50727_32 - ok
15:32:11.0657 0x0d20  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:32:11.0704 0x0d20  CmBatt - ok
15:32:11.0719 0x0d20  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:32:11.0735 0x0d20  cmdide - ok
15:32:11.0766 0x0d20  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:32:11.0782 0x0d20  Compbatt - ok
15:32:11.0782 0x0d20  COMSysApp - ok
15:32:11.0813 0x0d20  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:32:11.0829 0x0d20  crcdisk - ok
15:32:11.0844 0x0d20  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
15:32:11.0907 0x0d20  Crusoe - ok
15:32:12.0016 0x0d20  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:32:12.0031 0x0d20  CryptSvc - ok
15:32:12.0156 0x0d20  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:32:12.0250 0x0d20  DcomLaunch - ok
15:32:12.0312 0x0d20  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:32:12.0328 0x0d20  DfsC - ok
15:32:12.0546 0x0d20  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
15:32:12.0687 0x0d20  DFSR - ok
15:32:12.0858 0x0d20  [ 1EC27A51A2F9DF052BC2B4C8376C8FEA, 6B903263C4E5A26FE161EF829FD5C597485DFE1E9DBADD60FBEECE9F6605E79F ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
15:32:12.0858 0x0d20  DgiVecp - detected UnsignedFile.Multi.Generic ( 1 )
15:32:13.0342 0x0d20  Detect skipped due to KSN trusted
15:32:13.0342 0x0d20  DgiVecp - ok
15:32:13.0498 0x0d20  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:32:13.0529 0x0d20  Dhcp - ok
15:32:13.0607 0x0d20  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
15:32:13.0638 0x0d20  disk - ok
15:32:13.0701 0x0d20  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:32:13.0716 0x0d20  Dnscache - ok
15:32:13.0779 0x0d20  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
15:32:13.0810 0x0d20  dot3svc - ok
15:32:13.0888 0x0d20  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
15:32:13.0919 0x0d20  DPS - ok
15:32:13.0966 0x0d20  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:32:13.0981 0x0d20  drmkaud - ok
15:32:14.0075 0x0d20  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:32:14.0122 0x0d20  DXGKrnl - ok
15:32:14.0200 0x0d20  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
15:32:14.0262 0x0d20  E1G60 - ok
15:32:14.0340 0x0d20  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
15:32:14.0371 0x0d20  EapHost - ok
15:32:14.0481 0x0d20  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:32:14.0496 0x0d20  Ecache - ok
15:32:14.0605 0x0d20  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:32:14.0621 0x0d20  ehRecvr - ok
15:32:14.0668 0x0d20  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
15:32:14.0683 0x0d20  ehSched - ok
15:32:14.0715 0x0d20  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
15:32:14.0730 0x0d20  ehstart - ok
15:32:14.0793 0x0d20  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:32:14.0824 0x0d20  elxstor - ok
15:32:14.0886 0x0d20  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:32:14.0949 0x0d20  EMDMgmt - ok
15:32:15.0011 0x0d20  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
15:32:15.0058 0x0d20  EventSystem - ok
15:32:15.0151 0x0d20  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:32:15.0183 0x0d20  exfat - ok
15:32:15.0214 0x0d20  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:32:15.0245 0x0d20  fastfat - ok
15:32:15.0323 0x0d20  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:32:15.0385 0x0d20  fdc - ok
15:32:15.0401 0x0d20  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
15:32:15.0432 0x0d20  fdPHost - ok
15:32:15.0495 0x0d20  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:32:15.0557 0x0d20  FDResPub - ok
15:32:15.0635 0x0d20  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:32:15.0651 0x0d20  FileInfo - ok
15:32:15.0682 0x0d20  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:32:15.0729 0x0d20  Filetrace - ok
15:32:15.0744 0x0d20  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:32:15.0807 0x0d20  flpydisk - ok
15:32:15.0853 0x0d20  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:32:15.0885 0x0d20  FltMgr - ok
15:32:16.0041 0x0d20  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
15:32:16.0150 0x0d20  FontCache - ok
15:32:16.0290 0x0d20  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:32:16.0306 0x0d20  FontCache3.0.0.0 - ok
15:32:16.0368 0x0d20  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:32:16.0384 0x0d20  Fs_Rec - ok
15:32:16.0415 0x0d20  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:32:16.0431 0x0d20  gagp30kx - ok
15:32:16.0509 0x0d20  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
15:32:16.0571 0x0d20  gpsvc - ok
15:32:16.0727 0x0d20  [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C, 8F62DF65DB30770448E297D000B570683DEA454A5D84B5BCB1478D91030212DB ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:32:16.0743 0x0d20  gusvc - ok
15:32:16.0805 0x0d20  [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
15:32:16.0821 0x0d20  hamachi - ok
15:32:16.0883 0x0d20  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:32:16.0961 0x0d20  HdAudAddService - ok
15:32:17.0023 0x0d20  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:32:17.0117 0x0d20  HDAudBus - ok
15:32:17.0179 0x0d20  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:32:17.0242 0x0d20  HidBth - ok
15:32:17.0289 0x0d20  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:32:17.0351 0x0d20  HidIr - ok
15:32:17.0429 0x0d20  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
15:32:17.0445 0x0d20  hidserv - ok
15:32:17.0507 0x0d20  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:32:17.0523 0x0d20  HidUsb - ok
15:32:17.0569 0x0d20  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:32:17.0601 0x0d20  hkmsvc - ok
15:32:17.0647 0x0d20  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:32:17.0663 0x0d20  HpCISSs - ok
15:32:17.0725 0x0d20  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:32:17.0819 0x0d20  HTTP - ok
15:32:17.0944 0x0d20  [ 348C3A9D01E68A0222A246346924AA55, 6F8803BA37760043A78DC1E0D4E20853E5ABEF55B0201676B281EC2685E951DD ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:32:17.0959 0x0d20  hwdatacard - ok
15:32:18.0037 0x0d20  [ 460B1945C3E6B0419A76E1B507B90B71, C78B32ABB98ABAFF647500CD70AFA78C9848A4978E79EEE83D654E69F51D5F93 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
15:32:18.0053 0x0d20  hwusbdev - ok
15:32:18.0100 0x0d20  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:32:18.0115 0x0d20  i2omp - ok
15:32:18.0193 0x0d20  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:32:18.0209 0x0d20  i8042prt - ok
15:32:18.0334 0x0d20  [ 14F477463246E35F1DC932BE6225598C, 0295EEB75D818C18CC3A27C9FBB6213EFD30D599D98D3923152FE0853E6711AF ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
15:32:18.0427 0x0d20  ialm - ok
15:32:18.0505 0x0d20  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:32:18.0537 0x0d20  iaStorV - ok
15:32:18.0630 0x0d20  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:32:18.0646 0x0d20  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:32:19.0114 0x0d20  Detect skipped due to KSN trusted
15:32:19.0114 0x0d20  IDriverT - ok
15:32:19.0239 0x0d20  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:32:19.0301 0x0d20  idsvc - ok
15:32:19.0488 0x0d20  [ 14F477463246E35F1DC932BE6225598C, 0295EEB75D818C18CC3A27C9FBB6213EFD30D599D98D3923152FE0853E6711AF ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
15:32:19.0629 0x0d20  igfx - ok
15:32:19.0769 0x0d20  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:32:19.0785 0x0d20  iirsp - ok
15:32:19.0878 0x0d20  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:32:19.0925 0x0d20  IKEEXT - ok
15:32:20.0112 0x0d20  [ A47B2875680AD67B35C6150BD0203056, 2087CF6D1EEA7C0DB09EB3211713B2D0F36877960878A08CF6CEC99252316417 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:32:20.0221 0x0d20  IntcAzAudAddService - ok
15:32:20.0284 0x0d20  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
15:32:20.0299 0x0d20  intelide - ok
15:32:20.0377 0x0d20  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:32:20.0409 0x0d20  intelppm - ok
15:32:20.0455 0x0d20  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:32:20.0487 0x0d20  IPBusEnum - ok
15:32:20.0518 0x0d20  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:32:20.0565 0x0d20  IpFilterDriver - ok
15:32:20.0643 0x0d20  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:32:20.0674 0x0d20  iphlpsvc - ok
15:32:20.0674 0x0d20  IpInIp - ok
15:32:20.0721 0x0d20  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:32:20.0783 0x0d20  IPMIDRV - ok
15:32:20.0830 0x0d20  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:32:20.0861 0x0d20  IPNAT - ok
15:32:20.0877 0x0d20  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:32:20.0908 0x0d20  IRENUM - ok
15:32:20.0939 0x0d20  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:32:20.0955 0x0d20  isapnp - ok
15:32:21.0033 0x0d20  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:32:21.0064 0x0d20  iScsiPrt - ok
15:32:21.0079 0x0d20  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:32:21.0095 0x0d20  iteatapi - ok
15:32:21.0157 0x0d20  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:32:21.0173 0x0d20  iteraid - ok
15:32:21.0204 0x0d20  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:32:21.0235 0x0d20  kbdclass - ok
15:32:21.0267 0x0d20  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:32:21.0298 0x0d20  kbdhid - ok
15:32:21.0391 0x0d20  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
15:32:21.0407 0x0d20  KeyIso - ok
15:32:21.0563 0x0d20  [ 1E0D65F7FFEB4E99B2EEC1CCB5754CC8, FE56EA89A4D7751EAB089C58514A824FBEDB44065CF3132B897AC613E211B46B ] KR10I           C:\Windows\system32\drivers\kr10i.sys
15:32:21.0579 0x0d20  KR10I - detected UnsignedFile.Multi.Generic ( 1 )
15:32:22.0047 0x0d20  Detect skipped due to KSN trusted
15:32:22.0047 0x0d20  KR10I - ok
15:32:22.0125 0x0d20  [ A1963360E74931222A67356C8AD48378, E7BEFE90D55CBD434D564F3CEA39B1D708150F6814EF9801479B652859789475 ] KR10N           C:\Windows\system32\drivers\kr10n.sys
15:32:22.0140 0x0d20  KR10N - detected UnsignedFile.Multi.Generic ( 1 )
15:32:22.0577 0x0d20  Detect skipped due to KSN trusted
15:32:22.0577 0x0d20  KR10N - ok
15:32:22.0655 0x0d20  [ 485E005CD51FF502FB16483EB4B69C17, 8294524C21C18BA5A32B926BD497C67A4ED49FB3654C93D11681C01D30769998 ] KR3NPXP         C:\Windows\system32\drivers\kr3npxp.sys
15:32:22.0717 0x0d20  KR3NPXP - detected UnsignedFile.Multi.Generic ( 1 )
15:32:23.0201 0x0d20  Detect skipped due to KSN trusted
15:32:23.0201 0x0d20  KR3NPXP - ok
15:32:23.0295 0x0d20  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:32:23.0326 0x0d20  KSecDD - ok
15:32:23.0435 0x0d20  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:32:23.0482 0x0d20  KtmRm - ok
15:32:23.0544 0x0d20  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:32:23.0575 0x0d20  LanmanServer - ok
15:32:23.0638 0x0d20  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:32:23.0669 0x0d20  LanmanWorkstation - ok
15:32:23.0841 0x0d20  [ FF7075265691C741AFD2F756559A10D5, 084A1F3E6717CDD7523E0CB309CFBBB8515607D6BBA4E30054F8A5424F0A08F1 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
15:32:23.0965 0x0d20  LiveUpdate - ok
15:32:24.0043 0x0d20  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:32:24.0075 0x0d20  lltdio - ok
15:32:24.0106 0x0d20  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:32:24.0153 0x0d20  lltdsvc - ok
15:32:24.0184 0x0d20  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:32:24.0246 0x0d20  lmhosts - ok
15:32:24.0324 0x0d20  [ 515FC18CABEE0158A324B08B1C2667CF, E044C731C795EB27E85DDD09F574D7002BC230D6341340078655892CAB3BA2E6 ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
15:32:24.0340 0x0d20  LPCFilter - ok
15:32:24.0371 0x0d20  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:32:24.0387 0x0d20  LSI_FC - ok
15:32:24.0433 0x0d20  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:32:24.0449 0x0d20  LSI_SAS - ok
15:32:24.0480 0x0d20  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:32:24.0496 0x0d20  LSI_SCSI - ok
15:32:24.0527 0x0d20  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:32:24.0574 0x0d20  luafv - ok
15:32:24.0589 0x0d20  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:32:24.0621 0x0d20  Mcx2Svc - ok
15:32:24.0667 0x0d20  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:32:24.0683 0x0d20  megasas - ok
15:32:24.0714 0x0d20  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
15:32:24.0745 0x0d20  MMCSS - ok
15:32:24.0792 0x0d20  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
15:32:24.0823 0x0d20  Modem - ok
15:32:24.0839 0x0d20  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:32:24.0886 0x0d20  monitor - ok
15:32:24.0933 0x0d20  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:32:24.0948 0x0d20  mouclass - ok
15:32:24.0979 0x0d20  [ A3A6DFF7E9E757DB3DF51A833BC28885, 3285FD0176722B1098ECDA4098FCF55A39829C3A81462097BACB5B558883B027 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
15:32:25.0042 0x0d20  mouhid - ok
15:32:25.0073 0x0d20  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:32:25.0089 0x0d20  MountMgr - ok
15:32:25.0198 0x0d20  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:32:25.0213 0x0d20  MozillaMaintenance - ok
15:32:25.0245 0x0d20  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:32:25.0260 0x0d20  mpio - ok
15:32:25.0307 0x0d20  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:32:25.0338 0x0d20  mpsdrv - ok
15:32:25.0401 0x0d20  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:32:25.0447 0x0d20  MpsSvc - ok
15:32:25.0494 0x0d20  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:32:25.0510 0x0d20  Mraid35x - ok
15:32:25.0557 0x0d20  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:32:25.0572 0x0d20  MRxDAV - ok
15:32:25.0619 0x0d20  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:32:25.0635 0x0d20  mrxsmb - ok
15:32:25.0666 0x0d20  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:32:25.0697 0x0d20  mrxsmb10 - ok
15:32:25.0713 0x0d20  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:32:25.0744 0x0d20  mrxsmb20 - ok
15:32:25.0759 0x0d20  [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:32:25.0775 0x0d20  msahci - ok
15:32:25.0806 0x0d20  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:32:25.0822 0x0d20  msdsm - ok
15:32:25.0837 0x0d20  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
15:32:25.0884 0x0d20  MSDTC - ok
15:32:25.0931 0x0d20  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:32:25.0978 0x0d20  Msfs - ok
15:32:26.0025 0x0d20  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:32:26.0056 0x0d20  msisadrv - ok
15:32:26.0087 0x0d20  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:32:26.0118 0x0d20  MSiSCSI - ok
15:32:26.0134 0x0d20  msiserver - ok
15:32:26.0181 0x0d20  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:32:26.0212 0x0d20  MSKSSRV - ok
15:32:26.0259 0x0d20  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:32:26.0290 0x0d20  MSPCLOCK - ok
15:32:26.0321 0x0d20  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:32:26.0352 0x0d20  MSPQM - ok
15:32:26.0399 0x0d20  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:32:26.0415 0x0d20  MsRPC - ok
15:32:26.0461 0x0d20  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:32:26.0477 0x0d20  mssmbios - ok
15:32:26.0508 0x0d20  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:32:26.0539 0x0d20  MSTEE - ok
15:32:26.0571 0x0d20  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:32:26.0586 0x0d20  Mup - ok
15:32:26.0664 0x0d20  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
15:32:26.0711 0x0d20  napagent - ok
15:32:26.0773 0x0d20  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:32:26.0805 0x0d20  NativeWifiP - ok
15:32:26.0883 0x0d20  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:32:26.0961 0x0d20  NDIS - ok
15:32:27.0132 0x0d20  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:32:27.0163 0x0d20  NdisTapi - ok
15:32:27.0195 0x0d20  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:32:27.0241 0x0d20  Ndisuio - ok
15:32:27.0273 0x0d20  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:32:27.0304 0x0d20  NdisWan - ok
15:32:27.0319 0x0d20  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:32:27.0351 0x0d20  NDProxy - ok
15:32:27.0413 0x0d20  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:32:27.0444 0x0d20  NetBIOS - ok
15:32:27.0491 0x0d20  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:32:27.0538 0x0d20  netbt - ok
15:32:27.0553 0x0d20  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
15:32:27.0585 0x0d20  Netlogon - ok
15:32:27.0600 0x0d20  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
15:32:27.0663 0x0d20  Netman - ok
15:32:27.0709 0x0d20  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
15:32:27.0756 0x0d20  netprofm - ok
15:32:27.0803 0x0d20  [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:32:27.0819 0x0d20  NetTcpPortSharing - ok
15:32:27.0990 0x0d20  [ A15F219208843A5A210C8CB391384453, E333018B7A841F1E1E6E4A56BA05B4A4FDF46866B3697747ADCF4CA0F43D8A1D ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
15:32:28.0162 0x0d20  NETw3v32 - ok
15:32:28.0177 0x0d20  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:32:28.0193 0x0d20  nfrd960 - ok
15:32:28.0240 0x0d20  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:32:28.0287 0x0d20  NlaSvc - ok
15:32:28.0333 0x0d20  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:32:28.0365 0x0d20  Npfs - ok
15:32:28.0380 0x0d20  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
15:32:28.0427 0x0d20  nsi - ok
15:32:28.0443 0x0d20  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:32:28.0474 0x0d20  nsiproxy - ok
15:32:28.0599 0x0d20  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:32:28.0708 0x0d20  Ntfs - ok
15:32:28.0770 0x0d20  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
15:32:28.0833 0x0d20  ntrigdigi - ok
15:32:28.0911 0x0d20  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
15:32:28.0942 0x0d20  Null - ok
15:32:28.0973 0x0d20  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:32:28.0989 0x0d20  nvraid - ok
15:32:29.0004 0x0d20  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:32:29.0035 0x0d20  nvstor - ok
15:32:29.0051 0x0d20  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:32:29.0067 0x0d20  nv_agp - ok
15:32:29.0082 0x0d20  NwlnkFlt - ok
15:32:29.0082 0x0d20  NwlnkFwd - ok
15:32:29.0191 0x0d20  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:32:29.0223 0x0d20  ohci1394 - ok
15:32:29.0285 0x0d20  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:32:29.0347 0x0d20  p2pimsvc - ok
15:32:29.0394 0x0d20  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:32:29.0457 0x0d20  p2psvc - ok
15:32:29.0488 0x0d20  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
15:32:29.0550 0x0d20  Parport - ok
15:32:29.0597 0x0d20  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:32:29.0628 0x0d20  partmgr - ok
15:32:29.0644 0x0d20  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:32:29.0706 0x0d20  Parvdm - ok
15:32:29.0753 0x0d20  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:32:29.0769 0x0d20  PcaSvc - ok
15:32:29.0800 0x0d20  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
15:32:29.0831 0x0d20  pci - ok
15:32:29.0862 0x0d20  [ 3B1901E401473E03EB8C874271E50C26, 3C7931F419E29FDD0155D8D05D97289430A2852FCB3DBAD1B338FE2241458E72 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:32:29.0862 0x0d20  pciide - ok
15:32:29.0925 0x0d20  [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:32:29.0940 0x0d20  pcmcia - ok
15:32:30.0065 0x0d20  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:32:30.0190 0x0d20  PEAUTH - ok
15:32:30.0346 0x0d20  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
15:32:30.0455 0x0d20  pla - ok
15:32:30.0517 0x0d20  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:32:30.0564 0x0d20  PlugPlay - ok
15:32:30.0611 0x0d20  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:32:30.0673 0x0d20  PNRPAutoReg - ok
15:32:30.0705 0x0d20  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:32:30.0767 0x0d20  PNRPsvc - ok
15:32:30.0829 0x0d20  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:32:30.0876 0x0d20  PolicyAgent - ok
15:32:30.0923 0x0d20  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:32:30.0954 0x0d20  PptpMiniport - ok
15:32:31.0017 0x0d20  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
15:32:31.0079 0x0d20  Processor - ok
15:32:31.0095 0x0d20  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
15:32:31.0141 0x0d20  ProfSvc - ok
15:32:31.0173 0x0d20  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
15:32:31.0188 0x0d20  ProtectedStorage - ok
15:32:31.0219 0x0d20  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:32:31.0251 0x0d20  PSched - ok
15:32:31.0375 0x0d20  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:32:31.0438 0x0d20  ql2300 - ok
15:32:31.0485 0x0d20  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:32:31.0500 0x0d20  ql40xx - ok
15:32:31.0547 0x0d20  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
15:32:31.0578 0x0d20  QWAVE - ok
15:32:31.0609 0x0d20  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:32:31.0625 0x0d20  QWAVEdrv - ok
15:32:31.0656 0x0d20  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:32:31.0687 0x0d20  RasAcd - ok
15:32:31.0734 0x0d20  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
15:32:31.0765 0x0d20  RasAuto - ok
15:32:31.0797 0x0d20  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:32:31.0828 0x0d20  Rasl2tp - ok
15:32:31.0875 0x0d20  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
15:32:31.0906 0x0d20  RasMan - ok
15:32:31.0953 0x0d20  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:32:31.0968 0x0d20  RasPppoe - ok
15:32:31.0984 0x0d20  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:32:31.0999 0x0d20  RasSstp - ok
15:32:32.0046 0x0d20  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:32:32.0093 0x0d20  rdbss - ok
15:32:32.0140 0x0d20  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:32:32.0171 0x0d20  RDPCDD - ok
15:32:32.0218 0x0d20  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:32:32.0296 0x0d20  rdpdr - ok
15:32:32.0327 0x0d20  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:32:32.0358 0x0d20  RDPENCDD - ok
15:32:32.0467 0x0d20  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:32:32.0483 0x0d20  RDPWD - ok
15:32:32.0592 0x0d20  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:32:32.0639 0x0d20  RemoteAccess - ok
15:32:32.0670 0x0d20  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:32:32.0701 0x0d20  RemoteRegistry - ok
15:32:32.0733 0x0d20  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
15:32:32.0748 0x0d20  RpcLocator - ok
15:32:32.0795 0x0d20  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
15:32:32.0857 0x0d20  RpcSs - ok
15:32:32.0935 0x0d20  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:32:32.0967 0x0d20  rspndr - ok
15:32:33.0013 0x0d20  [ 455F7F7974211EA11B81F0F4E528E258, BB66099D66046F85BFFE6618C0970611CEF9BE4C970B1FDFB9F47BE0A7809780 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
15:32:33.0045 0x0d20  RTL8169 - ok
15:32:33.0091 0x0d20  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
15:32:33.0107 0x0d20  SamSs - ok
15:32:33.0154 0x0d20  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:32:33.0169 0x0d20  sbp2port - ok
15:32:33.0247 0x0d20  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:32:33.0279 0x0d20  SCardSvr - ok
15:32:33.0372 0x0d20  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
15:32:33.0450 0x0d20  Schedule - ok
15:32:33.0513 0x0d20  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:32:33.0544 0x0d20  SCPolicySvc - ok
15:32:33.0575 0x0d20  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:32:33.0606 0x0d20  sdbus - ok
15:32:33.0653 0x0d20  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:32:33.0684 0x0d20  SDRSVC - ok
15:32:33.0715 0x0d20  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:32:33.0778 0x0d20  secdrv - ok
15:32:33.0825 0x0d20  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
15:32:33.0856 0x0d20  seclogon - ok
15:32:33.0871 0x0d20  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
15:32:33.0918 0x0d20  SENS - ok
15:32:33.0934 0x0d20  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:32:33.0996 0x0d20  Serenum - ok
15:32:34.0027 0x0d20  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
15:32:34.0090 0x0d20  Serial - ok
15:32:34.0121 0x0d20  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:32:34.0168 0x0d20  sermouse - ok
15:32:34.0215 0x0d20  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:32:34.0246 0x0d20  SessionEnv - ok
15:32:34.0277 0x0d20  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:32:34.0339 0x0d20  sffdisk - ok
15:32:34.0355 0x0d20  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:32:34.0417 0x0d20  sffp_mmc - ok
15:32:34.0449 0x0d20  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:32:34.0511 0x0d20  sffp_sd - ok
15:32:34.0527 0x0d20  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:32:34.0589 0x0d20  sfloppy - ok
15:32:34.0651 0x0d20  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:32:34.0698 0x0d20  SharedAccess - ok
15:32:34.0745 0x0d20  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:32:34.0776 0x0d20  ShellHWDetection - ok
15:32:34.0823 0x0d20  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:32:34.0839 0x0d20  sisagp - ok
15:32:34.0839 0x0d20  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:32:34.0854 0x0d20  SiSRaid2 - ok
15:32:34.0885 0x0d20  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:32:34.0901 0x0d20  SiSRaid4 - ok
15:32:35.0275 0x0d20  [ B9F101C40A8631B20778B46D1A6F6DAF, BB754078BAFC14FF8843D3465FE7C20477901CE4A3124549F74E01A1DFB799A3 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:32:35.0681 0x0d20  Skype C2C Service - ok
15:32:35.0790 0x0d20  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
15:32:35.0821 0x0d20  SkypeUpdate - ok
15:32:36.0055 0x0d20  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
15:32:36.0414 0x0d20  slsvc - ok
15:32:36.0508 0x0d20  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:32:36.0539 0x0d20  SLUINotify - ok
15:32:36.0570 0x0d20  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:32:36.0601 0x0d20  Smb - ok
15:32:36.0648 0x0d20  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:32:36.0664 0x0d20  SNMPTRAP - ok
15:32:36.0695 0x0d20  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:32:36.0711 0x0d20  spldr - ok
15:32:36.0757 0x0d20  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
15:32:36.0789 0x0d20  Spooler - ok
15:32:36.0851 0x0d20  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:32:36.0882 0x0d20  srv - ok
15:32:36.0929 0x0d20  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:32:36.0960 0x0d20  srv2 - ok
15:32:36.0991 0x0d20  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:32:37.0007 0x0d20  srvnet - ok
15:32:37.0054 0x0d20  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:32:37.0101 0x0d20  SSDPSRV - ok
15:32:37.0179 0x0d20  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:32:37.0210 0x0d20  SstpSvc - ok
15:32:37.0272 0x0d20  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
15:32:37.0303 0x0d20  stisvc - ok
15:32:37.0428 0x0d20  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:32:37.0444 0x0d20  swenum - ok
15:32:37.0475 0x0d20  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
15:32:37.0522 0x0d20  swprv - ok
15:32:37.0647 0x0d20  [ 7330D477B7496CB42BF11EFF2D374C6A, 080AAE6294358A96BE5EE0D16F5631354DF5FB8E313A51C486876739423AC5CF ] Swupdtmr        c:\Toshiba\IVP\swupdate\swupdtmr.exe
15:32:37.0662 0x0d20  Swupdtmr - detected UnsignedFile.Multi.Generic ( 1 )
15:32:37.0881 0x0d20  Detect skipped due to KSN trusted
15:32:37.0881 0x0d20  Swupdtmr - ok
15:32:37.0974 0x0d20  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:32:38.0005 0x0d20  Symc8xx - ok
15:32:38.0068 0x0d20  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:32:38.0083 0x0d20  Sym_hi - ok
15:32:38.0115 0x0d20  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:32:38.0130 0x0d20  Sym_u3 - ok
15:32:38.0208 0x0d20  [ 2D2C815364A878C7E358D5F549711197, 791E473C1A81EF56E98A1C32CD9787205216118A5638EC120A0001424532A5CD ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:32:38.0239 0x0d20  SynTP - ok
15:32:38.0317 0x0d20  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
15:32:38.0380 0x0d20  SysMain - ok
15:32:38.0458 0x0d20  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:32:38.0473 0x0d20  TabletInputService - ok
15:32:38.0520 0x0d20  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:32:38.0567 0x0d20  TapiSrv - ok
15:32:38.0598 0x0d20  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
15:32:38.0629 0x0d20  TBS - ok
15:32:38.0754 0x0d20  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:32:38.0848 0x0d20  Tcpip - ok
15:32:38.0957 0x0d20  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:32:39.0051 0x0d20  Tcpip6 - ok
15:32:39.0144 0x0d20  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:32:39.0160 0x0d20  tcpipreg - ok
15:32:39.0222 0x0d20  [ 1825BCEB47BF41C5A9F0E44DE82FC27A, 6E5F2654852060A61728686A1877A1EA93645EEED0D2612842D951B4E83750A3 ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
15:32:39.0238 0x0d20  tdcmdpst - ok
15:32:39.0285 0x0d20  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:32:39.0316 0x0d20  TDPIPE - ok
15:32:39.0347 0x0d20  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:32:39.0378 0x0d20  TDTCP - ok
15:32:39.0425 0x0d20  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:32:39.0456 0x0d20  tdx - ok
15:32:39.0472 0x0d20  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:32:39.0503 0x0d20  TermDD - ok
15:32:39.0550 0x0d20  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
15:32:39.0643 0x0d20  TermService - ok
15:32:39.0721 0x0d20  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
15:32:39.0753 0x0d20  Themes - ok
15:32:39.0784 0x0d20  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:32:39.0815 0x0d20  THREADORDER - ok
15:32:39.0877 0x0d20  [ F779BA4CD37963AB4600C9871B7752A3, 57CDADC5F089D03A800EF52F02C0B2F77B0AA9EFDF3CFD837452D699404A058E ] tifm21          C:\Windows\system32\drivers\tifm21.sys
15:32:39.0909 0x0d20  tifm21 - ok
15:32:39.0940 0x0d20  [ D540858E65BFA6FDED41AD2495ECE344, DB85A860F4C07D1370F34AA7F39FAE5DF7E47C1BE65B4D39954FC37CA703A199 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
15:32:39.0955 0x0d20  TODDSrv - detected UnsignedFile.Multi.Generic ( 1 )
15:32:40.0330 0x0d20  Detect skipped due to KSN trusted
15:32:40.0330 0x0d20  TODDSrv - ok
15:32:40.0439 0x0d20  [ AF41337C08D1C240AF14BA4CAB02BF02, C95FB998440582A62B0DACDFEB81D85F2D9972C705CBBC53BD6C50D5D208397F ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
15:32:40.0470 0x0d20  TosCoSrv - ok
15:32:40.0595 0x0d20  [ 76148C3159718B701252F87B067904A6, 90DDCF15A9A447D00213CAFF9FEF24720703EB5398388126DA8F58AFE7DF09BE ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
15:32:40.0611 0x0d20  TOSHIBA Bluetooth Service - detected UnsignedFile.Multi.Generic ( 1 )
15:32:41.0094 0x0d20  Detect skipped due to KSN trusted
15:32:41.0094 0x0d20  TOSHIBA Bluetooth Service - ok
15:32:41.0250 0x0d20  [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2, 52D7505291268878712B4E6AE9B3E440D8D6125E2D61AA3F6719300B931385E0 ] Tosrfcom        C:\Windows\system32\drivers\Tosrfcom.sys
15:32:41.0281 0x0d20  Tosrfcom - ok
15:32:41.0281 0x0d20  [ 5C4103544612E5011EF46301B93D1AA6, B26BBDE22AB60A7B692A8D6F11F40343146D0D3FD0099E3E0DB8ECCF87ECD2B3 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
15:32:41.0297 0x0d20  tosrfec - ok
15:32:41.0391 0x0d20  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
15:32:41.0437 0x0d20  TrkWks - ok
15:32:41.0500 0x0d20  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:32:41.0531 0x0d20  TrustedInstaller - ok
15:32:41.0593 0x0d20  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:32:41.0609 0x0d20  tssecsrv - ok
15:32:41.0687 0x0d20  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:32:41.0703 0x0d20  tunmp - ok
15:32:41.0796 0x0d20  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:32:41.0812 0x0d20  tunnel - ok
15:32:41.0890 0x0d20  [ 521C5F39829875ADF5466DD94C6282C7, E6E420566C29ABAF4B49E50935B12552FF835A9808930BFDB6F2B77F246F9AFC ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
15:32:41.0905 0x0d20  TVALZ - ok
15:32:41.0952 0x0d20  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:32:41.0968 0x0d20  uagp35 - ok
15:32:42.0030 0x0d20  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:32:42.0077 0x0d20  udfs - ok
15:32:42.0124 0x0d20  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:32:42.0155 0x0d20  UI0Detect - ok
15:32:42.0171 0x0d20  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:32:42.0186 0x0d20  uliagpkx - ok
15:32:42.0233 0x0d20  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:32:42.0249 0x0d20  uliahci - ok
15:32:42.0280 0x0d20  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:32:42.0295 0x0d20  UlSata - ok
15:32:42.0327 0x0d20  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:32:42.0342 0x0d20  ulsata2 - ok
15:32:42.0389 0x0d20  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:32:42.0436 0x0d20  umbus - ok
15:32:42.0654 0x0d20  [ 88F659B04497A6D34E2D180A52F15829, A941C89D660ACB3480ED26269F9F2634B72088C00283CE400FB04752EE2D8DA8 ] UpgradeManager  C:\Program Files\GLDS\UpgradeManager\UpgradeManagerSvc.exe
15:32:42.0779 0x0d20  UpgradeManager - detected UnsignedFile.Multi.Generic ( 1 )
15:32:43.0341 0x0d20  UpgradeManager ( UnsignedFile.Multi.Generic ) - warning
15:32:43.0668 0x0d20  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
15:32:43.0715 0x0d20  upnphost - ok
15:32:43.0793 0x0d20  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:32:43.0809 0x0d20  usbaudio - ok
15:32:43.0887 0x0d20  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:32:43.0902 0x0d20  usbccgp - ok
15:32:43.0949 0x0d20  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:32:44.0011 0x0d20  usbcir - ok
15:32:44.0074 0x0d20  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:32:44.0089 0x0d20  usbehci - ok
15:32:44.0121 0x0d20  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:32:44.0152 0x0d20  usbhub - ok
15:32:44.0167 0x0d20  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:32:44.0230 0x0d20  usbohci - ok
15:32:44.0277 0x0d20  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:32:44.0308 0x0d20  usbprint - ok
15:32:44.0370 0x0d20  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:32:44.0386 0x0d20  usbscan - ok
15:32:44.0448 0x0d20  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:32:44.0479 0x0d20  USBSTOR - ok
15:32:44.0542 0x0d20  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:32:44.0557 0x0d20  usbuhci - ok
15:32:44.0604 0x0d20  [ 2069A21A5F5A6497CD36460F734276DB, FB2F1E74BDF625086CC5ECC24C72CF872EB7D39D863A7C22896805C04F805E9A ] usbws320        C:\Windows\system32\DRIVERS\usbws320.sys
15:32:44.0620 0x0d20  usbws320 - ok
15:32:44.0635 0x0d20  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
15:32:44.0667 0x0d20  UxSms - ok
15:32:44.0729 0x0d20  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
15:32:44.0807 0x0d20  vds - ok
15:32:44.0885 0x0d20  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:32:44.0947 0x0d20  vga - ok
15:32:44.0994 0x0d20  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:32:45.0041 0x0d20  VgaSave - ok
15:32:45.0057 0x0d20  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:32:45.0072 0x0d20  viaagp - ok
15:32:45.0088 0x0d20  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:32:45.0150 0x0d20  ViaC7 - ok
15:32:45.0166 0x0d20  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:32:45.0181 0x0d20  viaide - ok
15:32:45.0197 0x0d20  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:32:45.0213 0x0d20  volmgr - ok
15:32:45.0275 0x0d20  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:32:45.0291 0x0d20  volmgrx - ok
15:32:45.0369 0x0d20  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:32:45.0400 0x0d20  volsnap - ok
15:32:45.0431 0x0d20  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:32:45.0447 0x0d20  vsmraid - ok
15:32:45.0571 0x0d20  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
15:32:45.0665 0x0d20  VSS - ok
15:32:45.0743 0x0d20  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
15:32:45.0790 0x0d20  W32Time - ok
15:32:45.0837 0x0d20  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:32:45.0899 0x0d20  WacomPen - ok
15:32:45.0946 0x0d20  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:32:45.0961 0x0d20  Wanarp - ok
15:32:45.0977 0x0d20  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:32:46.0008 0x0d20  Wanarpv6 - ok
15:32:46.0071 0x0d20  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:32:46.0117 0x0d20  wcncsvc - ok
15:32:46.0180 0x0d20  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:32:46.0211 0x0d20  WcsPlugInService - ok
15:32:46.0227 0x0d20  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
15:32:46.0242 0x0d20  Wd - ok
15:32:46.0336 0x0d20  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:32:46.0398 0x0d20  Wdf01000 - ok
15:32:46.0476 0x0d20  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:32:46.0523 0x0d20  WdiServiceHost - ok
15:32:46.0539 0x0d20  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:32:46.0585 0x0d20  WdiSystemHost - ok
15:32:46.0632 0x0d20  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
15:32:46.0663 0x0d20  WebClient - ok
15:32:46.0710 0x0d20  [ 905214925A88311FCE52F66153DE7610, 5D18C6E835A2EA4108C93D9E6AA976142119860C8FC8ECB2DFA961A241B6E61C ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:32:46.0757 0x0d20  Wecsvc - ok
15:32:46.0773 0x0d20  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:32:46.0804 0x0d20  wercplsupport - ok
15:32:46.0851 0x0d20  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:32:46.0882 0x0d20  WerSvc - ok
15:32:46.0960 0x0d20  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:32:46.0991 0x0d20  WinDefend - ok
15:32:46.0991 0x0d20  WinHttpAutoProxySvc - ok
15:32:47.0069 0x0d20  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:32:47.0100 0x0d20  Winmgmt - ok
15:32:47.0178 0x0d20  [ 01874D4689C212460FBABF0ECD7CB7F7, 8FC46BAD704A1E057DC4A8DC7374AAB93A96CC4A46E06FF9C2E06A6D62820469 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:32:47.0256 0x0d20  WinRM - ok
15:32:47.0490 0x0d20  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:32:47.0537 0x0d20  Wlansvc - ok
15:32:47.0631 0x0d20  [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:32:47.0693 0x0d20  WmiAcpi - ok
15:32:47.0802 0x0d20  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:32:47.0833 0x0d20  wmiApSrv - ok
15:32:48.0114 0x0d20  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:32:48.0192 0x0d20  WMPNetworkSvc - ok
15:32:48.0286 0x0d20  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:32:48.0317 0x0d20  WPCSvc - ok
15:32:48.0364 0x0d20  [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:32:48.0379 0x0d20  WPDBusEnum - ok
15:32:48.0426 0x0d20  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:32:48.0457 0x0d20  ws2ifsl - ok
15:32:48.0504 0x0d20  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:32:48.0535 0x0d20  wscsvc - ok
15:32:48.0535 0x0d20  WSearch - ok
15:32:49.0035 0x0d20  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:32:49.0144 0x0d20  wuauserv - ok
15:32:49.0206 0x0d20  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:32:49.0237 0x0d20  WUDFRd - ok
15:32:49.0269 0x0d20  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:32:49.0300 0x0d20  wudfsvc - ok
15:32:49.0315 0x0d20  ================ Scan global ===============================
15:32:49.0378 0x0d20  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
15:32:49.0456 0x0d20  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:32:49.0487 0x0d20  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:32:49.0565 0x0d20  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
15:32:49.0581 0x0d20  [ Global ] - ok
15:32:49.0581 0x0d20  ================ Scan MBR ==================================
15:32:49.0612 0x0d20  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
15:32:50.0314 0x0d20  \Device\Harddisk0\DR0 - ok
15:32:50.0314 0x0d20  ================ Scan VBR ==================================
15:32:50.0345 0x0d20  [ BE600F1B8B0EB7EB567B49A730241B99 ] \Device\Harddisk0\DR0\Partition1
15:32:50.0361 0x0d20  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
15:32:50.0361 0x0d20  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
15:32:50.0657 0x0d20  ================ Scan generic autorun ======================
15:32:50.0688 0x0d20  [ 93CB29692E746BAC5C6764E83348DADA, 04DEB59198038F518F3DE1DCA321FD3D95A14A6F4CCEC1E07F111991563323AB ] C:\Windows\system32\igfxtray.exe
15:32:50.0735 0x0d20  IgfxTray - ok
15:32:50.0766 0x0d20  [ 8987E5C9AF94AF94258E747103511C5F, 960A039DC0561627548540EE04136AAAEA81329918C8F8850413C12AFA195CF5 ] C:\Windows\system32\hkcmd.exe
15:32:50.0782 0x0d20  HotKeysCmds - ok
15:32:50.0797 0x0d20  [ D395D12815EAA1EAF50BA2B4F252959F, 7D8894FF1497BFB7515DCF704CB4D8C66EC1C542EF9E4371CB0F01446DEF4612 ] C:\Windows\system32\igfxpers.exe
15:32:50.0860 0x0d20  Persistence - ok
15:32:50.0969 0x0d20  [ F98281EF23616F751FABE97A6EC5DBE6, E5F12D24BE1D11519DFDF3C99172641C0E141313A4FED527E0CEE2BBE2651D01 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
15:32:51.0141 0x0d20  SynTPEnh - ok
15:32:51.0281 0x0d20  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
15:32:51.0375 0x0d20  Windows Defender - ok
15:32:51.0687 0x0d20  [ A503A47A5E7EA8024379A8CC6059B74A, 8DEEC50E21924D21DD6383FA7FB3714ECA5AD45C576E0FF0431EE0DB25194620 ] C:\Windows\RtHDVCpl.exe
15:32:52.0030 0x0d20  RtHDVCpl - ok
15:32:52.0108 0x0d20  [ 7DC4E93F9BE692E29B1E1D27B6A389DC, 951D34EB7DEDBE33807DAB3EAF477364C0764F0C3D6A7309732A42509A26B031 ] C:\Program Files\ltmoh\Ltmoh.exe
15:32:52.0123 0x0d20  LtMoh - detected UnsignedFile.Multi.Generic ( 1 )
15:32:52.0591 0x0d20  Detect skipped due to KSN trusted
15:32:52.0591 0x0d20  LtMoh - ok
15:32:52.0638 0x0d20  [ 424C1ADB34F9F1B2BC947D8BF0D5FBE3, 5E462434A693A831910E3D5D4D8B939C4441E62735EC4CB2039DEAED5EC363D9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE
15:32:52.0669 0x0d20  TPwrMain - ok
15:32:52.0747 0x0d20  [ 15058804D8A48C67C007DD1D797CC72A, 6E5DBE00B526DE76A32B01618D8E853EC93221B91C62FB19C611067D897EE90B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
15:32:52.0763 0x0d20  HSON - ok
15:32:52.0825 0x0d20  [ D1093014C17EFB8E5D84F78297F9699B, 41F6ABDF33CCAFF8E17572928F76B2A5476500226BA6E62E3D3CA1BC29126B89 ] C:\Program Files\Toshiba\SmoothView\SmoothView.exe
15:32:52.0872 0x0d20  SmoothView - ok
15:32:52.0950 0x0d20  [ 842691D383157CDF5D3D81E06BC1FC71, 3E43E530C5D8FF93216E61F923AEC6CA7D0370F071DE8C055B9CFE4FE189EA7A ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
15:32:52.0981 0x0d20  00TCrdMain - ok
15:32:52.0997 0x0d20  NDSTray.exe - ok
15:32:53.0122 0x0d20  [ 910B7CFD6E23D6E0A7370525B5AE5B7A, 9087A771A2BE22A95FB4BD9845B67D87F7FBC39F3427734FFCCD5648E67F9A34 ] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
15:32:53.0184 0x0d20  HWSetup - detected UnsignedFile.Multi.Generic ( 1 )
15:32:53.0668 0x0d20  Detect skipped due to KSN trusted
15:32:53.0668 0x0d20  HWSetup - ok
15:32:53.0715 0x0d20  [ 104B2D030A592D4B2FC87D49B3ED62D6, 1BE247A89E21D5D4CEE91690AE4B86D50B6D9F5572C6CB5F1224EED5B91049EC ] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
15:32:53.0793 0x0d20  SVPWUTIL - detected UnsignedFile.Multi.Generic ( 1 )
15:32:53.0995 0x0d20  Detect skipped due to KSN trusted
15:32:53.0995 0x0d20  SVPWUTIL - ok
15:32:54.0027 0x0d20  [ AFD400AEBCAB252C99E60991FF00D9D2, E0BC1528A92E2484C220DDA55582E96BC088DFEEFFE360C169E4FC2C85F1519C ] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
15:32:54.0027 0x0d20  KeNotify - ok
15:32:54.0089 0x0d20  [ FF0727AB2E7B019026D9034F643752B0, 7969B601C55BC848BF341448AB9329DB40E3B694434030EEADFA7BE2D061E90B ] C:\TOSHIBA\IVP\ISM\pinger.exe
15:32:54.0105 0x0d20  PINGER - detected UnsignedFile.Multi.Generic ( 1 )
15:32:54.0479 0x0d20  Detect skipped due to KSN trusted
15:32:54.0479 0x0d20  PINGER - ok
15:32:54.0713 0x0d20  [ 2FD9412F2790BC43E5C545D575DBC4A5, 8F0BE6A350408C5099E577CCC4DDCD4B9B3CDBBDC916123D0D136A768C3319B6 ] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
15:32:54.0900 0x0d20  Google Desktop Search - detected UnsignedFile.Multi.Generic ( 1 )
15:32:55.0384 0x0d20  Detect skipped due to KSN trusted
15:32:55.0384 0x0d20  Google Desktop Search - ok
15:32:55.0462 0x0d20  [ ED7A6D40B20DC34BE06F4AE196AE7D50, 6BE8E459AB2957B443F03419B5A765B61DEB946F1056CEB9C43FB26EB800A835 ] C:\Program Files\QuickTime\QTTask.exe
15:32:55.0540 0x0d20  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
15:32:55.0992 0x0d20  Detect skipped due to KSN trusted
15:32:55.0992 0x0d20  QuickTime Task - ok
15:32:56.0242 0x0d20  [ 3C6C546F303C1B956C6F5C436C97CB8F, 60587AC1828410C819DD6D7022B9FE954E58D55EFC7D84DD5FB29854DCF04FA6 ] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
15:32:56.0554 0x0d20  avast5 - ok
15:32:56.0710 0x0d20  [ C5FCC0B761069FABD59E41B7C3280DDF, 2A43F0C1A753CFF4F2FC2B3AFE9F6D4B549C6ABC4623D8D8BCAADDDAB8557AA6 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
15:32:56.0803 0x0d20  Malwarebytes Anti-Malware (reboot) - ok
15:32:56.0991 0x0d20  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:32:57.0147 0x0d20  Sidebar - ok
15:32:57.0162 0x0d20  WindowsWelcomeCenter - ok
15:32:57.0287 0x0d20  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:32:57.0381 0x0d20  Sidebar - ok
15:32:57.0381 0x0d20  WindowsWelcomeCenter - ok
15:32:57.0396 0x0d20  TOSCDSPD - ok
15:32:57.0552 0x0d20  [ BC0DF782D8C5C446C2AC7D16D2F3312C, 2702873FDC1B8DEA46F3B6B98BC93ED0EA199FA30F0AA22C0E50D8B6B5381FEE ] C:\Users\Dennis\AppData\Roaming\mjusbsp\cdloader2.exe
15:32:57.0568 0x0d20  cdloader - ok
15:32:57.0708 0x0d20  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe
15:32:57.0724 0x0d20  Google Update - ok
15:32:57.0802 0x0d20  [ F29FB319665A76CAD5C0370D814BEB66, C0E3C6A1A1ABC03EB0EB340F2B866A8080728AC900DEC0E2DDBAE044339E35BF ] C:\Program Files\Digicel Broadband CM\cm\UIExec.exe
15:32:57.0833 0x0d20  UIExec - detected UnsignedFile.Multi.Generic ( 1 )
15:32:58.0317 0x0d20  Detect skipped due to KSN trusted
15:32:58.0317 0x0d20  UIExec - ok
15:32:58.0379 0x0d20  [ 1EF5F5C22258C60C896B092066C2E628, B0B367266120440E4CBD3A06CC3DCD45F703DCB71FD2BD0EDC1B8E8D6012A9C8 ] C:\AdwCleaner\AdwCleaner[S0].txt
15:32:58.0395 0x0d20  Report - detected UnsignedFile.Multi.Generic ( 1 )
15:32:58.0863 0x0d20  Report ( UnsignedFile.Multi.Generic ) - warning
15:32:59.0175 0x0d20  Waiting for KSN requests completion. In queue: 6
15:33:00.0423 0x0d20  AV detected via SS2: avast! Antivirus, C:\Program Files\Alwil Software\Avast5\VisthAux.exe ( 5.0.121.0 ), 0x40000 ( disabled : updated )
15:33:00.0423 0x0d20  Win FW state via NFP2: enabled
15:33:00.0688 0x0d20  ============================================================
15:33:00.0688 0x0d20  Scan finished
15:33:00.0688 0x0d20  ============================================================
15:33:00.0688 0x0e88  Detected object count: 3
15:33:00.0688 0x0e88  Actual detected object count: 3
15:33:47.0862 0x0e88  UpgradeManager ( UnsignedFile.Multi.Generic ) - skipped by user
15:33:47.0862 0x0e88  UpgradeManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:33:47.0878 0x0e88  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
15:33:47.0878 0x0e88  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
15:33:47.0878 0x0e88  Report ( UnsignedFile.Multi.Generic ) - skipped by user
15:33:47.0878 0x0e88  Report ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:34:03.0727 0x0c60  Deinitialize success



aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-29 15:37:30
-----------------------------
15:37:30.081    OS Version: Windows 6.0.6002 Service Pack 2
15:37:30.082    Number of processors: 2 586 0xE0C
15:37:30.083    ComputerName: DENNIS-PC  UserName: Dennis
15:37:43.752    Initialize success
15:37:43.784    VM: initialized successfully
15:37:43.784    VM: Intel CPU virtualization not supported
15:37:43.955    AVAST engine defs: 13102200
15:40:15.899    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:40:15.899    Disk 0 Vendor: Hitachi_HTS541610J9SA00 SBCOC7DP Size: 95396MB BusType: 3
15:40:16.086    Disk 0 MBR read successfully
15:40:16.102    Disk 0 MBR scan
15:40:16.102    Disk 0 Windows VISTA default MBR code
15:40:16.118    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS         1500 MB offset 2048
15:40:16.133    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        93895 MB offset 3074048
15:40:16.149    Disk 0 scanning sectors +195371008
15:40:16.227    Disk 0 scanning C:\Windows\system32\drivers
15:40:28.442    Service scanning
15:41:02.793    Modules scanning
15:41:14.321    Disk 0 trace - called modules:
15:41:14.368    ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys ntoskrnl.exe hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys dxgkrnl.sys igdkmd32.sys
15:41:14.368    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864a7968]
15:41:14.368    3 CLASSPNP.SYS[891b08b3] -> nt!IofCallDriver -> [0x85de9c48]
15:41:14.368    5 acpi.sys[8364c6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85deb6c0]
15:41:15.257    AVAST engine scan C:\
15:42:43.553    File: C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\cwncmuup.exe.xBAD  **INFECTED** Win32:Evo-gen [Susp]
15:42:50.058    File: C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\xgdegqqp.exe.xBAD  **INFECTED** Win32:Evo-gen [Susp]
15:48:04.601    File: C:\Program Files\Realtek\Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista\lansetv.exe  **INFECTED** Win32:Evo-gen [Susp]
15:49:01.853    File: C:\Program Files\Toshiba\PCDiag\dialtonetest.exe  **INFECTED** Win32:Evo-gen [Susp]
20:43:11.062    Scan finished successfully
07:05:29.805    Disk 0 MBR has been saved successfully to "C:\Users\Dennis\Desktop\MBR.dat"
07:05:29.820    The log file has been saved successfully to "C:\Users\Dennis\Desktop\aswMBR.txt"

 



#23 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 30 September 2014 - 06:21 AM

Great, we've found the culprit. 
Lets now remove the bootkit. 

YARWD1t.png TDSSKiller Fix

  • Right-Click TDSSKiller.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Change parameters. Ensure a checkmark is placed next to:
    • Detect TDLFS file system
    • Verify file digital signatures
  • ​Click Start Scan. Do not use the computer during the scan.
  • Upon completion, select Cure for the following items:
    Rootkit.Boot.Cidox.b
  • Click Continue and close the window. 
  • A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.
  • Please re-run a TDSSKiller scan with the options above, and confirm the detection (Rootkit.Boot.Cidox.b) is no longer present. 

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#24 elmkd

elmkd

    Authentic Member

  • Authentic Member
  • PipPip
  • 138 posts

Posted 30 September 2014 - 06:31 AM

07:29:31.0615 0x0ef8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
07:30:05.0464 0x0ef8  ============================================================
07:30:05.0464 0x0ef8  Current date / time: 2014/09/30 07:30:05.0464
07:30:05.0464 0x0ef8  SystemInfo:
07:30:05.0464 0x0ef8  
07:30:05.0464 0x0ef8  OS Version: 6.0.6002 ServicePack: 2.0
07:30:05.0464 0x0ef8  Product type: Workstation
07:30:05.0464 0x0ef8  ComputerName: DENNIS-PC
07:30:05.0464 0x0ef8  UserName: Dennis
07:30:05.0464 0x0ef8  Windows directory: C:\Windows
07:30:05.0464 0x0ef8  System windows directory: C:\Windows
07:30:05.0464 0x0ef8  Processor architecture: Intel x86
07:30:05.0464 0x0ef8  Number of processors: 2
07:30:05.0464 0x0ef8  Page size: 0x1000
07:30:05.0464 0x0ef8  Boot type: Normal boot
07:30:05.0464 0x0ef8  ============================================================
07:30:08.0772 0x0ef8  KLMD registered as C:\Windows\system32\drivers\20036768.sys
07:30:08.0896 0x0ef8  System UUID: {9C1AA64B-C043-A1C7-18F3-74B90EE2593A}
07:30:09.0864 0x0ef8  Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 ( 93.16 Gb ), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:30:09.0879 0x0ef8  ============================================================
07:30:09.0879 0x0ef8  \Device\Harddisk0\DR0:
07:30:09.0879 0x0ef8  MBR partitions:
07:30:09.0879 0x0ef8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xB763800
07:30:09.0879 0x0ef8  ============================================================
07:30:09.0910 0x0ef8  C: <-> \Device\Harddisk0\DR0\Partition1
07:30:09.0910 0x0ef8  ============================================================
07:30:09.0910 0x0ef8  Initialize success
07:30:09.0910 0x0ef8  ============================================================
07:30:44.0854 0x0aa8  ============================================================
07:30:44.0854 0x0aa8  Scan started
07:30:44.0854 0x0aa8  Mode: Manual; SigCheck; TDLFS;
07:30:44.0854 0x0aa8  ============================================================
07:30:44.0854 0x0aa8  KSN ping started
07:30:56.0336 0x0aa8  KSN ping finished: true
07:30:57.0163 0x0aa8  ================ Scan system memory ========================
07:30:57.0163 0x0aa8  System memory - ok
07:30:57.0163 0x0aa8  ================ Scan services =============================
07:30:57.0381 0x0aa8  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
07:30:57.0537 0x0aa8  ACPI - ok
07:30:57.0802 0x0aa8  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
07:30:57.0849 0x0aa8  adp94xx - ok
07:30:57.0880 0x0aa8  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
07:30:57.0912 0x0aa8  adpahci - ok
07:30:57.0943 0x0aa8  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
07:30:57.0958 0x0aa8  adpu160m - ok
07:30:57.0990 0x0aa8  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
07:30:58.0021 0x0aa8  adpu320 - ok
07:30:58.0099 0x0aa8  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
07:30:58.0224 0x0aa8  AeLookupSvc - ok
07:30:58.0286 0x0aa8  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
07:30:58.0348 0x0aa8  AFD - ok
07:30:58.0426 0x0aa8  [ 1CB677BF1DABD3BAF4F944E2C90D6C73, 099466E899BB7BA176C42DB15D0D4946DC15845CA051BDACF3BE767157AB90BD ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
07:30:58.0473 0x0aa8  AgereModemAudio - ok
07:30:58.0598 0x0aa8  [ 4E6294A06BE883C9BD685A8DFD9FCD4E, 981293F10047FEB0DA7D421E0F36653360BCF709F7BB8F0750CE6D298F739D73 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
07:30:58.0770 0x0aa8  AgereSoftModem - ok
07:30:58.0832 0x0aa8  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
07:30:58.0848 0x0aa8  agp440 - ok
07:30:58.0863 0x0aa8  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
07:30:58.0879 0x0aa8  aic78xx - ok
07:30:58.0910 0x0aa8  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
07:30:59.0019 0x0aa8  ALG - ok
07:30:59.0050 0x0aa8  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
07:30:59.0066 0x0aa8  aliide - ok
07:30:59.0113 0x0aa8  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
07:30:59.0144 0x0aa8  amdagp - ok
07:30:59.0160 0x0aa8  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
07:30:59.0175 0x0aa8  amdide - ok
07:30:59.0238 0x0aa8  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
07:30:59.0378 0x0aa8  AmdK7 - ok
07:30:59.0409 0x0aa8  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
07:30:59.0518 0x0aa8  AmdK8 - ok
07:30:59.0581 0x0aa8  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
07:30:59.0659 0x0aa8  Appinfo - ok
07:30:59.0830 0x0aa8  [ ACB095E7E1663F1B83A41C22C5D75F90, 18405B7B7D90CD7A2AD17F4D1B7688B49048CB0EBD10A98C53349E6286138418 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:30:59.0846 0x0aa8  Apple Mobile Device - ok
07:30:59.0924 0x0aa8  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
07:30:59.0940 0x0aa8  arc - ok
07:31:00.0018 0x0aa8  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
07:31:00.0033 0x0aa8  arcsas - ok
07:31:00.0096 0x0aa8  [ 1B6ED99291DDF5D2501554CC5757AAB6, EAE44C7E15554334F6F8CA0B4A5DDA42D5F91A67EDA0CAB8A111CFFB9F4C27F0 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
07:31:00.0111 0x0aa8  aswFsBlk - ok
07:31:00.0127 0x0aa8  [ 58254E06B36B984E33AE314C0EA8F1A5, D37FEA26999310862C42AFB5FF197CB6CED944C741944BC00E4960CB7E7E54C1 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
07:31:00.0142 0x0aa8  aswMonFlt - ok
07:31:00.0174 0x0aa8  [ 3E2B6112D2766F87EDA8466FDE86A986, 02479A494B95AE6CC250BEF7501A849875C531AA1E32A8610931EEBEFB66543A ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
07:31:00.0189 0x0aa8  aswRdr - ok
07:31:00.0236 0x0aa8  [ D78B644816DB540E103D0B0766FD9967, EEF9BBE28FF28F51A320A695A9299CC9F488A662761BFB050780D235E9F6E5E9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
07:31:00.0252 0x0aa8  aswSP - ok
07:31:00.0283 0x0aa8  [ 606D731008D98B6EF946730C597C1642, 1F3595451EDA90027D87A52D90E469B5FAC546D1E1AC841AD10BE1ADFE15F82C ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
07:31:00.0298 0x0aa8  aswTdi - ok
07:31:00.0470 0x0aa8  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:31:00.0532 0x0aa8  AsyncMac - ok
07:31:00.0595 0x0aa8  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
07:31:00.0610 0x0aa8  atapi - ok
07:31:00.0735 0x0aa8  [ 889E7F06279FD16549B77628918FF666, 3872FE09049D61A2428E95E223555B8A137780F837B8EDF6FE5CFAF873C917C2 ] athr            C:\Windows\system32\DRIVERS\athr.sys
07:31:00.0876 0x0aa8  athr - ok
07:31:01.0032 0x0aa8  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:31:01.0094 0x0aa8  AudioEndpointBuilder - ok
07:31:01.0110 0x0aa8  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
07:31:01.0172 0x0aa8  Audiosrv - ok
07:31:01.0250 0x0aa8  [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
07:31:01.0266 0x0aa8  avast! Antivirus - ok
07:31:01.0281 0x0aa8  [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
07:31:01.0297 0x0aa8  avast! Mail Scanner - ok
07:31:01.0297 0x0aa8  [ AE28BA1361D8040D8850F21CACFCCCE9, 74EA93DD07388C27D1231883B8010179928880F8200F5CB4A850FA8364B1F034 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
07:31:01.0312 0x0aa8  avast! Web Scanner - ok
07:31:01.0437 0x0aa8  [ 4BDF4504D21C2F43E3BE06FDA5DF5FA7, 198893ABBE7E077D86E74DFA5E8A3E8CD8172FA811FF6C54BFC07FF93AF8BC03 ] bcm             C:\Windows\system32\DRIVERS\drxvi314.sys
07:31:01.0531 0x0aa8  bcm - ok
07:31:01.0578 0x0aa8  [ 557AF83FEC9CF88C896D29F4D40E6522, 3153F74DCC62547E410C384C20EE9C1273AFBD9D55A54B92B32F454D4DD5BCBB ] bcmbusctr       C:\Windows\system32\DRIVERS\BcmBusCtr.sys
07:31:01.0640 0x0aa8  bcmbusctr - ok
07:31:01.0702 0x0aa8  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:31:01.0827 0x0aa8  Beep - ok
07:31:01.0905 0x0aa8  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
07:31:02.0030 0x0aa8  BFE - ok
07:31:02.0155 0x0aa8  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
07:31:02.0311 0x0aa8  BITS - ok
07:31:02.0326 0x0aa8  blbdrive - ok
07:31:02.0358 0x0aa8  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:31:02.0404 0x0aa8  bowser - ok
07:31:02.0451 0x0aa8  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
07:31:02.0498 0x0aa8  BrFiltLo - ok
07:31:02.0514 0x0aa8  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
07:31:02.0592 0x0aa8  BrFiltUp - ok
07:31:02.0638 0x0aa8  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
07:31:02.0701 0x0aa8  Browser - ok
07:31:02.0748 0x0aa8  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
07:31:02.0841 0x0aa8  Brserid - ok
07:31:02.0888 0x0aa8  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
07:31:02.0982 0x0aa8  BrSerWdm - ok
07:31:03.0013 0x0aa8  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
07:31:03.0106 0x0aa8  BrUsbMdm - ok
07:31:03.0138 0x0aa8  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
07:31:03.0200 0x0aa8  BrUsbSer - ok
07:31:03.0216 0x0aa8  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
07:31:03.0309 0x0aa8  BTHMODEM - ok
07:31:03.0387 0x0aa8  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:31:03.0465 0x0aa8  cdfs - ok
07:31:03.0528 0x0aa8  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
07:31:03.0590 0x0aa8  cdrom - ok
07:31:03.0668 0x0aa8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
07:31:03.0730 0x0aa8  CertPropSvc - ok
07:31:03.0886 0x0aa8  [ C82162949BBA6CC5D006C7BD008F3CF1, 635E5B5C5AF3ACECA6115DAC8E576390B258C6590EE9727DB6FA68B13FD85297 ] CFSvcs          C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
07:31:03.0933 0x0aa8  CFSvcs - detected UnsignedFile.Multi.Generic ( 1 )
07:31:04.0339 0x0aa8  Detect skipped due to KSN trusted
07:31:04.0339 0x0aa8  CFSvcs - ok
07:31:04.0386 0x0aa8  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
07:31:04.0464 0x0aa8  circlass - ok
07:31:04.0526 0x0aa8  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
07:31:04.0557 0x0aa8  CLFS - ok
07:31:04.0651 0x0aa8  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:31:04.0666 0x0aa8  clr_optimization_v2.0.50727_32 - ok
07:31:04.0729 0x0aa8  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
07:31:04.0791 0x0aa8  CmBatt - ok
07:31:04.0838 0x0aa8  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
07:31:04.0854 0x0aa8  cmdide - ok
07:31:04.0900 0x0aa8  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
07:31:04.0916 0x0aa8  Compbatt - ok
07:31:04.0932 0x0aa8  COMSysApp - ok
07:31:04.0947 0x0aa8  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
07:31:04.0947 0x0aa8  crcdisk - ok
07:31:04.0994 0x0aa8  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
07:31:05.0072 0x0aa8  Crusoe - ok
07:31:05.0181 0x0aa8  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:31:05.0259 0x0aa8  CryptSvc - ok
07:31:05.0384 0x0aa8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:31:05.0462 0x0aa8  DcomLaunch - ok
07:31:05.0493 0x0aa8  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:31:05.0556 0x0aa8  DfsC - ok
07:31:05.0805 0x0aa8  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
07:31:06.0024 0x0aa8  DFSR - ok
07:31:06.0102 0x0aa8  [ 1EC27A51A2F9DF052BC2B4C8376C8FEA, 6B903263C4E5A26FE161EF829FD5C597485DFE1E9DBADD60FBEECE9F6605E79F ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
07:31:06.0133 0x0aa8  DgiVecp - detected UnsignedFile.Multi.Generic ( 1 )
07:31:06.0554 0x0aa8  Detect skipped due to KSN trusted
07:31:06.0554 0x0aa8  DgiVecp - ok
07:31:06.0757 0x0aa8  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
07:31:06.0819 0x0aa8  Dhcp - ok
07:31:06.0928 0x0aa8  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
07:31:07.0006 0x0aa8  disk - ok
07:31:07.0069 0x0aa8  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:31:07.0100 0x0aa8  Dnscache - ok
07:31:07.0178 0x0aa8  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
07:31:07.0240 0x0aa8  dot3svc - ok
07:31:07.0318 0x0aa8  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
07:31:07.0428 0x0aa8  DPS - ok
07:31:07.0490 0x0aa8  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
07:31:07.0584 0x0aa8  drmkaud - ok
07:31:07.0662 0x0aa8  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
07:31:07.0724 0x0aa8  DXGKrnl - ok
07:31:07.0880 0x0aa8  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
07:31:08.0020 0x0aa8  E1G60 - ok
07:31:08.0083 0x0aa8  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
07:31:08.0145 0x0aa8  EapHost - ok
07:31:08.0270 0x0aa8  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
07:31:08.0286 0x0aa8  Ecache - ok
07:31:08.0566 0x0aa8  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
07:31:08.0722 0x0aa8  ehRecvr - ok
07:31:08.0769 0x0aa8  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
07:31:08.0878 0x0aa8  ehSched - ok
07:31:08.0910 0x0aa8  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
07:31:08.0941 0x0aa8  ehstart - ok
07:31:09.0003 0x0aa8  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
07:31:09.0034 0x0aa8  elxstor - ok
07:31:09.0112 0x0aa8  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
07:31:09.0190 0x0aa8  EMDMgmt - ok
07:31:09.0253 0x0aa8  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
07:31:09.0315 0x0aa8  EventSystem - ok
07:31:09.0424 0x0aa8  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
07:31:09.0487 0x0aa8  exfat - ok
07:31:09.0534 0x0aa8  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
07:31:09.0612 0x0aa8  fastfat - ok
07:31:09.0674 0x0aa8  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
07:31:09.0768 0x0aa8  fdc - ok
07:31:09.0799 0x0aa8  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
07:31:09.0830 0x0aa8  fdPHost - ok
07:31:09.0892 0x0aa8  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
07:31:10.0002 0x0aa8  FDResPub - ok
07:31:10.0048 0x0aa8  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:31:10.0080 0x0aa8  FileInfo - ok
07:31:10.0111 0x0aa8  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
07:31:10.0173 0x0aa8  Filetrace - ok
07:31:10.0220 0x0aa8  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
07:31:10.0314 0x0aa8  flpydisk - ok
07:31:10.0392 0x0aa8  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:31:10.0423 0x0aa8  FltMgr - ok
07:31:10.0579 0x0aa8  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
07:31:10.0719 0x0aa8  FontCache - ok
07:31:10.0938 0x0aa8  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:31:10.0953 0x0aa8  FontCache3.0.0.0 - ok
07:31:11.0000 0x0aa8  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:31:11.0047 0x0aa8  Fs_Rec - ok
07:31:11.0094 0x0aa8  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
07:31:11.0109 0x0aa8  gagp30kx - ok
07:31:11.0172 0x0aa8  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
07:31:11.0265 0x0aa8  gpsvc - ok
07:31:11.0421 0x0aa8  [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C, 8F62DF65DB30770448E297D000B570683DEA454A5D84B5BCB1478D91030212DB ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:31:11.0452 0x0aa8  gusvc - ok
07:31:11.0530 0x0aa8  [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
07:31:11.0546 0x0aa8  hamachi - ok
07:31:11.0608 0x0aa8  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:31:11.0702 0x0aa8  HdAudAddService - ok
07:31:11.0780 0x0aa8  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
07:31:11.0842 0x0aa8  HDAudBus - ok
07:31:11.0889 0x0aa8  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
07:31:11.0983 0x0aa8  HidBth - ok
07:31:12.0030 0x0aa8  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
07:31:12.0139 0x0aa8  HidIr - ok
07:31:12.0186 0x0aa8  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
07:31:12.0264 0x0aa8  hidserv - ok
07:31:12.0295 0x0aa8  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
07:31:12.0357 0x0aa8  HidUsb - ok
07:31:12.0404 0x0aa8  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:31:12.0451 0x0aa8  hkmsvc - ok
07:31:12.0482 0x0aa8  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
07:31:12.0498 0x0aa8  HpCISSs - ok
07:31:12.0576 0x0aa8  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:31:12.0638 0x0aa8  HTTP - ok
07:31:12.0810 0x0aa8  [ 348C3A9D01E68A0222A246346924AA55, 6F8803BA37760043A78DC1E0D4E20853E5ABEF55B0201676B281EC2685E951DD ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
07:31:12.0888 0x0aa8  hwdatacard - ok
07:31:12.0934 0x0aa8  [ 460B1945C3E6B0419A76E1B507B90B71, C78B32ABB98ABAFF647500CD70AFA78C9848A4978E79EEE83D654E69F51D5F93 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
07:31:12.0981 0x0aa8  hwusbdev - ok
07:31:13.0028 0x0aa8  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
07:31:13.0044 0x0aa8  i2omp - ok
07:31:13.0153 0x0aa8  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
07:31:13.0215 0x0aa8  i8042prt - ok
07:31:13.0356 0x0aa8  [ 14F477463246E35F1DC932BE6225598C, 0295EEB75D818C18CC3A27C9FBB6213EFD30D599D98D3923152FE0853E6711AF ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
07:31:13.0558 0x0aa8  ialm - ok
07:31:13.0621 0x0aa8  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
07:31:13.0652 0x0aa8  iaStorV - ok
07:31:13.0746 0x0aa8  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
07:31:13.0792 0x0aa8  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
07:31:14.0026 0x0aa8  Detect skipped due to KSN trusted
07:31:14.0026 0x0aa8  IDriverT - ok
07:31:14.0198 0x0aa8  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:31:14.0276 0x0aa8  idsvc - ok
07:31:14.0479 0x0aa8  [ 14F477463246E35F1DC932BE6225598C, 0295EEB75D818C18CC3A27C9FBB6213EFD30D599D98D3923152FE0853E6711AF ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
07:31:14.0604 0x0aa8  igfx - ok
07:31:14.0697 0x0aa8  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
07:31:14.0713 0x0aa8  iirsp - ok
07:31:14.0822 0x0aa8  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
07:31:14.0916 0x0aa8  IKEEXT - ok
07:31:15.0103 0x0aa8  [ A47B2875680AD67B35C6150BD0203056, 2087CF6D1EEA7C0DB09EB3211713B2D0F36877960878A08CF6CEC99252316417 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
07:31:15.0212 0x0aa8  IntcAzAudAddService - ok
07:31:15.0321 0x0aa8  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
07:31:15.0337 0x0aa8  intelide - ok
07:31:15.0368 0x0aa8  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
07:31:15.0477 0x0aa8  intelppm - ok
07:31:15.0524 0x0aa8  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
07:31:15.0602 0x0aa8  IPBusEnum - ok
07:31:15.0649 0x0aa8  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:31:15.0711 0x0aa8  IpFilterDriver - ok
07:31:15.0820 0x0aa8  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
07:31:15.0867 0x0aa8  iphlpsvc - ok
07:31:15.0867 0x0aa8  IpInIp - ok
07:31:15.0898 0x0aa8  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
07:31:16.0008 0x0aa8  IPMIDRV - ok
07:31:16.0054 0x0aa8  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
07:31:16.0117 0x0aa8  IPNAT - ok
07:31:16.0148 0x0aa8  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:31:16.0226 0x0aa8  IRENUM - ok
07:31:16.0273 0x0aa8  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
07:31:16.0304 0x0aa8  isapnp - ok
07:31:16.0382 0x0aa8  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
07:31:16.0413 0x0aa8  iScsiPrt - ok
07:31:16.0444 0x0aa8  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
07:31:16.0476 0x0aa8  iteatapi - ok
07:31:16.0491 0x0aa8  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
07:31:16.0507 0x0aa8  iteraid - ok
07:31:16.0554 0x0aa8  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
07:31:16.0569 0x0aa8  kbdclass - ok
07:31:16.0616 0x0aa8  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
07:31:16.0647 0x0aa8  kbdhid - ok
07:31:16.0678 0x0aa8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
07:31:16.0756 0x0aa8  KeyIso - ok
07:31:16.0803 0x0aa8  [ 1E0D65F7FFEB4E99B2EEC1CCB5754CC8, FE56EA89A4D7751EAB089C58514A824FBEDB44065CF3132B897AC613E211B46B ] KR10I           C:\Windows\system32\drivers\kr10i.sys
07:31:16.0834 0x0aa8  KR10I - detected UnsignedFile.Multi.Generic ( 1 )
07:31:17.0193 0x0aa8  Detect skipped due to KSN trusted
07:31:17.0193 0x0aa8  KR10I - ok
07:31:17.0240 0x0aa8  [ A1963360E74931222A67356C8AD48378, E7BEFE90D55CBD434D564F3CEA39B1D708150F6814EF9801479B652859789475 ] KR10N           C:\Windows\system32\drivers\kr10n.sys
07:31:17.0271 0x0aa8  KR10N - detected UnsignedFile.Multi.Generic ( 1 )
07:31:17.0646 0x0aa8  Detect skipped due to KSN trusted
07:31:17.0646 0x0aa8  KR10N - ok
07:31:17.0708 0x0aa8  [ 485E005CD51FF502FB16483EB4B69C17, 8294524C21C18BA5A32B926BD497C67A4ED49FB3654C93D11681C01D30769998 ] KR3NPXP         C:\Windows\system32\drivers\kr3npxp.sys
07:31:17.0770 0x0aa8  KR3NPXP - detected UnsignedFile.Multi.Generic ( 1 )
07:31:18.0192 0x0aa8  Detect skipped due to KSN trusted
07:31:18.0192 0x0aa8  KR3NPXP - ok
07:31:18.0472 0x0aa8  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:31:18.0519 0x0aa8  KSecDD - ok
07:31:18.0628 0x0aa8  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
07:31:18.0738 0x0aa8  KtmRm - ok
07:31:18.0831 0x0aa8  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
07:31:18.0894 0x0aa8  LanmanServer - ok
07:31:18.0972 0x0aa8  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:31:19.0034 0x0aa8  LanmanWorkstation - ok
07:31:19.0237 0x0aa8  [ FF7075265691C741AFD2F756559A10D5, 084A1F3E6717CDD7523E0CB309CFBBB8515607D6BBA4E30054F8A5424F0A08F1 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
07:31:19.0455 0x0aa8  LiveUpdate - ok
07:31:19.0518 0x0aa8  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:31:19.0580 0x0aa8  lltdio - ok
07:31:19.0627 0x0aa8  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
07:31:19.0720 0x0aa8  lltdsvc - ok
07:31:19.0752 0x0aa8  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
07:31:19.0814 0x0aa8  lmhosts - ok
07:31:19.0876 0x0aa8  [ 515FC18CABEE0158A324B08B1C2667CF, E044C731C795EB27E85DDD09F574D7002BC230D6341340078655892CAB3BA2E6 ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
07:31:19.0908 0x0aa8  LPCFilter - ok
07:31:19.0939 0x0aa8  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
07:31:19.0954 0x0aa8  LSI_FC - ok
07:31:19.0986 0x0aa8  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
07:31:20.0001 0x0aa8  LSI_SAS - ok
07:31:20.0032 0x0aa8  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
07:31:20.0048 0x0aa8  LSI_SCSI - ok
07:31:20.0095 0x0aa8  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
07:31:20.0157 0x0aa8  luafv - ok
07:31:20.0204 0x0aa8  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
07:31:20.0251 0x0aa8  Mcx2Svc - ok
07:31:20.0282 0x0aa8  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
07:31:20.0298 0x0aa8  megasas - ok
07:31:20.0344 0x0aa8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
07:31:20.0407 0x0aa8  MMCSS - ok
07:31:20.0469 0x0aa8  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
07:31:20.0532 0x0aa8  Modem - ok
07:31:20.0578 0x0aa8  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
07:31:20.0641 0x0aa8  monitor - ok
07:31:20.0703 0x0aa8  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
07:31:20.0719 0x0aa8  mouclass - ok
07:31:20.0781 0x0aa8  [ A3A6DFF7E9E757DB3DF51A833BC28885, 3285FD0176722B1098ECDA4098FCF55A39829C3A81462097BACB5B558883B027 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
07:31:20.0890 0x0aa8  mouhid - ok
07:31:20.0922 0x0aa8  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
07:31:20.0937 0x0aa8  MountMgr - ok
07:31:21.0046 0x0aa8  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:31:21.0078 0x0aa8  MozillaMaintenance - ok
07:31:21.0093 0x0aa8  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
07:31:21.0124 0x0aa8  mpio - ok
07:31:21.0171 0x0aa8  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:31:21.0202 0x0aa8  mpsdrv - ok
07:31:21.0265 0x0aa8  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:31:21.0312 0x0aa8  MpsSvc - ok
07:31:21.0374 0x0aa8  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
07:31:21.0390 0x0aa8  Mraid35x - ok
07:31:21.0421 0x0aa8  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:31:21.0468 0x0aa8  MRxDAV - ok
07:31:21.0499 0x0aa8  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:31:21.0546 0x0aa8  mrxsmb - ok
07:31:21.0608 0x0aa8  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:31:21.0639 0x0aa8  mrxsmb10 - ok
07:31:21.0655 0x0aa8  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:31:21.0717 0x0aa8  mrxsmb20 - ok
07:31:21.0748 0x0aa8  [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
07:31:21.0764 0x0aa8  msahci - ok
07:31:21.0795 0x0aa8  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
07:31:21.0811 0x0aa8  msdsm - ok
07:31:21.0842 0x0aa8  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
07:31:21.0904 0x0aa8  MSDTC - ok
07:31:21.0951 0x0aa8  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:31:21.0998 0x0aa8  Msfs - ok
07:31:22.0060 0x0aa8  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
07:31:22.0076 0x0aa8  msisadrv - ok
07:31:22.0107 0x0aa8  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
07:31:22.0185 0x0aa8  MSiSCSI - ok
07:31:22.0185 0x0aa8  msiserver - ok
07:31:22.0232 0x0aa8  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
07:31:22.0310 0x0aa8  MSKSSRV - ok
07:31:22.0341 0x0aa8  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:31:22.0419 0x0aa8  MSPCLOCK - ok
07:31:22.0435 0x0aa8  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
07:31:22.0497 0x0aa8  MSPQM - ok
07:31:22.0544 0x0aa8  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
07:31:22.0575 0x0aa8  MsRPC - ok
07:31:22.0622 0x0aa8  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
07:31:22.0638 0x0aa8  mssmbios - ok
07:31:22.0653 0x0aa8  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
07:31:22.0700 0x0aa8  MSTEE - ok
07:31:22.0731 0x0aa8  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
07:31:22.0747 0x0aa8  Mup - ok
07:31:22.0825 0x0aa8  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
07:31:22.0872 0x0aa8  napagent - ok
07:31:22.0965 0x0aa8  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
07:31:23.0012 0x0aa8  NativeWifiP - ok
07:31:23.0106 0x0aa8  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:31:23.0152 0x0aa8  NDIS - ok
07:31:23.0230 0x0aa8  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:31:23.0262 0x0aa8  NdisTapi - ok
07:31:23.0293 0x0aa8  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
07:31:23.0355 0x0aa8  Ndisuio - ok
07:31:23.0402 0x0aa8  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
07:31:23.0449 0x0aa8  NdisWan - ok
07:31:23.0480 0x0aa8  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
07:31:23.0511 0x0aa8  NDProxy - ok
07:31:23.0558 0x0aa8  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
07:31:23.0620 0x0aa8  NetBIOS - ok
07:31:23.0652 0x0aa8  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
07:31:23.0714 0x0aa8  netbt - ok
07:31:23.0730 0x0aa8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
07:31:23.0745 0x0aa8  Netlogon - ok
07:31:23.0808 0x0aa8  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
07:31:23.0870 0x0aa8  Netman - ok
07:31:23.0917 0x0aa8  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
07:31:23.0995 0x0aa8  netprofm - ok
07:31:24.0057 0x0aa8  [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:31:24.0073 0x0aa8  NetTcpPortSharing - ok
07:31:24.0260 0x0aa8  [ A15F219208843A5A210C8CB391384453, E333018B7A841F1E1E6E4A56BA05B4A4FDF46866B3697747ADCF4CA0F43D8A1D ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
07:31:24.0541 0x0aa8  NETw3v32 - ok
07:31:24.0588 0x0aa8  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
07:31:24.0603 0x0aa8  nfrd960 - ok
07:31:24.0666 0x0aa8  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:31:24.0728 0x0aa8  NlaSvc - ok
07:31:24.0790 0x0aa8  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:31:24.0853 0x0aa8  Npfs - ok
07:31:24.0900 0x0aa8  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
07:31:24.0978 0x0aa8  nsi - ok
07:31:24.0993 0x0aa8  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:31:25.0071 0x0aa8  nsiproxy - ok
07:31:25.0243 0x0aa8  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:31:25.0352 0x0aa8  Ntfs - ok
07:31:25.0446 0x0aa8  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
07:31:25.0539 0x0aa8  ntrigdigi - ok
07:31:25.0570 0x0aa8  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
07:31:25.0664 0x0aa8  Null - ok
07:31:25.0695 0x0aa8  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
07:31:25.0726 0x0aa8  nvraid - ok
07:31:25.0742 0x0aa8  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
07:31:25.0758 0x0aa8  nvstor - ok
07:31:25.0789 0x0aa8  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
07:31:25.0820 0x0aa8  nv_agp - ok
07:31:25.0820 0x0aa8  NwlnkFlt - ok
07:31:25.0836 0x0aa8  NwlnkFwd - ok
07:31:25.0882 0x0aa8  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
07:31:25.0945 0x0aa8  ohci1394 - ok
07:31:26.0038 0x0aa8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
07:31:26.0194 0x0aa8  p2pimsvc - ok
07:31:26.0226 0x0aa8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
07:31:26.0304 0x0aa8  p2psvc - ok
07:31:26.0382 0x0aa8  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
07:31:26.0475 0x0aa8  Parport - ok
07:31:26.0538 0x0aa8  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
07:31:26.0569 0x0aa8  partmgr - ok
07:31:26.0600 0x0aa8  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
07:31:26.0662 0x0aa8  Parvdm - ok
07:31:26.0709 0x0aa8  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
07:31:26.0787 0x0aa8  PcaSvc - ok
07:31:26.0834 0x0aa8  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
07:31:26.0865 0x0aa8  pci - ok
07:31:26.0912 0x0aa8  [ 3B1901E401473E03EB8C874271E50C26, 3C7931F419E29FDD0155D8D05D97289430A2852FCB3DBAD1B338FE2241458E72 ] pciide          C:\Windows\system32\drivers\pciide.sys
07:31:26.0928 0x0aa8  pciide - ok
07:31:26.0974 0x0aa8  [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
07:31:26.0990 0x0aa8  pcmcia - ok
07:31:27.0099 0x0aa8  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:31:27.0271 0x0aa8  PEAUTH - ok
07:31:27.0427 0x0aa8  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
07:31:27.0614 0x0aa8  pla - ok
07:31:27.0661 0x0aa8  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:31:27.0708 0x0aa8  PlugPlay - ok
07:31:27.0770 0x0aa8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
07:31:27.0817 0x0aa8  PNRPAutoReg - ok
07:31:27.0864 0x0aa8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
07:31:27.0926 0x0aa8  PNRPsvc - ok
07:31:27.0988 0x0aa8  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
07:31:28.0098 0x0aa8  PolicyAgent - ok
07:31:28.0160 0x0aa8  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:31:28.0222 0x0aa8  PptpMiniport - ok
07:31:28.0269 0x0aa8  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
07:31:28.0363 0x0aa8  Processor - ok
07:31:28.0410 0x0aa8  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
07:31:28.0456 0x0aa8  ProfSvc - ok
07:31:28.0488 0x0aa8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
07:31:28.0503 0x0aa8  ProtectedStorage - ok
07:31:28.0550 0x0aa8  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
07:31:28.0581 0x0aa8  PSched - ok
07:31:28.0706 0x0aa8  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
07:31:28.0800 0x0aa8  ql2300 - ok
07:31:28.0846 0x0aa8  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
07:31:28.0878 0x0aa8  ql40xx - ok
07:31:28.0940 0x0aa8  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
07:31:29.0002 0x0aa8  QWAVE - ok
07:31:29.0018 0x0aa8  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:31:29.0049 0x0aa8  QWAVEdrv - ok
07:31:29.0080 0x0aa8  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:31:29.0143 0x0aa8  RasAcd - ok
07:31:29.0174 0x0aa8  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
07:31:29.0252 0x0aa8  RasAuto - ok
07:31:29.0299 0x0aa8  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
07:31:29.0361 0x0aa8  Rasl2tp - ok
07:31:29.0392 0x0aa8  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
07:31:29.0486 0x0aa8  RasMan - ok
07:31:29.0517 0x0aa8  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:31:29.0564 0x0aa8  RasPppoe - ok
07:31:29.0580 0x0aa8  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
07:31:29.0626 0x0aa8  RasSstp - ok
07:31:29.0704 0x0aa8  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
07:31:29.0767 0x0aa8  rdbss - ok
07:31:29.0798 0x0aa8  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:31:29.0860 0x0aa8  RDPCDD - ok
07:31:29.0907 0x0aa8  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
07:31:30.0001 0x0aa8  rdpdr - ok
07:31:30.0016 0x0aa8  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:31:30.0079 0x0aa8  RDPENCDD - ok
07:31:30.0141 0x0aa8  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
07:31:30.0188 0x0aa8  RDPWD - ok
07:31:30.0266 0x0aa8  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:31:30.0344 0x0aa8  RemoteAccess - ok
07:31:30.0375 0x0aa8  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
07:31:30.0438 0x0aa8  RemoteRegistry - ok
07:31:30.0484 0x0aa8  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
07:31:30.0531 0x0aa8  RpcLocator - ok
07:31:30.0625 0x0aa8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
07:31:30.0672 0x0aa8  RpcSs - ok
07:31:30.0796 0x0aa8  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:31:30.0937 0x0aa8  rspndr - ok
07:31:30.0984 0x0aa8  [ 455F7F7974211EA11B81F0F4E528E258, BB66099D66046F85BFFE6618C0970611CEF9BE4C970B1FDFB9F47BE0A7809780 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
07:31:31.0046 0x0aa8  RTL8169 - ok
07:31:31.0077 0x0aa8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
07:31:31.0093 0x0aa8  SamSs - ok
07:31:31.0140 0x0aa8  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
07:31:31.0155 0x0aa8  sbp2port - ok
07:31:31.0249 0x0aa8  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:31:31.0296 0x0aa8  SCardSvr - ok
07:31:31.0389 0x0aa8  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
07:31:31.0530 0x0aa8  Schedule - ok
07:31:31.0561 0x0aa8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
07:31:31.0608 0x0aa8  SCPolicySvc - ok
07:31:31.0639 0x0aa8  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
07:31:31.0686 0x0aa8  sdbus - ok
07:31:31.0732 0x0aa8  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:31:31.0779 0x0aa8  SDRSVC - ok
07:31:31.0810 0x0aa8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:31:31.0935 0x0aa8  secdrv - ok
07:31:31.0982 0x0aa8  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
07:31:32.0060 0x0aa8  seclogon - ok
07:31:32.0076 0x0aa8  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
07:31:32.0122 0x0aa8  SENS - ok
07:31:32.0154 0x0aa8  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
07:31:32.0247 0x0aa8  Serenum - ok
07:31:32.0263 0x0aa8  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
07:31:32.0356 0x0aa8  Serial - ok
07:31:32.0388 0x0aa8  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
07:31:32.0419 0x0aa8  sermouse - ok
07:31:32.0481 0x0aa8  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
07:31:32.0559 0x0aa8  SessionEnv - ok
07:31:32.0622 0x0aa8  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
07:31:32.0684 0x0aa8  sffdisk - ok
07:31:32.0700 0x0aa8  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
07:31:32.0762 0x0aa8  sffp_mmc - ok
07:31:32.0778 0x0aa8  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
07:31:32.0887 0x0aa8  sffp_sd - ok
07:31:32.0918 0x0aa8  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
07:31:32.0980 0x0aa8  sfloppy - ok
07:31:33.0027 0x0aa8  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
07:31:33.0090 0x0aa8  SharedAccess - ok
07:31:33.0136 0x0aa8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:31:33.0230 0x0aa8  ShellHWDetection - ok
07:31:33.0261 0x0aa8  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
07:31:33.0292 0x0aa8  sisagp - ok
07:31:33.0292 0x0aa8  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
07:31:33.0308 0x0aa8  SiSRaid2 - ok
07:31:33.0339 0x0aa8  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
07:31:33.0355 0x0aa8  SiSRaid4 - ok
07:31:33.0760 0x0aa8  [ B9F101C40A8631B20778B46D1A6F6DAF, BB754078BAFC14FF8843D3465FE7C20477901CE4A3124549F74E01A1DFB799A3 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
07:31:34.0353 0x0aa8  Skype C2C Service - ok
07:31:34.0478 0x0aa8  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
07:31:34.0494 0x0aa8  SkypeUpdate - ok
07:31:34.0743 0x0aa8  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
07:31:35.0118 0x0aa8  slsvc - ok
07:31:35.0196 0x0aa8  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
07:31:35.0242 0x0aa8  SLUINotify - ok
07:31:35.0289 0x0aa8  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
07:31:35.0320 0x0aa8  Smb - ok
07:31:35.0352 0x0aa8  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:31:35.0383 0x0aa8  SNMPTRAP - ok
07:31:35.0414 0x0aa8  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
07:31:35.0430 0x0aa8  spldr - ok
07:31:35.0492 0x0aa8  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
07:31:35.0586 0x0aa8  Spooler - ok
07:31:35.0882 0x0aa8  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
07:31:35.0944 0x0aa8  srv - ok
07:31:36.0007 0x0aa8  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:31:36.0054 0x0aa8  srv2 - ok
07:31:36.0100 0x0aa8  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:31:36.0132 0x0aa8  srvnet - ok
07:31:36.0178 0x0aa8  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
07:31:36.0225 0x0aa8  SSDPSRV - ok
07:31:36.0303 0x0aa8  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
07:31:36.0334 0x0aa8  SstpSvc - ok
07:31:36.0381 0x0aa8  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
07:31:36.0506 0x0aa8  stisvc - ok
07:31:36.0568 0x0aa8  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
07:31:36.0584 0x0aa8  swenum - ok
07:31:36.0615 0x0aa8  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
07:31:36.0693 0x0aa8  swprv - ok
07:31:36.0787 0x0aa8  [ 7330D477B7496CB42BF11EFF2D374C6A, 080AAE6294358A96BE5EE0D16F5631354DF5FB8E313A51C486876739423AC5CF ] Swupdtmr        c:\Toshiba\IVP\swupdate\swupdtmr.exe
07:31:36.0818 0x0aa8  Swupdtmr - detected UnsignedFile.Multi.Generic ( 1 )
07:31:37.0255 0x0aa8  Detect skipped due to KSN trusted
07:31:37.0255 0x0aa8  Swupdtmr - ok
07:31:37.0364 0x0aa8  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
07:31:37.0380 0x0aa8  Symc8xx - ok
07:31:37.0426 0x0aa8  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
07:31:37.0442 0x0aa8  Sym_hi - ok
07:31:37.0458 0x0aa8  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
07:31:37.0473 0x0aa8  Sym_u3 - ok
07:31:37.0567 0x0aa8  [ 2D2C815364A878C7E358D5F549711197, 791E473C1A81EF56E98A1C32CD9787205216118A5638EC120A0001424532A5CD ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
07:31:37.0582 0x0aa8  SynTP - ok
07:31:37.0645 0x0aa8  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
07:31:37.0707 0x0aa8  SysMain - ok
07:31:37.0770 0x0aa8  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:31:37.0832 0x0aa8  TabletInputService - ok
07:31:37.0910 0x0aa8  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
07:31:37.0941 0x0aa8  TapiSrv - ok
07:31:37.0988 0x0aa8  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
07:31:38.0050 0x0aa8  TBS - ok
07:31:38.0160 0x0aa8  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
07:31:38.0238 0x0aa8  Tcpip - ok
07:31:38.0284 0x0aa8  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
07:31:38.0347 0x0aa8  Tcpip6 - ok
07:31:38.0425 0x0aa8  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:31:38.0456 0x0aa8  tcpipreg - ok
07:31:38.0503 0x0aa8  [ 1825BCEB47BF41C5A9F0E44DE82FC27A, 6E5F2654852060A61728686A1877A1EA93645EEED0D2612842D951B4E83750A3 ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
07:31:38.0518 0x0aa8  tdcmdpst - ok
07:31:38.0550 0x0aa8  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:31:38.0596 0x0aa8  TDPIPE - ok
07:31:38.0628 0x0aa8  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
07:31:38.0674 0x0aa8  TDTCP - ok
07:31:38.0721 0x0aa8  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
07:31:38.0768 0x0aa8  tdx - ok
07:31:38.0799 0x0aa8  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
07:31:38.0815 0x0aa8  TermDD - ok
07:31:38.0862 0x0aa8  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
07:31:38.0908 0x0aa8  TermService - ok
07:31:38.0955 0x0aa8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
07:31:38.0986 0x0aa8  Themes - ok
07:31:39.0018 0x0aa8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
07:31:39.0049 0x0aa8  THREADORDER - ok
07:31:39.0111 0x0aa8  [ F779BA4CD37963AB4600C9871B7752A3, 57CDADC5F089D03A800EF52F02C0B2F77B0AA9EFDF3CFD837452D699404A058E ] tifm21          C:\Windows\system32\drivers\tifm21.sys
07:31:39.0158 0x0aa8  tifm21 - ok
07:31:39.0205 0x0aa8  [ D540858E65BFA6FDED41AD2495ECE344, DB85A860F4C07D1370F34AA7F39FAE5DF7E47C1BE65B4D39954FC37CA703A199 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
07:31:39.0252 0x0aa8  TODDSrv - detected UnsignedFile.Multi.Generic ( 1 )
07:31:39.0657 0x0aa8  Detect skipped due to KSN trusted
07:31:39.0657 0x0aa8  TODDSrv - ok
07:31:39.0813 0x0aa8  [ AF41337C08D1C240AF14BA4CAB02BF02, C95FB998440582A62B0DACDFEB81D85F2D9972C705CBBC53BD6C50D5D208397F ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
07:31:39.0844 0x0aa8  TosCoSrv - ok
07:31:39.0922 0x0aa8  [ 76148C3159718B701252F87B067904A6, 90DDCF15A9A447D00213CAFF9FEF24720703EB5398388126DA8F58AFE7DF09BE ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
07:31:39.0985 0x0aa8  TOSHIBA Bluetooth Service - detected UnsignedFile.Multi.Generic ( 1 )
07:31:40.0422 0x0aa8  Detect skipped due to KSN trusted
07:31:40.0422 0x0aa8  TOSHIBA Bluetooth Service - ok
07:31:40.0484 0x0aa8  [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2, 52D7505291268878712B4E6AE9B3E440D8D6125E2D61AA3F6719300B931385E0 ] Tosrfcom        C:\Windows\system32\drivers\Tosrfcom.sys
07:31:40.0531 0x0aa8  Tosrfcom - ok
07:31:40.0609 0x0aa8  [ 5C4103544612E5011EF46301B93D1AA6, B26BBDE22AB60A7B692A8D6F11F40343146D0D3FD0099E3E0DB8ECCF87ECD2B3 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
07:31:40.0640 0x0aa8  tosrfec - ok
07:31:40.0734 0x0aa8  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
07:31:40.0827 0x0aa8  TrkWks - ok
07:31:40.0905 0x0aa8  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:31:40.0936 0x0aa8  TrustedInstaller - ok
07:31:40.0999 0x0aa8  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:31:41.0046 0x0aa8  tssecsrv - ok
07:31:41.0108 0x0aa8  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
07:31:41.0139 0x0aa8  tunmp - ok
07:31:41.0202 0x0aa8  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:31:41.0233 0x0aa8  tunnel - ok
07:31:41.0311 0x0aa8  [ 521C5F39829875ADF5466DD94C6282C7, E6E420566C29ABAF4B49E50935B12552FF835A9808930BFDB6F2B77F246F9AFC ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
07:31:41.0358 0x0aa8  TVALZ - ok
07:31:41.0436 0x0aa8  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
07:31:41.0451 0x0aa8  uagp35 - ok
07:31:41.0514 0x0aa8  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:31:41.0545 0x0aa8  udfs - ok
07:31:41.0592 0x0aa8  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
07:31:41.0670 0x0aa8  UI0Detect - ok
07:31:41.0701 0x0aa8  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
07:31:41.0716 0x0aa8  uliagpkx - ok
07:31:41.0748 0x0aa8  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
07:31:41.0779 0x0aa8  uliahci - ok
07:31:41.0810 0x0aa8  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
07:31:41.0826 0x0aa8  UlSata - ok
07:31:41.0872 0x0aa8  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
07:31:41.0904 0x0aa8  ulsata2 - ok
07:31:41.0935 0x0aa8  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
07:31:41.0997 0x0aa8  umbus - ok
07:31:42.0200 0x0aa8  [ 88F659B04497A6D34E2D180A52F15829, A941C89D660ACB3480ED26269F9F2634B72088C00283CE400FB04752EE2D8DA8 ] UpgradeManager  C:\Program Files\GLDS\UpgradeManager\UpgradeManagerSvc.exe
07:31:42.0434 0x0aa8  UpgradeManager - detected UnsignedFile.Multi.Generic ( 1 )
07:31:42.0762 0x0aa8  UpgradeManager ( UnsignedFile.Multi.Generic ) - warning
07:31:43.0261 0x0aa8  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
07:31:43.0339 0x0aa8  upnphost - ok
07:31:43.0417 0x0aa8  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
07:31:43.0464 0x0aa8  usbaudio - ok
07:31:43.0526 0x0aa8  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
07:31:43.0557 0x0aa8  usbccgp - ok
07:31:43.0604 0x0aa8  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
07:31:43.0698 0x0aa8  usbcir - ok
07:31:43.0791 0x0aa8  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
07:31:43.0838 0x0aa8  usbehci - ok
07:31:43.0900 0x0aa8  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:31:43.0947 0x0aa8  usbhub - ok
07:31:43.0978 0x0aa8  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
07:31:44.0088 0x0aa8  usbohci - ok
07:31:44.0134 0x0aa8  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
07:31:44.0166 0x0aa8  usbprint - ok
07:31:44.0212 0x0aa8  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
07:31:44.0290 0x0aa8  usbscan - ok
07:31:44.0368 0x0aa8  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:31:44.0431 0x0aa8  USBSTOR - ok
07:31:44.0478 0x0aa8  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
07:31:44.0524 0x0aa8  usbuhci - ok
07:31:44.0571 0x0aa8  [ 2069A21A5F5A6497CD36460F734276DB, FB2F1E74BDF625086CC5ECC24C72CF872EB7D39D863A7C22896805C04F805E9A ] usbws320        C:\Windows\system32\DRIVERS\usbws320.sys
07:31:44.0602 0x0aa8  usbws320 - ok
07:31:44.0618 0x0aa8  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
07:31:44.0665 0x0aa8  UxSms - ok
07:31:44.0727 0x0aa8  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
07:31:44.0805 0x0aa8  vds - ok
07:31:44.0883 0x0aa8  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
07:31:44.0946 0x0aa8  vga - ok
07:31:44.0992 0x0aa8  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
07:31:45.0039 0x0aa8  VgaSave - ok
07:31:45.0070 0x0aa8  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
07:31:45.0086 0x0aa8  viaagp - ok
07:31:45.0117 0x0aa8  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
07:31:45.0180 0x0aa8  ViaC7 - ok
07:31:45.0211 0x0aa8  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
07:31:45.0242 0x0aa8  viaide - ok
07:31:45.0242 0x0aa8  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
07:31:45.0258 0x0aa8  volmgr - ok
07:31:45.0320 0x0aa8  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
07:31:45.0351 0x0aa8  volmgrx - ok
07:31:45.0429 0x0aa8  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
07:31:45.0445 0x0aa8  volsnap - ok
07:31:45.0492 0x0aa8  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
07:31:45.0507 0x0aa8  vsmraid - ok
07:31:45.0616 0x0aa8  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
07:31:45.0726 0x0aa8  VSS - ok
07:31:45.0819 0x0aa8  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
07:31:45.0897 0x0aa8  W32Time - ok
07:31:45.0960 0x0aa8  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
07:31:46.0038 0x0aa8  WacomPen - ok
07:31:46.0084 0x0aa8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
07:31:46.0116 0x0aa8  Wanarp - ok
07:31:46.0116 0x0aa8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:31:46.0147 0x0aa8  Wanarpv6 - ok
07:31:46.0225 0x0aa8  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
07:31:46.0272 0x0aa8  wcncsvc - ok
07:31:46.0303 0x0aa8  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:31:46.0365 0x0aa8  WcsPlugInService - ok
07:31:46.0428 0x0aa8  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
07:31:46.0443 0x0aa8  Wd - ok
07:31:46.0521 0x0aa8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:31:46.0568 0x0aa8  Wdf01000 - ok
07:31:46.0615 0x0aa8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
07:31:46.0708 0x0aa8  WdiServiceHost - ok
07:31:46.0724 0x0aa8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
07:31:46.0771 0x0aa8  WdiSystemHost - ok
07:31:46.0818 0x0aa8  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
07:31:46.0864 0x0aa8  WebClient - ok
07:31:46.0911 0x0aa8  [ 905214925A88311FCE52F66153DE7610, 5D18C6E835A2EA4108C93D9E6AA976142119860C8FC8ECB2DFA961A241B6E61C ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:31:46.0974 0x0aa8  Wecsvc - ok
07:31:47.0005 0x0aa8  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
07:31:47.0067 0x0aa8  wercplsupport - ok
07:31:47.0114 0x0aa8  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
07:31:47.0161 0x0aa8  WerSvc - ok
07:31:47.0239 0x0aa8  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
07:31:47.0270 0x0aa8  WinDefend - ok
07:31:47.0286 0x0aa8  WinHttpAutoProxySvc - ok
07:31:47.0364 0x0aa8  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
07:31:47.0395 0x0aa8  Winmgmt - ok
07:31:47.0457 0x0aa8  [ 01874D4689C212460FBABF0ECD7CB7F7, 8FC46BAD704A1E057DC4A8DC7374AAB93A96CC4A46E06FF9C2E06A6D62820469 ] WinRM           C:\Windows\system32\WsmSvc.dll
07:31:47.0551 0x0aa8  WinRM - ok
07:31:47.0644 0x0aa8  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
07:31:47.0754 0x0aa8  Wlansvc - ok
07:31:47.0863 0x0aa8  [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
07:31:47.0925 0x0aa8  WmiAcpi - ok
07:31:47.0972 0x0aa8  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:31:48.0034 0x0aa8  wmiApSrv - ok
07:31:48.0159 0x0aa8  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
07:31:48.0284 0x0aa8  WMPNetworkSvc - ok
07:31:48.0346 0x0aa8  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:31:48.0378 0x0aa8  WPCSvc - ok
07:31:48.0424 0x0aa8  [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:31:48.0471 0x0aa8  WPDBusEnum - ok
07:31:48.0502 0x0aa8  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
07:31:48.0549 0x0aa8  ws2ifsl - ok
07:31:48.0580 0x0aa8  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
07:31:48.0596 0x0aa8  wscsvc - ok
07:31:48.0612 0x0aa8  WSearch - ok
07:31:48.0768 0x0aa8  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
07:31:48.0892 0x0aa8  wuauserv - ok
07:31:49.0002 0x0aa8  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:31:49.0064 0x0aa8  WUDFRd - ok
07:31:49.0095 0x0aa8  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
07:31:49.0142 0x0aa8  wudfsvc - ok
07:31:49.0158 0x0aa8  ================ Scan global ===============================
07:31:49.0204 0x0aa8  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
07:31:49.0282 0x0aa8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
07:31:49.0314 0x0aa8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
07:31:49.0392 0x0aa8  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
07:31:49.0407 0x0aa8  [ Global ] - ok
07:31:49.0407 0x0aa8  ================ Scan MBR ==================================
07:31:49.0423 0x0aa8  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
07:31:50.0094 0x0aa8  \Device\Harddisk0\DR0 - ok
07:31:50.0094 0x0aa8  ================ Scan VBR ==================================
07:31:50.0094 0x0aa8  [ BE600F1B8B0EB7EB567B49A730241B99 ] \Device\Harddisk0\DR0\Partition1
07:31:50.0140 0x0aa8  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
07:31:50.0140 0x0aa8  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
07:31:50.0374 0x0aa8  ================ Scan generic autorun ======================
07:31:50.0437 0x0aa8  [ 93CB29692E746BAC5C6764E83348DADA, 04DEB59198038F518F3DE1DCA321FD3D95A14A6F4CCEC1E07F111991563323AB ] C:\Windows\system32\igfxtray.exe
07:31:50.0499 0x0aa8  IgfxTray - ok
07:31:50.0530 0x0aa8  [ 8987E5C9AF94AF94258E747103511C5F, 960A039DC0561627548540EE04136AAAEA81329918C8F8850413C12AFA195CF5 ] C:\Windows\system32\hkcmd.exe
07:31:50.0546 0x0aa8  HotKeysCmds - ok
07:31:50.0562 0x0aa8  [ D395D12815EAA1EAF50BA2B4F252959F, 7D8894FF1497BFB7515DCF704CB4D8C66EC1C542EF9E4371CB0F01446DEF4612 ] C:\Windows\system32\igfxpers.exe
07:31:50.0608 0x0aa8  Persistence - ok
07:31:50.0842 0x0aa8  [ F98281EF23616F751FABE97A6EC5DBE6, E5F12D24BE1D11519DFDF3C99172641C0E141313A4FED527E0CEE2BBE2651D01 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
07:31:51.0030 0x0aa8  SynTPEnh - ok
07:31:51.0139 0x0aa8  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
07:31:51.0232 0x0aa8  Windows Defender - ok
07:31:52.0683 0x0aa8  [ A503A47A5E7EA8024379A8CC6059B74A, 8DEEC50E21924D21DD6383FA7FB3714ECA5AD45C576E0FF0431EE0DB25194620 ] C:\Windows\RtHDVCpl.exe
07:31:53.0120 0x0aa8  RtHDVCpl - ok
07:31:53.0338 0x0aa8  [ 7DC4E93F9BE692E29B1E1D27B6A389DC, 951D34EB7DEDBE33807DAB3EAF477364C0764F0C3D6A7309732A42509A26B031 ] C:\Program Files\ltmoh\Ltmoh.exe
07:31:53.0448 0x0aa8  LtMoh - detected UnsignedFile.Multi.Generic ( 1 )
07:31:53.0791 0x0aa8  Detect skipped due to KSN trusted
07:31:53.0791 0x0aa8  LtMoh - ok
07:31:53.0962 0x0aa8  [ 424C1ADB34F9F1B2BC947D8BF0D5FBE3, 5E462434A693A831910E3D5D4D8B939C4441E62735EC4CB2039DEAED5EC363D9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE
07:31:54.0009 0x0aa8  TPwrMain - ok
07:31:54.0103 0x0aa8  [ 15058804D8A48C67C007DD1D797CC72A, 6E5DBE00B526DE76A32B01618D8E853EC93221B91C62FB19C611067D897EE90B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
07:31:54.0118 0x0aa8  HSON - ok
07:31:54.0165 0x0aa8  [ D1093014C17EFB8E5D84F78297F9699B, 41F6ABDF33CCAFF8E17572928F76B2A5476500226BA6E62E3D3CA1BC29126B89 ] C:\Program Files\Toshiba\SmoothView\SmoothView.exe
07:31:54.0212 0x0aa8  SmoothView - ok
07:31:54.0290 0x0aa8  [ 842691D383157CDF5D3D81E06BC1FC71, 3E43E530C5D8FF93216E61F923AEC6CA7D0370F071DE8C055B9CFE4FE189EA7A ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
07:31:54.0337 0x0aa8  00TCrdMain - ok
07:31:54.0337 0x0aa8  NDSTray.exe - ok
07:31:54.0415 0x0aa8  [ 910B7CFD6E23D6E0A7370525B5AE5B7A, 9087A771A2BE22A95FB4BD9845B67D87F7FBC39F3427734FFCCD5648E67F9A34 ] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
07:31:54.0524 0x0aa8  HWSetup - detected UnsignedFile.Multi.Generic ( 1 )
07:31:54.0961 0x0aa8  Detect skipped due to KSN trusted
07:31:54.0961 0x0aa8  HWSetup - ok
07:31:55.0039 0x0aa8  [ 104B2D030A592D4B2FC87D49B3ED62D6, 1BE247A89E21D5D4CEE91690AE4B86D50B6D9F5572C6CB5F1224EED5B91049EC ] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
07:31:55.0101 0x0aa8  SVPWUTIL - detected UnsignedFile.Multi.Generic ( 1 )
07:31:55.0522 0x0aa8  Detect skipped due to KSN trusted
07:31:55.0522 0x0aa8  SVPWUTIL - ok
07:31:55.0554 0x0aa8  [ AFD400AEBCAB252C99E60991FF00D9D2, E0BC1528A92E2484C220DDA55582E96BC088DFEEFFE360C169E4FC2C85F1519C ] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
07:31:55.0569 0x0aa8  KeNotify - ok
07:31:55.0616 0x0aa8  [ FF0727AB2E7B019026D9034F643752B0, 7969B601C55BC848BF341448AB9329DB40E3B694434030EEADFA7BE2D061E90B ] C:\TOSHIBA\IVP\ISM\pinger.exe
07:31:55.0647 0x0aa8  PINGER - detected UnsignedFile.Multi.Generic ( 1 )
07:31:56.0053 0x0aa8  Detect skipped due to KSN trusted
07:31:56.0053 0x0aa8  PINGER - ok
07:31:56.0271 0x0aa8  [ 2FD9412F2790BC43E5C545D575DBC4A5, 8F0BE6A350408C5099E577CCC4DDCD4B9B3CDBBDC916123D0D136A768C3319B6 ] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
07:31:56.0490 0x0aa8  Google Desktop Search - detected UnsignedFile.Multi.Generic ( 1 )
07:32:06.0505 0x0aa8  Google Desktop Search ( UnsignedFile.Multi.Generic ) - warning
07:32:06.0505 0x0aa8  Force sending object to P2P due to detect: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
07:32:07.0987 0x0aa8  Object send P2P result: true
07:32:08.0330 0x0aa8  [ ED7A6D40B20DC34BE06F4AE196AE7D50, 6BE8E459AB2957B443F03419B5A765B61DEB946F1056CEB9C43FB26EB800A835 ] C:\Program Files\QuickTime\QTTask.exe
07:32:08.0392 0x0aa8  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
07:32:08.0782 0x0aa8  Detect skipped due to KSN trusted
07:32:08.0782 0x0aa8  QuickTime Task - ok
07:32:09.0079 0x0aa8  [ 3C6C546F303C1B956C6F5C436C97CB8F, 60587AC1828410C819DD6D7022B9FE954E58D55EFC7D84DD5FB29854DCF04FA6 ] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
07:32:09.0297 0x0aa8  avast5 - ok
07:32:09.0562 0x0aa8  [ C5FCC0B761069FABD59E41B7C3280DDF, 2A43F0C1A753CFF4F2FC2B3AFE9F6D4B549C6ABC4623D8D8BCAADDDAB8557AA6 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
07:32:09.0672 0x0aa8  Malwarebytes Anti-Malware (reboot) - ok
07:32:09.0828 0x0aa8  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:32:09.0984 0x0aa8  Sidebar - ok
07:32:09.0999 0x0aa8  WindowsWelcomeCenter - ok
07:32:10.0062 0x0aa8  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:32:10.0171 0x0aa8  Sidebar - ok
07:32:10.0186 0x0aa8  WindowsWelcomeCenter - ok
07:32:10.0202 0x0aa8  TOSCDSPD - ok
07:32:10.0342 0x0aa8  [ BC0DF782D8C5C446C2AC7D16D2F3312C, 2702873FDC1B8DEA46F3B6B98BC93ED0EA199FA30F0AA22C0E50D8B6B5381FEE ] C:\Users\Dennis\AppData\Roaming\mjusbsp\cdloader2.exe
07:32:10.0358 0x0aa8  cdloader - ok
07:32:10.0436 0x0aa8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe
07:32:10.0452 0x0aa8  Google Update - ok
07:32:10.0545 0x0aa8  [ F29FB319665A76CAD5C0370D814BEB66, C0E3C6A1A1ABC03EB0EB340F2B866A8080728AC900DEC0E2DDBAE044339E35BF ] C:\Program Files\Digicel Broadband CM\cm\UIExec.exe
07:32:10.0576 0x0aa8  UIExec - detected UnsignedFile.Multi.Generic ( 1 )
07:32:10.0951 0x0aa8  Detect skipped due to KSN trusted
07:32:10.0951 0x0aa8  UIExec - ok
07:32:11.0029 0x0aa8  [ 1EF5F5C22258C60C896B092066C2E628, B0B367266120440E4CBD3A06CC3DCD45F703DCB71FD2BD0EDC1B8E8D6012A9C8 ] C:\AdwCleaner\AdwCleaner[S0].txt
07:32:11.0044 0x0aa8  Report - detected UnsignedFile.Multi.Generic ( 1 )
07:32:11.0528 0x0aa8  Report ( UnsignedFile.Multi.Generic ) - warning
07:32:11.0778 0x0aa8  Waiting for KSN requests completion. In queue: 6
07:32:12.0994 0x0aa8  AV detected via SS2: avast! Antivirus, C:\Program Files\Alwil Software\Avast5\VisthAux.exe ( 5.0.121.0 ), 0x40000 ( disabled : updated )
07:32:13.0010 0x0aa8  Win FW state via NFP2: enabled
07:32:13.0275 0x0aa8  ============================================================
07:32:13.0275 0x0aa8  Scan finished
07:32:13.0275 0x0aa8  ============================================================
07:32:13.0291 0x0fac  Detected object count: 4
07:32:13.0291 0x0fac  Actual detected object count: 4
07:32:51.0277 0x0fac  UpgradeManager ( UnsignedFile.Multi.Generic ) - skipped by user
07:32:51.0277 0x0fac  UpgradeManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:32:51.0386 0x0fac  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
07:32:51.0402 0x0fac  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
07:32:51.0417 0x0fac  \Device\Harddisk0\DR0\Partition1 - ok
07:32:51.0417 0x0fac  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
07:32:51.0417 0x0fac  Google Desktop Search ( UnsignedFile.Multi.Generic ) - skipped by user
07:32:51.0417 0x0fac  Google Desktop Search ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:32:51.0433 0x0fac  Report ( UnsignedFile.Multi.Generic ) - skipped by user
07:32:51.0433 0x0fac  Report ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:32:52.0993 0x0fac  KLMD registered as C:\Windows\system32\drivers\10385479.sys
 



#25 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 30 September 2014 - 06:34 AM

Good job. Have you rerun TDSSKiller, and confirmed the detection of Cidox is gone? 

 

Does Explorer still crash? 


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

    Advertisements

Register to Remove


#26 elmkd

elmkd

    Authentic Member

  • Authentic Member
  • PipPip
  • 138 posts

Posted 30 September 2014 - 06:45 AM

Good Day:

You are a STAR!!! I re-ran TDSSKiller and verified that Rootkit.Boot.Cidox.b has been removed. Also explorer no longer crashes. The icons and Start Button are back. This is an excellent result, it really is. Thank you for your help. I await your further instructions.

Regards,

Elmkd



#27 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 30 September 2014 - 07:02 AM

Great!

Lets check for malware remnants. 

 

STEP 1

GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Please download Malwarebytes Anti-Malware 2.0 to your Desktop if you haven't already done so.
  • Double-click mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme. 
  • Launch the programme and click Update.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
     

STEP 2
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Hide advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something unique such as MyEsetScan.
  • Push the Back button.
  • Place a checkmark next to xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • MBAM Scan log
  • ESET Online Scan log

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#28 elmkd

elmkd

    Authentic Member

  • Authentic Member
  • PipPip
  • 138 posts

Posted 30 September 2014 - 12:20 PM

Here are the logs:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/30/2014
Scan Time: 8:27:13 AM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.30.04
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Dennis

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 292267
Time Elapsed: 14 min, 42 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.MusicToolBar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\bandoomusictoolbar, Quarantined, [ff866f80275489ada73984bf709350b0],
Trojan.Banker, HKU\S-1-5-21-2432310436-2327922484-3749071562-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\dark, Quarantined, [12732dc2e6950e28f530c8e8ac579d63],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\bandoomusictoolbar, Quarantined, [1273c7282358a690faf57e7e8f73db25],

Files: 9
PUP.Optional.Searchqu.A, C:\Users\Dennis\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}, Quarantined, [067f49a66219ec4a5686f366a36151af],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\apnuserid.dat, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\appid.dat, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\geodata.xml, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\guid.dat, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\setupCfg.xml, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\sysid.dat, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Users\systemprofile\AppData\LocalLow\bandoomusictoolbar\trackid.dat, Quarantined, [ec99b936f2897eb89b54c23a4cb6b34d],
PUP.Optional.Bandoo.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\bandoomusictoolbar\dtx.ini, Quarantined, [1273c7282358a690faf57e7e8f73db25],

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

C:\FRST\Quarantine\C\Program Files\Bandoo\Bandoo.exe    a variant of Win32/Adware.Bandoo.AC application
C:\FRST\Quarantine\C\Program Files\Bandoo\BandooUI.exe    a variant of Win32/Adware.Bandoo.AB application
C:\FRST\Quarantine\C\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsbandmltbpi.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\apcrtldr.dll    Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\Datamngr.dll    Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe    Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\DatamngrUI.exe    Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\del_DM_DLL_nsxBC45.dll    Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\del_DM_LL_nsxBC45.dll    Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\del_mg_nsxBC45.dll    Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\Helper.dll    a variant of Win32/Toolbar.SearchSuite.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\IEBHO.dll    Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\Internet Explorer Settings.exe    Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\mgrldr.dll    Win32/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~1\IE\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~1\IE\searchresultsDx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~1\IE\searchresultstb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~2\IE\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~2\IE\searchresultsDx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~2\IE\searchresultstb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~3\IE\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~3\IE\searchresultsDx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~3\IE\searchresultstb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~4\IE\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~4\IE\searchresultsDx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~4\IE\searchresultstb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~5\IE\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~5\IE\searchresultsDx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRECE3~5\IE\searchresultstb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~1\IE\searchresultstb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~2\IE\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~2\IE\searchresultstb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~3\IE\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~3\IE\searchresultsDx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~3\IE\searchresultstb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~4\IE\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~4\IE\searchresultsDx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Music Toolbar\Datamngr\SRTOOL~4\IE\searchresultstb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll    a variant of Win32/Toolbar.SearchSuite potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe    a variant of Win32/Toolbar.SearchSuite potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll    a variant of Win32/Toolbar.SearchSuite potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe    a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\Wincert\win32cert.dll    Win32/Toolbar.SearchSuite.M potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\Wincert\win32prop.dll    Win32/Toolbar.SearchSuite.M potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\Wincert\win64cert.dll    Win64/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\Wincert\win64prop.dll    Win64/Toolbar.SearchSuite.B potentially unwanted application
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\cwncmuup.exe.xBAD    a variant of Win32/Kryptik.CJPS trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\jmkaplvm.exe.xBAD    Win32/TrojanDownloader.Zortob.H trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\xgdegqqp.exe.xBAD    a variant of Win32/Kryptik.CJPS trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\Temp\AskSLib.dll.xBAD    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\Temp\BandooV6.exe.xBAD    multiple threats
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\Temp\nsc91F8.tmp.exe.xBAD    multiple threats
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\Temp\SetupDataMngr_Searchqu.exe.xBAD    a variant of Win32/Toolbar.SearchSuite potentially unwanted application
C:\FRST\Quarantine\C\Users\Dennis\AppData\Local\Temp\UpdateFlashPlayer_eadea7d5.exe.xBAD    a variant of Win32/Injector.BKNG trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Roaming\Imokyhry\ilutk.exe.vir    Win32/Spy.Zbot.ABA trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Roaming\Ydbudaog\meutewb.exe.vir    Win32/Spy.Zbot.ABA trojan
C:\FRST\Quarantine\C\Users\Dennis\AppData\Roaming\Zyudaki\ewubpu.exe.vir    Win32/Spy.Zbot.ABA trojan
 



#29 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 30 September 2014 - 12:28 PM

Looks good.
All of those ESET detections are files we've already removed, and pose no threat to your computer.

Please provide an update. Are there any outstanding issues?

If not, we can proceed by updating your vulnerable software and removing the tools we've used.

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#30 elmkd

elmkd

    Authentic Member

  • Authentic Member
  • PipPip
  • 138 posts

Posted 30 September 2014 - 12:31 PM

I can confirm that there are no further issues. This is a great result. Once again, thank you.

Regards,

Elmkd


Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users