1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

In Progress computer very slow and r.search

Discussion in 'Virus & Other Malware Removal' started by sr300zx, May 13, 2017.

Advertisement
  1. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    I'm having trouble with fixlist.txt
     
  2. capnkrunch

    capnkrunch Malware Specialist

    Joined:
    Nov 28, 2015
    Messages:
    387
    Hello sr300zx :)

    Please try this:

    Step one...

    FRST Fix
    • You should still have FRST64.exe in your Downloads. If not please download it HERE.
    • Right click on FRST64.exe and select Run as administrator.
    • Press CTRL + Y (the Control and Y keys at the same time). A blank file named fixlist.txt will open.
    • Copy and paste the following into the it (do not include the word Code:).
      Code:
      CreateRestorePoint:
      HKLM\...\Policies\Explorer: [HideSCAHealth] 1
      HKU\S-1-5-21-2961242490-1984678187-2713381144-1001\...\MountPoints2: {9d07cecd-458f-11e1-b637-806e6f6e6963} - E:\setup.exe
      GroupPolicy\User: Restriction <======= ATTENTION
      SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll => No File
      CHR Extension: (Tab) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdfjhiclilbjdpeejgcgebmmihkkofji [2016-08-24]
      CHR HKU\S-1-5-21-2961242490-1984678187-2713381144-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gdfjhiclilbjdpeejgcgebmmihkkofji] - hxxps://clients2.google.com/service/update2/crx
      CHR HKU\S-1-5-21-2961242490-1984678187-2713381144-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [joefoganpblmedgjeigepgjfikhhdnnj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gdfjhiclilbjdpeejgcgebmmihkkofji] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [joefoganpblmedgjeigepgjfikhhdnnj] - hxxps://clients2.google.com/service/update2/crx
      R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
      R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
      R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2970424 2015-06-29] (AVG Technologies)
      R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
      2017-05-13 01:46 - 2017-05-13 01:46 - 00001810 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
      2017-05-13 01:46 - 2017-05-13 01:46 - 00000506 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e6bdbe66-d166-478a-97bf-702b01e383dc.job
      2017-05-13 01:46 - 2017-05-13 01:46 - 00000506 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9edc9799-0be9-42a6-a630-0b1e00ace663.job
      2017-05-13 01:46 - 2017-05-13 01:46 - 00000000 ____D C:\Users\kim\AppData\Roaming\SUPERAntiSpyware.com
      2017-05-13 01:46 - 2017-05-13 01:46 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
      2017-05-13 01:46 - 2017-05-13 01:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
      2017-05-13 01:46 - 2017-05-13 01:46 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
      2016-06-21 21:27 - 2016-08-22 22:40 - 1134592 _____ () C:\ProgramData\TrezaaSetupx30044.msi
      Task: {125F7BE1-9569-4E67-9DA8-11532C2BC25F} - \FastFix_Start -> No File <==== ATTENTION
      Task: {274F6774-0902-437D-9E8C-9AD9518F3206} - \Quick PC Booster64 startups -> No File <==== ATTENTION
      Task: {274F6774-0902-437D-9E8C-9AD9518F3206} - \Quick PC Booster64 startups -> No File <==== ATTENTION
      Task: {46583032-9DF6-44E6-8015-114D25A3AECC} - \Quick PC Booster Idle -> No File <==== ATTENTION
      Task: {C65C0909-5300-4090-A127-F5678BA2A59A} - System32\Tasks\{BBC1BDC8-1647-4988-ACA7-35420BB30737} => pcalua.exe -a "C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\GUninstaller.exe" -c -uprtc -key "claro"
      Task: {DAE25BE4-E23E-46F9-B5E7-659160068751} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-06-29] (AVG Technologies)
      Task: {E3A31EB5-D6A6-441B-88CC-6706D6FBF250} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
      Task: {F612B722-1803-4590-8AE2-3D9E8B7E9064} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
      Task: {FF4BA70B-4862-4E28-B195-6B07F4F7C36A} - \FastFix_Popup -> No File <==== ATTENTION
      Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9edc9799-0be9-42a6-a630-0b1e00ace663.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e6bdbe66-d166-478a-97bf-702b01e383dc.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      
      C:\Program Files\Java
      C:\Program Files (x86)\Java
      C:\Program Files (x86)\AVG SafeGuard toolbar
      C:\Program Files\Lavasoft\Ad-Aware Antivirus
      C:\Program Files (x86)\AVG
      C:\Program Files (x86)\Spybot - Search & Destroy
      
      Folder: C:\Users\Public\Documents\Guid
      Hosts:
      EmptyTemp:
      CMD: ipconfig /flushdns
    • Press the Fix button one time only and wait.
    • When FRST finishes you will be prompted to reboot your computer. Click OK.
    • Your computer should now restart. On reboot navigate to your Downloads folder where you should find Fixlog.txt. Copy and paste the contents in your reply.
    Please also run the following scans:

    Step two...

    FRST - Search Files
    • You should still have FRST64.exe in your Downloads folder. If not please download it HERE.
    • Right click FRST64.exe and select Run as administrator.
    • Copy and paste the following into the Search box:
    • Click Search Files. The scan can take 10 minutes or more to complete.
    • You will get a popup telling you when the search has completed. Click OK.
    • This will open a file Search.txt. Please copy and paste the contents in your reply.
      Search.txt can also be found in the same folder FRST was run from.
    NOTE: You must post this log before doing the next step. The FRST registry search with overwrite the Search.txt file. DO NOT proceed until you have posted the contents of Search.txt here.

    Step three...

    FRST - Search Registry
    • You should still have FRST64.exe in your Downloads folder. If not please download it HERE.
    • Right click FRST64.exe and select Run as administrator.
    • Copy and paste the following into the Search box:
    • Click Search Registry. The scan can take 10 minutes or more to complete.
    • You will get a popup telling you when the search has completed. Click OK.
    • This will open a file Search.txt. Please copy and paste the contents in your reply.
      Search.txt can also be found in the same folder FRST was run from.

    Please post each log separately
    to prevent it being cut off by the forum post size limiter.
    Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

    In your next reply please include:
    • Did you have any problems with the instructions?
    • Fixlog.txt
    • Search.txt - file search
    • Search.txt - registry search
    • Are there any changes in computer behavior?
     
  3. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    Fix result of Farbar Recovery Scan Tool (x64) Version: 20-05-2017
    Ran by kim (20-05-2017 13:27:53) Run:1
    Running from C:\Users\kim\Downloads
    Loaded Profiles: kim (Available Profiles: kim)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    CreateRestorePoint:
    HKLM\...\Policies\Explorer: [HideSCAHealth] 1
    HKU\S-1-5-21-2961242490-1984678187-2713381144-1001\...\MountPoints2: {9d07cecd-458f-11e1-b637-806e6f6e6963} - E:\setup.exe
    GroupPolicy\User: Restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll => No File
    CHR Extension: (Tab) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdfjhiclilbjdpeejgcgebmmihkkofji [2016-08-24]
    CHR HKU\S-1-5-21-2961242490-1984678187-2713381144-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gdfjhiclilbjdpeejgcgebmmihkkofji] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2961242490-1984678187-2713381144-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [joefoganpblmedgjeigepgjfikhhdnnj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gdfjhiclilbjdpeejgcgebmmihkkofji] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [joefoganpblmedgjeigepgjfikhhdnnj] - hxxps://clients2.google.com/service/update2/crx
    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
    R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2970424 2015-06-29] (AVG Technologies)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
    2017-05-13 01:46 - 2017-05-13 01:46 - 00001810 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2017-05-13 01:46 - 2017-05-13 01:46 - 00000506 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e6bdbe66-d166-478a-97bf-702b01e383dc.job
    2017-05-13 01:46 - 2017-05-13 01:46 - 00000506 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9edc9799-0be9-42a6-a630-0b1e00ace663.job
    2017-05-13 01:46 - 2017-05-13 01:46 - 00000000 ____D C:\Users\kim\AppData\Roaming\SUPERAntiSpyware.com
    2017-05-13 01:46 - 2017-05-13 01:46 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2017-05-13 01:46 - 2017-05-13 01:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2017-05-13 01:46 - 2017-05-13 01:46 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2016-06-21 21:27 - 2016-08-22 22:40 - 1134592 _____ () C:\ProgramData\TrezaaSetupx30044.msi
    Task: {125F7BE1-9569-4E67-9DA8-11532C2BC25F} - \FastFix_Start -> No File <==== ATTENTION
    Task: {274F6774-0902-437D-9E8C-9AD9518F3206} - \Quick PC Booster64 startups -> No File <==== ATTENTION
    Task: {274F6774-0902-437D-9E8C-9AD9518F3206} - \Quick PC Booster64 startups -> No File <==== ATTENTION
    Task: {46583032-9DF6-44E6-8015-114D25A3AECC} - \Quick PC Booster Idle -> No File <==== ATTENTION
    Task: {C65C0909-5300-4090-A127-F5678BA2A59A} - System32\Tasks\{BBC1BDC8-1647-4988-ACA7-35420BB30737} => pcalua.exe -a "C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\GUninstaller.exe" -c -uprtc -key "claro"
    Task: {DAE25BE4-E23E-46F9-B5E7-659160068751} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-06-29] (AVG Technologies)
    Task: {E3A31EB5-D6A6-441B-88CC-6706D6FBF250} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
    Task: {F612B722-1803-4590-8AE2-3D9E8B7E9064} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
    Task: {FF4BA70B-4862-4E28-B195-6B07F4F7C36A} - \FastFix_Popup -> No File <==== ATTENTION
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9edc9799-0be9-42a6-a630-0b1e00ace663.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e6bdbe66-d166-478a-97bf-702b01e383dc.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\Java
    C:\Program Files (x86)\Java
    C:\Program Files (x86)\AVG SafeGuard toolbar
    C:\Program Files\Lavasoft\Ad-Aware Antivirus
    C:\Program Files (x86)\AVG
    C:\Program Files (x86)\Spybot - Search & DestroyFolder: C:\Users\Public\Documents\Guid
    Hosts:
    EmptyTemp:
    CMD: ipconfig /flushdns
    *****************

    Restore point was successfully created.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully
    HKU\S-1-5-21-2961242490-1984678187-2713381144-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d07cecd-458f-11e1-b637-806e6f6e6963} => key removed successfully
    HKCR\CLSID\{9d07cecd-458f-11e1-b637-806e6f6e6963} => key not found.
    C:\Windows\system32\GroupPolicy\User => moved successfully
    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key removed successfully
    HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
    HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
    HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key removed successfully
    HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
    C:\Users\kim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdfjhiclilbjdpeejgcgebmmihkkofji => moved successfully
    HKU\S-1-5-21-2961242490-1984678187-2713381144-1001\SOFTWARE\Google\Chrome\Extensions\gdfjhiclilbjdpeejgcgebmmihkkofji => key removed successfully
    HKU\S-1-5-21-2961242490-1984678187-2713381144-1001\SOFTWARE\Google\Chrome\Extensions\joefoganpblmedgjeigepgjfikhhdnnj => key removed successfully
    HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gdfjhiclilbjdpeejgcgebmmihkkofji => key removed successfully
    HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\joefoganpblmedgjeigepgjfikhhdnnj => key removed successfully
    !SASCORE => service not found.
    SBSDWSCService => service not found.
    TuneUp.UtilitiesSvc => service not found.
    SASDIFSV => service not found.
    SASKUTIL => service not found.
    TuneUpUtilitiesDrv => service not found.
    "C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk" => not found.
    "C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e6bdbe66-d166-478a-97bf-702b01e383dc.job" => not found.
    "C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9edc9799-0be9-42a6-a630-0b1e00ace663.job" => not found.
    "C:\Users\kim\AppData\Roaming\SUPERAntiSpyware.com" => not found.
    "C:\ProgramData\SUPERAntiSpyware.com" => not found.
    "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware" => not found.
    "C:\Program Files\SUPERAntiSpyware" => not found.
    C:\ProgramData\TrezaaSetupx30044.msi => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{125F7BE1-9569-4E67-9DA8-11532C2BC25F} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{125F7BE1-9569-4E67-9DA8-11532C2BC25F} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FastFix_Start => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{274F6774-0902-437D-9E8C-9AD9518F3206} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{274F6774-0902-437D-9E8C-9AD9518F3206} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick PC Booster64 startups => key not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{274F6774-0902-437D-9E8C-9AD9518F3206} => key not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick PC Booster64 startups => key not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46583032-9DF6-44E6-8015-114D25A3AECC} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46583032-9DF6-44E6-8015-114D25A3AECC} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick PC Booster Idle => key not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C65C0909-5300-4090-A127-F5678BA2A59A} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C65C0909-5300-4090-A127-F5678BA2A59A} => key removed successfully
    C:\Windows\System32\Tasks\{BBC1BDC8-1647-4988-ACA7-35420BB30737} => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BBC1BDC8-1647-4988-ACA7-35420BB30737} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAE25BE4-E23E-46F9-B5E7-659160068751} => key not found.
    C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TuneUpUtilities_Task_BkGndMaintenance2013 => key not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3A31EB5-D6A6-441B-88CC-6706D6FBF250} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A31EB5-D6A6-441B-88CC-6706D6FBF250} => key removed successfully
    C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_0414c_rmv => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F612B722-1803-4590-8AE2-3D9E8B7E9064} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F612B722-1803-4590-8AE2-3D9E8B7E9064} => key removed successfully
    C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0414c_rel => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_0414c_rel => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF4BA70B-4862-4E28-B195-6B07F4F7C36A} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF4BA70B-4862-4E28-B195-6B07F4F7C36A} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FastFix_Popup => key removed successfully
    C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9edc9799-0be9-42a6-a630-0b1e00ace663.job => not found.
    C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e6bdbe66-d166-478a-97bf-702b01e383dc.job => not found.
    "C:\Program Files (x86)\Java" => not found.
    "C:\Program Files (x86)\AVG SafeGuard toolbar" => not found.
    C:\Program Files\Lavasoft\Ad-Aware Antivirus => moved successfully
    C:\Program Files (x86)\AVG => moved successfully
    "C:\Program Files (x86)\Spybot - Search & DestroyFolder: C:\Users\Public\Documents\Guid" => not found.
    C:\Windows\System32\Drivers\etc\hosts => moved successfully
    Hosts restored successfully.

    ========= ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========


    =========== EmptyTemp: ==========

    BITS transfer queue => 8388608 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52194691 B
    Java, Flash, Steam htmlcache => 1690 B
    Windows/system/drivers => 3637781885 B
    Edge => 0 B
    Chrome => 538944433 B
    Firefox => 376946823 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Users => 0 B
    Default => 0 B
    Public => 0 B
    ProgramData => 0 B
    systemprofile => 128 B
    systemprofile32 => 0 B
    LocalService => 0 B
    NetworkService => 2495140 B
    kim => 116025226 B

    RecycleBin => 1193 B
    EmptyTemp: => 4.4 GB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 13:31:54 ====
     
  4. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    Farbar Recovery Scan Tool (x64) Version: 20-05-2017
    Ran by kim (20-05-2017 13:53:19)
    Running from C:\Users\kim\Downloads
    Boot Mode: Normal

    ================== Search Registry: "BrowseMark;Exent;SelectionLinks;GameTreatWidget" ===========


    ===================== Search result for "Exent" ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6A060448-60F9-11D5-A6CD-0002B31F7455}]
    ""="ExentInf Class"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Exent]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{6A060448-60F9-11D5-A6CD-0002B31F7455}\Contains\Files]
    "C:\Windows\Downloaded Program Files\ExentCtl.ocx"=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/Downloaded Program Files/ExentCtl.ocx]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\NETGEAR\CustomParams\Profiles\Default]
    "HexEntryPp"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\NETGEAR\WNA1100\ProfileData]
    "HexEntryPp"="0"


    ===================== Search result for "SelectionLinks" ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3D128CB6-384E-404D-A164-855C95EF428F}]
    ""="ISelectionLinksBHO"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3D128CB6-384E-404D-A164-855C95EF428F}]
    ""="ISelectionLinksBHO"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4}]
    "AppName"="SelectionLinks.exe"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks1.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks2.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks3.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks4.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks5.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks6.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks7.zip"="1819908371"


    ===================== Search result for "GameTreatWidget" ==========

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\Classes\AppID\npGameTreatWidget.dll]

    ====== End of Search ======
     
  5. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    pc is still running pretty slow
     
  6. capnkrunch

    capnkrunch Malware Specialist

    Joined:
    Nov 28, 2015
    Messages:
    387
    Hello sr300zx :)

    Are you still seeing r.search in your browsers? If so which ones?

    You didn't include the Search.txt log from the FRST file search (step two in my last post). Please run that search again and post the log:

    Step one...

    FRST - Search Files
    • You should still have FRST64.exe in your Downloads folder. If not please download it HERE.
    • Right click FRST64.exe and select Run as administrator.
    • Copy and paste the following into the Search box:
    • Click Search Files. The scan can take 10 minutes or more to complete.
    • You will get a popup telling you when the search has completed. Click OK.
    • This will open a file Search.txt. Please copy and paste the contents in your reply.
      Search.txt can also be found in the same folder FRST was run from.

    Also, please run the following scans:

    Step two...

    Malwarebytes Anti-Malware (MBAM) Scan
    Note: you need to be connected to the internet so that MBAM can download any updates it needs to.
    • Please close all open programs and windows so that you are at your Desktop.
    • Press the Start button.
    • Type Malwarebytes into the search box and select it from the results.
    • Allow MBAM to update if it asks you to.
    • Click Scan Now. MBAM will update its databases and proceed to scan your computer.
    • If any threats are found, ensure that all of them are checked and click Remove Selected.
    • If prompted to allow a reboot please do so.
      Failing to reboot when asked can prevent MBAM from removing all the malware it finds.
    • Once the scan is finished click Export Summary in the bottom right corner and select Text File (*.txt).
    • Save it on your Desktop as mbam.txt. Copy and paste the contents of mbam.txt in your reply.
    • If MBAM required a reboot please do the following to get the report:
      • On reboot reopen MBAM.
      • Click Reports and then click the most recent Scan Report and click View Report.
      • Click Export and then click Text File (*.txt).
      • Save it on your Desktop as mbam.txt. Copy and paste the contents of mbam.txt in your reply.

    Step three...

    TDSSKiller - Scan Only
    • Please download TDSSKiller by Kaspersky Lab and save it to your Desktop.
    • Close all open programs and windows so that you are at your Desktop.
    • Right click on tdsskiller.exe and select Run as administrator.
      • If you are not able to run it then right click tdsskiller.exe and select Rename.
      • Rename it to a random string of letters with a .com extension (for example eajkxiga.com).
    • If UAC prompts you to allow it to make changes to your computer please click Yes.
    • When the End User License Agreement opens click Accept.
    • Click Accept again for the KSN Statement.
    • Click on Change parameters and check Verify file digital signatures.
      IMPORTANT: ensure that Detect TDLFS file system remains UNCHECKED.
    • Click on OK to close the Settings window.
    • Click on Start Scan. Do not use your computer during the scan.
    • If malicious objects are found change the action from Cure to Skip.
      DO NOT attempt to Cure anything at this point.
    • Once the scan is finished click on Report in the top right corner. Copy and paste the contents of that log in your next reply.
      The log can also be found at C:\TDSSKiller.version_dd.mm.yyyy_hh.mm.ss_log.txt.

    Please post each log separately
    to prevent it being cut off by the forum post size limiter.
    Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

    In your next reply please include:
    • Did you have any problems with the instructions?
    • An answer to my question about r.search.
    • Search.txt
    • mbam.txt
    • TDSSKiller.version_dd.mm.yyyy_hh.mm.ss_log.txt
    • Are there any changes in computer behavior?
     
  7. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    Farbar Recovery Scan Tool (x64) Version: 20-05-2017
    Ran by kim (20-05-2017 13:53:19)
    Running from C:\Users\kim\Downloads
    Boot Mode: Normal

    ================== Search Registry: "BrowseMark;Exent;SelectionLinks;GameTreatWidget" ===========


    ===================== Search result for "Exent" ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6A060448-60F9-11D5-A6CD-0002B31F7455}]
    ""="ExentInf Class"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Exent]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{6A060448-60F9-11D5-A6CD-0002B31F7455}\Contains\Files]
    "C:\Windows\Downloaded Program Files\ExentCtl.ocx"=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/Downloaded Program Files/ExentCtl.ocx]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\NETGEAR\CustomParams\Profiles\Default]
    "HexEntryPp"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\NETGEAR\WNA1100\ProfileData]
    "HexEntryPp"="0"


    ===================== Search result for "SelectionLinks" ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3D128CB6-384E-404D-A164-855C95EF428F}]
    ""="ISelectionLinksBHO"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3D128CB6-384E-404D-A164-855C95EF428F}]
    ""="ISelectionLinksBHO"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4}]
    "AppName"="SelectionLinks.exe"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks1.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks2.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks3.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks4.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks5.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks6.zip"="1819908371"

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\BC2ED48CEB4273A26A7E029B5CFE2DD3\02235679ABCDDEEF]
    "C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks7.zip"="1819908371"


    ===================== Search result for "GameTreatWidget" ==========

    [HKEY_USERS\S-1-5-21-2961242490-1984678187-2713381144-1001\Software\Classes\AppID\npGameTreatWidget.dll]

    ====== End of Search ======
     
  8. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    sorry i thought it posted last time. I'm no longer seeing r.search yay! I am having adware pages pop up all of a sudden though
     
  9. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 5/21/17
    Scan Time: 12:20 AM
    Log File: mbam.txt
    Administrator: Yes

    -Software Information-
    Version: 3.1.2.1733
    Components Version: 1.0.122
    Update Package Version: 1.0.1986
    License: Trial

    -System Information-
    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: kim-PC\kim

    -Scan Summary-
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 356775
    Threats Detected: 2
    Threats Quarantined: 2
    Time Elapsed: 12 min, 2 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 2
    PUP.Optional.StrongVault, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SMESSAGING, Quarantined, [8761], [258054],1.0.1986
    PUP.Optional.OneSoftPerDay, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|OSPD_US_375, Quarantined, [625], [241373],1.0.1986

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)


    (end)
     
  10. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    01:40:25.0089 0x0b44 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
    01:40:32.0294 0x0b44 ============================================================
    01:40:32.0294 0x0b44 Current date / time: 2017/05/21 01:40:32.0294
    01:40:32.0294 0x0b44 SystemInfo:
    01:40:32.0294 0x0b44
    01:40:32.0294 0x0b44 OS Version: 6.1.7601 ServicePack: 1.0
    01:40:32.0294 0x0b44 Product type: Workstation
    01:40:32.0295 0x0b44 ComputerName: KIM-PC
    01:40:32.0295 0x0b44 UserName: kim
    01:40:32.0296 0x0b44 Windows directory: C:\Windows
     
  11. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    01:40:32.0296 0x0b44 System windows directory: C:\Windows
    01:40:32.0296 0x0b44 Running under WOW64
    01:40:32.0296 0x0b44 Processor architecture: Intel x64
    01:40:32.0296 0x0b44 Number of processors: 2
    01:40:32.0296 0x0b44 Page size: 0x1000
    01:40:32.0296 0x0b44 Boot type: Normal boot
    01:40:32.0296 0x0b44 CodeIntegrityOptions = 0x00000001
    01:40:32.0296 0x0b44 ============================================================
    01:40:33.0814 0x0b44 KLMD registered as C:\Windows\system32\drivers\46016834.sys
    01:40:33.0814 0x0b44 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23796, osProperties = 0x1
    01:40:35.0007 0x0b44 System UUID: {88462240-7D17-B4D4-CD34-835DB4E6BF52}
    01:40:35.0996 0x0b44 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
    01:40:36.0018 0x0b44 ============================================================
    01:40:36.0019 0x0b44 \Device\Harddisk0\DR0:
    01:40:36.0019 0x0b44 MBR partitions:
    01:40:36.0019 0x0b44 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    01:40:36.0019 0x0b44 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38B71800
    01:40:36.0019 0x0b44 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38BA4000, BlocksNum 0x17E1800
    01:40:36.0019 0x0b44 ============================================================
    01:40:36.0039 0x0b44 C: <-> \Device\Harddisk0\DR0\Partition2
    01:40:36.0075 0x0b44 D: <-> \Device\Harddisk0\DR0\Partition3
    01:40:36.0075 0x0b44 ============================================================
    01:40:36.0075 0x0b44 Initialize success
    01:40:36.0075 0x0b44 ============================================================
    01:42:03.0095 0x10d4 ============================================================
    01:42:03.0095 0x10d4 Scan started
    01:42:03.0095 0x10d4 Mode: Manual; SigCheck;
    01:42:03.0095 0x10d4 ============================================================
    01:42:03.0095 0x10d4 KSN ping started
    01:42:04.0514 0x10d4 KSN ping finished: true
    01:42:06.0184 0x10d4 ================ Scan system memory ========================
    01:42:06.0184 0x10d4 System memory - ok
    01:42:06.0184 0x10d4 ================ Scan services =============================
    01:42:06.0371 0x10d4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    01:42:06.0496 0x10d4 1394ohci - ok
    01:42:06.0527 0x10d4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    01:42:06.0558 0x10d4 ACPI - ok
    01:42:06.0589 0x10d4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    01:42:06.0683 0x10d4 AcpiPmi - ok
    01:42:06.0823 0x10d4 [ 671133C0AC2D8B40B7574F69059653E9, A36CC49A0C829A5C4D6CF273791071213F5FFB57DC7022D523CFB731374FF63C ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    01:42:06.0870 0x10d4 AdobeARMservice - ok
    01:42:07.0026 0x10d4 [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    01:42:07.0073 0x10d4 AdobeFlashPlayerUpdateSvc - ok
    01:42:07.0104 0x10d4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    01:42:07.0135 0x10d4 adp94xx - ok
    01:42:07.0166 0x10d4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    01:42:07.0182 0x10d4 adpahci - ok
    01:42:07.0198 0x10d4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    01:42:07.0213 0x10d4 adpu320 - ok
    01:42:07.0244 0x10d4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    01:42:07.0291 0x10d4 AeLookupSvc - ok
    01:42:07.0369 0x10d4 [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD C:\Windows\system32\drivers\afd.sys
    01:42:07.0432 0x10d4 AFD - ok
    01:42:07.0478 0x10d4 [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
    01:42:07.0541 0x10d4 AgereModemAudio - ok
    01:42:07.0588 0x10d4 [ 184E1AD35DBF9328ADD7D560A792E6E9, 4745062BD6430861FD62CB9C08F3D535A1AED79C3EDDDB48FE1555BC9353ADCA ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
    01:42:07.0666 0x10d4 AgereSoftModem - ok
    01:42:07.0712 0x10d4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
    01:42:07.0728 0x10d4 agp440 - ok
    01:42:07.0759 0x10d4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
    01:42:07.0806 0x10d4 ALG - ok
    01:42:07.0837 0x10d4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
    01:42:07.0853 0x10d4 aliide - ok
    01:42:07.0868 0x10d4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
    01:42:07.0884 0x10d4 amdide - ok
    01:42:07.0915 0x10d4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    01:42:07.0962 0x10d4 AmdK8 - ok
    01:42:07.0978 0x10d4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    01:42:07.0993 0x10d4 AmdPPM - ok
    01:42:08.0040 0x10d4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    01:42:08.0056 0x10d4 amdsata - ok
    01:42:08.0071 0x10d4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    01:42:08.0087 0x10d4 amdsbs - ok
    01:42:08.0102 0x10d4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
    01:42:08.0118 0x10d4 amdxata - ok
    01:42:08.0165 0x10d4 [ 00D77B30CA9CB1D7793AC952549331A0, 73EF665E1C70B8E66C879203291B28736C928AC5621C8FF79F5CA21DD2E9E159 ] AppID C:\Windows\system32\drivers\appid.sys
    01:42:08.0243 0x10d4 AppID - ok
    01:42:08.0258 0x10d4 [ 3756F12C129CE5292D633FCD1F7D467E, 0889514E2D6EEC929434BF570BD9B4C26D5715F65A762F1B9F5A2DFFA305018B ] AppIDSvc C:\Windows\System32\appidsvc.dll
    01:42:08.0305 0x10d4 AppIDSvc - ok
    01:42:08.0336 0x10d4 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
    01:42:08.0352 0x10d4 Appinfo - ok
    01:42:08.0399 0x10d4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
    01:42:08.0414 0x10d4 arc - ok
    01:42:08.0430 0x10d4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    01:42:08.0446 0x10d4 arcsas - ok
    01:42:08.0524 0x10d4 [ 92C120176C43C62AFE107B5D945CE6EC, E3BA1200BD04167589D7AF29F6550F3242DB321DDCD6890D645A2053CC78C7E6 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    01:42:08.0555 0x10d4 aspnet_state - ok
    01:42:08.0570 0x10d4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    01:42:08.0664 0x10d4 AsyncMac - ok
    01:42:08.0695 0x10d4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
    01:42:08.0711 0x10d4 atapi - ok
    01:42:08.0804 0x10d4 [ C24A645AEDBDF5FA0A23F7581C6F9C63, 45849AC265968678556FEA0183FDAA1B22D08605041DF3D239821C3689E0AB30 ] athur C:\Windows\system32\DRIVERS\athurx.sys
    01:42:08.0914 0x10d4 athur - ok
    01:42:08.0992 0x10d4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    01:42:09.0038 0x10d4 AudioEndpointBuilder - ok
    01:42:09.0070 0x10d4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    01:42:09.0101 0x10d4 AudioSrv - ok
    01:42:09.0163 0x10d4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
    01:42:09.0288 0x10d4 AxInstSV - ok
    01:42:09.0335 0x10d4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    01:42:09.0397 0x10d4 b06bdrv - ok
    01:42:09.0428 0x10d4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    01:42:09.0460 0x10d4 b57nd60a - ok
    01:42:09.0506 0x10d4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
    01:42:09.0584 0x10d4 BDESVC - ok
    01:42:09.0600 0x10d4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
    01:42:09.0678 0x10d4 Beep - ok
    01:42:09.0740 0x10d4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
    01:42:09.0834 0x10d4 BFE - ok
    01:42:09.0865 0x10d4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
    01:42:10.0006 0x10d4 BITS - ok
    01:42:10.0021 0x10d4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    01:42:10.0052 0x10d4 blbdrive - ok
    01:42:10.0099 0x10d4 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    01:42:10.0146 0x10d4 bowser - ok
    01:42:10.0162 0x10d4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    01:42:10.0240 0x10d4 BrFiltLo - ok
    01:42:10.0255 0x10d4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    01:42:10.0286 0x10d4 BrFiltUp - ok
    01:42:10.0333 0x10d4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
    01:42:10.0380 0x10d4 Browser - ok
    01:42:10.0411 0x10d4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    01:42:10.0458 0x10d4 Brserid - ok
    01:42:10.0489 0x10d4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    01:42:10.0520 0x10d4 BrSerWdm - ok
    01:42:10.0536 0x10d4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    01:42:10.0567 0x10d4 BrUsbMdm - ok
    01:42:10.0583 0x10d4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    01:42:10.0598 0x10d4 BrUsbSer - ok
    01:42:10.0614 0x10d4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    01:42:10.0630 0x10d4 BTHMODEM - ok
    01:42:10.0661 0x10d4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
    01:42:10.0708 0x10d4 bthserv - ok
    01:42:10.0723 0x10d4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    01:42:10.0786 0x10d4 cdfs - ok
    01:42:10.0832 0x10d4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    01:42:10.0879 0x10d4 cdrom - ok
    01:42:10.0926 0x10d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
    01:42:10.0973 0x10d4 CertPropSvc - ok
    01:42:11.0004 0x10d4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    01:42:11.0020 0x10d4 circlass - ok
    01:42:11.0066 0x10d4 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
    01:42:11.0098 0x10d4 CLFS - ok
    01:42:11.0160 0x10d4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    01:42:11.0207 0x10d4 clr_optimization_v2.0.50727_32 - ok
    01:42:11.0222 0x10d4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    01:42:11.0238 0x10d4 clr_optimization_v2.0.50727_64 - ok
    01:42:11.0316 0x10d4 [ 1A3D6CABDC37B34D85059185272DBB2F, C7FAB62EC4D9947ADAD0E065D4CDAF8D6EA2AF9FD0C3A1F1A676276825808FD8 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    01:42:11.0410 0x10d4 clr_optimization_v4.0.30319_32 - ok
    01:42:11.0441 0x10d4 [ 59B44C95D56A9BB269B1D4A3F25468C2, 462799657FA493866A14F0D36D5D92C95E8886E6AC5F199D069E6938425A9218 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    01:42:11.0472 0x10d4 clr_optimization_v4.0.30319_64 - ok
    01:42:11.0519 0x10d4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    01:42:11.0550 0x10d4 CmBatt - ok
    01:42:11.0566 0x10d4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
    01:42:11.0581 0x10d4 cmdide - ok
    01:42:11.0659 0x10d4 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
    01:42:11.0690 0x10d4 CNG - ok
    01:42:11.0706 0x10d4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    01:42:11.0722 0x10d4 Compbatt - ok
    01:42:11.0753 0x10d4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    01:42:11.0784 0x10d4 CompositeBus - ok
    01:42:11.0800 0x10d4 COMSysApp - ok
    01:42:11.0815 0x10d4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    01:42:11.0831 0x10d4 crcdisk - ok
    01:42:11.0878 0x10d4 [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc C:\Windows\system32\cryptsvc.dll
    01:42:11.0909 0x10d4 CryptSvc - ok
    01:42:11.0940 0x10d4 [ 5E9F8D029D9B03110D835CBFC058068B, 038FDF99C643C8102026BA26A75899A56E91AD0C239DF71AA5443FD35C718C78 ] DcomLaunch C:\Windows\system32\rpcss.dll
    01:42:11.0987 0x10d4 DcomLaunch - ok
    01:42:12.0018 0x10d4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
    01:42:12.0049 0x10d4 defragsvc - ok
    01:42:12.0065 0x10d4 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    01:42:12.0096 0x10d4 DfsC - ok
    01:42:12.0190 0x10d4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
    01:42:12.0221 0x10d4 Dhcp - ok
    01:42:12.0330 0x10d4 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
    01:42:12.0408 0x10d4 DiagTrack - ok
    01:42:12.0439 0x10d4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
    01:42:12.0486 0x10d4 discache - ok
    01:42:12.0533 0x10d4 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
    01:42:12.0564 0x10d4 Disk - ok
    01:42:12.0611 0x10d4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    01:42:12.0658 0x10d4 Dnscache - ok
    01:42:12.0689 0x10d4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
    01:42:12.0751 0x10d4 dot3svc - ok
    01:42:12.0814 0x10d4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
    01:42:12.0892 0x10d4 DPS - ok
    01:42:12.0923 0x10d4 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    01:42:12.0954 0x10d4 drmkaud - ok
    01:42:13.0063 0x10d4 [ 30545EF2A1E3EF79450AED5DF80F5884, A7109F481680237481E28C17088D7608EB39C49513BD0AF3F1E9E63E17F250C1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    01:42:13.0110 0x10d4 DXGKrnl - ok
    01:42:13.0141 0x10d4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
    01:42:13.0188 0x10d4 EapHost - ok
    01:42:13.0328 0x10d4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    01:42:13.0500 0x10d4 ebdrv - ok
    01:42:13.0547 0x10d4 [ 7404CDF0B904C6B8AA36C1D167D9F286, 3194BF2EC8078E1EE5FAC0F1C35463629DB106B84D309052F47D0DD39595287E ] EFS C:\Windows\System32\lsass.exe
    01:42:13.0625 0x10d4 EFS - ok
    01:42:13.0718 0x10d4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    01:42:13.0796 0x10d4 ehRecvr - ok
    01:42:13.0828 0x10d4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
    01:42:13.0859 0x10d4 ehSched - ok
    01:42:13.0906 0x10d4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    01:42:13.0921 0x10d4 elxstor - ok
    01:42:13.0968 0x10d4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
    01:42:13.0999 0x10d4 ErrDev - ok
    01:42:14.0046 0x10d4 [ 233DB99476B8D1CF61AC1177D0137036, E5EF1F30891050729B248013B4D7881FC556D259E2BE3F51980C3A247D3F5950 ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
    01:42:14.0093 0x10d4 ESProtectionDriver - ok
    01:42:14.0140 0x10d4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
    01:42:14.0186 0x10d4 EventSystem - ok
    01:42:14.0233 0x10d4 [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat C:\Windows\system32\drivers\exfat.sys
    01:42:14.0264 0x10d4 exfat - ok
    01:42:14.0296 0x10d4 [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat C:\Windows\system32\drivers\fastfat.sys
    01:42:14.0311 0x10d4 fastfat - ok
    01:42:14.0420 0x10d4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
    01:42:14.0483 0x10d4 Fax - ok
    01:42:14.0514 0x10d4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    01:42:14.0530 0x10d4 fdc - ok
    01:42:14.0545 0x10d4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
    01:42:14.0592 0x10d4 fdPHost - ok
    01:42:14.0608 0x10d4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
    01:42:14.0654 0x10d4 FDResPub - ok
    01:42:14.0686 0x10d4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    01:42:14.0701 0x10d4 FileInfo - ok
    01:42:14.0701 0x10d4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    01:42:14.0748 0x10d4 Filetrace - ok
    01:42:14.0764 0x10d4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    01:42:14.0779 0x10d4 flpydisk - ok
    01:42:14.0826 0x10d4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    01:42:14.0842 0x10d4 FltMgr - ok
    01:42:14.0935 0x10d4 [ CF0108CBA6D1860563BA20E3D74C6646, 737B5E89A858D7E3AEC8BF660AA4FCC56501A69468EA143531286016AF7C0B33 ] FontCache C:\Windows\system32\FntCache.dll
    01:42:15.0013 0x10d4 FontCache - ok
    01:42:15.0076 0x10d4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    01:42:15.0107 0x10d4 FontCache3.0.0.0 - ok
    01:42:15.0122 0x10d4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    01:42:15.0154 0x10d4 FsDepends - ok
    01:42:15.0169 0x10d4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    01:42:15.0185 0x10d4 Fs_Rec - ok
    01:42:15.0216 0x10d4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    01:42:15.0232 0x10d4 fvevol - ok
    01:42:15.0247 0x10d4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    01:42:15.0263 0x10d4 gagp30kx - ok
    01:42:15.0388 0x10d4 [ 722C18CC8C7F5E2A2FDF35F7892C91C0, C430879056F600CAF14624E65AC7BBEBE65409386D240BDE1E1A0273AF021EE3 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    01:42:15.0497 0x10d4 GamesAppIntegrationService - ok
    01:42:15.0512 0x10d4 [ 90B0152134BC8C5679FA8022B8731B93, B7C8874C5AAA0D9E7D367B8A4CF83686646CFB072E603DAA919A664E775C98FE ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    01:42:15.0575 0x10d4 GamesAppService - ok
    01:42:15.0622 0x10d4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    01:42:15.0668 0x10d4 GEARAspiWDM - ok
    01:42:15.0731 0x10d4 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
    01:42:15.0809 0x10d4 gpsvc - ok
    01:42:15.0902 0x10d4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    01:42:15.0949 0x10d4 gupdate - ok
    01:42:15.0965 0x10d4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    01:42:15.0980 0x10d4 gupdatem - ok
    01:42:15.0996 0x10d4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    01:42:16.0043 0x10d4 hcw85cir - ok
    01:42:16.0105 0x10d4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    01:42:16.0152 0x10d4 HDAudBus - ok
    01:42:16.0168 0x10d4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    01:42:16.0183 0x10d4 HidBatt - ok
    01:42:16.0199 0x10d4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    01:42:16.0246 0x10d4 HidBth - ok
    01:42:16.0261 0x10d4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    01:42:16.0277 0x10d4 HidIr - ok
    01:42:16.0308 0x10d4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
    01:42:16.0339 0x10d4 hidserv - ok
    01:42:16.0386 0x10d4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    01:42:16.0417 0x10d4 HidUsb - ok
    01:42:16.0464 0x10d4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
    01:42:16.0526 0x10d4 hkmsvc - ok
    01:42:16.0558 0x10d4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    01:42:16.0620 0x10d4 HomeGroupListener - ok
    01:42:16.0636 0x10d4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    01:42:16.0651 0x10d4 HomeGroupProvider - ok
    01:42:16.0729 0x10d4 [ 0141816A095A3F5A83FFA5B4A47B8023, F7B26D707EB817FA0F5BFDFA785370B458AF54C94A1E679B36F6808158EA467C ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    01:42:16.0760 0x10d4 HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
    01:42:17.0197 0x10d4 Detect skipped due to KSN trusted
    01:42:17.0197 0x10d4 HP Health Check Service - ok
    01:42:17.0244 0x10d4 [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    01:42:17.0338 0x10d4 hpqwmiex - ok
    01:42:17.0384 0x10d4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    01:42:17.0416 0x10d4 HpSAMD - ok
    01:42:17.0462 0x10d4 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
    01:42:17.0509 0x10d4 HTCAND64 - ok
    01:42:17.0572 0x10d4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    01:42:17.0634 0x10d4 HTTP - ok
    01:42:17.0681 0x10d4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    01:42:17.0696 0x10d4 hwpolicy - ok
    01:42:17.0728 0x10d4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    01:42:17.0774 0x10d4 i8042prt - ok
    01:42:17.0806 0x10d4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    01:42:17.0837 0x10d4 iaStorV - ok
    01:42:17.0899 0x10d4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    01:42:17.0930 0x10d4 idsvc - ok
    01:42:17.0962 0x10d4 IEEtwCollectorService - ok
    01:42:17.0977 0x10d4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    01:42:17.0993 0x10d4 iirsp - ok
    01:42:18.0086 0x10d4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
    01:42:18.0133 0x10d4 IKEEXT - ok
    01:42:18.0211 0x10d4 [ 31C32BC56D85D109EBB0C526BE5CACA7, E09A338EAEFD615FDB755B57F02E6033A2E5B6849BA3D66803286424F7D91EBE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    01:42:18.0320 0x10d4 IntcAzAudAddService - ok
    01:42:18.0336 0x10d4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
    01:42:18.0352 0x10d4 intelide - ok
    01:42:18.0383 0x10d4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    01:42:18.0398 0x10d4 intelppm - ok
    01:42:18.0492 0x10d4 [ D46E04D83A3E174A98DC90FE23AB08DE, 0285B4A311645D292A26B276511877B46A42526BDBFBC12E3BD876A74F074720 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    01:42:18.0523 0x10d4 IntuitUpdateServiceV4 - ok
    01:42:18.0554 0x10d4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    01:42:18.0617 0x10d4 IPBusEnum - ok
    01:42:18.0664 0x10d4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    01:42:18.0695 0x10d4 IpFilterDriver - ok
    01:42:18.0773 0x10d4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    01:42:18.0820 0x10d4 iphlpsvc - ok
    01:42:18.0866 0x10d4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    01:42:18.0898 0x10d4 IPMIDRV - ok
    01:42:18.0929 0x10d4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    01:42:18.0976 0x10d4 IPNAT - ok
    01:42:19.0069 0x10d4 [ B6E8B931EFEF4112C6A401931627DC6B, 89A0745360928F7DD0A522FF5FBFEED4FC831F37D6CF88D5E66FA91FD6F0A1DF ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    01:42:19.0147 0x10d4 iPod Service - ok
    01:42:19.0163 0x10d4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
    01:42:19.0210 0x10d4 IRENUM - ok
    01:42:19.0225 0x10d4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    01:42:19.0241 0x10d4 isapnp - ok
    01:42:19.0288 0x10d4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    01:42:19.0303 0x10d4 iScsiPrt - ok
    01:42:19.0444 0x10d4 [ CF9BA304B8047B9582D72D9BFEF42EAE, 13CAA4854DB4AE31E3F770BCE66DE97438EC304A981632DD6C1249DECA96D665 ] jswpsapi C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe
    01:42:19.0568 0x10d4 jswpsapi - ok
    01:42:19.0615 0x10d4 [ 5BE640E88814B77A9E84B4549B5DCC2C, 2ECF73254D701EFCC135B81EC951A76BCE5E74435521A061B05E9445C8D3C843 ] JSWPSLWF C:\Windows\system32\DRIVERS\jswpslwfx.sys
    01:42:19.0693 0x10d4 JSWPSLWF - ok
    01:42:19.0724 0x10d4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    01:42:19.0756 0x10d4 kbdclass - ok
    01:42:19.0771 0x10d4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    01:42:19.0787 0x10d4 kbdhid - ok
    01:42:19.0818 0x10d4 [ 7404CDF0B904C6B8AA36C1D167D9F286, 3194BF2EC8078E1EE5FAC0F1C35463629DB106B84D309052F47D0DD39595287E ] KeyIso C:\Windows\system32\lsass.exe
    01:42:19.0834 0x10d4 KeyIso - ok
    01:42:19.0880 0x10d4 [ 15682ED7B70B186C9C2BE6CA423D8E74, 02C6D35271D01925A2D9069589D75F7341988B8AFC1AC0A43401A5C63A959E37 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    01:42:19.0912 0x10d4 KSecDD - ok
    01:42:19.0927 0x10d4 [ 945F4DA63A76EB2725C070BF3A86B5A5, EB778A52FCD2FCF98CFC0E7363F25B4CCE778C79E7308DF47C3D1AC92A791ED0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    01:42:19.0943 0x10d4 KSecPkg - ok
    01:42:19.0958 0x10d4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    01:42:20.0005 0x10d4 ksthunk - ok
    01:42:20.0036 0x10d4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
    01:42:20.0083 0x10d4 KtmRm - ok
    01:42:20.0146 0x10d4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
    01:42:20.0208 0x10d4 LanmanServer - ok
    01:42:20.0255 0x10d4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    01:42:20.0286 0x10d4 LanmanWorkstation - ok
    01:42:20.0348 0x10d4 [ 108333981C841EB0FF198AA5DFCF3D3B, 726B4BEA813F18668A0682D1D427F6E3676A2EA2501EB7E64199B65D23F45FC8 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    01:42:20.0364 0x10d4 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
    01:42:20.0879 0x10d4 Detect skipped due to KSN trusted
    01:42:20.0879 0x10d4 LightScribeService - ok
    01:42:20.0910 0x10d4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    01:42:20.0941 0x10d4 lltdio - ok
    01:42:20.0972 0x10d4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    01:42:21.0035 0x10d4 lltdsvc - ok
    01:42:21.0050 0x10d4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
    01:42:21.0082 0x10d4 lmhosts - ok
    01:42:21.0113 0x10d4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    01:42:21.0128 0x10d4 LSI_FC - ok
    01:42:21.0128 0x10d4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    01:42:21.0144 0x10d4 LSI_SAS - ok
    01:42:21.0175 0x10d4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    01:42:21.0175 0x10d4 LSI_SAS2 - ok
    01:42:21.0206 0x10d4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    01:42:21.0222 0x10d4 LSI_SCSI - ok
    01:42:21.0238 0x10d4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
    01:42:21.0269 0x10d4 luafv - ok
    01:42:21.0316 0x10d4 [ 4EA73F071D96F376DB3AB9EF81273B28, 683C362F9B7A0BEC7BA4C1231405FB312EAA9A21260976C084ABA8CA035E6136 ] MBAMChameleon C:\Windows\system32\drivers\MBAMChameleon.sys
    01:42:21.0347 0x10d4 MBAMChameleon - ok
    01:42:21.0394 0x10d4 [ C51267EE2726707D38C489C06DDF01ED, BFA9BFB8D2E1581CBF4833DC3D86A88C94B64B3B17D440894AEB111E749E4497 ] MBAMFarflt C:\Windows\system32\drivers\farflt.sys
    01:42:21.0409 0x10d4 MBAMFarflt - ok
    01:42:21.0440 0x10d4 [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection C:\Windows\system32\drivers\mbam.sys
    01:42:21.0456 0x10d4 MBAMProtection - ok
    01:42:21.0706 0x10d4 [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
    01:42:21.0830 0x10d4 MBAMService - ok
    01:42:21.0862 0x10d4 [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
    01:42:21.0893 0x10d4 MBAMSwissArmy - ok
    01:42:21.0940 0x10d4 [ 959A51BEAA6E12B9CF97511071C16084, AF98F763F530685EA343B00EACA07C23C6A6E57A7E07FC1532E96AC5657B3709 ] MBAMWebProtection C:\Windows\system32\drivers\mwac.sys
    01:42:21.0940 0x10d4 MBAMWebProtection - ok
    01:42:21.0986 0x10d4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    01:42:22.0002 0x10d4 Mcx2Svc - ok
    01:42:22.0018 0x10d4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    01:42:22.0033 0x10d4 megasas - ok
    01:42:22.0049 0x10d4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    01:42:22.0080 0x10d4 MegaSR - ok
    01:42:22.0096 0x10d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
    01:42:22.0142 0x10d4 MMCSS - ok
    01:42:22.0174 0x10d4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
    01:42:22.0205 0x10d4 Modem - ok
    01:42:22.0267 0x10d4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    01:42:22.0283 0x10d4 monitor - ok
    01:42:22.0314 0x10d4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    01:42:22.0314 0x10d4 mouclass - ok
    01:42:22.0345 0x10d4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    01:42:22.0361 0x10d4 mouhid - ok
    01:42:22.0392 0x10d4 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    01:42:22.0408 0x10d4 mountmgr - ok
    01:42:22.0454 0x10d4 [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    01:42:22.0595 0x10d4 MozillaMaintenance - ok
    01:42:22.0688 0x10d4 [ 3665AB2F67F4024F5F3F80335ED5322A, BE3DC246F176E00D7611A7E16FBC22615199F49EBCB4C90B0C107294E592BF8D ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
    01:42:22.0720 0x10d4 MpFilter - ok
    01:42:22.0766 0x10d4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
    01:42:22.0782 0x10d4 mpio - ok
    01:42:22.0798 0x10d4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    01:42:22.0829 0x10d4 mpsdrv - ok
    01:42:22.0891 0x10d4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
    01:42:22.0954 0x10d4 MpsSvc - ok
    01:42:22.0985 0x10d4 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    01:42:23.0032 0x10d4 MRxDAV - ok
    01:42:23.0047 0x10d4 [ 054F780A442DB96F9FE10501B35E75CA, 72DF4BCEB6E14745CBEBF29B1F2882EC05C2952CED233E038105721494C984A4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    01:42:23.0078 0x10d4 mrxsmb - ok
     
  12. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    01:42:23.0110 0x10d4 [ A1EAC982807B3179DD92235B6B709C0A, 8AD2652391B40D94E0FC4C9132630A7122679EF05B67328E4467043A45CD2737 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    01:42:23.0141 0x10d4 mrxsmb10 - ok
    01:42:23.0156 0x10d4 [ E6B504F163094F2DB84F7D34A893FA00, 389413D7A4188DE226FD5ED996355C93BC90B7F460E31F5991B8714CE701CCC8 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    01:42:23.0188 0x10d4 mrxsmb20 - ok
    01:42:23.0219 0x10d4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
    01:42:23.0219 0x10d4 msahci - ok
    01:42:23.0250 0x10d4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    01:42:23.0266 0x10d4 msdsm - ok
    01:42:23.0281 0x10d4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
    01:42:23.0312 0x10d4 MSDTC - ok
    01:42:23.0344 0x10d4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    01:42:23.0390 0x10d4 Msfs - ok
    01:42:23.0406 0x10d4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    01:42:23.0453 0x10d4 mshidkmdf - ok
    01:42:23.0468 0x10d4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    01:42:23.0484 0x10d4 msisadrv - ok
    01:42:23.0515 0x10d4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    01:42:23.0562 0x10d4 MSiSCSI - ok
    01:42:23.0578 0x10d4 msiserver - ok
    01:42:23.0609 0x10d4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    01:42:23.0656 0x10d4 MSKSSRV - ok
    01:42:23.0749 0x10d4 [ 5ADED2C1239D7BD798E2C4EF9EAA1FA3, 6A462DAC110015F3E59610202714120C557674019A0196680B72031C50D7C474 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
    01:42:23.0780 0x10d4 MsMpSvc - ok
    01:42:23.0796 0x10d4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    01:42:23.0827 0x10d4 MSPCLOCK - ok
    01:42:23.0843 0x10d4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    01:42:23.0874 0x10d4 MSPQM - ok
    01:42:23.0936 0x10d4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    01:42:23.0952 0x10d4 MsRPC - ok
    01:42:23.0999 0x10d4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    01:42:24.0014 0x10d4 mssmbios - ok
    01:42:24.0030 0x10d4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    01:42:24.0077 0x10d4 MSTEE - ok
    01:42:24.0077 0x10d4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    01:42:24.0092 0x10d4 MTConfig - ok
    01:42:24.0108 0x10d4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
    01:42:24.0124 0x10d4 Mup - ok
    01:42:24.0186 0x10d4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
    01:42:24.0264 0x10d4 napagent - ok
    01:42:24.0295 0x10d4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    01:42:24.0326 0x10d4 NativeWifiP - ok
    01:42:24.0436 0x10d4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
    01:42:24.0482 0x10d4 NDIS - ok
    01:42:24.0498 0x10d4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    01:42:24.0529 0x10d4 NdisCap - ok
    01:42:24.0545 0x10d4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    01:42:24.0592 0x10d4 NdisTapi - ok
    01:42:24.0623 0x10d4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    01:42:24.0670 0x10d4 Ndisuio - ok
    01:42:24.0732 0x10d4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    01:42:24.0763 0x10d4 NdisWan - ok
    01:42:24.0810 0x10d4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    01:42:24.0841 0x10d4 NDProxy - ok
    01:42:24.0872 0x10d4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    01:42:24.0919 0x10d4 NetBIOS - ok
    01:42:24.0966 0x10d4 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    01:42:24.0997 0x10d4 NetBT - ok
    01:42:25.0013 0x10d4 [ 7404CDF0B904C6B8AA36C1D167D9F286, 3194BF2EC8078E1EE5FAC0F1C35463629DB106B84D309052F47D0DD39595287E ] Netlogon C:\Windows\system32\lsass.exe
    01:42:25.0028 0x10d4 Netlogon - ok
    01:42:25.0060 0x10d4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
    01:42:25.0091 0x10d4 Netman - ok
    01:42:25.0138 0x10d4 [ 0A84CDBA132359052C017888C2DFC8E6, C1B0524171E8E2BF2209747D4129018A38F8AC7737670B362CE9F691D57E8C07 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    01:42:25.0169 0x10d4 NetMsmqActivator - ok
    01:42:25.0169 0x10d4 [ 0A84CDBA132359052C017888C2DFC8E6, C1B0524171E8E2BF2209747D4129018A38F8AC7737670B362CE9F691D57E8C07 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    01:42:25.0200 0x10d4 NetPipeActivator - ok
    01:42:25.0216 0x10d4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
    01:42:25.0262 0x10d4 netprofm - ok
    01:42:25.0278 0x10d4 [ 0A84CDBA132359052C017888C2DFC8E6, C1B0524171E8E2BF2209747D4129018A38F8AC7737670B362CE9F691D57E8C07 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    01:42:25.0294 0x10d4 NetTcpActivator - ok
    01:42:25.0309 0x10d4 [ 0A84CDBA132359052C017888C2DFC8E6, C1B0524171E8E2BF2209747D4129018A38F8AC7737670B362CE9F691D57E8C07 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    01:42:25.0325 0x10d4 NetTcpPortSharing - ok
    01:42:25.0340 0x10d4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    01:42:25.0356 0x10d4 nfrd960 - ok
    01:42:25.0387 0x10d4 [ CE5F6E635FE4506AE6F2D6EB87425128, 3DB5ECF7CD2F2C3C010AA40CE57F1B3856E284BBA359FBC41A1B340E3180FD5F ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    01:42:25.0418 0x10d4 NisDrv - ok
    01:42:25.0434 0x10d4 [ D630B510E1E3FF6BA12B705F47F115D9, 05D76065D5D9A82E53EA18CD2D0184338681A7BBD3CD5D6C44D1FA5CB1C63640 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
    01:42:25.0465 0x10d4 NisSrv - ok
    01:42:25.0512 0x10d4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
    01:42:25.0590 0x10d4 NlaSvc - ok
    01:42:25.0621 0x10d4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
    01:42:25.0668 0x10d4 Npfs - ok
    01:42:25.0668 0x10d4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
    01:42:25.0715 0x10d4 nsi - ok
    01:42:25.0746 0x10d4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    01:42:25.0777 0x10d4 nsiproxy - ok
    01:42:25.0886 0x10d4 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    01:42:25.0964 0x10d4 Ntfs - ok
    01:42:25.0980 0x10d4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
    01:42:26.0027 0x10d4 Null - ok
    01:42:26.0370 0x10d4 [ 181B6E6F49F9F3AD05589B48E29BA167, 18FAF703AABE2F7244C7ECCB20B09F5CE36C2F15CF053A5EFD1B3CF8743F19C4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
    01:42:26.0776 0x10d4 nvlddmkm - ok
    01:42:26.0822 0x10d4 [ 9C3024E48DB4C98E50AF7D8B72D0EF89, 095DE80F56E87B951BDE4DBAD91D9303EE79812333CA80C6310A67A50A884743 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
    01:42:26.0854 0x10d4 NVNET - ok
    01:42:26.0885 0x10d4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    01:42:26.0900 0x10d4 nvraid - ok
    01:42:26.0932 0x10d4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    01:42:26.0947 0x10d4 nvstor - ok
    01:42:26.0963 0x10d4 [ 6BA747B1A9297A6C0271700D12FDD495, 0DB3F514EA0AC83803507DD37C1CDDC83B72DE0EDF25E57D4C622F32BA27430D ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
    01:42:26.0978 0x10d4 nvstor64 - ok
    01:42:27.0010 0x10d4 [ B5B5DA18380F625C34B88B93D09D7D40, FC7DB654BA36A4D871D54CD538ED45D3274BCD3668D7AB2905EAB2EB58FDB9F5 ] nvsvc C:\Windows\system32\nvvsvc.exe
    01:42:27.0025 0x10d4 nvsvc - ok
    01:42:27.0056 0x10d4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    01:42:27.0072 0x10d4 nv_agp - ok
    01:42:27.0119 0x10d4 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    01:42:27.0212 0x10d4 odserv - ok
    01:42:27.0228 0x10d4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    01:42:27.0259 0x10d4 ohci1394 - ok
    01:42:27.0400 0x10d4 [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
    01:42:27.0571 0x10d4 Origin Client Service - ok
    01:42:27.0618 0x10d4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    01:42:27.0696 0x10d4 ose - ok
    01:42:27.0727 0x10d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    01:42:27.0790 0x10d4 p2pimsvc - ok
    01:42:27.0821 0x10d4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
    01:42:27.0852 0x10d4 p2psvc - ok
    01:42:27.0868 0x10d4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    01:42:27.0899 0x10d4 Parport - ok
    01:42:27.0930 0x10d4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    01:42:27.0946 0x10d4 partmgr - ok
    01:42:27.0977 0x10d4 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
    01:42:28.0008 0x10d4 PcaSvc - ok
    01:42:28.0024 0x10d4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
    01:42:28.0055 0x10d4 pci - ok
    01:42:28.0086 0x10d4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
    01:42:28.0102 0x10d4 pciide - ok
    01:42:28.0133 0x10d4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    01:42:28.0148 0x10d4 pcmcia - ok
    01:42:28.0148 0x10d4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
    01:42:28.0164 0x10d4 pcw - ok
    01:42:28.0195 0x10d4 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    01:42:28.0242 0x10d4 PEAUTH - ok
    01:42:28.0289 0x10d4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
    01:42:28.0320 0x10d4 PerfHost - ok
    01:42:28.0382 0x10d4 [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla C:\Windows\system32\pla.dll
    01:42:28.0445 0x10d4 pla - ok
    01:42:28.0492 0x10d4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    01:42:28.0538 0x10d4 PlugPlay - ok
    01:42:28.0554 0x10d4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    01:42:28.0570 0x10d4 PNRPAutoReg - ok
    01:42:28.0585 0x10d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    01:42:28.0616 0x10d4 PNRPsvc - ok
    01:42:28.0694 0x10d4 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    01:42:28.0757 0x10d4 PolicyAgent - ok
    01:42:28.0772 0x10d4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
    01:42:28.0819 0x10d4 Power - ok
    01:42:28.0882 0x10d4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    01:42:28.0944 0x10d4 PptpMiniport - ok
    01:42:28.0960 0x10d4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
    01:42:28.0991 0x10d4 Processor - ok
    01:42:29.0022 0x10d4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
    01:42:29.0069 0x10d4 ProfSvc - ok
    01:42:29.0084 0x10d4 [ 7404CDF0B904C6B8AA36C1D167D9F286, 3194BF2EC8078E1EE5FAC0F1C35463629DB106B84D309052F47D0DD39595287E ] ProtectedStorage C:\Windows\system32\lsass.exe
    01:42:29.0100 0x10d4 ProtectedStorage - ok
    01:42:29.0162 0x10d4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    01:42:29.0256 0x10d4 Psched - ok
    01:42:29.0287 0x10d4 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
    01:42:29.0303 0x10d4 PSI - ok
    01:42:29.0334 0x10d4 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    01:42:29.0350 0x10d4 PSI_SVC_2 - ok
    01:42:29.0412 0x10d4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    01:42:29.0490 0x10d4 ql2300 - ok
    01:42:29.0506 0x10d4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    01:42:29.0521 0x10d4 ql40xx - ok
    01:42:29.0552 0x10d4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
    01:42:29.0568 0x10d4 QWAVE - ok
    01:42:29.0584 0x10d4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    01:42:29.0615 0x10d4 QWAVEdrv - ok
    01:42:29.0630 0x10d4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    01:42:29.0677 0x10d4 RasAcd - ok
    01:42:29.0708 0x10d4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    01:42:29.0740 0x10d4 RasAgileVpn - ok
    01:42:29.0755 0x10d4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
    01:42:29.0802 0x10d4 RasAuto - ok
    01:42:29.0833 0x10d4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    01:42:29.0880 0x10d4 Rasl2tp - ok
    01:42:29.0911 0x10d4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
    01:42:29.0958 0x10d4 RasMan - ok
    01:42:29.0989 0x10d4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    01:42:30.0036 0x10d4 RasPppoe - ok
    01:42:30.0052 0x10d4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    01:42:30.0083 0x10d4 RasSstp - ok
    01:42:30.0145 0x10d4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    01:42:30.0208 0x10d4 rdbss - ok
    01:42:30.0223 0x10d4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    01:42:30.0254 0x10d4 rdpbus - ok
    01:42:30.0270 0x10d4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    01:42:30.0317 0x10d4 RDPCDD - ok
    01:42:30.0348 0x10d4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    01:42:30.0379 0x10d4 RDPENCDD - ok
    01:42:30.0395 0x10d4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    01:42:30.0426 0x10d4 RDPREFMP - ok
    01:42:30.0488 0x10d4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    01:42:30.0535 0x10d4 RDPWD - ok
    01:42:30.0598 0x10d4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    01:42:30.0629 0x10d4 rdyboost - ok
    01:42:30.0676 0x10d4 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    01:42:30.0707 0x10d4 RealNetworks Downloader Resolver Service - ok
    01:42:30.0722 0x10d4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
    01:42:30.0769 0x10d4 RemoteAccess - ok
    01:42:30.0785 0x10d4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    01:42:30.0832 0x10d4 RemoteRegistry - ok
    01:42:30.0863 0x10d4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    01:42:30.0910 0x10d4 RpcEptMapper - ok
    01:42:30.0941 0x10d4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
    01:42:30.0956 0x10d4 RpcLocator - ok
    01:42:31.0003 0x10d4 [ 5E9F8D029D9B03110D835CBFC058068B, 038FDF99C643C8102026BA26A75899A56E91AD0C239DF71AA5443FD35C718C78 ] RpcSs C:\Windows\system32\rpcss.dll
    01:42:31.0034 0x10d4 RpcSs - ok
    01:42:31.0050 0x10d4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    01:42:31.0097 0x10d4 rspndr - ok
    01:42:31.0190 0x10d4 [ 5EDFCEE5682237607082880338415AA6, C711253F14B176800C68EE1B4620E11B5C2894CD052D5A82D4CE3B05E22B359C ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
    01:42:31.0237 0x10d4 RTL8192su - ok
    01:42:31.0237 0x10d4 [ 7404CDF0B904C6B8AA36C1D167D9F286, 3194BF2EC8078E1EE5FAC0F1C35463629DB106B84D309052F47D0DD39595287E ] SamSs C:\Windows\system32\lsass.exe
    01:42:31.0253 0x10d4 SamSs - ok
    01:42:31.0300 0x10d4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    01:42:31.0331 0x10d4 sbp2port - ok
    01:42:31.0362 0x10d4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    01:42:31.0393 0x10d4 SCardSvr - ok
    01:42:31.0440 0x10d4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    01:42:31.0471 0x10d4 scfilter - ok
    01:42:31.0565 0x10d4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
    01:42:31.0658 0x10d4 Schedule - ok
    01:42:31.0721 0x10d4 [ 2A50BE713FAF033420466C25979C028E, 46EAF744B8EB23F5D134D63C4600EE46662FAB28282CD762945DFB448D2463B3 ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
    01:42:31.0736 0x10d4 SCMNdisP - ok
    01:42:31.0768 0x10d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
    01:42:31.0814 0x10d4 SCPolicySvc - ok
    01:42:31.0846 0x10d4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    01:42:31.0892 0x10d4 SDRSVC - ok
    01:42:31.0924 0x10d4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
    01:42:31.0970 0x10d4 secdrv - ok
    01:42:32.0002 0x10d4 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
    01:42:32.0048 0x10d4 seclogon - ok
    01:42:32.0173 0x10d4 [ BE43B6172AC5961017762AB3C9B9B4C6, 209356410729F5DB8E9CB64B7F32638CE4C1559B5FA10B66C69C0650A0ADD36E ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    01:42:32.0236 0x10d4 Secunia PSI Agent - ok
    01:42:32.0267 0x10d4 [ C85EE9529401BF0467DACEB3D4BD1EAF, 4CB441A39C4FF3417B9046BEB237B3043A105A0112F5A04444F431C7F77C3D4B ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
    01:42:32.0298 0x10d4 Secunia Update Agent - ok
    01:42:32.0314 0x10d4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
    01:42:32.0360 0x10d4 SENS - ok
    01:42:32.0360 0x10d4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
    01:42:32.0407 0x10d4 SensrSvc - ok
    01:42:32.0423 0x10d4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    01:42:32.0438 0x10d4 Serenum - ok
    01:42:32.0470 0x10d4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
    01:42:32.0485 0x10d4 Serial - ok
    01:42:32.0516 0x10d4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    01:42:32.0563 0x10d4 sermouse - ok
    01:42:32.0610 0x10d4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
    01:42:32.0688 0x10d4 SessionEnv - ok
    01:42:32.0704 0x10d4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    01:42:32.0719 0x10d4 sffdisk - ok
    01:42:32.0735 0x10d4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    01:42:32.0766 0x10d4 sffp_mmc - ok
    01:42:32.0782 0x10d4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    01:42:32.0813 0x10d4 sffp_sd - ok
    01:42:32.0844 0x10d4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    01:42:32.0875 0x10d4 sfloppy - ok
    01:42:32.0938 0x10d4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    01:42:33.0000 0x10d4 SharedAccess - ok
    01:42:33.0062 0x10d4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    01:42:33.0109 0x10d4 ShellHWDetection - ok
    01:42:33.0125 0x10d4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    01:42:33.0140 0x10d4 SiSRaid2 - ok
    01:42:33.0156 0x10d4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    01:42:33.0172 0x10d4 SiSRaid4 - ok
    01:42:33.0203 0x10d4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    01:42:33.0250 0x10d4 Smb - ok
    01:42:33.0296 0x10d4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    01:42:33.0312 0x10d4 SNMPTRAP - ok
    01:42:33.0328 0x10d4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
    01:42:33.0343 0x10d4 spldr - ok
    01:42:33.0406 0x10d4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
    01:42:33.0452 0x10d4 Spooler - ok
    01:42:33.0624 0x10d4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
    01:42:33.0749 0x10d4 sppsvc - ok
    01:42:33.0780 0x10d4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    01:42:33.0811 0x10d4 sppuinotify - ok
    01:42:33.0889 0x10d4 [ 546C81F238F084A393EC54114741A0A8, AA223A2A8E8503CBDB0CE6A70620B372E0591070F9FF7D8532A93B54EF7B7E51 ] srv C:\Windows\system32\DRIVERS\srv.sys
    01:42:33.0920 0x10d4 srv - ok
    01:42:33.0952 0x10d4 [ 431D2B06E8F93EAEC53E8FA37FCFF2F1, 4CB94D250E9D2646FCE7284D4D3CED1BB02E4D79AD33A414D16EF794195868CA ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    01:42:33.0983 0x10d4 srv2 - ok
    01:42:34.0014 0x10d4 [ 42EDAB3E3E8E25C7093674936C2DB4BD, B2D5E006B748F24F0FF2CEFFC3D056F3D50E8A818BDFF4231C87C022A25F44ED ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    01:42:34.0045 0x10d4 srvnet - ok
    01:42:34.0076 0x10d4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    01:42:34.0123 0x10d4 SSDPSRV - ok
    01:42:34.0139 0x10d4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
    01:42:34.0201 0x10d4 SstpSvc - ok
    01:42:34.0217 0x10d4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    01:42:34.0232 0x10d4 stexstor - ok
    01:42:34.0326 0x10d4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
    01:42:34.0373 0x10d4 stisvc - ok
    01:42:34.0404 0x10d4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
    01:42:34.0420 0x10d4 swenum - ok
    01:42:34.0451 0x10d4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
    01:42:34.0498 0x10d4 swprv - ok
    01:42:34.0607 0x10d4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
    01:42:34.0700 0x10d4 SysMain - ok
    01:42:34.0716 0x10d4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
    01:42:34.0747 0x10d4 TabletInputService - ok
    01:42:34.0778 0x10d4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
    01:42:34.0810 0x10d4 TapiSrv - ok
    01:42:34.0934 0x10d4 [ 351A21ED3971ADD558956FF3EB0F6FED, 44C3A5452F120E9D29FB9840E811CF0C1D7D8F675ED1B2E501C746A4CC0BF8A7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    01:42:35.0012 0x10d4 Tcpip - ok
    01:42:35.0075 0x10d4 [ 351A21ED3971ADD558956FF3EB0F6FED, 44C3A5452F120E9D29FB9840E811CF0C1D7D8F675ED1B2E501C746A4CC0BF8A7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    01:42:35.0137 0x10d4 TCPIP6 - ok
    01:42:35.0184 0x10d4 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    01:42:35.0246 0x10d4 tcpipreg - ok
    01:42:35.0262 0x10d4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    01:42:35.0293 0x10d4 TDPIPE - ok
    01:42:35.0309 0x10d4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    01:42:35.0340 0x10d4 TDTCP - ok
    01:42:35.0356 0x10d4 [ EC75A942C32F7F405659D86156DCE4C5, 01EA22B0F8ADD1674E3DE785F5ABC3C0F0DAE42E69CD9EEADDDCDDD4C652CBFD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    01:42:35.0387 0x10d4 tdx - ok
    01:42:35.0434 0x10d4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
    01:42:35.0449 0x10d4 TermDD - ok
    01:42:35.0512 0x10d4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
    01:42:35.0574 0x10d4 TermService - ok
    01:42:35.0590 0x10d4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
    01:42:35.0636 0x10d4 Themes - ok
    01:42:35.0652 0x10d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
    01:42:35.0699 0x10d4 THREADORDER - ok
    01:42:35.0714 0x10d4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
    01:42:35.0777 0x10d4 TrkWks - ok
    01:42:35.0855 0x10d4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    01:42:35.0933 0x10d4 TrustedInstaller - ok
    01:42:35.0980 0x10d4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    01:42:36.0026 0x10d4 tssecsrv - ok
    01:42:36.0089 0x10d4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    01:42:36.0167 0x10d4 TsUsbFlt - ok
    01:42:36.0245 0x10d4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    01:42:36.0323 0x10d4 tunnel - ok
    01:42:36.0338 0x10d4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    01:42:36.0354 0x10d4 uagp35 - ok
    01:42:36.0416 0x10d4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    01:42:36.0463 0x10d4 udfs - ok
    01:42:36.0494 0x10d4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
    01:42:36.0526 0x10d4 UI0Detect - ok
    01:42:36.0541 0x10d4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    01:42:36.0557 0x10d4 uliagpkx - ok
    01:42:36.0588 0x10d4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
    01:42:36.0604 0x10d4 umbus - ok
    01:42:36.0635 0x10d4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    01:42:36.0650 0x10d4 UmPass - ok
    01:42:36.0682 0x10d4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
    01:42:36.0728 0x10d4 upnphost - ok
    01:42:36.0775 0x10d4 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
    01:42:36.0791 0x10d4 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
    01:42:37.0259 0x10d4 Detect skipped due to KSN trusted
    01:42:37.0259 0x10d4 USBAAPL64 - ok
    01:42:37.0321 0x10d4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
    01:42:37.0399 0x10d4 usbaudio - ok
    01:42:37.0430 0x10d4 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
    01:42:37.0493 0x10d4 usbccgp - ok
    01:42:37.0524 0x10d4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
    01:42:37.0555 0x10d4 usbcir - ok
    01:42:37.0602 0x10d4 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
    01:42:37.0633 0x10d4 usbehci - ok
    01:42:37.0664 0x10d4 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
    01:42:37.0680 0x10d4 usbhub - ok
    01:42:37.0711 0x10d4 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
    01:42:37.0727 0x10d4 usbohci - ok
    01:42:37.0758 0x10d4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    01:42:37.0789 0x10d4 usbprint - ok
    01:42:37.0836 0x10d4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    01:42:37.0883 0x10d4 usbscan - ok
    01:42:37.0898 0x10d4 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
    01:42:37.0961 0x10d4 USBSTOR - ok
    01:42:37.0961 0x10d4 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    01:42:37.0992 0x10d4 usbuhci - ok
    01:42:38.0008 0x10d4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
    01:42:38.0070 0x10d4 UxSms - ok
    01:42:38.0086 0x10d4 [ 7404CDF0B904C6B8AA36C1D167D9F286, 3194BF2EC8078E1EE5FAC0F1C35463629DB106B84D309052F47D0DD39595287E ] VaultSvc C:\Windows\system32\lsass.exe
    01:42:38.0101 0x10d4 VaultSvc - ok
    01:42:38.0132 0x10d4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    01:42:38.0148 0x10d4 vdrvroot - ok
    01:42:38.0195 0x10d4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
    01:42:38.0242 0x10d4 vds - ok
    01:42:38.0273 0x10d4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    01:42:38.0288 0x10d4 vga - ok
    01:42:38.0288 0x10d4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
    01:42:38.0335 0x10d4 VgaSave - ok
    01:42:38.0366 0x10d4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    01:42:38.0382 0x10d4 vhdmp - ok
    01:42:38.0398 0x10d4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
    01:42:38.0413 0x10d4 viaide - ok
    01:42:38.0429 0x10d4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    01:42:38.0444 0x10d4 volmgr - ok
    01:42:38.0491 0x10d4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    01:42:38.0522 0x10d4 volmgrx - ok
    01:42:38.0522 0x10d4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
    01:42:38.0554 0x10d4 volsnap - ok
    01:42:38.0569 0x10d4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    01:42:38.0585 0x10d4 vsmraid - ok
    01:42:38.0710 0x10d4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
    01:42:38.0788 0x10d4 VSS - ok
    01:42:38.0803 0x10d4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    01:42:38.0834 0x10d4 vwifibus - ok
    01:42:38.0866 0x10d4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    01:42:38.0897 0x10d4 vwififlt - ok
    01:42:38.0912 0x10d4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    01:42:38.0944 0x10d4 vwifimp - ok
    01:42:38.0990 0x10d4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
    01:42:39.0022 0x10d4 W32Time - ok
    01:42:39.0037 0x10d4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    01:42:39.0068 0x10d4 WacomPen - ok
    01:42:39.0115 0x10d4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    01:42:39.0146 0x10d4 WANARP - ok
    01:42:39.0162 0x10d4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    01:42:39.0193 0x10d4 Wanarpv6 - ok
    01:42:39.0256 0x10d4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    01:42:39.0521 0x10d4 WatAdminSvc - ok
    01:42:39.0583 0x10d4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
    01:42:39.0677 0x10d4 wbengine - ok
    01:42:39.0708 0x10d4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    01:42:39.0739 0x10d4 WbioSrvc - ok
    01:42:39.0786 0x10d4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
    01:42:39.0833 0x10d4 wcncsvc - ok
    01:42:39.0864 0x10d4 [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    01:42:39.0926 0x10d4 WcsPlugInService - ok
    01:42:39.0958 0x10d4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
    01:42:39.0973 0x10d4 Wd - ok
    01:42:40.0020 0x10d4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    01:42:40.0067 0x10d4 Wdf01000 - ok
    01:42:40.0114 0x10d4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
    01:42:40.0145 0x10d4 WdiServiceHost - ok
    01:42:40.0145 0x10d4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
    01:42:40.0160 0x10d4 WdiSystemHost - ok
    01:42:40.0207 0x10d4 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
    01:42:40.0238 0x10d4 WebClient - ok
    01:42:40.0285 0x10d4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
    01:42:40.0363 0x10d4 Wecsvc - ok
    01:42:40.0379 0x10d4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    01:42:40.0426 0x10d4 wercplsupport - ok
    01:42:40.0457 0x10d4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
    01:42:40.0488 0x10d4 WerSvc - ok
    01:42:40.0519 0x10d4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    01:42:40.0566 0x10d4 WfpLwf - ok
    01:42:40.0582 0x10d4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    01:42:40.0597 0x10d4 WIMMount - ok
    01:42:40.0597 0x10d4 WinDefend - ok
    01:42:40.0613 0x10d4 WinHttpAutoProxySvc - ok
    01:42:40.0644 0x10d4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    01:42:40.0691 0x10d4 Winmgmt - ok
    01:42:40.0784 0x10d4 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
    01:42:40.0878 0x10d4 WinRM - ok
    01:42:40.0925 0x10d4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    01:42:40.0956 0x10d4 WinUsb - ok
    01:42:40.0987 0x10d4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
    01:42:41.0050 0x10d4 Wlansvc - ok
    01:42:41.0081 0x10d4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    01:42:41.0112 0x10d4 WmiAcpi - ok
    01:42:41.0143 0x10d4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    01:42:41.0174 0x10d4 wmiApSrv - ok
    01:42:41.0206 0x10d4 WMPNetworkSvc - ok
    01:42:41.0221 0x10d4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
    01:42:41.0252 0x10d4 WPCSvc - ok
    01:42:41.0284 0x10d4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    01:42:41.0315 0x10d4 WPDBusEnum - ok
    01:42:41.0330 0x10d4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    01:42:41.0377 0x10d4 ws2ifsl - ok
    01:42:41.0393 0x10d4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
    01:42:41.0424 0x10d4 wscsvc - ok
    01:42:41.0455 0x10d4 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
    01:42:41.0471 0x10d4 WSDPrintDevice - ok
    01:42:41.0518 0x10d4 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\drivers\WSDScan.sys
    01:42:41.0533 0x10d4 WSDScan - ok
    01:42:41.0533 0x10d4 WSearch - ok
    01:42:41.0642 0x10d4 [ 0001DC46B513A37B1E8151335CA6F28E, 94DCD24371F2429FFE5EC823F9B8EE25E54AF6F5D244197AFC0BB626F4ADD453 ] WSWNA1100 C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
    01:42:41.0674 0x10d4 WSWNA1100 - ok
    01:42:41.0814 0x10d4 [ F24A345C584EC2EFC49F9F375EBDA2A5, 85FBB211CA2320363B5503E06AC23C6A89007D3777D696DF6D7ADB2369965ECD ] wuauserv C:\Windows\system32\wuaueng.dll
    01:42:41.0939 0x10d4 wuauserv - ok
    01:42:41.0986 0x10d4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    01:42:42.0017 0x10d4 WudfPf - ok
    01:42:42.0032 0x10d4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    01:42:42.0064 0x10d4 WUDFRd - ok
    01:42:42.0095 0x10d4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    01:42:42.0110 0x10d4 wudfsvc - ok
    01:42:42.0157 0x10d4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
    01:42:42.0220 0x10d4 WwanSvc - ok
    01:42:42.0251 0x10d4 ================ Scan global ===============================
    01:42:42.0298 0x10d4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
    01:42:42.0344 0x10d4 [ C635B3578DBAFB1E03497C0D2F2418A5, 697454B3EC86078F0C37C258BDEDA8E2798BB574B0C11E652D4A0141E827174C ] C:\Windows\system32\winsrv.dll
    01:42:42.0376 0x10d4 [ C635B3578DBAFB1E03497C0D2F2418A5, 697454B3EC86078F0C37C258BDEDA8E2798BB574B0C11E652D4A0141E827174C ] C:\Windows\system32\winsrv.dll
    01:42:42.0391 0x10d4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
    01:42:42.0454 0x10d4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
    01:42:42.0469 0x10d4 [ Global ] - ok
    01:42:42.0469 0x10d4 ================ Scan MBR ==================================
    01:42:42.0485 0x10d4 [ A5B154D4F8D7652CDC798E81446EA5D5 ] \Device\Harddisk0\DR0
    01:42:42.0688 0x10d4 \Device\Harddisk0\DR0 - ok
    01:42:42.0688 0x10d4 ================ Scan VBR ==================================
    01:42:42.0703 0x10d4 [ D259F9A4068FAB8B03357BB8831D135C ] \Device\Harddisk0\DR0\Partition1
    01:42:42.0703 0x10d4 \Device\Harddisk0\DR0\Partition1 - ok
    01:42:42.0703 0x10d4 [ 3BCA6A46C63E16E092926D4538DF2A3B ] \Device\Harddisk0\DR0\Partition2
    01:42:42.0719 0x10d4 \Device\Harddisk0\DR0\Partition2 - ok
    01:42:42.0719 0x10d4 [ 1EE363B586308BCD5BAEBEA8A3188FD3 ] \Device\Harddisk0\DR0\Partition3
    01:42:42.0719 0x10d4 \Device\Harddisk0\DR0\Partition3 - ok
    01:42:42.0719 0x10d4 ================ Scan generic autorun ======================
    01:42:42.0859 0x10d4 [ 7A727248EBC065BD2BB94A9B2892D190, B1E12ED3D07963EF0FA09B3ECD8AC3FBD316733D968A99C958DF7026B1BDFD99 ] c:\Program Files\Microsoft Security Client\msseces.exe
    01:42:42.0906 0x10d4 MSC - ok
    01:42:42.0937 0x10d4 [ 50B6C8EA3315966B46FCB4F90EA9DB1B, 2201C39001B6D17507B179AE209C527D1FEC9990D97CB1B30B67FE3293EEFD1A ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    01:42:42.0968 0x10d4 SmartMenu - ok
    01:42:42.0968 0x10d4 NvCplDaemon - ok
    01:42:43.0046 0x10d4 [ A5080C034E5B6729EE95F9C455AEFCF2, 27C136459BE4EC33F937A23E2DA69966532678F101DB711FD2A702A54111E989 ] C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
    01:42:43.0078 0x10d4 Corel Photo Downloader - ok
    01:42:43.0093 0x10d4 AdAwareTray - ok
    01:42:43.0296 0x10d4 [ 5602FF42444B4991E69C62E493BDAEC4, 7AE46CA0CD1E1C091B31EE4A691C26823E0F1AB1CA6B1C29E6C662BF7E28A996 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
    01:42:43.0374 0x10d4 Malwarebytes TrayApp - ok
    01:42:43.0468 0x10d4 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe
    01:42:43.0483 0x10d4 UpdatePRCShortCut - ok
    01:42:43.0592 0x10d4 [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
    01:42:43.0624 0x10d4 TkBellExe - ok
    01:42:43.0670 0x10d4 [ E8F915D5140A75ABFF036BBF9D0941AD, CACAF7542A1616C43929435BC71797636A2829595967B255F856A146B63A1B2C ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
    01:42:43.0702 0x10d4 NortonOnlineBackupReminder - ok
    01:42:43.0702 0x10d4 jswtrayutil - ok
    01:42:43.0764 0x10d4 [ DCD78A37FB33BF0141A231109B052785, BCF3EB4D038D7D5DB74C8BBB564681C16086EB0E5BDED25C7EA4147A361A9D6F ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
    01:42:43.0795 0x10d4 iTunesHelper - ok
    01:42:43.0811 0x10d4 [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    01:42:43.0826 0x10d4 hpsysdrv - ok
    01:42:43.0858 0x10d4 [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    01:42:43.0889 0x10d4 HP Software Update - ok
    01:42:43.0889 0x10d4 HP Remote Solution - ok
    01:42:44.0060 0x10d4 [ 5EE9595568218E6AA0FE0F6065B65EC7, 8ED0A1A8E4FC37E24D205EC4BA357574FA22B8B5019AFCCB9D0F55B03519163C ] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
    01:42:44.0123 0x10d4 Family Tree Builder Update - detected UnsignedFile.Multi.Generic ( 1 )
    01:42:44.0669 0x10d4 Detect skipped due to KSN trusted
    01:42:44.0669 0x10d4 Family Tree Builder Update - ok
    01:42:44.0700 0x10d4 [ 200765F48E352F44ADEAD071E0C7A54A, 4394D379268E5B24D0B23678FA9D72995D0AC7C18B69CE4B3770A43F4B757AF7 ] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    01:42:44.0716 0x10d4 Corel File Shell Monitor - ok
    01:42:44.0762 0x10d4 [ CE0F3BCBDD5A968DBE07678EB7D6E233, D036B6A47BA70D6E231AF0302BF005FC66401C3A2F00374B98FD8EC949638A03 ] C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe
    01:42:44.0778 0x10d4 CenturyLinkTouchPointAgent - ok
    01:42:44.0950 0x10d4 [ 8AC10EC7431ABCB52A74CC9236907EB7, 40C1354165EDE1503D078C1274A9BA0B02C80B2628EB8BF663A23A87760B9C17 ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
    01:42:44.0996 0x10d4 CanonQuickMenu - ok
    01:42:44.0996 0x10d4 AVG_UI - ok
    01:42:45.0043 0x10d4 APSDaemon - ok
    01:42:45.0168 0x10d4 [ ABC53D0C55FBF9C78AAD3583EFF4E3A9, 232400B5017DAB5855EAC8A0103000E902ADF07C69414556F89F68D460CB2400 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    01:42:45.0215 0x10d4 Adobe ARM - ok
    01:42:45.0324 0x10d4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    01:42:45.0386 0x10d4 Sidebar - ok
    01:42:45.0418 0x10d4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
    01:42:45.0449 0x10d4 mctadmin - ok
    01:42:45.0496 0x10d4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    01:42:45.0527 0x10d4 Sidebar - ok
    01:42:45.0542 0x10d4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
    01:42:45.0558 0x10d4 mctadmin - ok
    01:42:45.0574 0x10d4 Waiting for KSN requests completion. In queue: 95
    01:42:46.0650 0x10d4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.10.209.0 ), 0x61000 ( enabled : updated )
    01:42:46.0650 0x10d4 Win FW state via NFP2: enabled ( trusted )
    01:42:47.0165 0x10d4 ============================================================
    01:42:47.0165 0x10d4 Scan finished
    01:42:47.0165 0x10d4 ============================================================
    01:42:47.0180 0x0b24 Detected object count: 0
    01:42:47.0180 0x0b24 Actual detected object count: 0
     
  13. capnkrunch

    capnkrunch Malware Specialist

    Joined:
    Nov 28, 2015
    Messages:
    387
    Hello sr300zx :)

    You posted the FRST registry search log again. I need you to run the file search as detailed in my last post. Please follow the instructions carefully. Make sure to click Search Files NOT Search Registry.

    FRST - Search Files
    • You should still have FRST64.exe in your Downloads folder. If not please download it HERE.
    • Right click FRST64.exe and select Run as administrator.
    • Copy and paste the following into the Search box:
    • Click Search Files. The scan can take 10 minutes or more to complete.
    • You will get a popup telling you when the search has completed. Click OK.
    • This will open a file Search.txt. Please copy and paste the contents in your reply.
      Search.txt can also be found in the same folder FRST was run from.

    Please post each log separately to prevent it being cut off by the forum post size limiter.
    Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

    In your next reply please include:
    • Did you have any problems with the instructions?
    • Search.txt
    • Are there any changes in computer behavior?
     
  14. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    I hope I did this right...

    Farbar Recovery Scan Tool (x64) Version: 22-05-2017
    Ran by kim (22-05-2017 14:32:50)
    Running from C:\Users\kim\Downloads
    Boot Mode: Normal

    ================== Search Files: "BrowseMark;Exent;SelectionLinks;GameTreatWidget" =============

    ====== End of Search ======
     
  15. sr300zx

    sr300zx Thread Starter

    Joined:
    May 28, 2011
    Messages:
    88
    Farbar Recovery Scan Tool (x64) Version: 22-05-2017
    Ran by kim (22-05-2017 14:44:11)
    Running from C:\Users\kim\Downloads
    Boot Mode: Normal

    ================== Search Files: "SweetIM*;Playtopus*;Claro*;BrowseMark*;Wajam*;Trezaa*;Exent*;SelectionLinks*;GameTreatWidget*" =============

    C:\ProgramData\Spybot - Search & Destroy\Recovery\ClaroToolbar.zip
    [2012-12-19 09:54][2012-12-19 09:54] 0000547 _____ () 19EC5435503193377DC1EABF68522FA0 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\ClaroToolbar1.zip
    [2012-12-19 09:54][2012-12-19 09:54] 0000613 _____ () B4090AD9E82D2E1032AC052D7C55678F [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks.zip
    [2013-05-18 15:18][2013-05-18 15:18] 0684016 _____ () E405A950DCA2B1CBB9C118A9D6B535A1 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks1.zip
    [2013-05-18 15:18][2013-05-18 15:18] 0001040 _____ () 1318FB311430BB006988A5AFCC98B333 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks10.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000550 _____ () A817F0A46E02539D7B424821BC924B45 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks11.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000624 _____ () 1D061B0BF2AB4D56FF1F10E56B0A2FD9 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks12.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0683749 _____ () 06AE26694EF14E509D8580F77B2AD0C9 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks13.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000568 _____ () 9005142C3040E87EAC4A59329A809832 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks14.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000614 _____ () D026BDA693B2441243003391858F57E8 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks15.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000551 _____ () A2FF974006A49B0A54CAFCF376BA9D1A [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks16.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000568 _____ () 9BFD2C327BAE5A11A44F54B09950489A [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks17.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000319 _____ () 56B23E8544B4BA67B6315BFC4BC9ECCF [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks2.zip
    [2013-05-18 15:18][2013-05-18 15:18] 0000800 _____ () A87CD653BA139051E5F29351DFE3D59E [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks3.zip
    [2013-05-18 15:18][2013-05-18 15:18] 0000800 _____ () D526FA9D6BF160900E263268AFEB6571 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks4.zip
    [2013-05-18 15:18][2013-05-18 15:18] 0000800 _____ () 2729BA2B5EFBF0AB7DFFB14EDB9E0C78 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks5.zip
    [2013-05-18 15:18][2013-05-18 15:18] 0000800 _____ () 2D6D0F49FE4E1E2A901E78BA94451411 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks6.zip
    [2013-05-18 15:18][2013-05-18 15:18] 0000800 _____ () 795505FCA1B7F57BCAE27851B9E12078 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks7.zip
    [2013-05-18 15:18][2013-05-18 15:18] 0000800 _____ () 53688118067F1F719357FA8F05FFCCC6 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks8.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000569 _____ () 0971DCBA7AA9E29653B2AE5E04D56BCF [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SelectionLinks9.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000639 _____ () 4A319001B523C4F7F975180856A959DA [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0384862 _____ () 3D68F30103A329141CA0FFA5B1104890 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM1.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000330 _____ () ECE4AA22C53C85BD663227CA7ACB68E8 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000620 _____ () C1CD415C15E146B3543CAE70029A5FA9 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam1.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000648 _____ () 83988814CD9BBF11B083BDF2266336C7 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam10.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000647 _____ () 225ABDA27A3CA133999B9265173894F4 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam11.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000628 _____ () 11804503FC03292FFC016D62022F9049 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam12.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000573 _____ () 25BCAA9E7367B9F1F9D93C9E32F9FE33 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam13.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000635 _____ () 9507C754319F21CEE6439DB14262738D [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam2.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000731 _____ () 4140907DCF89C14C1F8602D1F31DD0B4 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam3.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000648 _____ () F24F2428C27591682E9CFAC771C08771 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam4.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000731 _____ () 256074E0BD7A70A06D43B9EAAB83D122 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam5.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000651 _____ () 432DEFD76BC2E9C8925B93AB35CEC9DC [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam6.zip
    [2014-11-27 15:53][2014-11-27 15:53] 0000738 _____ () DED89F1FCBC720A86A38C810A246DB67 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam7.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000619 _____ () F538369E1EAC42A46370C830CBAB58DD [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam8.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000647 _____ () 428322B28830E5D8161ADF217AEFD523 [File not signed]

    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam9.zip
    [2015-04-24 21:32][2015-04-24 21:32] 0000629 _____ () E0E9DA3724AFB6CC5A9691521622EECA [File not signed]

    C:\FRST\Quarantine\C\ProgramData\TrezaaSetupx30044.msi.xBAD
    [2016-06-21 21:27][2016-08-22 22:40] 1134592 _____ () E7F8EB78BA66CD55A11124C43A8A891A [File is digitally signed]

    ====== End of Search ======
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...

Short URL to this thread: https://techguy.org/1189930