[RKinner]

In IE, Tools, (or gear symbol) then click on View Downloads then Options (in the bottom left corner). Default Download Locations, click on Browse then slide the slider up to the top so you can see Desktop and click on it then Select Folder. OK.

[Advertisements]

Good Morning Ron,
Many thanks for your very helpful advice its done the job.I am so grateful for everything you are doing for me and at the same time learning so much.
I have to go out today for most of the day and will give you a reply back as soon as i can on the items i have still to do.

Very Best Wishes
Zac1

[zac1]

Good Morning Ron,
Many thanks for your very helpful advice its done the job.I am so grateful for everything you are doing for me and at the same time learning so much.
I have to go out today for most of the day and will give you a reply back as soon as i can on the items i have still to do.

Very Best Wishes
Zac1

[zac1]

Good evening Ron.Here are the adwcleaner results.# AdwCleaner v3.003 - Report created 10/09/2013 at 22:40:55
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : andrew - ANDREW-TOSH
# Running from : C:\Users\andrew\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\SpeedMaxPc
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Program Files (x86)\Utils.dll

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\SpeedMaxPC
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16576


-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10586 octets] - [08/09/2013 20:09:29]
AdwCleaner[R1].txt - [3590 octets] - [10/09/2013 22:39:54]
AdwCleaner[S0].txt - [5412 octets] - [10/09/2013 22:35:26]
AdwCleaner[S1].txt - [3402 octets] - [10/09/2013 22:40:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3462 octets] ##########

[RKinner]

OK That worked. Can you find aswMBR.txt that aswMBR.exe should have left in the same folder it ran from?

[zac1]

results from TDSSKiller.I will look for aswMBR.TDSS showed all clear.23:01:41.0515 0x0264 TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
23:01:41.0858 0x0264 ============================================================
23:01:41.0873 0x0264 Current date / time: 2013/09/10 23:01:41.0858
23:01:41.0873 0x0264 SystemInfo:
23:01:41.0873 0x0264
23:01:41.0873 0x0264 OS Version: 6.1.7601 ServicePack: 1.0
23:01:41.0873 0x0264 Product type: Workstation
23:01:41.0873 0x0264 ComputerName: ANDREW-TOSH
23:01:41.0873 0x0264 UserName: andrew
23:01:41.0873 0x0264 Windows directory: C:\Windows
23:01:41.0873 0x0264 System windows directory: C:\Windows
23:01:41.0873 0x0264 Running under WOW64
23:01:41.0873 0x0264 Processor architecture: Intel x64
23:01:41.0873 0x0264 Number of processors: 2
23:01:41.0873 0x0264 Page size: 0x1000
23:01:41.0873 0x0264 Boot type: Normal boot
23:01:41.0873 0x0264 ============================================================
23:01:43.0714 0x0264 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:01:43.0714 0x0264 ============================================================
23:01:43.0714 0x0264 \Device\Harddisk0\DR0:
23:01:43.0714 0x0264 MBR partitions:
23:01:43.0714 0x0264 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x12A17000
23:01:43.0714 0x0264 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12ADF800, BlocksNum 0x1294F000
23:01:43.0714 0x0264 ============================================================
23:01:43.0745 0x0264 C: <-> \Device\Harddisk0\DR0\Partition1
23:01:43.0792 0x0264 D: <-> \Device\Harddisk0\DR0\Partition2
23:01:43.0792 0x0264 ============================================================
23:01:43.0792 0x0264 Initialize success
23:01:43.0792 0x0264 ============================================================
23:01:58.0643 0x1354 ============================================================
23:01:58.0643 0x1354 Scan started
23:01:58.0643 0x1354 Mode: Manual;
23:01:58.0643 0x1354 ============================================================
23:01:59.0626 0x1354 ================ Scan system memory ========================
23:01:59.0626 0x1354 System memory - ok
23:01:59.0626 0x1354 ================ Scan services =============================
23:01:59.0938 0x1354 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:01:59.0954 0x1354 1394ohci - ok
23:02:00.0063 0x1354 [ 8ACBB0D11A99EF06BFFD09C5B4DF0925 ] 4959228drv C:\Windows\system32\DRIVERS\4959228drv.sys
23:02:00.0063 0x1354 4959228drv - ok
23:02:00.0110 0x1354 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:02:00.0125 0x1354 ACPI - ok
23:02:00.0172 0x1354 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:02:00.0172 0x1354 AcpiPmi - ok
23:02:00.0297 0x1354 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:02:00.0297 0x1354 AdobeARMservice - ok
23:02:00.0359 0x1354 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:02:00.0375 0x1354 adp94xx - ok
23:02:00.0422 0x1354 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:02:00.0422 0x1354 adpahci - ok
23:02:00.0437 0x1354 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:02:00.0437 0x1354 adpu320 - ok
23:02:00.0484 0x1354 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:02:00.0500 0x1354 AeLookupSvc - ok
23:02:00.0562 0x1354 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:02:00.0562 0x1354 AFD - ok
23:02:00.0640 0x1354 [ A12CC7EA6448C7BADC8677593C2AC55D ] AFW C:\Windows\system32\DRIVERS\afw.sys
23:02:00.0640 0x1354 AFW - ok
23:02:00.0718 0x1354 [ 6BE9AC4EDB62252BA7AA13AF0CA907B8 ] afwcore C:\Windows\system32\DRIVERS\afwcore.sys
23:02:00.0718 0x1354 afwcore - ok
23:02:00.0781 0x1354 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:02:00.0781 0x1354 agp440 - ok
23:02:00.0827 0x1354 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:02:00.0827 0x1354 ALG - ok
23:02:00.0859 0x1354 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:02:00.0859 0x1354 aliide - ok
23:02:00.0999 0x1354 [ 310F88A93C3B02E3D1F906FB57B9E01E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:02:00.0999 0x1354 AMD External Events Utility - ok
23:02:01.0124 0x1354 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:02:01.0139 0x1354 amdide - ok
23:02:01.0280 0x1354 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:02:01.0295 0x1354 AmdK8 - ok
23:02:01.0561 0x1354 [ 62DDF55680F8C53E4B8DDE4189ADA0B8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:02:01.0763 0x1354 amdkmdag - ok
23:02:01.0841 0x1354 [ 51F027DFFEDFB8D763FABFFA06B56E6D ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:02:01.0841 0x1354 amdkmdap - ok
23:02:01.0919 0x1354 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:02:01.0919 0x1354 AmdPPM - ok
23:02:01.0966 0x1354 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:02:01.0982 0x1354 amdsata - ok
23:02:01.0997 0x1354 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:02:02.0013 0x1354 amdsbs - ok
23:02:02.0029 0x1354 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:02:02.0029 0x1354 amdxata - ok
23:02:02.0044 0x1354 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
23:02:02.0044 0x1354 amd_sata - ok
23:02:02.0075 0x1354 [ A2D8977623E13591B15F6370C6CC37B0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
23:02:02.0075 0x1354 amd_xata - ok
23:02:02.0138 0x1354 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:02:02.0138 0x1354 AppID - ok
23:02:02.0185 0x1354 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:02:02.0185 0x1354 AppIDSvc - ok
23:02:02.0200 0x1354 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
23:02:02.0200 0x1354 Appinfo - ok
23:02:02.0263 0x1354 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
23:02:02.0278 0x1354 arc - ok
23:02:02.0294 0x1354 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:02:02.0294 0x1354 arcsas - ok
23:02:02.0356 0x1354 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
23:02:02.0356 0x1354 aswRvrt - ok
23:02:02.0419 0x1354 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:02:02.0434 0x1354 aswSnx - ok
23:02:02.0450 0x1354 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
23:02:02.0450 0x1354 aswVmm - ok
23:02:02.0512 0x1354 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:02:02.0512 0x1354 AsyncMac - ok
23:02:02.0575 0x1354 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:02:02.0575 0x1354 atapi - ok
23:02:02.0653 0x1354 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:02:02.0668 0x1354 AudioEndpointBuilder - ok
23:02:02.0684 0x1354 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:02:02.0684 0x1354 AudioSrv - ok
23:02:02.0746 0x1354 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:02:02.0746 0x1354 AxInstSV - ok
23:02:02.0809 0x1354 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:02:02.0809 0x1354 b06bdrv - ok
23:02:02.0855 0x1354 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:02:02.0871 0x1354 b57nd60a - ok
23:02:02.0949 0x1354 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
23:02:02.0965 0x1354 BBSvc - ok
23:02:03.0027 0x1354 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:02:03.0027 0x1354 BDESVC - ok
23:02:03.0121 0x1354 [ 760D877A396EC5061BF1B7B19502A9E2 ] BdNet C:\Windows\system32\drivers\BdNet.sys
23:02:03.0121 0x1354 BdNet - ok
23:02:03.0183 0x1354 [ 1C0BC1DC0A8C120F7EA435B6D72FAF4A ] BdSpy C:\Windows\system32\drivers\BdSpy.sys
23:02:03.0183 0x1354 BdSpy - ok
23:02:03.0245 0x1354 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:02:03.0245 0x1354 Beep - ok
23:02:03.0339 0x1354 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:02:03.0355 0x1354 BFE - ok
23:02:03.0433 0x1354 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:02:03.0448 0x1354 BITS - ok
23:02:03.0495 0x1354 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:02:03.0495 0x1354 blbdrive - ok
23:02:03.0557 0x1354 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:02:03.0557 0x1354 bowser - ok
23:02:03.0620 0x1354 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:02:03.0620 0x1354 BrFiltLo - ok
23:02:03.0635 0x1354 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:02:03.0651 0x1354 BrFiltUp - ok
23:02:03.0682 0x1354 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:02:03.0682 0x1354 Browser - ok
23:02:03.0729 0x1354 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:02:03.0729 0x1354 Brserid - ok
23:02:03.0760 0x1354 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:02:03.0760 0x1354 BrSerWdm - ok
23:02:03.0807 0x1354 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:02:03.0807 0x1354 BrUsbMdm - ok
23:02:03.0823 0x1354 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:02:03.0838 0x1354 BrUsbSer - ok
23:02:04.0025 0x1354 [ D3B53260D4C9DCC19449D8BA008F09CD ] BsBackup C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll
23:02:04.0041 0x1354 BsBackup - ok
23:02:04.0088 0x1354 [ 2B01F327D99EFC51BB150DE9FC8F1B5F ] BsBhvScan C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
23:02:04.0088 0x1354 BsBhvScan - ok
23:02:04.0181 0x1354 [ 345AAC08D46C51FAE202FB2D53D7D9B9 ] BsFileScan c:\program files\bullguard ltd\bullguard\BsFileScan.dll
23:02:04.0197 0x1354 BsFileScan - ok
23:02:04.0244 0x1354 [ 8273A0AC85A8E5540648BFBBDC661674 ] BsFire C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll
23:02:04.0244 0x1354 BsFire - ok
23:02:04.0369 0x1354 [ 4DD1822F261DD2CD659D8999E6DB7DE2 ] BsMailProxy c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll
23:02:04.0384 0x1354 BsMailProxy - ok
23:02:04.0447 0x1354 [ 6153A21FC8E9203574041348F6196A8F ] BsMain C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll
23:02:04.0462 0x1354 BsMain - ok
23:02:04.0525 0x1354 [ 0CAF444B4D38F48054EB6361BD550F61 ] BsScanner C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
23:02:04.0525 0x1354 BsScanner - ok
23:02:04.0587 0x1354 [ 3B53908F7CEB9F9D9CAE13E14EFC8CAC ] BsUpdate C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
23:02:04.0587 0x1354 BsUpdate - ok
23:02:04.0634 0x1354 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:02:04.0634 0x1354 BTHMODEM - ok
23:02:04.0696 0x1354 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:02:04.0696 0x1354 bthserv - ok
23:02:04.0759 0x1354 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:02:04.0759 0x1354 cdfs - ok
23:02:04.0821 0x1354 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:02:04.0821 0x1354 cdrom - ok
23:02:04.0883 0x1354 [ 7E83E47BD1FF93E11CD69F1AD65A9581 ] CeKbFilter C:\Windows\system32\DRIVERS\CeKbFilter.sys
23:02:04.0883 0x1354 CeKbFilter - ok
23:02:04.0977 0x1354 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:02:04.0977 0x1354 CertPropSvc - ok
23:02:05.0102 0x1354 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
23:02:05.0102 0x1354 cfWiMAXService - ok
23:02:05.0164 0x1354 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
23:02:05.0164 0x1354 circlass - ok
23:02:05.0211 0x1354 cleanhlp - ok
23:02:05.0258 0x1354 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:02:05.0273 0x1354 CLFS - ok
23:02:05.0367 0x1354 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:02:05.0367 0x1354 clr_optimization_v2.0.50727_32 - ok
23:02:05.0492 0x1354 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:02:05.0492 0x1354 clr_optimization_v2.0.50727_64 - ok
23:02:05.0617 0x1354 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:02:05.0617 0x1354 clr_optimization_v4.0.30319_32 - ok
23:02:05.0726 0x1354 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:02:05.0726 0x1354 clr_optimization_v4.0.30319_64 - ok
23:02:05.0773 0x1354 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:02:05.0773 0x1354 CmBatt - ok
23:02:05.0804 0x1354 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:02:05.0804 0x1354 cmdide - ok
23:02:05.0851 0x1354 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
23:02:05.0851 0x1354 CNG - ok
23:02:05.0897 0x1354 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:02:05.0897 0x1354 Compbatt - ok
23:02:05.0944 0x1354 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:02:05.0944 0x1354 CompositeBus - ok
23:02:05.0975 0x1354 COMSysApp - ok
23:02:06.0007 0x1354 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
23:02:06.0007 0x1354 ConfigFree Service - ok
23:02:06.0038 0x1354 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:02:06.0053 0x1354 crcdisk - ok
23:02:06.0100 0x1354 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:02:06.0100 0x1354 CryptSvc - ok
23:02:06.0209 0x1354 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:02:06.0225 0x1354 cvhsvc - ok
23:02:06.0287 0x1354 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:02:06.0303 0x1354 DcomLaunch - ok
23:02:06.0334 0x1354 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:02:06.0334 0x1354 defragsvc - ok
23:02:06.0365 0x1354 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:02:06.0365 0x1354 DfsC - ok
23:02:06.0412 0x1354 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:02:06.0412 0x1354 Dhcp - ok
23:02:06.0428 0x1354 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:02:06.0428 0x1354 discache - ok
23:02:06.0475 0x1354 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
23:02:06.0475 0x1354 Disk - ok
23:02:06.0537 0x1354 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:02:06.0537 0x1354 Dnscache - ok
23:02:06.0568 0x1354 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:02:06.0568 0x1354 dot3svc - ok
23:02:06.0584 0x1354 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:02:06.0599 0x1354 DPS - ok
23:02:06.0646 0x1354 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:02:06.0646 0x1354 drmkaud - ok
23:02:06.0693 0x1354 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:02:06.0709 0x1354 DXGKrnl - ok
23:02:06.0740 0x1354 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:02:06.0740 0x1354 EapHost - ok
23:02:06.0880 0x1354 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:02:06.0911 0x1354 ebdrv - ok
23:02:06.0943 0x1354 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:02:06.0943 0x1354 EFS - ok
23:02:07.0052 0x1354 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:02:07.0067 0x1354 ehRecvr - ok
23:02:07.0099 0x1354 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:02:07.0099 0x1354 ehSched - ok
23:02:07.0161 0x1354 [ 627350A11295D82BF78D155B12FFD0EF ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
23:02:07.0161 0x1354 ElRawDisk - ok
23:02:07.0223 0x1354 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:02:07.0223 0x1354 elxstor - ok
23:02:07.0239 0x1354 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:02:07.0255 0x1354 ErrDev - ok
23:02:07.0301 0x1354 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:02:07.0317 0x1354 EventSystem - ok
23:02:07.0364 0x1354 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:02:07.0364 0x1354 exfat - ok
23:02:07.0379 0x1354 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:02:07.0379 0x1354 fastfat - ok
23:02:07.0457 0x1354 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:02:07.0473 0x1354 Fax - ok
23:02:07.0520 0x1354 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
23:02:07.0520 0x1354 fdc - ok
23:02:07.0567 0x1354 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:02:07.0567 0x1354 fdPHost - ok
23:02:07.0582 0x1354 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:02:07.0582 0x1354 FDResPub - ok
23:02:07.0613 0x1354 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:02:07.0613 0x1354 FileInfo - ok
23:02:07.0645 0x1354 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:02:07.0645 0x1354 Filetrace - ok
23:02:07.0676 0x1354 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:02:07.0676 0x1354 flpydisk - ok
23:02:07.0691 0x1354 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:02:07.0691 0x1354 FltMgr - ok
23:02:07.0769 0x1354 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
23:02:07.0801 0x1354 FontCache - ok
23:02:07.0879 0x1354 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:02:07.0879 0x1354 FontCache3.0.0.0 - ok
23:02:07.0925 0x1354 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:02:07.0925 0x1354 FsDepends - ok
23:02:07.0941 0x1354 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:02:07.0941 0x1354 Fs_Rec - ok
23:02:07.0972 0x1354 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:02:07.0972 0x1354 fvevol - ok
23:02:08.0003 0x1354 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:02:08.0003 0x1354 gagp30kx - ok
23:02:08.0066 0x1354 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:02:08.0081 0x1354 gpsvc - ok
23:02:08.0175 0x1354 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:02:08.0191 0x1354 gupdate - ok
23:02:08.0191 0x1354 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:02:08.0206 0x1354 gupdatem - ok
23:02:08.0253 0x1354 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:02:08.0253 0x1354 hcw85cir - ok
23:02:08.0315 0x1354 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:02:08.0315 0x1354 HdAudAddService - ok
23:02:08.0347 0x1354 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:02:08.0362 0x1354 HDAudBus - ok
23:02:08.0378 0x1354 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:02:08.0378 0x1354 HidBatt - ok
23:02:08.0393 0x1354 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:02:08.0393 0x1354 HidBth - ok
23:02:08.0409 0x1354 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
23:02:08.0409 0x1354 HidIr - ok
23:02:08.0456 0x1354 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:02:08.0456 0x1354 hidserv - ok
23:02:08.0503 0x1354 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:02:08.0503 0x1354 HidUsb - ok
23:02:08.0565 0x1354 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:02:08.0565 0x1354 hkmsvc - ok
23:02:08.0596 0x1354 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:02:08.0612 0x1354 HomeGroupListener - ok
23:02:08.0659 0x1354 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:02:08.0659 0x1354 HomeGroupProvider - ok
23:02:08.0705 0x1354 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:02:08.0705 0x1354 HpSAMD - ok
23:02:08.0783 0x1354 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:02:08.0799 0x1354 HTTP - ok
23:02:08.0799 0x1354 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:02:08.0799 0x1354 hwpolicy - ok
23:02:08.0861 0x1354 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:02:08.0861 0x1354 i8042prt - ok
23:02:08.0955 0x1354 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:02:08.0971 0x1354 iaStorV - ok
23:02:09.0095 0x1354 [ DABFBE88774A3C1A8CEA198348E02740 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
23:02:09.0111 0x1354 IconMan_R - ok
23:02:09.0220 0x1354 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:02:09.0236 0x1354 idsvc - ok
23:02:09.0267 0x1354 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:02:09.0283 0x1354 iirsp - ok
23:02:09.0345 0x1354 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:02:09.0361 0x1354 IKEEXT - ok
23:02:09.0485 0x1354 [ 8BC7EB3BF3FA1C434AA830A50456DD02 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:02:09.0501 0x1354 IntcAzAudAddService - ok
23:02:09.0532 0x1354 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:02:09.0532 0x1354 intelide - ok
23:02:09.0563 0x1354 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
23:02:09.0579 0x1354 intelppm - ok
23:02:09.0610 0x1354 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:02:09.0626 0x1354 IPBusEnum - ok
23:02:09.0657 0x1354 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:02:09.0657 0x1354 IpFilterDriver - ok
23:02:09.0688 0x1354 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:02:09.0688 0x1354 iphlpsvc - ok
23:02:09.0719 0x1354 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:02:09.0735 0x1354 IPMIDRV - ok
23:02:09.0751 0x1354 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:02:09.0751 0x1354 IPNAT - ok
23:02:09.0766 0x1354 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:02:09.0782 0x1354 IRENUM - ok
23:02:09.0797 0x1354 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:02:09.0813 0x1354 isapnp - ok
23:02:09.0829 0x1354 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:02:09.0844 0x1354 iScsiPrt - ok
23:02:09.0860 0x1354 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:02:09.0860 0x1354 kbdclass - ok
23:02:09.0891 0x1354 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:02:09.0907 0x1354 kbdhid - ok
23:02:09.0922 0x1354 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:02:09.0922 0x1354 KeyIso - ok
23:02:09.0985 0x1354 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:02:09.0985 0x1354 KSecDD - ok
23:02:10.0000 0x1354 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:02:10.0000 0x1354 KSecPkg - ok
23:02:10.0016 0x1354 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:02:10.0016 0x1354 ksthunk - ok
23:02:10.0063 0x1354 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:02:10.0078 0x1354 KtmRm - ok
23:02:10.0141 0x1354 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:02:10.0141 0x1354 LanmanServer - ok
23:02:10.0203 0x1354 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:02:10.0203 0x1354 LanmanWorkstation - ok
23:02:10.0281 0x1354 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:02:10.0281 0x1354 lltdio - ok
23:02:10.0312 0x1354 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:02:10.0328 0x1354 lltdsvc - ok
23:02:10.0328 0x1354 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:02:10.0343 0x1354 lmhosts - ok
23:02:10.0375 0x1354 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
23:02:10.0375 0x1354 LPCFilter - ok
23:02:10.0437 0x1354 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:02:10.0453 0x1354 LSI_FC - ok
23:02:10.0468 0x1354 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:02:10.0468 0x1354 LSI_SAS - ok
23:02:10.0484 0x1354 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:02:10.0484 0x1354 LSI_SAS2 - ok
23:02:10.0499 0x1354 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:02:10.0499 0x1354 LSI_SCSI - ok
23:02:10.0562 0x1354 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:02:10.0562 0x1354 luafv - ok
23:02:10.0640 0x1354 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:02:10.0640 0x1354 MBAMProtector - ok
23:02:10.0749 0x1354 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:02:10.0749 0x1354 MBAMScheduler - ok
23:02:10.0811 0x1354 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:02:10.0811 0x1354 MBAMService - ok
23:02:10.0936 0x1354 [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
23:02:10.0936 0x1354 McciCMService - ok
23:02:11.0014 0x1354 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:02:11.0014 0x1354 Mcx2Svc - ok
23:02:11.0045 0x1354 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
23:02:11.0061 0x1354 megasas - ok
23:02:11.0077 0x1354 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:02:11.0092 0x1354 MegaSR - ok
23:02:11.0123 0x1354 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:02:11.0139 0x1354 MMCSS - ok
23:02:11.0186 0x1354 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:02:11.0186 0x1354 Modem - ok
23:02:11.0233 0x1354 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:02:11.0233 0x1354 monitor - ok
23:02:11.0295 0x1354 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:02:11.0295 0x1354 mouclass - ok
23:02:11.0326 0x1354 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:02:11.0326 0x1354 mouhid - ok
23:02:11.0357 0x1354 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:02:11.0357 0x1354 mountmgr - ok
23:02:11.0420 0x1354 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
23:02:11.0420 0x1354 MpFilter - ok
23:02:11.0467 0x1354 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:02:11.0467 0x1354 mpio - ok
23:02:11.0498 0x1354 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:02:11.0498 0x1354 mpsdrv - ok
23:02:11.0560 0x1354 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:02:11.0560 0x1354 MpsSvc - ok
23:02:11.0623 0x1354 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
23:02:11.0623 0x1354 MREMP50 - ok
23:02:11.0669 0x1354 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
23:02:11.0669 0x1354 MRESP50 - ok
23:02:11.0716 0x1354 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:02:11.0716 0x1354 MRxDAV - ok
23:02:11.0732 0x1354 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:02:11.0747 0x1354 mrxsmb - ok
23:02:11.0763 0x1354 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:02:11.0763 0x1354 mrxsmb10 - ok
23:02:11.0779 0x1354 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:02:11.0779 0x1354 mrxsmb20 - ok
23:02:11.0810 0x1354 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
23:02:11.0810 0x1354 msahci - ok
23:02:11.0841 0x1354 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:02:11.0841 0x1354 msdsm - ok
23:02:11.0888 0x1354 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:02:11.0888 0x1354 MSDTC - ok
23:02:11.0950 0x1354 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:02:11.0950 0x1354 Msfs - ok
23:02:11.0950 0x1354 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:02:11.0966 0x1354 mshidkmdf - ok
23:02:11.0981 0x1354 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:02:11.0981 0x1354 msisadrv - ok
23:02:12.0044 0x1354 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:02:12.0044 0x1354 MSiSCSI - ok
23:02:12.0059 0x1354 msiserver - ok
23:02:12.0122 0x1354 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:02:12.0122 0x1354 MSKSSRV - ok
23:02:12.0200 0x1354 MsMpSvc - ok
23:02:12.0262 0x1354 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:02:12.0262 0x1354 MSPCLOCK - ok
23:02:12.0278 0x1354 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:02:12.0278 0x1354 MSPQM - ok
23:02:12.0293 0x1354 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:02:12.0309 0x1354 MsRPC - ok
23:02:12.0340 0x1354 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:02:12.0356 0x1354 mssmbios - ok
23:02:12.0356 0x1354 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:02:12.0356 0x1354 MSTEE - ok
23:02:12.0387 0x1354 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:02:12.0387 0x1354 MTConfig - ok
23:02:12.0403 0x1354 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:02:12.0403 0x1354 Mup - ok
23:02:12.0449 0x1354 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:02:12.0465 0x1354 napagent - ok
23:02:12.0527 0x1354 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:02:12.0543 0x1354 NativeWifiP - ok
23:02:12.0668 0x1354 [ 2989174DF02E0AEF54BAE90674FB445F ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
23:02:12.0668 0x1354 NAUpdate - ok
23:02:12.0715 0x1354 nckkof - ok
23:02:12.0777 0x1354 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:02:12.0777 0x1354 NDIS - ok
23:02:12.0808 0x1354 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:02:12.0808 0x1354 NdisCap - ok
23:02:12.0824 0x1354 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:02:12.0824 0x1354 NdisTapi - ok
23:02:12.0855 0x1354 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:02:12.0855 0x1354 Ndisuio - ok
23:02:12.0871 0x1354 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:02:12.0871 0x1354 NdisWan - ok
23:02:12.0917 0x1354 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:02:12.0917 0x1354 NDProxy - ok
23:02:12.0933 0x1354 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:02:12.0933 0x1354 NetBIOS - ok
23:02:12.0964 0x1354 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:02:12.0980 0x1354 NetBT - ok
23:02:12.0995 0x1354 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:02:12.0995 0x1354 Netlogon - ok
23:02:13.0027 0x1354 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:02:13.0042 0x1354 Netman - ok
23:02:13.0073 0x1354 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:02:13.0073 0x1354 netprofm - ok
23:02:13.0120 0x1354 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:02:13.0120 0x1354 NetTcpPortSharing - ok
23:02:13.0183 0x1354 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:02:13.0183 0x1354 nfrd960 - ok
23:02:13.0245 0x1354 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:02:13.0245 0x1354 NlaSvc - ok
23:02:13.0307 0x1354 [ 510755C17F4AA13605412961F58884B5 ] NovaShieldFilterDriver C:\Windows\system32\DRIVERS\NSKernel.sys
23:02:13.0307 0x1354 NovaShieldFilterDriver - ok
23:02:13.0339 0x1354 [ 440469E8505744CCAA3BA294306258AE ] NovaShieldTDIDriver C:\Windows\system32\DRIVERS\NSNetmon.sys
23:02:13.0339 0x1354 NovaShieldTDIDriver - ok
23:02:13.0370 0x1354 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:02:13.0370 0x1354 Npfs - ok
23:02:13.0401 0x1354 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:02:13.0401 0x1354 nsi - ok
23:02:13.0417 0x1354 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:02:13.0417 0x1354 nsiproxy - ok
23:02:13.0479 0x1354 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:02:13.0495 0x1354 Ntfs - ok
23:02:13.0510 0x1354 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:02:13.0510 0x1354 Null - ok
23:02:13.0573 0x1354 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:02:13.0573 0x1354 nvraid - ok
23:02:13.0588 0x1354 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:02:13.0604 0x1354 nvstor - ok
23:02:13.0619 0x1354 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:02:13.0635 0x1354 nv_agp - ok
23:02:13.0651 0x1354 ofvpmj - ok
23:02:13.0682 0x1354 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:02:13.0682 0x1354 ohci1394 - ok
23:02:13.0775 0x1354 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:02:13.0775 0x1354 ose - ok
23:02:13.0963 0x1354 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:02:14.0056 0x1354 osppsvc - ok
23:02:14.0103 0x1354 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:02:14.0119 0x1354 p2pimsvc - ok
23:02:14.0165 0x1354 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:02:14.0165 0x1354 p2psvc - ok
23:02:14.0197 0x1354 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
23:02:14.0212 0x1354 Parport - ok
23:02:14.0243 0x1354 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:02:14.0243 0x1354 partmgr - ok
23:02:14.0259 0x1354 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:02:14.0259 0x1354 PcaSvc - ok
23:02:14.0290 0x1354 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:02:14.0290 0x1354 pci - ok
23:02:14.0306 0x1354 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
23:02:14.0306 0x1354 pciide - ok
23:02:14.0321 0x1354 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:02:14.0337 0x1354 pcmcia - ok
23:02:14.0337 0x1354 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:02:14.0353 0x1354 pcw - ok
23:02:14.0384 0x1354 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:02:14.0384 0x1354 PEAUTH - ok
23:02:14.0524 0x1354 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:02:14.0540 0x1354 PerfHost - ok
23:02:14.0743 0x1354 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
23:02:14.0743 0x1354 PGEffect - ok
23:02:14.0821 0x1354 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:02:14.0836 0x1354 pla - ok
23:02:14.0914 0x1354 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:02:14.0930 0x1354 PlugPlay - ok
23:02:14.0992 0x1354 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:02:14.0992 0x1354 PNRPAutoReg - ok
23:02:15.0008 0x1354 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:02:15.0008 0x1354 PNRPsvc - ok
23:02:15.0055 0x1354 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:02:15.0070 0x1354 PolicyAgent - ok
23:02:15.0101 0x1354 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:02:15.0101 0x1354 Power - ok
23:02:15.0164 0x1354 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:02:15.0164 0x1354 PptpMiniport - ok
23:02:15.0211 0x1354 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
23:02:15.0211 0x1354 Processor - ok
23:02:15.0257 0x1354 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:02:15.0273 0x1354 ProfSvc - ok
23:02:15.0289 0x1354 Prot6Flt - ok
23:02:15.0320 0x1354 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:02:15.0320 0x1354 ProtectedStorage - ok
23:02:15.0398 0x1354 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:02:15.0398 0x1354 Psched - ok
23:02:15.0460 0x1354 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:02:15.0491 0x1354 ql2300 - ok
23:02:15.0507 0x1354 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:02:15.0507 0x1354 ql40xx - ok
23:02:15.0554 0x1354 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:02:15.0554 0x1354 QWAVE - ok
23:02:15.0585 0x1354 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:02:15.0585 0x1354 QWAVEdrv - ok
23:02:15.0601 0x1354 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:02:15.0601 0x1354 RasAcd - ok
23:02:15.0663 0x1354 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:02:15.0663 0x1354 RasAgileVpn - ok
23:02:15.0694 0x1354 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:02:15.0694 0x1354 RasAuto - ok
23:02:15.0710 0x1354 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:02:15.0710 0x1354 Rasl2tp - ok
23:02:15.0757 0x1354 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:02:15.0757 0x1354 RasMan - ok
23:02:15.0803 0x1354 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:02:15.0803 0x1354 RasPppoe - ok
23:02:15.0835 0x1354 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:02:15.0835 0x1354 RasSstp - ok
23:02:15.0866 0x1354 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:02:15.0866 0x1354 rdbss - ok
23:02:15.0913 0x1354 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:02:15.0913 0x1354 rdpbus - ok
23:02:15.0928 0x1354 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:02:15.0928 0x1354 RDPCDD - ok
23:02:15.0959 0x1354 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:02:15.0959 0x1354 RDPENCDD - ok
23:02:15.0975 0x1354 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:02:15.0991 0x1354 RDPREFMP - ok
23:02:16.0037 0x1354 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:02:16.0037 0x1354 RdpVideoMiniport - ok
23:02:16.0053 0x1354 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:02:16.0053 0x1354 RDPWD - ok
23:02:16.0069 0x1354 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:02:16.0069 0x1354 rdyboost - ok
23:02:16.0115 0x1354 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:02:16.0115 0x1354 RemoteAccess - ok
23:02:16.0162 0x1354 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:02:16.0178 0x1354 RemoteRegistry - ok
23:02:16.0193 0x1354 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:02:16.0193 0x1354 RpcEptMapper - ok
23:02:16.0225 0x1354 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:02:16.0225 0x1354 RpcLocator - ok
23:02:16.0256 0x1354 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:02:16.0256 0x1354 RpcSs - ok
23:02:16.0318 0x1354 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:02:16.0318 0x1354 rspndr - ok
23:02:16.0396 0x1354 [ 9BEB5F18A418FF70659CE2E356829568 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
23:02:16.0396 0x1354 RSUSBSTOR - ok
23:02:16.0474 0x1354 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:02:16.0474 0x1354 RTL8167 - ok
23:02:16.0552 0x1354 [ FA088015155C4C6DAB5D1D9E68EB9D6B ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
23:02:16.0568 0x1354 RTL8192Ce - ok
23:02:16.0599 0x1354 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:02:16.0599 0x1354 SamSs - ok
23:02:16.0630 0x1354 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:02:16.0630 0x1354 sbp2port - ok
23:02:16.0677 0x1354 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:02:16.0677 0x1354 SCardSvr - ok
23:02:16.0724 0x1354 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:02:16.0724 0x1354 scfilter - ok
23:02:16.0786 0x1354 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:02:16.0802 0x1354 Schedule - ok
23:02:16.0849 0x1354 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:02:16.0849 0x1354 SCPolicySvc - ok
23:02:16.0942 0x1354 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:02:16.0942 0x1354 SDRSVC - ok
23:02:17.0020 0x1354 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:02:17.0036 0x1354 SeaPort - ok
23:02:17.0098 0x1354 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:02:17.0098 0x1354 secdrv - ok
23:02:17.0129 0x1354 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:02:17.0145 0x1354 seclogon - ok
23:02:17.0285 0x1354 [ D93C74DB88C3DB7429A0EC6410FBE3DC ] SecureUpdateSvc C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe
23:02:17.0301 0x1354 SecureUpdateSvc - ok
23:02:17.0348 0x1354 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:02:17.0348 0x1354 SENS - ok
23:02:17.0379 0x1354 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:02:17.0379 0x1354 SensrSvc - ok
23:02:17.0410 0x1354 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
23:02:17.0410 0x1354 Serenum - ok
23:02:17.0473 0x1354 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
23:02:17.0473 0x1354 Serial - ok
23:02:17.0519 0x1354 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:02:17.0519 0x1354 sermouse - ok
23:02:17.0582 0x1354 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:02:17.0582 0x1354 SessionEnv - ok
23:02:17.0613 0x1354 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:02:17.0613 0x1354 sffdisk - ok
23:02:17.0644 0x1354 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:02:17.0644 0x1354 sffp_mmc - ok
23:02:17.0675 0x1354 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:02:17.0675 0x1354 sffp_sd - ok
23:02:17.0722 0x1354 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:02:17.0722 0x1354 sfloppy - ok
23:02:17.0785 0x1354 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
23:02:17.0785 0x1354 Sftfs - ok
23:02:17.0863 0x1354 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:02:17.0863 0x1354 sftlist - ok
23:02:17.0909 0x1354 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:02:17.0909 0x1354 Sftplay - ok
23:02:17.0941 0x1354 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:02:17.0941 0x1354 Sftredir - ok
23:02:17.0972 0x1354 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
23:02:17.0972 0x1354 Sftvol - ok
23:02:18.0034 0x1354 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:02:18.0034 0x1354 sftvsa - ok
23:02:18.0097 0x1354 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:02:18.0097 0x1354 SharedAccess - ok
23:02:18.0128 0x1354 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:02:18.0143 0x1354 ShellHWDetection - ok
23:02:18.0190 0x1354 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:02:18.0190 0x1354 SiSRaid2 - ok
23:02:18.0221 0x1354 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:02:18.0221 0x1354 SiSRaid4 - ok
23:02:18.0315 0x1354 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:02:18.0315 0x1354 SkypeUpdate - ok
23:02:18.0377 0x1354 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:02:18.0377 0x1354 Smb - ok
23:02:18.0440 0x1354 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:02:18.0455 0x1354 SNMPTRAP - ok
23:02:18.0471 0x1354 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:02:18.0471 0x1354 spldr - ok
23:02:18.0518 0x1354 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:02:18.0518 0x1354 Spooler - ok
23:02:18.0643 0x1354 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:02:18.0674 0x1354 sppsvc - ok
23:02:18.0705 0x1354 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:02:18.0705 0x1354 sppuinotify - ok
23:02:18.0752 0x1354 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:02:18.0767 0x1354 srv - ok
23:02:18.0783 0x1354 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:02:18.0783 0x1354 srv2 - ok
23:02:18.0799 0x1354 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:02:18.0814 0x1354 srvnet - ok
23:02:18.0861 0x1354 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:02:18.0861 0x1354 SSDPSRV - ok
23:02:18.0939 0x1354 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:02:18.0955 0x1354 SstpSvc - ok
23:02:19.0001 0x1354 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:02:19.0001 0x1354 stexstor - ok
23:02:19.0079 0x1354 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:02:19.0095 0x1354 stisvc - ok
23:02:19.0126 0x1354 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:02:19.0126 0x1354 swenum - ok
23:02:19.0157 0x1354 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:02:19.0173 0x1354 swprv - ok
23:02:19.0251 0x1354 [ 9484C1DE568173DC1C44DF80F16092CC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:02:19.0267 0x1354 SynTP - ok
23:02:19.0345 0x1354 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:02:19.0376 0x1354 SysMain - ok
23:02:19.0407 0x1354 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:02:19.0407 0x1354 TabletInputService - ok
23:02:19.0438 0x1354 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:02:19.0438 0x1354 TapiSrv - ok
23:02:19.0485 0x1354 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:02:19.0485 0x1354 TBS - ok
23:02:19.0594 0x1354 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:02:19.0610 0x1354 Tcpip - ok
23:02:19.0672 0x1354 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:02:19.0688 0x1354 TCPIP6 - ok
23:02:19.0703 0x1354 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:02:19.0703 0x1354 tcpipreg - ok
23:02:19.0750 0x1354 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
23:02:19.0750 0x1354 tdcmdpst - ok
23:02:19.0813 0x1354 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:02:19.0813 0x1354 TDPIPE - ok
23:02:19.0828 0x1354 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:02:19.0828 0x1354 TDTCP - ok
23:02:19.0859 0x1354 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:02:19.0859 0x1354 tdx - ok
23:02:19.0922 0x1354 [ 1B709733A04DCC41A63F9CD1F76A4EBE ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
23:02:19.0922 0x1354 TemproMonitoringService - ok
23:02:19.0953 0x1354 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:02:19.0953 0x1354 TermDD - ok
23:02:20.0015 0x1354 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:02:20.0047 0x1354 TermService - ok
23:02:20.0062 0x1354 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:02:20.0062 0x1354 Themes - ok
23:02:20.0093 0x1354 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:02:20.0093 0x1354 THREADORDER - ok
23:02:20.0203 0x1354 [ DFE9BA871B9F3DBB591BD113611CBCC0 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
23:02:20.0203 0x1354 TMachInfo - ok
23:02:20.0234 0x1354 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\Windows\system32\TODDSrv.exe
23:02:20.0249 0x1354 TODDSrv - ok
23:02:20.0374 0x1354 [ DB9719688C08F42705FEB3F6A0C98B91 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
23:02:20.0374 0x1354 TosCoSrv - ok
23:02:20.0452 0x1354 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
23:02:20.0468 0x1354 TOSHIBA HDD SSD Alert Service - ok
23:02:20.0515 0x1354 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:02:20.0515 0x1354 TrkWks - ok
23:02:20.0577 0x1354 [ B66EE1D68197DFB9AA24F961E68ACDCC ] Trufos C:\Windows\system32\DRIVERS\Trufos.sys
23:02:20.0593 0x1354 Trufos - ok
23:02:20.0671 0x1354 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:02:20.0671 0x1354 TrustedInstaller - ok
23:02:20.0717 0x1354 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:02:20.0717 0x1354 tssecsrv - ok
23:02:20.0749 0x1354 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:02:20.0749 0x1354 TsUsbFlt - ok
23:02:20.0780 0x1354 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:02:20.0780 0x1354 TsUsbGD - ok
23:02:20.0811 0x1354 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:02:20.0811 0x1354 tunnel - ok
23:02:20.0858 0x1354 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
23:02:20.0858 0x1354 TVALZ - ok
23:02:20.0936 0x1354 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:02:20.0951 0x1354 uagp35 - ok
23:02:20.0983 0x1354 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:02:20.0998 0x1354 udfs - ok
23:02:21.0045 0x1354 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:02:21.0045 0x1354 UI0Detect - ok
23:02:21.0123 0x1354 [ 6640110398438BDC6CC8D48EEC8EDDC5 ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
23:02:21.0123 0x1354 UimBus - ok
23:02:21.0170 0x1354 [ 20BABEFA37F38B3CC26C0E9A26B844FF ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
23:02:21.0170 0x1354 Uim_IM - ok
23:02:21.0232 0x1354 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:02:21.0232 0x1354 uliagpkx - ok
23:02:21.0279 0x1354 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:02:21.0279 0x1354 umbus - ok
23:02:21.0295 0x1354 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
23:02:21.0295 0x1354 UmPass - ok
23:02:21.0341 0x1354 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:02:21.0357 0x1354 upnphost - ok
23:02:21.0388 0x1354 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:02:21.0388 0x1354 usbccgp - ok
23:02:21.0419 0x1354 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:02:21.0419 0x1354 usbcir - ok
23:02:21.0435 0x1354 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:02:21.0435 0x1354 usbehci - ok
23:02:21.0482 0x1354 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:02:21.0482 0x1354 usbhub - ok
23:02:21.0513 0x1354 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:02:21.0513 0x1354 usbohci - ok
23:02:21.0544 0x1354 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:02:21.0544 0x1354 usbprint - ok
23:02:21.0575 0x1354 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:02:21.0575 0x1354 usbscan - ok
23:02:21.0591 0x1354 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:02:21.0591 0x1354 USBSTOR - ok
23:02:21.0607 0x1354 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:02:21.0607 0x1354 usbuhci - ok
23:02:21.0653 0x1354 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:02:21.0653 0x1354 usbvideo - ok
23:02:21.0700 0x1354 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:02:21.0700 0x1354 UxSms - ok
23:02:21.0731 0x1354 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:02:21.0731 0x1354 VaultSvc - ok
23:02:21.0778 0x1354 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:02:21.0778 0x1354 vdrvroot - ok
23:02:21.0809 0x1354 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:02:21.0825 0x1354 vds - ok
23:02:21.0856 0x1354 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:02:21.0856 0x1354 vga - ok
23:02:21.0903 0x1354 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:02:21.0903 0x1354 VgaSave - ok
23:02:21.0919 0x1354 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:02:21.0919 0x1354 vhdmp - ok
23:02:21.0934 0x1354 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:02:21.0934 0x1354 viaide - ok
23:02:21.0965 0x1354 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:02:21.0981 0x1354 volmgr - ok
23:02:21.0997 0x1354 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:02:21.0997 0x1354 volmgrx - ok
23:02:22.0043 0x1354 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:02:22.0043 0x1354 volsnap - ok
23:02:22.0106 0x1354 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:02:22.0106 0x1354 vsmraid - ok
23:02:22.0184 0x1354 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:02:22.0199 0x1354 VSS - ok
23:02:22.0246 0x1354 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:02:22.0246 0x1354 vwifibus - ok
23:02:22.0293 0x1354 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:02:22.0293 0x1354 vwififlt - ok
23:02:22.0324 0x1354 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:02:22.0324 0x1354 vwifimp - ok
23:02:22.0355 0x1354 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:02:22.0355 0x1354 W32Time - ok
23:02:22.0402 0x1354 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:02:22.0402 0x1354 WacomPen - ok
23:02:22.0465 0x1354 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:02:22.0465 0x1354 WANARP - ok
23:02:22.0480 0x1354 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:02:22.0480 0x1354 Wanarpv6 - ok
23:02:22.0589 0x1354 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:02:22.0605 0x1354 WatAdminSvc - ok
23:02:22.0683 0x1354 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:02:22.0699 0x1354 wbengine - ok
23:02:22.0730 0x1354 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:02:22.0745 0x1354 WbioSrvc - ok
23:02:22.0761 0x1354 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:02:22.0777 0x1354 wcncsvc - ok
23:02:22.0808 0x1354 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:02:22.0808 0x1354 WcsPlugInService - ok
23:02:22.0839 0x1354 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
23:02:22.0855 0x1354 Wd - ok
23:02:22.0933 0x1354 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:02:22.0964 0x1354 Wdf01000 - ok
23:02:22.0979 0x1354 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:02:22.0995 0x1354 WdiServiceHost - ok
23:02:22.0995 0x1354 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:02:22.0995 0x1354 WdiSystemHost - ok
23:02:23.0042 0x1354 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:02:23.0042 0x1354 WebClient - ok
23:02:23.0073 0x1354 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:02:23.0089 0x1354 Wecsvc - ok
23:02:23.0104 0x1354 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:02:23.0104 0x1354 wercplsupport - ok
23:02:23.0151 0x1354 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:02:23.0151 0x1354 WerSvc - ok
23:02:23.0213 0x1354 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:02:23.0213 0x1354 WfpLwf - ok
23:02:23.0229 0x1354 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:02:23.0229 0x1354 WIMMount - ok
23:02:23.0260 0x1354 WinDefend - ok
23:02:23.0291 0x1354 WinHttpAutoProxySvc - ok
23:02:23.0401 0x1354 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:02:23.0401 0x1354 Winmgmt - ok
23:02:23.0494 0x1354 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:02:23.0510 0x1354 WinRM - ok
23:02:23.0666 0x1354 [ A7C993F86BE5AF035DE06DF9160D7008 ] WiseBootAssistant C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
23:02:23.0681 0x1354 WiseBootAssistant - ok
23:02:23.0744 0x1354 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:02:23.0759 0x1354 Wlansvc - ok
23:02:23.0869 0x1354 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:02:23.0869 0x1354 wlcrasvc - ok
23:02:24.0009 0x1354 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:02:24.0040 0x1354 wlidsvc - ok
23:02:24.0071 0x1354 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:02:24.0071 0x1354 WmiAcpi - ok
23:02:24.0134 0x1354 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:02:24.0134 0x1354 wmiApSrv - ok
23:02:24.0212 0x1354 WMPNetworkSvc - ok
23:02:24.0274 0x1354 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:02:24.0274 0x1354 WPCSvc - ok
23:02:24.0305 0x1354 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:02:24.0305 0x1354 WPDBusEnum - ok
23:02:24.0337 0x1354 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:02:24.0337 0x1354 ws2ifsl - ok
23:02:24.0368 0x1354 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
23:02:24.0368 0x1354 wscsvc - ok
23:02:24.0415 0x1354 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
23:02:24.0415 0x1354 WSDPrintDevice - ok
23:02:24.0446 0x1354 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
23:02:24.0461 0x1354 WSDScan - ok
23:02:24.0461 0x1354 WSearch - ok
23:02:24.0571 0x1354 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:02:24.0602 0x1354 wuauserv - ok
23:02:24.0649 0x1354 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:02:24.0649 0x1354 WudfPf - ok
23:02:24.0680 0x1354 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:02:24.0680 0x1354 WUDFRd - ok
23:02:24.0711 0x1354 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:02:24.0727 0x1354 wudfsvc - ok
23:02:24.0742 0x1354 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:02:24.0742 0x1354 WwanSvc - ok
23:02:24.0773 0x1354 ================ Scan global ===============================
23:02:24.0820 0x1354 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:02:24.0851 0x1354 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:02:24.0867 0x1354 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:02:24.0945 0x1354 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:02:24.0992 0x1354 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:02:25.0007 0x1354 [Global] - ok
23:02:25.0007 0x1354 ================ Scan MBR ==================================
23:02:25.0039 0x1354 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:02:25.0257 0x1354 \Device\Harddisk0\DR0 - ok
23:02:25.0257 0x1354 ================ Scan VBR ==================================
23:02:25.0273 0x1354 [ 6606DDC803BA3BEE992527BB73EBA26A ] \Device\Harddisk0\DR0\Partition1
23:02:25.0288 0x1354 \Device\Harddisk0\DR0\Partition1 - ok
23:02:25.0304 0x1354 [ DD7EBA7FC45C9B00D12269F734DF3ED7 ] \Device\Harddisk0\DR0\Partition2
23:02:25.0319 0x1354 \Device\Harddisk0\DR0\Partition2 - ok
23:02:25.0319 0x1354 ============================================================
23:02:25.0319 0x1354 Scan finished
23:02:25.0319 0x1354 ============================================================
23:02:25.0335 0x13b4 Detected object count: 0
23:02:25.0335 0x13b4 Actual detected object count: 0

[zac1]

Ron this is all i could find

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-08 21:26:44
-----------------------------
21:26:44.681 OS Version: Windows x64 6.1.7601 Service Pack 1
21:26:44.681 Number of processors: 2 586 0x200
21:26:44.681 ComputerName: ANDREW-TOSH UserName: andrew
21:26:47.052 Initialize success
21:27:21.637 AVAST engine defs: 13090801
21:27:34.710 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000076
21:27:34.710 Disk 0 Vendor: TOSHIBA_ GT00 Size: 305245MB BusType: 11
21:27:34.897 Disk 0 MBR read successfully
21:27:34.897 Disk 0 MBR scan
21:27:34.913 Disk 0 Windows 7 default MBR code
21:27:34.928 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
21:27:34.959 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
21:27:34.991 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
21:27:35.225 Disk 0 scanning C:\Windows\system32\drivers
21:27:52.681 Service scanning
21:29:02.429 Modules scanning
21:29:04.098 AVAST engine scan C:\Windows
21:29:18.637 AVAST engine scan C:\Windows\system32
21:33:10.610 AVAST engine scan C:\Windows\system32\drivers
21:33:26.475 AVAST engine scan C:\Users\andrew
21:37:36.231 AVAST engine scan C:\ProgramData
21:39:34.838 Scan finished successfully
21:45:57.254 Disk 0 MBR has been saved successfully to "C:\Users\andrew\Documents\MBR.dat"
21:45:57.270 The log file has been saved successfully to "C:\Users\andrew\Documents\aswMBR.txt"


aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-08 21:26:44
-----------------------------
21:26:44.681 OS Version: Windows x64 6.1.7601 Service Pack 1
21:26:44.681 Number of processors: 2 586 0x200
21:26:44.681 ComputerName: ANDREW-TOSH UserName: andrew
21:26:47.052 Initialize success
21:27:21.637 AVAST engine defs: 13090801
21:27:34.710 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000076
21:27:34.710 Disk 0 Vendor: TOSHIBA_ GT00 Size: 305245MB BusType: 11
21:27:34.897 Disk 0 MBR read successfully
21:27:34.897 Disk 0 MBR scan
21:27:34.913 Disk 0 Windows 7 default MBR code
21:27:34.928 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
21:27:34.959 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
21:27:34.991 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
21:27:35.225 Disk 0 scanning C:\Windows\system32\drivers
21:27:52.681 Service scanning
21:29:02.429 Modules scanning
21:29:04.098 AVAST engine scan C:\Windows
21:29:18.637 AVAST engine scan C:\Windows\system32
21:33:10.610 AVAST engine scan C:\Windows\system32\drivers
21:33:26.475 AVAST engine scan C:\Users\andrew
21:37:36.231 AVAST engine scan C:\ProgramData
21:39:34.838 Scan finished successfully
21:45:57.254 Disk 0 MBR has been saved successfully to "C:\Users\andrew\Documents\MBR.dat"
21:45:57.270 The log file has been saved successfully to "C:\Users\andrew\Documents\aswMBR.txt"
21:47:01.823 Disk 0 MBR has been saved successfully to "C:\Users\andrew\Documents\MBR.dat"
21:47:01.823 The log file has been saved successfully to "C:\Users\andrew\Documents\aswMBR.txt"

Ron please advise what to do next.

[RKinner]

That's what I wanted. It looks clean.

I still see Avast drivers listed in tdsskiller's log. Did you run the Avast uninstall tool?

http://www.avast.com/uninstall-utility

[zac1]

I did run Avast removal but the programme advised me to run it in safe mode was that correct.

[RKinner]

Yes but it doesn't look like it worked. We can remove it easily with Autoruns:

from
http://live.sysinter...om/autoruns.exe

Download Save and Run the program by right clicking and Run As Admin. File, Save, to your desktop, autoruns.arn, OK

Either zip up the file if you have the ability (7-zip works nicely) or just rename it from autoruns.arn to autoruns.txt then ATTACH it. Do not copy and paste.

[zac1]

Ron i ran Autoruns.It has come up with quite a few items all with ticks against them. Some of the items have diffrent coloured bands running across them (yellow,Purple blue ).I have noticed Canon printer drivers have come up.I do not have a Cannon printer any more.Am i meant to delete everything or just anything with avast on it.Also can you tell me how to do an attachment.Thank you.

[RKinner]

Yellow entries are things it can't find the file for. Pink is stuff which doesn't have a manufacturer listed. Don't delete anything until I look at the log. To attach the file, if you do not have a zip program, first right click on it and rename it. If you do not see autoruns.arn but only autoruns then you need to tell windows to let you see extensions but usually running OTL will do that for you. Change autoruns.arn to autoruns.txt. This will cause a warning but tell it you want to do it anyway. Now start a reply like you usually do then click on Browse at the bottom of the Reply form. Point it at the file and then Open. Now click on Attach this File. Then when you finish the Reply you hit Add Reply as always.

[zac1]

Ron I come to a window that says import Autoruns data from file.At the bottom of the window are two boxes.On the outside of the left hand side box it says file name and in the box it says Autoruns.The right one in the box says Auto data(.arn ).If i try to rename or open them it comes up.Error importing file.The system cannot find the file specified.Please advise.

[RKinner]

.arn files are not allowed. That's why you need to rename it to autoruns.txt

If you do not see the .arn extension then:
Open the Control Panel menu and click Folder Options.
After the new window appears select the View tab.
Put a checkmark in the checkbox labeled Display the contents of system folders.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files.
Press the Apply button and then the OK button

Then right click on autoruns.arn and select Rename. It will normally select the autoruns part of the name to be changed. You need to select the arn part and change it to txt.

[zac1]

Ron i have found 3 out of the 4 check boxes in folder options.The one i cannot find is Display the contents of system folders.I have display icon in Thumb nails.Display file size information in folder tips and Display the full path in the title bar (Classic theme only.)

[RKinner]

The only one that is important right now is
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.

The log file should not be hidden or a system file.