Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Winzip Registry Cleaner virus


  • Please log in to reply
10 replies to this topic

#1 ravinraven

ravinraven

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 24 September 2013 - 08:35 AM

This popped up on my computer last night and a quick search showed that it's apparently a virus. I ran across instructions on another site before I came here which recommended restarting in safe mode, downloading rkill, running that, downloaded malwarebytes, performing a full scan, and then apparently the scan was supposed to find it so it can be removed. I followed those steps except that the internet wouldn't work in safe mode so I restarted again and downloaded the programs from a normal startup. After performing a full scan, it didn't find anything to do with the Winzip Registry Cleaner so I don't think it's gone. So far I haven't had any bad symptoms, but I'd like to get rid of this thing as soon as possible... is there a way to tell if it's still here?



BC AdBot (Login to Remove)

 


#2 ravinraven

ravinraven
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 24 September 2013 - 08:39 AM

Also, here is what it looks like:

 

screenshot.jpg



#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:11 PM

Posted 02 October 2013 - 01:08 AM

Hello -

This is a Scam Program, so do not press Scan or any other tabs on the program.

Tell me if you perform other procedures or post in any other area -

 

First we can look at Installed programs and your protection programs ....

 

Download Security Check by Screen317
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 
Click Go and copy / paste the result (Result.txt).

 

If you installed Malwarebytes Anti-Malware Free (aka MBAM), note that it must scan in Normal Mode.

Open the program and run a Full scan then post the log back when it is finished -

 

Thank You -



#4 ravinraven

ravinraven
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 02 October 2013 - 08:17 PM

 Results of screen317's Security Check version 0.99.74  
   x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender           
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Adobe Flash Player 11.8.800.168  
 Mozilla Firefox 23.0.1 Firefox out of Date!  
 Google Chrome 29.0.1547.66  
 Google Chrome 29.0.1547.76  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
 
 
 
 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Raven (administrator) on 02-10-2013 at 13:24:31
Running from "C:\Users\Raven\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Ralink RT5390R 802.11bgn Wi-Fi Adapter = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Introverter9000
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 0C-84-DC-28-01-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Ralink RT5390R 802.11bgn Wi-Fi Adapter
   Physical Address. . . . . . . . . : 0C-84-DC-28-01-9B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9135:5096:b0fd:9f7f%14(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.66(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, October 1, 2013 7:54:49 AM
   Lease Expires . . . . . . . . . . : Thursday, October 3, 2013 11:02:57 AM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 353141980
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-58-51-BF-A0-B3-CC-51-BA-F5
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : A0-B3-CC-51-BA-F5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.gateway.2wire.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2c77:3576:9cb6:a7d0(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2c77:3576:9cb6:a7d0%17(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  homeportal
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4005:800::1007
 74.125.239.37
 74.125.239.36
 74.125.239.34
 74.125.239.35
 74.125.239.39
 74.125.239.40
 74.125.239.38
 74.125.239.46
 74.125.239.33
 74.125.239.41
 74.125.239.32
 
 
Pinging google.com [74.125.239.133] with 32 bytes of data:
Reply from 74.125.239.133: bytes=32 time=29ms TTL=55
Reply from 74.125.239.133: bytes=32 time=28ms TTL=55
 
Ping statistics for 74.125.239.133:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 29ms, Average = 28ms
Server:  homeportal
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=193ms TTL=49
Reply from 98.139.183.24: bytes=32 time=136ms TTL=49
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 136ms, Maximum = 193ms, Average = 164ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...0c 84 dc 28 01 9d ......Microsoft Wi-Fi Direct Virtual Adapter
 14...0c 84 dc 28 01 9b ......Ralink RT5390R 802.11bgn Wi-Fi Adapter
 12...a0 b3 cc 51 ba f5 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.66     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.66    281
     192.168.1.66  255.255.255.255         On-link      192.168.1.66    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.66    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.66    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.66    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 17    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 17    306 2001::/32                On-link
 17    306 2001:0:9d38:6ab8:2c77:3576:9cb6:a7d0/128
                                    On-link
 14    281 fe80::/64                On-link
 17    306 fe80::/64                On-link
 17    306 fe80::2c77:3576:9cb6:a7d0/128
                                    On-link
 14    281 fe80::9135:5096:b0fd:9f7f/128
                                    On-link
  1    306 ff00::/8                 On-link
 17    306 ff00::/8                 On-link
 14    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/02/2013 10:56:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3125
 
Error: (10/02/2013 10:56:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3125
 
Error: (10/02/2013 10:56:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/02/2013 10:56:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2063
 
Error: (10/02/2013 10:56:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2063
 
Error: (10/02/2013 10:56:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/02/2013 10:56:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1047
 
Error: (10/02/2013 10:56:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1047
 
Error: (10/02/2013 10:56:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/02/2013 07:11:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25453812
 
 
System errors:
=============
Error: (09/25/2013 07:06:57 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:11:20 AM on ?9/?25/?2013 was unexpected.
 
Error: (09/23/2013 09:44:17 PM) (Source: Service Control Manager) (User: )
Description: The Validity WBF Policy Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/23/2013 09:40:28 PM) (Source: DCOM) (User: INTROVERTER9000)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (09/23/2013 09:40:20 PM) (Source: DCOM) (User: INTROVERTER9000)
Description: 1084WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (09/23/2013 09:40:18 PM) (Source: DCOM) (User: INTROVERTER9000)
Description: 1084EventSystemUnavailable{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (09/23/2013 09:40:18 PM) (Source: DCOM) (User: INTROVERTER9000)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (09/23/2013 09:40:18 PM) (Source: DCOM) (User: INTROVERTER9000)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (09/23/2013 09:40:12 PM) (Source: DCOM) (User: INTROVERTER9000)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (09/23/2013 09:40:01 PM) (Source: DCOM) (User: INTROVERTER9000)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (09/23/2013 09:37:52 PM) (Source: DCOM) (User: INTROVERTER9000)
Description: 1084WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
 
Microsoft Office Sessions:
=========================
Error: (10/02/2013 10:56:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3125
 
Error: (10/02/2013 10:56:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3125
 
Error: (10/02/2013 10:56:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/02/2013 10:56:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2063
 
Error: (10/02/2013 10:56:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2063
 
Error: (10/02/2013 10:56:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/02/2013 10:56:41 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1047
 
Error: (10/02/2013 10:56:41 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1047
 
Error: (10/02/2013 10:56:41 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/02/2013 07:11:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25453812
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.1.30017)
4 Elements II (Version: 2.2.0.98)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87)
Bejeweled 3 (Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Build-a-lot 4 - Power Source (Version: 2.2.0.98)
Cradle Of Egypt Collector's Edition (Version: 2.2.0.98)
Cradle of Rome 2 (Version: 2.2.0.98)
CyberLink LabelPrint (Version: 2.5.3.6326)
CyberLink Media Suite 10 (Version: 10.0.3.2608)
CyberLink PhotoDirector (Version: 2.0.2.3317)
CyberLink Power2Go 8 (Version: 8.0.3.2527)
CyberLink PowerDirector 10 (Version: 10.0.2.2126)
CyberLink PowerDVD (Version: 10.0.6.4319)
CyberLink YouCam (Version: 3.5.6.6119)
D3DX10 (Version: 15.4.2368.0902)
Energy Star (Version: 1.0.9)
Farm Frenzy (Version: 2.2.0.98)
FATE: The Cursed King (Version: 2.2.0.97)
Final Drive Fury (Version: 2.2.0.95)
Gardenscapes: Mansion Makeover (Version: 3.0.2.32)
Google Chrome (Version: 29.0.1547.76)
Google Update Helper (Version: 1.3.21.153)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
House of 1000 Doors: Family Secrets (Version: 2.2.0.98)
Hoyle Card Games (Version: 2.2.0.95)
HP 3D DriveGuard (Version: 4.2.9.1)
HP Connected Music (Meridian - installer) (Version: v1.0)
HP Connected Remote (Version: 1.0.1218)
HP CoolSense (Version: 2.10.51)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.2.0.0)
HP Games (Version: 1.0.3.0)
HP MyRoom (Version: 9.0.0.0)
HP Postscript Converter (Version: 3.1.3591)
HP Quick Launch (Version: 3.0.6)
HP Recovery Manager (Version: 8.00)
HP Registration Service (Version: 1.1.6232.4245)
HP SimplePass (Version: 6.0.100.272)
HP Support Assistant (Version: 7.0.39.15)
HP Utility Center (Version: 1.0.8)
HP Wireless Button Driver (Version: 1.0.7.1)
iCloud (Version: 2.1.2.8)
IDT Audio (Version: 1.0.6425.0)
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 9.17.10.2857)
Intel® Rapid Storage Technology (Version: 11.5.9.1002)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.5.5)
Jewel Match 3 (Version: 2.2.0.98)
John Deere Drive Green (Version: 2.2.0.95)
join.me (Version: 1.10.1.253)
Luxor Evolved (Version: 2.2.0.98)
Macromedia Dreamweaver 8 (Version: 8.0.0.2734)
Macromedia Extension Manager (Version: 1.7.240)
Mahjongg Dimensions Deluxe: Tiles in Time (Version: 2.2.0.98)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4535.1004)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (Version: 17.0.2003.1112)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mortimer Beckett and the Crimson Thief Premium Edition (Version: 2.2.0.98)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Mystery P.I. - Curious Case of Counterfeit Cove (Version: 2.2.0.98)
Norton Internet Security (Version: 21.0.1.3)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4535.1004)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4535.1004)
Office 15 Click-to-Run Localization Component (Version: 15.0.4535.1004)
PDF Settings CS6 (Version: 11.0)
Peggle Nights (Version: 2.2.0.98)
Penguins! (Version: 2.2.0.98)
Photo Gallery (Version: 16.4.3505.0912)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (Version: 5.0.5.0)
Realtek Ethernet Controller Driver (Version: 8.2.612.2012)
Realtek PCIE Card Reader (Version: 6.2.8400.29034)
Roads of Rome 3 (Version: 2.2.0.98)
Royal Envoy 2 Collector's Edition (Version: 3.0.2.32)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.15.0)
Tales of Lagoona (Version: 2.2.0.110)
Update Installer for WildTangent Games App
Validity WBF DDK (Version: 4.4.234.0)
Vegas Pro 12.0 (64-bit) (Version: 12.0.367)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Version: 4.0.9.7)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
WinZip 17.5 (Version: 17.5.10562)
WinZip Registry Optimizer (Version: 1.0)
Youda Jewel Shop (Version: 3.0.2.32)
Zuma's Revenge (Version: 2.2.0.98)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 29%
Total physical RAM: 16273.27 MB
Available physical RAM: 11464.99 MB
Total Pagefile: 18577.27 MB
Available Pagefile: 12578.26 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.97 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:899.39 GB) (Free:812.69 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:31.34 GB) (Free:3.64 GB) NTFS
3 Drive e: (director) (CDROM) (Total:0.69 GB) (Free:0.5 GB) UDF
4 Drive f: (WD SmartWare) (CDROM) (Total:0.63 GB) (Free:0 GB) UDF
5 Drive g: (My Passport) (Fixed) (Total:232.23 GB) (Free:90.41 GB) NTFS
6 Drive h: (NIKON D600) (Removable) (Total:29.71 GB) (Free:17.87 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\INTROVERTER9000
 
Administrator            Guest                    Raven                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 
 
 
 
 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.10.02.11
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16688
Raven :: INTROVERTER9000 [administrator]
 
10/2/2013 1:37:16 PM
MBAM-log-2013-10-02 (18-12-32).txt
 
Scan type: Full scan (C:\|D:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 509105
Time elapsed: 1 hour(s), 9 minute(s), 32 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Program Files\Sony\Vegas Pro 12.0\vegas.pro.12.-patch.exe (PUP.RiskwareTool.CK) -> No action taken.
 
(end)
 
 


#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:11 PM

Posted 03 October 2013 - 01:57 AM

Please uninstall or disable µTorrent, as this is the most likely place you picked it up.

Go to Control Panel > Programs and Features and look for WinZip Registry Optimizer (Version: 1.0). If you find it please first uninstall it from the programs page -

 

 

If Vegas Pro 12.0 is 100% legal, then keep the program, but remove the update found by Malwarebytes.

 

Uninstall Bonjour (I Tunes) program, as it is constantly failing (was this a Torrent download?)

 

Even if you have done any of these steps, please repeat them -

 

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
*  Do not reboot your computer after running RKill as the malware programs will start again.
* If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

 

 

Scan your machine with ESET OnlineScan

This is best done with Internet Explorer, as it uses ActiveX
1. Hold down Control and click HERE to open ESET OnlineScan in a new window.
2. Click the ESET Online Scanner button.
3. NOTE :.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

 

- 1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
- 2. Double click on the ESET Online Scanner icon on your desktop.

 

 4. Check "YES, I accept the Terms of Use."
 5. Click the Start button.
 6. Accept any security warnings from your browser.
 7. Under scan settings, check "Scan Archives" and "Remove found threats"
8. Click Advanced settings and select the following:

Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology

 9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this will take some time to download the program for a first time, and then download updated data base (1 to 2  hours is not unusual)
10. When the scan completes, click List Threats
11. Click Export, and save the file to your desktop using a unique name, such as ESETScan.
- Include the contents of this report in your next reply.
12. Click the Back button.
13. Click the Finish button
Or you can find a report at  C:\Program Files\esetonlinescanner\log.txt.

 

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

• Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.
• If TDSSKiller does not run, try renaming it.
• To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
• Click the Start Scan button.
Do not use the computer during the scan
•If the scan completes with nothing found, click Close to exit.
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
• Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
• A log file named TDSSKiller_version_date_time_log.txt (e,g. TDSSKiller.2.4.0.0_27.09.2013_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
• Copy and paste the contents of that file in your next reply.

 

 

Please download Junkware Removal Tool by thisisu to your desktop
Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

 

If you still have any Antivirus / Antimalware disabled, make sure it has been enabled now -


Edited by noknojon, 03 October 2013 - 02:42 AM.


#6 ravinraven

ravinraven
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 03 October 2013 - 10:33 PM

Rkill 2.6.1 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 10/03/2013 07:51:31 AM in x64 mode.
Windows Version: Windows 8 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Windows\system32\valWBFPolicyService.exe (PID: 2064) [WD-HEUR]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 10/03/2013 07:51:48 AM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)
 
 
 
 
C:\$RECYCLE.BIN\S-1-5-21-1700486852-3696285857-2906863227-1001\$ROI5DSS.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
C:\Program Files\Sony\Vegas Pro 12.0\vegas.pro.12.-patch.exe a variant of Win32/HackTool.Patcher.AD application cleaned by deleting - quarantined
C:\Users\Raven\Downloads\Sony Vegas Pro 12 Build 367 (64 bit patch-KHG) [ChingLiu]\patch - KHG\vegas.pro.12.-patch.exe a variant of Win32/HackTool.Patcher.AD application cleaned by deleting - quarantined
 
 
20:21:12.0614 0x18dc  TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03
20:21:12.0614 0x18dc  UEFI system
20:21:13.0966 0x18dc  ============================================================
20:21:13.0966 0x18dc  Current date / time: 2013/10/03 20:21:13.0966
20:21:13.0966 0x18dc  SystemInfo:
20:21:13.0966 0x18dc  
20:21:13.0966 0x18dc  OS Version: 6.2.9200 ServicePack: 0.0
20:21:13.0966 0x18dc  Product type: Workstation
20:21:13.0966 0x18dc  ComputerName: INTROVERTER9000
20:21:13.0966 0x18dc  UserName: Raven
20:21:13.0967 0x18dc  Windows directory: C:\Windows
20:21:13.0967 0x18dc  System windows directory: C:\Windows
20:21:13.0967 0x18dc  Running under WOW64
20:21:13.0967 0x18dc  Processor architecture: Intel x64
20:21:13.0967 0x18dc  Number of processors: 8
20:21:13.0967 0x18dc  Page size: 0x1000
20:21:13.0967 0x18dc  Boot type: Normal boot
20:21:13.0967 0x18dc  ============================================================
20:21:16.0590 0x18dc  System UUID: {8C9FBE9F-4D69-ED94-C54D-7FD332C71384}
20:21:17.0904 0x18dc  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:21:17.0909 0x18dc  Drive \Device\Harddisk1\DR3 - Size: 0x3A0ED00000 (232.23 Gb), SectorSize: 0x200, Cylinders: 0x766B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:21:18.0255 0x18dc  Drive \Device\Harddisk3\DR5 - Size: 0x76E480000 (29.72 Gb), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:21:18.0267 0x18dc  ============================================================
20:21:18.0267 0x18dc  \Device\Harddisk0\DR0:
20:21:18.0268 0x18dc  GPT partitions:
20:21:18.0269 0x18dc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1340672C-097B-4789-88CB-8EA218C9C540}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
20:21:18.0269 0x18dc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {DBB8B4F8-330E-4121-B397-942BD1E54781}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
20:21:18.0269 0x18dc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6184F10E-3E1A-42F1-A9E2-6A857DE8338A}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
20:21:18.0269 0x18dc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0E00B146-3ADA-420A-8536-B6E141D071F0}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x706CA000
20:21:18.0269 0x18dc  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {66356C23-6CC0-4CA8-82DD-3120F8488D79}, Name: Basic data partition, StartLBA 0x70854800, BlocksNum 0x3EAF800
20:21:18.0269 0x18dc  MBR partitions:
20:21:18.0269 0x18dc  \Device\Harddisk1\DR3:
20:21:18.0269 0x18dc  MBR partitions:
20:21:18.0270 0x18dc  \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D076000
20:21:18.0270 0x18dc  \Device\Harddisk3\DR5:
20:21:18.0270 0x18dc  MBR partitions:
20:21:18.0270 0x18dc  \Device\Harddisk3\DR5\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400
20:21:18.0270 0x18dc  ============================================================
20:21:18.0315 0x18dc  C: <-> \Device\Harddisk0\DR0\Partition4
20:21:18.0364 0x18dc  D: <-> \Device\Harddisk0\DR0\Partition5
20:21:18.0407 0x18dc  G: <-> \Device\Harddisk1\DR3\Partition1
20:21:18.0407 0x18dc  ============================================================
20:21:18.0407 0x18dc  Initialize success
20:21:18.0407 0x18dc  ============================================================
20:21:40.0566 0x288c  ============================================================
20:21:40.0566 0x288c  Scan started
20:21:40.0566 0x288c  Mode: Manual; 
20:21:40.0566 0x288c  ============================================================
20:21:40.0566 0x288c  KSN ping started
20:21:43.0756 0x288c  KSN ping finished: true
20:21:45.0412 0x288c  ================ Scan system memory ========================
20:21:45.0412 0x288c  System memory - ok
20:21:45.0413 0x288c  ================ Scan services =============================
20:21:45.0612 0x288c  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
20:21:45.0622 0x288c  1394ohci - ok
20:21:45.0651 0x288c  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
20:21:45.0654 0x288c  3ware - ok
20:21:45.0669 0x288c  [ 899B7E724BF19F17978B6A37B864A277, F7D166DC5F7642D4B834B1E0D956929BA94F3E4D402989FC1A681A08FA1F86B6 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
20:21:45.0671 0x288c  Accelerometer - ok
20:21:45.0689 0x288c  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:21:45.0698 0x288c  ACPI - ok
20:21:45.0708 0x288c  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
20:21:45.0711 0x288c  acpiex - ok
20:21:45.0735 0x288c  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
20:21:45.0736 0x288c  acpipagr - ok
20:21:45.0740 0x288c  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
20:21:45.0740 0x288c  AcpiPmi - ok
20:21:45.0743 0x288c  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
20:21:45.0744 0x288c  acpitime - ok
20:21:45.0856 0x288c  [ 3109B16A0939BA11696EEB04F345D099, 8863EFE3631F0F4D8F6BAE804DBB01564FF2969D53393B2887F682427C289B25 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:21:45.0862 0x288c  AdobeFlashPlayerUpdateSvc - ok
20:21:45.0987 0x288c  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:21:45.0996 0x288c  adp94xx - ok
20:21:46.0006 0x288c  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:21:46.0013 0x288c  adpahci - ok
20:21:46.0029 0x288c  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:21:46.0032 0x288c  adpu320 - ok
20:21:46.0039 0x288c  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:21:46.0042 0x288c  AeLookupSvc - ok
20:21:46.0073 0x288c  [ 36D6A3201721558A8AFBCC09C2DA4C2C, 66BBD6F2267A6418625D54F114B87248590E48C182085B3F43AEF585554F4A17 ] AFD             C:\Windows\system32\drivers\afd.sys
20:21:46.0082 0x288c  AFD - ok
20:21:46.0094 0x288c  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:21:46.0096 0x288c  agp440 - ok
20:21:46.0126 0x288c  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
20:21:46.0128 0x288c  ALG - ok
20:21:46.0143 0x288c  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
20:21:46.0146 0x288c  AllUserInstallAgent - ok
20:21:46.0177 0x288c  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
20:21:46.0179 0x288c  AmdK8 - ok
20:21:46.0203 0x288c  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
20:21:46.0205 0x288c  AmdPPM - ok
20:21:46.0217 0x288c  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:21:46.0219 0x288c  amdsata - ok
20:21:46.0237 0x288c  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:21:46.0242 0x288c  amdsbs - ok
20:21:46.0256 0x288c  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:21:46.0257 0x288c  amdxata - ok
20:21:46.0313 0x288c  [ 823F34D1DEF120A657BB7529ABF4461F, C56D6614F6B3DA13DF7F6AC6B70ACA39D1DB146F7324CF96029CA038C3063DB3 ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
20:21:46.0316 0x288c  AppHostSvc - ok
20:21:46.0326 0x288c  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
20:21:46.0330 0x288c  AppID - ok
20:21:46.0352 0x288c  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:21:46.0355 0x288c  AppIDSvc - ok
20:21:46.0385 0x288c  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll
20:21:46.0388 0x288c  Appinfo - ok
20:21:46.0486 0x288c  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:21:46.0492 0x288c  Apple Mobile Device - ok
20:21:46.0508 0x288c  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
20:21:46.0513 0x288c  arc - ok
20:21:46.0524 0x288c  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:21:46.0530 0x288c  arcsas - ok
20:21:46.0643 0x288c  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:21:46.0646 0x288c  aspnet_state - ok
20:21:46.0666 0x288c  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:21:46.0669 0x288c  AsyncMac - ok
20:21:46.0690 0x288c  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:21:46.0692 0x288c  atapi - ok
20:21:46.0737 0x288c  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:21:46.0744 0x288c  AudioEndpointBuilder - ok
20:21:46.0793 0x288c  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:21:46.0815 0x288c  Audiosrv - ok
20:21:46.0837 0x288c  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:21:46.0840 0x288c  AxInstSV - ok
20:21:46.0873 0x288c  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:21:46.0882 0x288c  b06bdrv - ok
20:21:46.0897 0x288c  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
20:21:46.0899 0x288c  BasicDisplay - ok
20:21:46.0915 0x288c  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
20:21:46.0916 0x288c  BasicRender - ok
20:21:46.0945 0x288c  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
20:21:46.0949 0x288c  BDESVC - ok
20:21:46.0964 0x288c  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
20:21:46.0965 0x288c  Beep - ok
20:21:47.0003 0x288c  [ 73133A0C0CA63817BFF2CB9DE65B64E7, 2EA10882AE4DA5A241C183624701DED4FBFFA8EF39C9E9AC7D5DA4A114DD309E ] BFE             C:\Windows\System32\bfe.dll
20:21:47.0020 0x288c  BFE - ok
20:21:47.0183 0x288c  [ 4AD1940DAAAC84036B65EF78BAE42208, C17B159554A4CC11B432AB00819972836529A0EFE48B8B6E5ADE7CF7FDD1A148 ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20130924.001\BHDrvx64.sys
20:21:47.0224 0x288c  BHDrvx64 - ok
20:21:47.0270 0x288c  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
20:21:47.0303 0x288c  BITS - ok
20:21:47.0315 0x288c  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:21:47.0318 0x288c  bowser - ok
20:21:47.0346 0x288c  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:21:47.0350 0x288c  BrokerInfrastructure - ok
20:21:47.0375 0x288c  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
20:21:47.0378 0x288c  Browser - ok
20:21:47.0403 0x288c  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
20:21:47.0422 0x288c  BthAvrcpTg - ok
20:21:47.0460 0x288c  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
20:21:47.0466 0x288c  BthHFEnum - ok
20:21:47.0490 0x288c  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
20:21:47.0494 0x288c  bthhfhid - ok
20:21:47.0515 0x288c  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
20:21:47.0520 0x288c  BTHMODEM - ok
20:21:47.0553 0x288c  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
20:21:47.0557 0x288c  bthserv - ok
20:21:47.0596 0x288c  [ A5C16A0BE89EE409732178BEB62F7EA7, D4B993F63CFD9B487BD53B532AB9435084B4C752F2731E189FA1420D516A4E95 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1500010.003\ccSetx64.sys
20:21:47.0604 0x288c  ccSet_NIS - ok
20:21:47.0623 0x288c  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:21:47.0628 0x288c  cdfs - ok
20:21:47.0655 0x288c  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
20:21:47.0663 0x288c  cdrom - ok
20:21:47.0696 0x288c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:21:47.0704 0x288c  CertPropSvc - ok
20:21:47.0717 0x288c  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
20:21:47.0720 0x288c  circlass - ok
20:21:47.0735 0x288c  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
20:21:47.0744 0x288c  CLFS - ok
20:21:47.0768 0x288c  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
20:21:47.0770 0x288c  CLVirtualDrive - ok
20:21:47.0793 0x288c  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
20:21:47.0794 0x288c  CmBatt - ok
20:21:47.0820 0x288c  [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:21:47.0830 0x288c  CNG - ok
20:21:47.0845 0x288c  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
20:21:47.0846 0x288c  CompositeBus - ok
20:21:47.0849 0x288c  COMSysApp - ok
20:21:47.0861 0x288c  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
20:21:47.0862 0x288c  condrv - ok
20:21:47.0977 0x288c  [ 7D79618CA1BF492E7D832CEBA7AF3F89, 95BDEB89B2919C019001D91D4BF3D168FA162220021C2F4B944EFD80C7C6ED13 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:21:47.0990 0x288c  cphs - ok
20:21:48.0119 0x288c  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:21:48.0123 0x288c  CryptSvc - ok
20:21:48.0179 0x288c  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\Windows\system32\drivers\dam.sys
20:21:48.0183 0x288c  dam - ok
20:21:48.0240 0x288c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:21:48.0266 0x288c  DcomLaunch - ok
20:21:48.0286 0x288c  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll
20:21:48.0292 0x288c  defragsvc - ok
20:21:48.0316 0x288c  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
20:21:48.0322 0x288c  DeviceAssociationService - ok
20:21:48.0359 0x288c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
20:21:48.0363 0x288c  DeviceInstall - ok
20:21:48.0375 0x288c  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
20:21:48.0378 0x288c  Dfsc - ok
20:21:48.0406 0x288c  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:21:48.0413 0x288c  Dhcp - ok
20:21:48.0416 0x288c  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
20:21:48.0418 0x288c  discache - ok
20:21:48.0423 0x288c  [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6 ] disk            C:\Windows\system32\drivers\disk.sys
20:21:48.0426 0x288c  disk - ok
20:21:48.0441 0x288c  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
20:21:48.0443 0x288c  dmvsc - ok
20:21:48.0460 0x288c  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:21:48.0464 0x288c  Dnscache - ok
20:21:48.0473 0x288c  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
20:21:48.0478 0x288c  dot3svc - ok
20:21:48.0506 0x288c  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
20:21:48.0510 0x288c  dot4 - ok
20:21:48.0535 0x288c  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
20:21:48.0536 0x288c  Dot4Print - ok
20:21:48.0548 0x288c  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
20:21:48.0550 0x288c  dot4usb - ok
20:21:48.0569 0x288c  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
20:21:48.0573 0x288c  DPS - ok
20:21:48.0595 0x288c  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:21:48.0595 0x288c  drmkaud - ok
20:21:48.0623 0x288c  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
20:21:48.0628 0x288c  DsmSvc - ok
20:21:48.0676 0x288c  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9, 3D348D3EFCA9C2AC25C3D0722FB8F64820936DEFD3926888740442972A0A8189 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:21:48.0709 0x288c  DXGKrnl - ok
20:21:48.0769 0x288c  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
20:21:48.0774 0x288c  Eaphost - ok
20:21:48.0891 0x288c  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:21:48.0969 0x288c  ebdrv - ok
20:21:49.0098 0x288c  [ A2DA3D8E0B336E13F7A155B5789B58CF, D492E24807857547F62E69B8F2935ABC48113C28832B1155AB3186D04A63DEF1 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:21:49.0137 0x288c  eeCtrl - ok
20:21:49.0179 0x288c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS             C:\Windows\System32\lsass.exe
20:21:49.0182 0x288c  EFS - ok
20:21:49.0219 0x288c  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
20:21:49.0222 0x288c  EhStorClass - ok
20:21:49.0236 0x288c  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:21:49.0241 0x288c  EhStorTcgDrv - ok
20:21:49.0273 0x288c  [ 0E736E4C9C4F48453D8137CA641354F7, 695591D97882F21BFD018FA3A0314A486940E3EFD5069CDE7EA38EA15F030D23 ] EraserUtilDrv11310 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys
20:21:49.0276 0x288c  EraserUtilDrv11310 - ok
20:21:49.0326 0x288c  [ 23C3061D2F7F8BCB6140A098447035B4, A89A628D99637DA72F51E90A6C3CBAAB552B423447C2EDC561E3D7CCB4D7EAB7 ] EraserUtilDrv11311 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys
20:21:49.0329 0x288c  EraserUtilDrv11311 - ok
20:21:49.0349 0x288c  [ C5BCCB378D0A896304A3E71BE7215983, 33202DEDDA66C7D5D268E7B36320C104A097A43D099BD9D2E4EC20EC0997FBF3 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:21:49.0352 0x288c  EraserUtilRebootDrv - ok
20:21:49.0369 0x288c  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
20:21:49.0370 0x288c  ErrDev - ok
20:21:49.0431 0x288c  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
20:21:49.0459 0x288c  EventSystem - ok
20:21:49.0473 0x288c  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
20:21:49.0479 0x288c  exfat - ok
20:21:49.0503 0x288c  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:21:49.0509 0x288c  fastfat - ok
20:21:49.0540 0x288c  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
20:21:49.0558 0x288c  Fax - ok
20:21:49.0568 0x288c  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
20:21:49.0569 0x288c  fdc - ok
20:21:49.0580 0x288c  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:21:49.0581 0x288c  fdPHost - ok
20:21:49.0593 0x288c  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:21:49.0594 0x288c  FDResPub - ok
20:21:49.0608 0x288c  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
20:21:49.0611 0x288c  fhsvc - ok
20:21:49.0633 0x288c  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:21:49.0635 0x288c  FileInfo - ok
20:21:49.0656 0x288c  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:21:49.0657 0x288c  Filetrace - ok
20:21:49.0669 0x288c  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
20:21:49.0670 0x288c  flpydisk - ok
20:21:49.0680 0x288c  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:21:49.0686 0x288c  FltMgr - ok
20:21:49.0731 0x288c  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll
20:21:49.0765 0x288c  FontCache - ok
20:21:49.0833 0x288c  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:21:49.0836 0x288c  FontCache3.0.0.0 - ok
20:21:49.0929 0x288c  [ 3A5C8F2F3500833F614BB509A1270971, 8B48B9F7C194831FA003B7ABD34BA7ECB05417338A3CADDBAAB8BB58ADBDC396 ] FPLService      C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
20:21:49.0970 0x288c  FPLService - ok
20:21:49.0991 0x288c  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:21:49.0993 0x288c  FsDepends - ok
20:21:50.0002 0x288c  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:21:50.0003 0x288c  Fs_Rec - ok
20:21:50.0015 0x288c  [ FA228F4BB10DC7ED7E7D131C034E2331, 0463B1DB8BB2B5AF95EAD988EA9DEB5483D9E78C07E07BAC1E3CC46C086B3BB0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:21:50.0023 0x288c  fvevol - ok
20:21:50.0039 0x288c  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
20:21:50.0040 0x288c  FxPPM - ok
20:21:50.0057 0x288c  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:21:50.0059 0x288c  gagp30kx - ok
20:21:50.0101 0x288c  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:21:50.0110 0x288c  GamesAppService - ok
20:21:50.0138 0x288c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:21:50.0140 0x288c  GEARAspiWDM - ok
20:21:50.0168 0x288c  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
20:21:50.0170 0x288c  gencounter - ok
20:21:50.0199 0x288c  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
20:21:50.0206 0x288c  GPIOClx0101 - ok
20:21:50.0280 0x288c  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:21:50.0319 0x288c  gpsvc - ok
20:21:50.0349 0x288c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:21:50.0351 0x288c  gupdate - ok
20:21:50.0355 0x288c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:21:50.0357 0x288c  gupdatem - ok
20:21:50.0390 0x288c  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:21:50.0396 0x288c  HdAudAddService - ok
20:21:50.0420 0x288c  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
20:21:50.0430 0x288c  HDAudBus - ok
20:21:50.0444 0x288c  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
20:21:50.0461 0x288c  HidBatt - ok
20:21:50.0490 0x288c  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
20:21:50.0500 0x288c  HidBth - ok
20:21:50.0515 0x288c  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
20:21:50.0517 0x288c  hidi2c - ok
20:21:50.0529 0x288c  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
20:21:50.0530 0x288c  HidIr - ok
20:21:50.0554 0x288c  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
20:21:50.0556 0x288c  hidserv - ok
20:21:50.0582 0x288c  [ 9E11EE0F2E117B2D5A835B2B91752827, DA523B5DE025B54DC685CB7FF76A75B343EAA8A10C7A8870BB023F1AAEEB67F5 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
20:21:50.0583 0x288c  HidUsb - ok
20:21:50.0601 0x288c  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:21:50.0604 0x288c  hkmsvc - ok
20:21:50.0635 0x288c  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:21:50.0640 0x288c  HomeGroupListener - ok
20:21:50.0664 0x288c  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:21:50.0672 0x288c  HomeGroupProvider - ok
20:21:50.0706 0x288c  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:21:50.0708 0x288c  HP Support Assistant Service - ok
20:21:50.0729 0x288c  [ 4F88FA114D15504E1B17978A8DA4165E, FB3876525BC82B20D1CD159F1DC2CCBA63CAAA755A97E5C97089B09DEA6DD790 ] HPConnectedRemote C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
20:21:50.0730 0x288c  HPConnectedRemote - ok
20:21:50.0750 0x288c  [ D104FF402FC3DDB686E6DEF00334DB26, 6CCE56587C02ECE474C6BF959C4A6F752A1FF0B718FBE8EE4FD9755313A207C1 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
20:21:50.0751 0x288c  hpdskflt - ok
20:21:50.0819 0x288c  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:21:50.0853 0x288c  hpqwmiex - ok
20:21:50.0876 0x288c  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:21:50.0878 0x288c  HpSAMD - ok
20:21:50.0903 0x288c  [ 55FFCBB036D7BE4BCA6FA1421203A27F, 5BB865FC631390F59AF5F2452D4D2DA47E34A49E194C8010E942F5A2013F3895 ] hpsrv           C:\Windows\system32\Hpservice.exe
20:21:50.0904 0x288c  hpsrv - ok
20:21:50.0925 0x288c  [ 3C5B2067338E4EFDADE94E4A72728F23, 72E21FA1E660F9405A5E39B0F89AB21C60F20BAC13247567EF7139AC130F1897 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:21:50.0926 0x288c  HPWMISVC - ok
20:21:50.0979 0x288c  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:21:51.0002 0x288c  HTTP - ok
20:21:51.0015 0x288c  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:21:51.0016 0x288c  hwpolicy - ok
20:21:51.0040 0x288c  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
20:21:51.0061 0x288c  hyperkbd - ok
20:21:51.0077 0x288c  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
20:21:51.0079 0x288c  HyperVideo - ok
20:21:51.0097 0x288c  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
20:21:51.0103 0x288c  i8042prt - ok
20:21:51.0137 0x288c  [ C02FC4C6C411C85F209EBD0EBBF8CAE9, C023D2B98009FE7599AEFC5B246C7599686ED24783FAD7C6706F77DCA29CC65D ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
20:21:51.0148 0x288c  iaStorA - ok
20:21:51.0217 0x288c  [ 43095B27DB6B7C250245C56E6BFBCD70, 32E567FE24573258D99AC3768C8536E0527ABA1434E7E1899C3E0A69DD3FDA5F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:21:51.0220 0x288c  IAStorDataMgrSvc - ok
20:21:51.0276 0x288c  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:21:51.0295 0x288c  iaStorV - ok
20:21:51.0388 0x288c  [ 5AD5A7781BE907D6E2D75CA1DADAA97B, 355234ED6E49A1080CFFC9C18D185DA653A00C6B79B204368A971EACE5A416A9 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:21:51.0442 0x288c  IconMan_R - ok
20:21:51.0562 0x288c  [ A1258065E8B16E23E2AFDE72FB5559BC, 22819A822035C4378E5DD40E7829BBC54973BB49734B7E021EF7C7A5F0A5A55A ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20131003.001\IDSvia64.sys
20:21:51.0573 0x288c  IDSVia64 - ok
20:21:51.0735 0x288c  [ 24B5EE5A17AD83427D9BDFCBF7C2C1B4, 371DE28F6DE442AD29EB59BFECD77579329F206D6EF2553E441CCFF48DA47E45 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:21:51.0880 0x288c  igfx - ok
20:21:51.0893 0x288c  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:21:51.0900 0x288c  iirsp - ok
20:21:51.0955 0x288c  [ 3884117CE4FEC35E4A1A7A62918B1F34, 0B35F7195CAAF15B9C65AB5B74A887DCFCA8F7736005E704D9F603981606AFE7 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:21:51.0989 0x288c  IKEEXT - ok
20:21:52.0017 0x288c  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:21:52.0024 0x288c  IntcDAud - ok
20:21:52.0069 0x288c  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:21:52.0080 0x288c  Intel® Capability Licensing Service Interface - ok
20:21:52.0135 0x288c  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
20:21:52.0140 0x288c  Intel® ME Service - ok
20:21:52.0156 0x288c  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:21:52.0160 0x288c  intelide - ok
20:21:52.0177 0x288c  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
20:21:52.0184 0x288c  intelppm - ok
20:21:52.0209 0x288c  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:21:52.0213 0x288c  IpFilterDriver - ok
20:21:52.0263 0x288c  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:21:52.0291 0x288c  iphlpsvc - ok
20:21:52.0295 0x288c  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
20:21:52.0298 0x288c  IPMIDRV - ok
20:21:52.0318 0x288c  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:21:52.0321 0x288c  IPNAT - ok
20:21:52.0355 0x288c  [ 78486992AC657AE5065C4A2135838570, E958E2977843A15A73F06A2D2F24130C7F62305A9AA0488F419E2D729BA6939A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:21:52.0367 0x288c  iPod Service - ok
20:21:52.0396 0x288c  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:21:52.0397 0x288c  IRENUM - ok
20:21:52.0411 0x288c  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:21:52.0412 0x288c  isapnp - ok
20:21:52.0441 0x288c  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
20:21:52.0446 0x288c  iScsiPrt - ok
20:21:52.0487 0x288c  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:21:52.0490 0x288c  jhi_service - ok
20:21:52.0506 0x288c  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
20:21:52.0508 0x288c  kbdclass - ok
20:21:52.0529 0x288c  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
20:21:52.0531 0x288c  kbdhid - ok
20:21:52.0541 0x288c  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
20:21:52.0543 0x288c  kdnic - ok
20:21:52.0555 0x288c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso          C:\Windows\system32\lsass.exe
20:21:52.0556 0x288c  KeyIso - ok
20:21:52.0561 0x288c  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:21:52.0563 0x288c  KSecDD - ok
20:21:52.0585 0x288c  [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:21:52.0589 0x288c  KSecPkg - ok
20:21:52.0597 0x288c  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:21:52.0598 0x288c  ksthunk - ok
20:21:52.0638 0x288c  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:21:52.0646 0x288c  KtmRm - ok
20:21:52.0676 0x288c  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:21:52.0683 0x288c  LanmanServer - ok
20:21:52.0707 0x288c  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:21:52.0712 0x288c  LanmanWorkstation - ok
20:21:52.0723 0x288c  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:21:52.0725 0x288c  lltdio - ok
20:21:52.0759 0x288c  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:21:52.0764 0x288c  lltdsvc - ok
20:21:52.0777 0x288c  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:21:52.0778 0x288c  lmhosts - ok
20:21:52.0806 0x288c  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:21:52.0810 0x288c  LMS - ok
20:21:52.0824 0x288c  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:21:52.0827 0x288c  LSI_SAS - ok
20:21:52.0850 0x288c  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:21:52.0852 0x288c  LSI_SAS2 - ok
20:21:52.0870 0x288c  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:21:52.0873 0x288c  LSI_SCSI - ok
20:21:52.0885 0x288c  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
20:21:52.0888 0x288c  LSI_SSS - ok
20:21:52.0929 0x288c  [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM             C:\Windows\System32\lsm.dll
20:21:52.0937 0x288c  LSM - ok
20:21:52.0950 0x288c  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:21:52.0952 0x288c  luafv - ok
20:21:52.0973 0x288c  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:21:52.0974 0x288c  megasas - ok
20:21:52.0998 0x288c  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:21:53.0005 0x288c  MegaSR - ok
20:21:53.0029 0x288c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
20:21:53.0031 0x288c  MEIx64 - ok
20:21:53.0056 0x288c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll
20:21:53.0059 0x288c  MMCSS - ok
20:21:53.0070 0x288c  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
20:21:53.0072 0x288c  Modem - ok
20:21:53.0087 0x288c  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys
20:21:53.0088 0x288c  monitor - ok
20:21:53.0126 0x288c  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
20:21:53.0128 0x288c  mouclass - ok
20:21:53.0146 0x288c  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
20:21:53.0148 0x288c  mouhid - ok
20:21:53.0159 0x288c  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:21:53.0161 0x288c  mountmgr - ok
20:21:53.0202 0x288c  [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:21:53.0204 0x288c  MozillaMaintenance - ok
20:21:53.0228 0x288c  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C, BCBFF081FAFB822CE29D291FB329FC310D90F0EC0D1BB69CF8CB09ED5A2E84D1 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:21:53.0231 0x288c  mpsdrv - ok
20:21:53.0257 0x288c  [ 3031573A739DBEE8923851929D0AF423, E9EA6C0D12A896AC745173B1F1A58192B52724AA424718B16B8D05E9AC091741 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:21:53.0279 0x288c  MpsSvc - ok
20:21:53.0298 0x288c  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:21:53.0301 0x288c  MRxDAV - ok
20:21:53.0330 0x288c  [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:21:53.0337 0x288c  mrxsmb - ok
20:21:53.0357 0x288c  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:21:53.0363 0x288c  mrxsmb10 - ok
20:21:53.0376 0x288c  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:21:53.0380 0x288c  mrxsmb20 - ok
20:21:53.0399 0x288c  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
20:21:53.0403 0x288c  MsBridge - ok
20:21:53.0420 0x288c  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
20:21:53.0423 0x288c  MSDTC - ok
20:21:53.0439 0x288c  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:21:53.0440 0x288c  Msfs - ok
20:21:53.0458 0x288c  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
20:21:53.0459 0x288c  msgpiowin32 - ok
20:21:53.0476 0x288c  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:21:53.0477 0x288c  mshidkmdf - ok
20:21:53.0487 0x288c  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
20:21:53.0488 0x288c  mshidumdf - ok
20:21:53.0495 0x288c  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:21:53.0496 0x288c  msisadrv - ok
20:21:53.0522 0x288c  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:21:53.0526 0x288c  MSiSCSI - ok
20:21:53.0529 0x288c  msiserver - ok
20:21:53.0544 0x288c  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:21:53.0545 0x288c  MSKSSRV - ok
20:21:53.0552 0x288c  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
20:21:53.0554 0x288c  MsLldp - ok
20:21:53.0557 0x288c  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:21:53.0559 0x288c  MSPCLOCK - ok
20:21:53.0561 0x288c  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:21:53.0562 0x288c  MSPQM - ok
20:21:53.0584 0x288c  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:21:53.0591 0x288c  MsRPC - ok
20:21:53.0606 0x288c  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
20:21:53.0608 0x288c  mssmbios - ok
20:21:53.0611 0x288c  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:21:53.0612 0x288c  MSTEE - ok
20:21:53.0622 0x288c  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
20:21:53.0623 0x288c  MTConfig - ok
20:21:53.0636 0x288c  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
20:21:53.0639 0x288c  Mup - ok
20:21:53.0649 0x288c  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
20:21:53.0650 0x288c  mvumis - ok
20:21:53.0679 0x288c  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
20:21:53.0688 0x288c  napagent - ok
20:21:53.0710 0x288c  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:21:53.0717 0x288c  NativeWifiP - ok
20:21:53.0799 0x288c  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20131003.002\ENG64.SYS
20:21:53.0807 0x288c  NAVENG - ok
20:21:53.0879 0x288c  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20131003.002\EX64.SYS
20:21:53.0934 0x288c  NAVEX15 - ok
20:21:53.0960 0x288c  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
20:21:53.0965 0x288c  NcaSvc - ok
20:21:53.0974 0x288c  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
20:21:53.0976 0x288c  NcdAutoSetup - ok
20:21:54.0014 0x288c  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:21:54.0048 0x288c  NDIS - ok
20:21:54.0066 0x288c  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:21:54.0068 0x288c  NdisCap - ok
20:21:54.0084 0x288c  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:21:54.0088 0x288c  NdisImPlatform - ok
20:21:54.0110 0x288c  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:21:54.0112 0x288c  NdisTapi - ok
20:21:54.0119 0x288c  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:21:54.0121 0x288c  Ndisuio - ok
20:21:54.0131 0x288c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:21:54.0137 0x288c  NdisWan - ok
20:21:54.0144 0x288c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
20:21:54.0146 0x288c  NDISWANLEGACY - ok
20:21:54.0180 0x288c  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:21:54.0181 0x288c  NDProxy - ok
20:21:54.0200 0x288c  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
20:21:54.0202 0x288c  Ndu - ok
20:21:54.0212 0x288c  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:21:54.0214 0x288c  NetBIOS - ok
20:21:54.0222 0x288c  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:21:54.0229 0x288c  NetBT - ok
20:21:54.0238 0x288c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon        C:\Windows\system32\lsass.exe
20:21:54.0239 0x288c  Netlogon - ok
20:21:54.0265 0x288c  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
20:21:54.0269 0x288c  Netman - ok
20:21:54.0298 0x288c  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
20:21:54.0308 0x288c  netprofm - ok
20:21:54.0474 0x288c  [ 080417AC9E51B2B29656EC26B62E87F1, F85B0F301396913427CA410AEA302119BBDC625AFDB560D9B7A08E9E622AEB8E ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
20:21:54.0523 0x288c  netr28x - ok
20:21:54.0615 0x288c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:21:54.0622 0x288c  NetTcpPortSharing - ok
20:21:54.0657 0x288c  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:21:54.0662 0x288c  nfrd960 - ok
20:21:54.0722 0x288c  [ 262FB554D67D17D843F81820111F0A80, 69D2F9E1713AECD3D75EE97864E0DCA6B50F3AD572E6810800FF57EC08CE2E38 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.0.1.3\NIS.exe
20:21:54.0728 0x288c  NIS - ok
20:21:54.0772 0x288c  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:21:54.0794 0x288c  NlaSvc - ok
20:21:54.0805 0x288c  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:21:54.0808 0x288c  Npfs - ok
20:21:54.0816 0x288c  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
20:21:54.0818 0x288c  npsvctrig - ok
20:21:54.0826 0x288c  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
20:21:54.0829 0x288c  nsi - ok
20:21:54.0846 0x288c  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:21:54.0848 0x288c  nsiproxy - ok
20:21:54.0924 0x288c  [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:21:54.0969 0x288c  Ntfs - ok
20:21:54.0993 0x288c  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
20:21:54.0993 0x288c  Null - ok
20:21:55.0009 0x288c  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:21:55.0013 0x288c  nvraid - ok
20:21:55.0029 0x288c  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:21:55.0033 0x288c  nvstor - ok
20:21:55.0048 0x288c  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:21:55.0051 0x288c  nv_agp - ok
20:21:55.0144 0x288c  [ 5239571EC40C990C6FC4B03685D56777, DF252AF0ACB2E3792892E4589F06ECE09F4B6EECE7CCBBD0E438BBB8B7FB472C ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
20:21:55.0191 0x288c  OfficeSvc - ok
20:21:55.0237 0x288c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:21:55.0240 0x288c  ose - ok
20:21:55.0278 0x288c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:21:55.0308 0x288c  p2pimsvc - ok
20:21:55.0332 0x288c  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:21:55.0349 0x288c  p2psvc - ok
20:21:55.0370 0x288c  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
20:21:55.0374 0x288c  Parport - ok
20:21:55.0396 0x288c  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:21:55.0399 0x288c  partmgr - ok
20:21:55.0431 0x288c  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:21:55.0439 0x288c  PcaSvc - ok
20:21:55.0460 0x288c  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
20:21:55.0464 0x288c  pci - ok
20:21:55.0476 0x288c  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
20:21:55.0478 0x288c  pciide - ok
20:21:55.0503 0x288c  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:21:55.0510 0x288c  pcmcia - ok
20:21:55.0528 0x288c  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
20:21:55.0530 0x288c  pcw - ok
20:21:55.0554 0x288c  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys
20:21:55.0557 0x288c  pdc - ok
20:21:55.0600 0x288c  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:21:55.0633 0x288c  PEAUTH - ok
20:21:55.0731 0x288c  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:21:55.0735 0x288c  PerfHost - ok
20:21:55.0910 0x288c  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
20:21:55.0949 0x288c  pla - ok
20:21:55.0976 0x288c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:21:55.0978 0x288c  PlugPlay - ok
20:21:55.0987 0x288c  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:21:55.0989 0x288c  PNRPAutoReg - ok
20:21:55.0998 0x288c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:21:56.0003 0x288c  PNRPsvc - ok
20:21:56.0044 0x288c  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:21:56.0064 0x288c  PolicyAgent - ok
20:21:56.0072 0x288c  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll
20:21:56.0075 0x288c  Power - ok
20:21:56.0115 0x288c  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:21:56.0118 0x288c  PptpMiniport - ok
20:21:56.0339 0x288c  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE, 878E46E308BC3AC689CFC401BAA12D217BFB9911C29A10DB5DFFAC250A58CE55 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
20:21:56.0407 0x288c  PrintNotify - ok
20:21:56.0441 0x288c  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys
20:21:56.0444 0x288c  Processor - ok
20:21:56.0469 0x288c  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll
20:21:56.0475 0x288c  ProfSvc - ok
20:21:56.0496 0x288c  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:21:56.0499 0x288c  Psched - ok
20:21:56.0521 0x288c  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
20:21:56.0528 0x288c  QWAVE - ok
20:21:56.0547 0x288c  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:21:56.0549 0x288c  QWAVEdrv - ok
20:21:56.0559 0x288c  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:21:56.0560 0x288c  RasAcd - ok
20:21:56.0585 0x288c  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:21:56.0587 0x288c  RasAgileVpn - ok
20:21:56.0616 0x288c  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
20:21:56.0622 0x288c  RasAuto - ok
20:21:56.0636 0x288c  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:21:56.0640 0x288c  Rasl2tp - ok
20:21:56.0668 0x288c  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
20:21:56.0718 0x288c  RasMan - ok
20:21:56.0729 0x288c  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:21:56.0731 0x288c  RasPppoe - ok
20:21:56.0736 0x288c  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:21:56.0738 0x288c  RasSstp - ok
20:21:56.0765 0x288c  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:21:56.0773 0x288c  rdbss - ok
20:21:56.0803 0x288c  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
20:21:56.0804 0x288c  rdpbus - ok
20:21:56.0810 0x288c  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:21:56.0814 0x288c  RDPDR - ok
20:21:56.0840 0x288c  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:21:56.0841 0x288c  RdpVideoMiniport - ok
20:21:56.0866 0x288c  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:21:56.0870 0x288c  RDPWD - ok
20:21:56.0878 0x288c  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:21:56.0882 0x288c  rdyboost - ok
20:21:56.0912 0x288c  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:21:56.0915 0x288c  RemoteAccess - ok
20:21:56.0935 0x288c  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:21:56.0940 0x288c  RemoteRegistry - ok
20:21:56.0956 0x288c  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:21:56.0959 0x288c  RpcEptMapper - ok
20:21:56.0983 0x288c  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
20:21:56.0984 0x288c  RpcLocator - ok
20:21:57.0019 0x288c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
20:21:57.0031 0x288c  RpcSs - ok
20:21:57.0072 0x288c  [ 8EAAC43684B9DE3F1532767EEB3DCA97, 70B0383649D489875BB6C2723557A598311995A02F87270740A353705B335ACD ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
20:21:57.0077 0x288c  RSP2STOR - ok
20:21:57.0101 0x288c  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:21:57.0103 0x288c  rspndr - ok
20:21:57.0123 0x288c  [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
20:21:57.0141 0x288c  RTL8168 - ok
20:21:57.0153 0x288c  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
20:21:57.0154 0x288c  s3cap - ok
20:21:57.0172 0x288c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs           C:\Windows\system32\lsass.exe
20:21:57.0175 0x288c  SamSs - ok
20:21:57.0193 0x288c  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:21:57.0198 0x288c  sbp2port - ok
20:21:57.0236 0x288c  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:21:57.0247 0x288c  SCardSvr - ok
20:21:57.0279 0x288c  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:21:57.0281 0x288c  scfilter - ok
20:21:57.0353 0x288c  [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule        C:\Windows\system32\schedsvc.dll
20:21:57.0389 0x288c  Schedule - ok
20:21:57.0412 0x288c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:21:57.0415 0x288c  SCPolicySvc - ok
20:21:57.0440 0x288c  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
20:21:57.0444 0x288c  sdbus - ok
20:21:57.0476 0x288c  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:21:57.0480 0x288c  SDRSVC - ok
20:21:57.0498 0x288c  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
20:21:57.0500 0x288c  sdstor - ok
20:21:57.0515 0x288c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:21:57.0516 0x288c  secdrv - ok
20:21:57.0522 0x288c  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
20:21:57.0524 0x288c  seclogon - ok
20:21:57.0531 0x288c  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
20:21:57.0534 0x288c  SENS - ok
20:21:57.0545 0x288c  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:21:57.0551 0x288c  SensrSvc - ok
20:21:57.0568 0x288c  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
20:21:57.0569 0x288c  SerCx - ok
20:21:57.0584 0x288c  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
20:21:57.0585 0x288c  Serenum - ok
20:21:57.0589 0x288c  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
20:21:57.0592 0x288c  Serial - ok
20:21:57.0595 0x288c  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
20:21:57.0596 0x288c  sermouse - ok
20:21:57.0612 0x288c  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:21:57.0619 0x288c  SessionEnv - ok
20:21:57.0623 0x288c  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
20:21:57.0623 0x288c  sfloppy - ok
20:21:57.0649 0x288c  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:21:57.0658 0x288c  SharedAccess - ok
20:21:57.0704 0x288c  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:21:57.0715 0x288c  ShellHWDetection - ok
20:21:57.0729 0x288c  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:21:57.0731 0x288c  SiSRaid2 - ok
20:21:57.0746 0x288c  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:21:57.0749 0x288c  SiSRaid4 - ok
20:21:57.0777 0x288c  [ 0055CEA831410FDC6466285E1F7CFDC2, 756A6AE1011C51196FADEE122F6B33A631E89524071829D26C0CFDF37FD0E6CB ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
20:21:57.0779 0x288c  SmbDrv - ok
20:21:57.0803 0x288c  [ 295DEA82E1247F3D705700C990F28452, A341419DF1486662FE0BF11F551FE7DC6E71648C0106F9C9719B015D57E5E97B ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
20:21:57.0804 0x288c  SmbDrvI - ok
20:21:57.0832 0x288c  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:21:57.0834 0x288c  SNMPTRAP - ok
20:21:57.0870 0x288c  [ FD3AF5575B99871BADB94E7699DBCE08, 847A78C1388683984AFA7D00B7C7F8741BC1DFBF4999AAD1E2EFC22D3C316846 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
20:21:57.0882 0x288c  spaceport - ok
20:21:57.0915 0x288c  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
20:21:57.0917 0x288c  SpbCx - ok
20:21:57.0956 0x288c  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
20:21:57.0978 0x288c  Spooler - ok
20:21:58.0130 0x288c  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe
20:21:58.0265 0x288c  sppsvc - ok
20:21:58.0347 0x288c  [ 5BFBC7278A8CD8F4E0A28D5C862197E1, BF62C0665E6CC8FC61CAD52C94E143F404B1DA4FE6A6D2C40206C420B6391A5D ] SRTSP           C:\Windows\system32\drivers\NISx64\1500010.003\SRTSP64.SYS
20:21:58.0385 0x288c  SRTSP - ok
20:21:58.0403 0x288c  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\Windows\system32\drivers\NISx64\1500010.003\SRTSPX64.SYS
20:21:58.0418 0x288c  SRTSPX - ok
20:21:58.0446 0x288c  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:21:58.0464 0x288c  srv - ok
20:21:58.0502 0x288c  [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:21:58.0520 0x288c  srv2 - ok
20:21:58.0547 0x288c  [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:21:58.0553 0x288c  srvnet - ok
20:21:58.0582 0x288c  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:21:58.0591 0x288c  SSDPSRV - ok
20:21:58.0611 0x288c  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:21:58.0615 0x288c  SstpSvc - ok
20:21:58.0687 0x288c  [ 098185E9B7C417CF7480BB9F839DB652, 5573CB98057DC2F01E8958780165A32AFD08E4C768F5625250628CB8A4C509D3 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
20:21:58.0700 0x288c  STacSV - ok
20:21:58.0733 0x288c  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:21:58.0734 0x288c  stexstor - ok
20:21:58.0759 0x288c  [ 32BE0B7CCA47A5BE30E7E43DC54B54F3, D4667E88E14393311F93D787C902B993B9451A94D332A65B0E22A8C40C3DFF44 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
20:21:58.0768 0x288c  STHDA - ok
20:21:58.0806 0x288c  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
20:21:58.0818 0x288c  stisvc - ok
20:21:58.0845 0x288c  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys
20:21:58.0848 0x288c  storahci - ok
20:21:58.0864 0x288c  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
20:21:58.0865 0x288c  storflt - ok
20:21:58.0887 0x288c  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
20:21:58.0889 0x288c  StorSvc - ok
20:21:58.0910 0x288c  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:21:58.0912 0x288c  storvsc - ok
20:21:58.0929 0x288c  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
20:21:58.0931 0x288c  svsvc - ok
20:21:58.0938 0x288c  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
20:21:58.0939 0x288c  swenum - ok
20:21:59.0065 0x288c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:21:59.0099 0x288c  SwitchBoard - ok
20:21:59.0134 0x288c  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
20:21:59.0161 0x288c  swprv - ok
20:21:59.0191 0x288c  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\NISx64\1500010.003\SYMDS64.SYS
20:21:59.0212 0x288c  SymDS - ok
20:21:59.0247 0x288c  [ B12034EFC73DE70042A110B314802740, 47FD810FD22AF2D76299810101F0CCF497032E91DE37ACF6E09858F77BF49C16 ] SymEFA          C:\Windows\system32\drivers\NISx64\1500010.003\SYMEFA64.SYS
20:21:59.0282 0x288c  SymEFA - ok
20:21:59.0296 0x288c  [ 20F758E6339A16F97DD83389D582E09A, 837016154B7952B645B5545AEB8E2A8878EFA8674E6B96471C3DB5E458B06960 ] SymELAM         C:\Windows\system32\drivers\NISx64\1500010.003\SymELAM.sys
20:21:59.0298 0x288c  SymELAM - ok
20:21:59.0328 0x288c  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:21:59.0331 0x288c  SymEvent - ok
20:21:59.0355 0x288c  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\Windows\system32\drivers\NISx64\1500010.003\Ironx64.SYS
20:21:59.0360 0x288c  SymIRON - ok
20:21:59.0406 0x288c  [ FF06138CA54AA969F886D5590F4ECD6D, 6295465E63E1671AEED67CDBB03473C7D7606EB47C6FE84540635696806FB684 ] SymNetS         C:\Windows\system32\drivers\NISx64\1500010.003\SYMNETS.SYS
20:21:59.0417 0x288c  SymNetS - ok
20:21:59.0440 0x288c  [ B6A2B49028C45A2B5322DD638FE7BE5F, 364520A666FDB11677DF4E95F8C6084D0312321E26BF07BFA4948477A6CC2285 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:21:59.0448 0x288c  SynTP - ok
20:21:59.0496 0x288c  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\Windows\system32\sysmain.dll
20:21:59.0530 0x288c  SysMain - ok
20:21:59.0560 0x288c  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:21:59.0564 0x288c  SystemEventsBroker - ok
20:21:59.0583 0x288c  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
20:21:59.0586 0x288c  TabletInputService - ok
20:21:59.0611 0x288c  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:21:59.0618 0x288c  TapiSrv - ok
20:21:59.0727 0x288c  [ 1794C43A000A47D92B3304FC1E3E512A, 5599B11EC63BB4BDD0486BDF06D913EEECCF6E2955AEC814619EAAA3CBBF22E4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:21:59.0783 0x288c  Tcpip - ok
20:21:59.0827 0x288c  [ 1794C43A000A47D92B3304FC1E3E512A, 5599B11EC63BB4BDD0486BDF06D913EEECCF6E2955AEC814619EAAA3CBBF22E4 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:21:59.0854 0x288c  TCPIP6 - ok
20:21:59.0877 0x288c  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:21:59.0879 0x288c  tcpipreg - ok
20:21:59.0890 0x288c  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:21:59.0893 0x288c  tdx - ok
20:21:59.0909 0x288c  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
20:21:59.0910 0x288c  terminpt - ok
20:21:59.0951 0x288c  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll
20:21:59.0973 0x288c  TermService - ok
20:21:59.0989 0x288c  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
20:21:59.0992 0x288c  Themes - ok
20:22:00.0018 0x288c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:22:00.0020 0x288c  THREADORDER - ok
20:22:00.0045 0x288c  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
20:22:00.0050 0x288c  TimeBroker - ok
20:22:00.0075 0x288c  [ 6F0BFF80EE2A5BC841286A51F893CBAD, 79C58352002D9E3274170B6933FE3600F7C74E9DDB38C74805C42C53ADD35F28 ] TPM             C:\Windows\system32\drivers\tpm.sys
20:22:00.0079 0x288c  TPM - ok
20:22:00.0102 0x288c  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
20:22:00.0105 0x288c  TrkWks - ok
20:22:00.0173 0x288c  [ 6BFB75B76411CC57A72FCC1D0201E166, 8F3A97E7651501F58018EB6081178B2A05ADFBF48C6126E0176FE231A261893E ] TrueService     C:\Program Files\Common Files\AuthenTec\TrueService.exe
20:22:00.0207 0x288c  TrueService - ok
20:22:00.0248 0x288c  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:22:00.0252 0x288c  TrustedInstaller - ok
20:22:00.0295 0x288c  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:22:00.0299 0x288c  TsUsbFlt - ok
20:22:00.0315 0x288c  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
20:22:00.0331 0x288c  TsUsbGD - ok
20:22:00.0352 0x288c  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:22:00.0360 0x288c  tunnel - ok
20:22:00.0382 0x288c  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:22:00.0386 0x288c  uagp35 - ok
20:22:00.0396 0x288c  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
20:22:00.0401 0x288c  UASPStor - ok
20:22:00.0434 0x288c  [ 4834158B8D06A153FADAB6B85320FBBE, 55D78600A9D2E02AA19A1840484E03B5DFF39BF5DA06834A0CCF531D5B623BED ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
20:22:00.0442 0x288c  UCX01000 - ok
20:22:00.0483 0x288c  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:22:00.0491 0x288c  udfs - ok
20:22:00.0518 0x288c  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:22:00.0521 0x288c  UI0Detect - ok
20:22:00.0550 0x288c  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:22:00.0554 0x288c  uliagpkx - ok
20:22:00.0575 0x288c  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
20:22:00.0579 0x288c  umbus - ok
20:22:00.0596 0x288c  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
20:22:00.0597 0x288c  UmPass - ok
20:22:00.0613 0x288c  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:22:00.0619 0x288c  UmRdpService - ok
20:22:00.0668 0x288c  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:22:00.0674 0x288c  UNS - ok
20:22:00.0718 0x288c  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
20:22:00.0785 0x288c  upnphost - ok
20:22:00.0808 0x288c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
20:22:00.0812 0x288c  USBAAPL64 - ok
20:22:00.0829 0x288c  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B, AADB8991174CCDA3ADE14AF3EFB3A9826EC17A0F989F449FF43010A99D8CAA1F ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
20:22:00.0835 0x288c  usbccgp - ok
20:22:00.0863 0x288c  [ B395B62B62F28106218FA6FB17F4C797, 231CA3512B02BBE70E630A6304E899BCB741CE411FB10C2B3DE48E52034F24BB ] usbcir          C:\Windows\System32\drivers\usbcir.sys
20:22:00.0868 0x288c  usbcir - ok
20:22:00.0882 0x288c  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86, 93E2CC1D4A56A3BBDD85020A8F4AD1B9B119953DB83A155C56D667924D5D8A02 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
20:22:00.0886 0x288c  usbehci - ok
20:22:00.0926 0x288c  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE, 4B73F96CD6526439983462CC19D092C92B5FBEAFB37DF6E34A1DAEE9985210E0 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
20:22:00.0945 0x288c  usbhub - ok
20:22:00.0966 0x288c  [ EA040D4C6C94F315A85F3D0EAA884B37, 7A222CD59117CB2AACF1D9BD2A2A4C1B1AC5EEDCBFDB13B722469BA2D81F4901 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
20:22:00.0979 0x288c  USBHUB3 - ok
20:22:00.0997 0x288c  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
20:22:00.0999 0x288c  usbohci - ok
20:22:01.0017 0x288c  [ BA3ABE0CD1C14B3295BAD0F076B84CAC, 19E0679D44A9BD9DDCC336C7DE784147D6CFC3DE4250D5CA31CE49867D51A414 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
20:22:01.0019 0x288c  usbprint - ok
20:22:01.0038 0x288c  [ A9858597B6DB695F78A37F6755A6FF98, 0EEB217E62105927657FCCF9DC557EFA6FA6AB2A44C1BC50E5C3A894800C1B27 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:22:01.0040 0x288c  usbscan - ok
20:22:01.0058 0x288c  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
20:22:01.0061 0x288c  USBSTOR - ok
20:22:01.0074 0x288c  [ D25EF4A6EC244C5DE85D88A05B7C149D, A08793945D5FDC2CCCB2C621853A69941F1A108DF6CB559F3E8A21A047A8CCB3 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
20:22:01.0075 0x288c  usbuhci - ok
20:22:01.0090 0x288c  [ 09799E701B4327097E9F63D3FE221083, CF2B97D5B3D434D8E5547B2A86771C69A6F7F4857CAD70865B50462A04A27A48 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:22:01.0094 0x288c  usbvideo - ok
20:22:01.0117 0x288c  [ 1ADCF0A490C2845637B334626669CD6F, 7B49B491E2328A6969FAEA12B8D74C27F2671C9B2DC60294A2B8B431BAB1C176 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
20:22:01.0124 0x288c  USBXHCI - ok
20:22:01.0144 0x288c  [ 49F2693BC3D821FA13AD6E7D5C5FEAFF, E0E109CAB6B19C77A870C5A0D8A99769F5B99C19C2E35A0615D91F87B25229A3 ] valWBFPolicyService C:\Windows\system32\valWBFPolicyService.exe
20:22:01.0146 0x288c  valWBFPolicyService - ok
20:22:01.0157 0x288c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc        C:\Windows\system32\lsass.exe
20:22:01.0158 0x288c  VaultSvc - ok
20:22:01.0178 0x288c  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:22:01.0179 0x288c  vdrvroot - ok
20:22:01.0211 0x288c  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\Windows\System32\vds.exe
20:22:01.0231 0x288c  vds - ok
20:22:01.0245 0x288c  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
20:22:01.0248 0x288c  VerifierExt - ok
20:22:01.0346 0x288c  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
20:22:01.0356 0x288c  vhdmp - ok
20:22:01.0378 0x288c  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:22:01.0380 0x288c  viaide - ok
20:22:01.0397 0x288c  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:22:01.0400 0x288c  vmbus - ok
20:22:01.0409 0x288c  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
20:22:01.0411 0x288c  VMBusHID - ok
20:22:01.0441 0x288c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
20:22:01.0448 0x288c  vmicheartbeat - ok
20:22:01.0455 0x288c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:22:01.0460 0x288c  vmickvpexchange - ok
20:22:01.0468 0x288c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
20:22:01.0473 0x288c  vmicrdv - ok
20:22:01.0481 0x288c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
20:22:01.0486 0x288c  vmicshutdown - ok
20:22:01.0493 0x288c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
20:22:01.0498 0x288c  vmictimesync - ok
20:22:01.0506 0x288c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
20:22:01.0511 0x288c  vmicvss - ok
20:22:01.0522 0x288c  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:22:01.0524 0x288c  volmgr - ok
20:22:01.0533 0x288c  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:22:01.0540 0x288c  volmgrx - ok
20:22:01.0565 0x288c  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:22:01.0571 0x288c  volsnap - ok
20:22:01.0581 0x288c  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
20:22:01.0583 0x288c  vpci - ok
20:22:01.0608 0x288c  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:22:01.0826 0x288c  vsmraid - ok
20:22:02.0006 0x288c  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\Windows\system32\vssvc.exe
20:22:02.0033 0x288c  VSS - ok
20:22:02.0049 0x288c  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
20:22:02.0056 0x288c  VSTXRAID - ok
20:22:02.0069 0x288c  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:22:02.0071 0x288c  vwifibus - ok
20:22:02.0077 0x288c  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:22:02.0079 0x288c  vwififlt - ok
20:22:02.0124 0x288c  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:22:02.0125 0x288c  vwifimp - ok
20:22:02.0166 0x288c  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
20:22:02.0190 0x288c  W32Time - ok
20:22:02.0204 0x288c  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
20:22:02.0207 0x288c  WacomPen - ok
20:22:02.0237 0x288c  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:22:02.0240 0x288c  Wanarp - ok
20:22:02.0245 0x288c  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:22:02.0247 0x288c  Wanarpv6 - ok
20:22:02.0301 0x288c  [ 901CC968412F8155B08D7ABE0171166A, D05A8E3D4D159546394E902C618D0583FE497B51C8F1C86D8E3B9E046819DD53 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
20:22:02.0315 0x288c  WAS - ok
20:22:02.0392 0x288c  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
20:22:02.0434 0x288c  wbengine - ok
20:22:02.0456 0x288c  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:22:02.0464 0x288c  WbioSrvc - ok
20:22:02.0488 0x288c  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
20:22:02.0494 0x288c  Wcmsvc - ok
20:22:02.0514 0x288c  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:22:02.0525 0x288c  wcncsvc - ok
20:22:02.0579 0x288c  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:22:02.0585 0x288c  WcsPlugInService - ok
20:22:02.0612 0x288c  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
20:22:02.0614 0x288c  Wd - ok
20:22:02.0638 0x288c  [ FD47DF026B32969B8A68721A0243E8EE, 57A7B9B40CEDADFB023AEDD9F29869F1B93EA2596F47B5DDC233D57FC585CCE1 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
20:22:02.0640 0x288c  WdBoot - ok
20:22:02.0658 0x288c  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\System32\drivers\wdcsam64.sys
20:22:02.0659 0x288c  WDC_SAM - ok
20:22:02.0704 0x288c  [ 2ADC985B85A71BD7D99712EC0C24358B, 22B2BAC79BBA83271AC23EA14E4EB1101F1F570691EBE68A43C0D74D1A3E8D23 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:22:02.0749 0x288c  Wdf01000 - ok
20:22:02.0764 0x288c  [ 5F425D842DD6ADE9F95A51A0616AFAD7, 807B8E6A4FE443A362076C225F588A8C897CFE24A6367F4D461C8F6D3EF004C5 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
20:22:02.0769 0x288c  WdFilter - ok
20:22:02.0785 0x288c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:22:02.0788 0x288c  WdiServiceHost - ok
20:22:02.0792 0x288c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:22:02.0795 0x288c  WdiSystemHost - ok
20:22:02.0806 0x288c  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6 ] WebClient       C:\Windows\System32\webclnt.dll
20:22:02.0811 0x288c  WebClient - ok
20:22:02.0827 0x288c  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:22:02.0832 0x288c  Wecsvc - ok
20:22:02.0844 0x288c  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:22:02.0848 0x288c  wercplsupport - ok
20:22:02.0880 0x288c  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:22:02.0883 0x288c  WerSvc - ok
20:22:02.0912 0x288c  [ 3F1F31883EAC9DDDF836ACC6D1DAC36C, E5FC02104DC629A915026010833FE0D15051329FB91ECB4DF923FDA344EC5017 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
20:22:02.0914 0x288c  WFPLWFS - ok
20:22:02.0934 0x288c  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
20:22:02.0937 0x288c  WiaRpc - ok
20:22:02.0960 0x288c  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:22:02.0961 0x288c  WIMMount - ok
20:22:02.0985 0x288c  WinDefend - ok
20:22:03.0019 0x288c  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:22:03.0036 0x288c  WinHttpAutoProxySvc - ok
20:22:03.0082 0x288c  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:22:03.0090 0x288c  Winmgmt - ok
20:22:03.0191 0x288c  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:22:03.0278 0x288c  WinRM - ok
20:22:03.0309 0x288c  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\Windows\System32\drivers\WinUSB.sys
20:22:03.0310 0x288c  WinUsb - ok
20:22:03.0335 0x288c  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
20:22:03.0336 0x288c  WirelessButtonDriver - ok
20:22:03.0389 0x288c  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll
20:22:03.0423 0x288c  WlanSvc - ok
20:22:03.0525 0x288c  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
20:22:03.0573 0x288c  wlidsvc - ok
20:22:03.0593 0x288c  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
20:22:03.0594 0x288c  WmiAcpi - ok
20:22:03.0615 0x288c  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:22:03.0619 0x288c  wmiApSrv - ok
20:22:03.0640 0x288c  WMPNetworkSvc - ok
20:22:03.0653 0x288c  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
20:22:03.0654 0x288c  wpcfltr - ok
20:22:03.0681 0x288c  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:22:03.0684 0x288c  WPCSvc - ok
20:22:03.0708 0x288c  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:22:03.0711 0x288c  WPDBusEnum - ok
20:22:03.0717 0x288c  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
20:22:03.0719 0x288c  WpdUpFltr - ok
20:22:03.0748 0x288c  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:22:03.0750 0x288c  ws2ifsl - ok
20:22:03.0780 0x288c  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:22:03.0784 0x288c  wscsvc - ok
20:22:03.0786 0x288c  WSearch - ok
20:22:03.0879 0x288c  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\Windows\System32\WSService.dll
20:22:03.0942 0x288c  WSService - ok
20:22:04.0066 0x288c  [ 9DEC60D4783377097014DFCCA31E69F8, 541E1BD568965A3AD01CFCE866C5DA75BAA694486358F60066E643ECD4D53026 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:22:04.0170 0x288c  wuauserv - ok
20:22:04.0186 0x288c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:22:04.0189 0x288c  WudfPf - ok
20:22:04.0195 0x288c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
20:22:04.0199 0x288c  WUDFRd - ok
20:22:04.0212 0x288c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
20:22:04.0215 0x288c  WUDFSensorLP - ok
20:22:04.0231 0x288c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:22:04.0235 0x288c  wudfsvc - ok
20:22:04.0241 0x288c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
20:22:04.0244 0x288c  WUDFWpdFs - ok
20:22:04.0249 0x288c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
20:22:04.0252 0x288c  WUDFWpdMtp - ok
20:22:04.0292 0x288c  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:22:04.0301 0x288c  WwanSvc - ok
20:22:04.0307 0x288c  ================ Scan global ===============================
20:22:04.0353 0x288c  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
20:22:04.0379 0x288c  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
20:22:04.0407 0x288c  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
20:22:04.0441 0x288c  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
20:22:04.0449 0x288c  [ Global ] - ok
20:22:04.0450 0x288c  ================ Scan MBR ==================================
20:22:04.0463 0x288c  [ A78C646DB8D284B9C54ED366B2CA860E ] \Device\Harddisk0\DR0
20:22:04.0497 0x288c  \Device\Harddisk0\DR0 - ok
20:22:04.0837 0x288c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
20:22:04.0846 0x288c  \Device\Harddisk1\DR3 - ok
20:22:04.0862 0x288c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR5
20:22:04.0871 0x288c  \Device\Harddisk3\DR5 - ok
20:22:04.0872 0x288c  ================ Scan VBR ==================================
20:22:04.0876 0x288c  [ 418647E0E8B4418BF09A432EF4B597D8 ] \Device\Harddisk0\DR0\Partition1
20:22:04.0878 0x288c  \Device\Harddisk0\DR0\Partition1 - ok
20:22:04.0894 0x288c  [ EA8507D7D6993F02E0D4207B148AC038 ] \Device\Harddisk0\DR0\Partition2
20:22:04.0895 0x288c  \Device\Harddisk0\DR0\Partition2 - ok
20:22:04.0903 0x288c  [ 131DC1E5AF18F03F55A4A6E2D92FF589 ] \Device\Harddisk0\DR0\Partition3
20:22:04.0903 0x288c  \Device\Harddisk0\DR0\Partition3 - ok
20:22:04.0913 0x288c  [ 746A20D5B14722D58DD3015EB7B1F61E ] \Device\Harddisk0\DR0\Partition4
20:22:04.0915 0x288c  \Device\Harddisk0\DR0\Partition4 - ok
20:22:04.0946 0x288c  [ D658793DD90B53E7AD91AF431B346211 ] \Device\Harddisk0\DR0\Partition5
20:22:04.0948 0x288c  \Device\Harddisk0\DR0\Partition5 - ok
20:22:04.0963 0x288c  [ 200301C2E642922E961C5843EF023029 ] \Device\Harddisk1\DR3\Partition1
20:22:04.0965 0x288c  \Device\Harddisk1\DR3\Partition1 - ok
20:22:04.0971 0x288c  [ 82080E67CD95CB0FF553A066C3997D73 ] \Device\Harddisk3\DR5\Partition1
20:22:04.0972 0x288c  \Device\Harddisk3\DR5\Partition1 - ok
20:22:04.0973 0x288c  Waiting for KSN requests completion. In queue: 84
20:22:05.0974 0x288c  Waiting for KSN requests completion. In queue: 84
20:22:06.0974 0x288c  Waiting for KSN requests completion. In queue: 84
20:22:08.0053 0x288c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.215.0 ), 0x60100 ( disabled : updated )
20:22:08.0054 0x288c  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.0.1.3\WSCStub.exe ( 21.0.0.0 ), 0x51000 ( enabled : updated )
20:22:08.0061 0x288c  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.0.1.3\WSCStub.exe ( 21.0.0.0 ), 0x51010 ( enabled )
20:22:10.0635 0x288c  ============================================================
20:22:10.0635 0x288c  Scan finished
20:22:10.0635 0x288c  ============================================================
20:22:10.0649 0x2b78  Detected object count: 0
20:22:10.0649 0x2b78  Actual detected object count: 0
20:22:36.0499 0x531c  Deinitialize success
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 8 x64
Ran by Raven on Thu 10/03/2013 at 20:24:09.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0D5C3E8F-FADB-48EF-9062-F5F403A33724}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0D5C3E8F-FADB-48EF-9062-F5F403A33724}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Program Files (x86)\winzip registry optimizer"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/03/2013 at 20:29:14.58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 


#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:11 PM

Posted 03 October 2013 - 11:15 PM

Successfully deleted: [Folder] "C:\Program Files (x86)\winzip registry optimizer"

This is from the JRT report - Is the problem still the same ?

Were you able to find, and uninstall, WinZip Registry Optimizer in your Programs listing ?

 

Was there any report from ESET OnlineScan, as you did not post one ?

 

From what I can find, the program downloads with other programs that you access and download. It is rare to access and download this alone -



#8 ravinraven

ravinraven
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 04 October 2013 - 12:22 AM

Yes, I did see it in the program list and uninstall it from there. 

I actually did post the report from the ESET scanner, it was this portion:

 

C:\$RECYCLE.BIN\S-1-5-21-1700486852-3696285857-2906863227-1001\$ROI5DSS.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
C:\Program Files\Sony\Vegas Pro 12.0\vegas.pro.12.-patch.exe a variant of Win32/HackTool.Patcher.AD application cleaned by deleting - quarantined
C:\Users\Raven\Downloads\Sony Vegas Pro 12 Build 367 (64 bit patch-KHG) [ChingLiu]\patch - KHG\vegas.pro.12.-patch.exe a variant of Win32/HackTool.Patcher.AD application cleaned by deleting - quarantined
 
 
And yes, I'm nearly positive that this happened when I downloaded utorrent, I just wasn't sure how to get rid of it.


#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:11 PM

Posted 04 October 2013 - 01:21 AM

Thank you, and sorry that I missed it -

 

Do you still have Sony Vegas Pro installed, or was this fully removed by the Scanner as an infection ?
I thought the Update / Patch was not fully legal as MBAM picked it out.

 

If you have not yet done it yet, please re run MBAM to be sure you remove all found items then reboot.
The last scan you posted did not remove it, but just identified it.

It can be removed if it still exists in MBAM scans.
> C:\Program Files\Sony\Vegas Pro 12.0\vegas.pro.12.-patch.exe (PUP.RiskwareTool.CK) -> No action taken. <

 

These Torrent programs are very risky, where one person may use it for several years without any problems, but the next person that uses it will be infected with some unknown item the next day.

 

Is your iTunes running better, since there were about 10 items in your first scans that showed it was failing.

 

I am lucky that I need to research these items and I run several Antimalware programs after I finish.

 

Also ESET scanner is good to run once a month to clean up minor items that your Antivirus may miss.

 

Do you now feel safer, and is the computer running "normally" ?

 

Regards -



#10 ravinraven

ravinraven
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 07 October 2013 - 04:10 PM

No, I didn't removed Sony Vegas. It's not entirely legal but I need it for a project. I understand that may be a risk, but I'm nearly 100% certain this thing can from my download of utorrent and not Vegas. Things do appear to be running normally though and I haven't seen the program pop up since. Thank you!

 

As for itunes, I couldn't say. I hardly use it :-p


Edited by ravinraven, 07 October 2013 - 04:11 PM.


#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:11 PM

Posted 07 October 2013 - 04:58 PM

Yes, I do understand that some prgrams are easier to access via Torrent sites, but remember that this is where over 50% of infections will exist. (Just take care).

 

Also, as you have Norton Internet Security running you can disable Windows Defender (unless done now)

Defender is automatically activated on Windows 8 systems -

 

Disabling the Defender using Windows Services is pretty simple:
Step 1: Launch the Start Menu and search for Services under the Settings tab and click on View local services to launch Windows Services.
Step 2: Look for the service name Windows Defender Service and stop it by right-clicking it.
Step 3: Now double-click on the same service to open the Property window and select disable in the Startup Type dropdown list and save the settings.
Your Windows 8 defender will now be disabled permanently, and you can go ahead and install a different antivirus.
 

This is just to avoid running 2 Antivirus programs beside each other -

 

Thanks -

If you need more help in the next week, just post back here and I will keep an eye on the topic.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users