Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer freezing randomly, viruses found


  • This topic is locked This topic is locked
9 replies to this topic

#1 darkritual

darkritual

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 19 November 2013 - 10:50 PM

A couple weeks ago, my computer started being extremely slow and freezing randomly.

Today, I scanned it with Malwarebytes and found a couple viruses.
I figured, if Malwarebytes found a few viruses, there's most likely more to be found.

So, I was wondering if someone could help me clean my computer.
Oh and also, task manager is telling me my hard drive is currently writing at full capacity while i'm not performing any tasks which is quite strange.

Here's MBAM's log

 

 

Malwarebytes Anti-Malware (PRO) 1.60.0.1800
www.malwarebytes.org

Database version: v2013.11.19.12

Windows 7 x64 NTFS
Internet Explorer 9.10.9200.16736
Dark :: XXDARKSHADOWXX [administrator]

Protection: Enabled

11/19/2013 6:29:31 PM
mbam-log-2013-11-19 (18-29-31).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 510141
Time elapsed: 1 hour(s), 18 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CSCRIPT.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Windows\KJ\KJ_Remover\KJ_Remover.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
C:\Windows\KJ\KJ_Starter\KJ_Starter.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
C:\Windows\WinSxS\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.2.9200.16384_none_a131fa7a8a1e2772\cscript.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\WinSxS\Backup\x86_microsoft-windows-atl_31bf3856ad364e35_6.2.9200.16384_none_a7cb4ba72b1931a8_atl.dll_0c7220db (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Windows\WinSxS\x86_microsoft-windows-atl_31bf3856ad364e35_6.2.9200.16384_none_a7cb4ba72b1931a8\atl.dll (Trojan.FakeMS) -> Quarantined and deleted successfully.

(end)


Edited by darkritual, 19 November 2013 - 11:04 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:22 AM

Posted 20 November 2013 - 12:27 PM

Hello darkritual, I need you to consider this first.

One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 darkritual

darkritual
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 20 November 2013 - 12:43 PM

Back when i installed Windows, I also installed Ubuntu on a separate hard drive just so i could buy stuff online securely.
And even if Ubuntu was infected as well, it wouldn't really matter because i always use prepaid credit cards.


Edited by darkritual, 20 November 2013 - 12:48 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:22 AM

Posted 20 November 2013 - 12:53 PM

Ok, fair enough.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 darkritual

darkritual
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 20 November 2013 - 04:03 PM

MiniToolBox

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Dark (administrator) on 20-11-2013 at 13:04:35
Running from "C:\Users\Dark\Downloads"
Microsoft Windows 8 Pro  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1        help.ea.com
# Adobe Tool v3.4 Beta: 20/10/2013 04:39:59.
127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com
127.0.0.1 adobeereg.com crl.verisign.net ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com
127.0.0.1 lm.licenses.adobe.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa practivate.adobe.ntp
127.0.0.1 wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip60.adobe.com www.adobeereg.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com
127.0.0.1       csc3-2010-crl.verisign.com
127.0.0.1       ocsp.verisign.com
127.0.0.1       crl.verisign.com
127.0.0.1        download.dm.origin.com
127.0.0.1        secure.download.dm.origin.com
127.0.0.1        loginregistration.dm.origin.com
127.0.0.1        achievements.gameservices.ea.com
127.0.0.1        friends.dm.origin.com
127.0.0.1        avatar.dm.origin.com
127.0.0.1        ecommerce.dm.origin.com
127.0.0.1        static.cdn.ea.com
127.0.0.1        tealium.hs.llnwd.net
127.0.0.1        heartbeat.dm.origin.com
127.0.0.1        web.dm.origin.com
127.0.0.1        store.origin.com
127.0.0.1        ec2-54-243-231-82.compute-1.amazonaws.com
127.0.0.1        eaassets-a.akamaihd.net
127.0.0.1        ssl.resources.ea.com
127.0.0.1        akamai.cdn.ea.com

There are 27 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : xXDarkShadowXx
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : C8-60-00-5A-DC-0E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c484:c8ee:335d:3d48%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, November 20, 2013 12:09:15 PM
   Lease Expires . . . . . . . . . . : Thursday, November 21, 2013 12:09:16 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 264790016
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-98-28-3F-C8-60-00-5A-DC-0E
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       24.200.243.189
                                       24.200.210.241
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B44A6894-BA9B-4703-9177-D9C7FDD761B0}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:885:3e12:3f57:fe9b(Preferred)
   Link-local IPv6 Address . . . . . : fe80::885:3e12:3f57:fe9b%14(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4004:800::1008
      74.125.228.9
      74.125.228.1
      74.125.228.6
      74.125.228.2
      74.125.228.0
      74.125.228.14
      74.125.228.4
      74.125.228.5
      74.125.228.3
      74.125.228.7
      74.125.228.8


Pinging google.com [74.125.228.8] with 32 bytes of data:
Reply from 74.125.228.8: bytes=32 time=44ms TTL=54
Reply from 74.125.228.8: bytes=32 time=43ms TTL=54

Ping statistics for 74.125.228.8:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 43ms, Maximum = 44ms, Average = 43ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=129ms TTL=51
Reply from 206.190.36.45: bytes=32 time=132ms TTL=51

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 129ms, Maximum = 132ms, Average = 130ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=13ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 5ms, Maximum = 13ms, Average = 9ms
===========================================================================
Interface List
 12...c8 60 00 5a dc 0e ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    276
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 14    306 2001::/32                On-link
 14    306 2001:0:9d38:6ab8:885:3e12:3f57:fe9b/128
                                    On-link
 12    276 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::885:3e12:3f57:fe9b/128
                                    On-link
 12    276 fe80::c484:c8ee:335d:3d48/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/20/2013 00:10:34 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/20/2013 00:10:32 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/20/2013 11:56:07 AM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/20/2013 11:56:04 AM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/20/2013 00:14:43 AM) (Source: Application Error) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.0.0, time stamp: 0x523f7ac4
Faulting module name: vlc.exe, version: 2.1.0.0, time stamp: 0x523f7ac4
Exception code: 0xc0000005
Fault offset: 0x00003563
Faulting process id: 0x828
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3
Faulting package full name: vlc.exe4
Faulting package-relative application ID: vlc.exe5

Error: (11/19/2013 09:39:21 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/19/2013 09:35:52 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/19/2013 06:16:28 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/19/2013 06:16:26 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/19/2013 11:31:21 AM) (Source: Application Error) (User: )
Description: Faulting application name: HD-LogRotator.exe, version: 0.0.0.0, time stamp: 0x523aa956
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16451, time stamp: 0x50988950
Exception code: 0xe0434f4d
Fault offset: 0x00014b32
Faulting process id: 0x%9
Faulting application start time: 0xHD-LogRotator.exe0
Faulting application path: HD-LogRotator.exe1
Faulting module path: HD-LogRotator.exe2
Report Id: HD-LogRotator.exe3
Faulting package full name: HD-LogRotator.exe4
Faulting package-relative application ID: HD-LogRotator.exe5


System errors:
=============
Error: (11/20/2013 00:11:44 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (11/20/2013 00:08:55 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (11/20/2013 00:09:11 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:55:10 AM on ?11/?20/?2013 was unexpected.

Error: (11/20/2013 00:01:29 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/20/2013 11:57:26 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (11/20/2013 11:54:21 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (11/20/2013 05:39:42 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/19/2013 09:37:31 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (11/19/2013 09:35:05 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (11/19/2013 06:18:10 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (11/20/2013 00:10:34 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/20/2013 00:10:32 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/20/2013 11:56:07 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/20/2013 11:56:04 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/20/2013 00:14:43 AM) (Source: Application Error)(User: )
Description: vlc.exe2.1.0.0523f7ac4vlc.exe2.1.0.0523f7ac4c00000050000356382801cee5af5d6b65dbC:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Program Files (x86)\VideoLAN\VLC\vlc.exea9ce3b8f-51a2-11e3-bee0-c860005adc0e

Error: (11/19/2013 09:39:21 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/19/2013 09:35:52 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/19/2013 06:16:28 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/19/2013 06:16:26 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/19/2013 11:31:21 AM) (Source: Application Error)(User: )
Description: HD-LogRotator.exe0.0.0.0523aa956KERNELBASE.dll6.2.9200.1645150988950e0434f4d00014b32


=========================== Installed Programs ============================

µTorrent (Version: 3.3.2.30303)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Photoshop CS6 (Version: 13.0)
avast! Internet Security (Version: 9.0.2008)
Bandwidth Monitor
Build Tools - amd64 (Version: 12.0.21005)
Build Tools - x86 (Version: 12.0.21005)
Build Tools Language Resources - amd64 (Version: 12.0.21005)
Build Tools Language Resources - x86 (Version: 12.0.21005)
CCleaner (Version: 4.07)
CodeBlocks (Version: 12.11)
DAEMON Tools Lite (Version: 4.47.1.0337)
Defraggler (Version: 2.16)
Entity Framework Tools for Visual Studio 2013 (Version: 12.0.20912.0)
f.lux
Google Update Helper (Version: 1.3.21.165)
Governor of Poker 2 (Version: 1.0)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Magic 2014
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (Version: 4.5.50710)
Microsoft .NET Framework 4.5 SDK (Version: 4.5.50710)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (Version: 4.5.50932)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (Version: 4.5.50932)
Microsoft .NET Framework 4.5.1 SDK (Version: 4.5.51641)
Microsoft C++ REST SDK for Visual Studio 2013 (Version: 1.0)
Microsoft Help Viewer 2.1 (Version: 2.1.21005)
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (Version: 2.7.40911.287)
Microsoft SQL Server 2012 Command Line Utilities  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.1.2902.0)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (Version: 11.1.2902.0)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Management Objects  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Management Objects  (x64) (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Native Client  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 T-SQL Language Service  (Version: 11.1.3000.0)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (Version: 12.0.30919.1)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (Version: 12.0.30919.1)
Microsoft System CLR Types for SQL Server 2012 (Version: 11.1.3366.16)
Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.1.3366.16)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005)
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005)
Microsoft Visual C++  x64 Libraries (Version: 12.0.21005)
Microsoft Visual C++  x86 Libraries (Version: 12.0.21005)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (Version: 12.0.21005)
Microsoft Visual C++ 2013 Core Libraries (Version: 12.0.21005)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x86-x64 Compilers (Version: 12.0.21005)
Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU (Version: 12.0.21005)
Microsoft Visual Studio 2013 Preparation (Version: 12.0.21005)
Microsoft Visual Studio 2013 Shell (Minimum) (Version: 12.0.21005)
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (Version: 12.0.21005)
Microsoft Visual Studio 2013 Shell (Minimum) Resources (Version: 12.0.21005)
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (Version: 12.0.21005)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (Version: 12.0.21005)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (Version: 12.0.21005.13)
Microsoft Visual Studio Express 2013 for Windows Desktop (Version: 12.0.21005)
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (Version: 12.0.21005)
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (Version: 12.0.21005)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
Notepad++ (Version: 6.4.5)
NVIDIA 3D Vision Controller Driver 331.65 (Version: 331.65)
NVIDIA 3D Vision Driver 331.65 (Version: 331.65)
NVIDIA Control Panel 331.65 (Version: 331.65)
NVIDIA Graphics Driver 331.65 (Version: 331.65)
NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA PhysX (Version: 9.13.0725)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3165)
Path of Exile
PDF Settings CS6 (Version: 11.0)
Prerequisites for SSDT  (Version: 11.1.3000.0)
Qt 5.1.1 (Version: 5.1.1)
Recuva (Version: 1.48)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Team Explorer for Microsoft Visual Studio 2013 (Version: 12.0.21005)
The Sims™ 3 (Version: 1.62.153)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Generations (Version: 8.0.152)
The Sims™ 3 Into the Future (Version: 21.0.150)
The Sims™ 3 Late Night (Version: 6.0.81)
The Sims™ 3 University Life (Version: 18.0.126)
The Sims™ 3 World Adventures (Version: 2.0.86)
Update for  (KB2504637) (Version: 1)
VLC media player 2.1.0 (Version: 2.1.0)
Windows Software Development Kit (Version: 8.100.25984)
Windows Software Development Kit (Version: 8.59.29989)
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984)
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989)
Windows Software Development Kit DirectX x86 Remote (Version: 8.100.25984)
Windows Software Development Kit DirectX x86 Remote (Version: 8.59.29989)
Windows Software Development Kit for Windows Store Apps (Version: 8.100.25984)
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.100.25984)
Windows XP Targeting with C++ (Version: 11.0.51106)

========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 8190.98 MB
Available physical RAM: 6599.58 MB
Total Pagefile: 16382.98 MB
Available Pagefile: 14600.63 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.21 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:576.53 GB) (Free:239.39 GB) NTFS
2 Drive d: (Windows 7) (Fixed) (Total:19.54 GB) (Free:4.65 GB) NTFS
3 Drive e: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

========================= Users: ========================================

User accounts for \\XXDARKSHADOWXX

Administrator            Dark                     Guest                    


**** End of log ****


TDSSKiller

13:07:04.0321 0x0b00  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
13:07:09.0153 0x0b00  ============================================================
13:07:09.0153 0x0b00  Current date / time: 2013/11/20 13:07:09.0153
13:07:09.0153 0x0b00  SystemInfo:
13:07:09.0153 0x0b00  
13:07:09.0153 0x0b00  OS Version: 6.2.9200 ServicePack: 0.0
13:07:09.0153 0x0b00  Product type: Workstation
13:07:09.0153 0x0b00  ComputerName: XXDARKSHADOWXX
13:07:09.0153 0x0b00  UserName: Dark
13:07:09.0153 0x0b00  Windows directory: C:\Windows
13:07:09.0153 0x0b00  System windows directory: C:\Windows
13:07:09.0153 0x0b00  Running under WOW64
13:07:09.0153 0x0b00  Processor architecture: Intel x64
13:07:09.0153 0x0b00  Number of processors: 4
13:07:09.0153 0x0b00  Page size: 0x1000
13:07:09.0153 0x0b00  Boot type: Normal boot
13:07:09.0153 0x0b00  ============================================================
13:07:09.0886 0x0b00  KLMD registered as C:\Windows\system32\drivers\42168877.sys
13:07:10.0061 0x0b00  System UUID: {F1C3222B-D9C7-9BD5-41DE-E9C59E7DA9EC}
13:07:15.0198 0x0b00  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:07:15.0212 0x0b00  Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x14301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
13:07:15.0230 0x0b00  ============================================================
13:07:15.0230 0x0b00  \Device\Harddisk0\DR0:
13:07:15.0230 0x0b00  MBR partitions:
13:07:15.0231 0x0b00  \Device\Harddisk1\DR1:
13:07:15.0231 0x0b00  MBR partitions:
13:07:15.0231 0x0b00  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:07:15.0231 0x0b00  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x48110000
13:07:15.0231 0x0b00  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x48142FB0, BlocksNum 0x2713B60
13:07:15.0231 0x0b00  ============================================================
13:07:15.0245 0x0b00  C: <-> \Device\Harddisk1\DR1\Partition2
13:07:15.0281 0x0b00  D: <-> \Device\Harddisk1\DR1\Partition3
13:07:15.0302 0x0b00  E: <-> \Device\Harddisk1\DR1\Partition1
13:07:15.0302 0x0b00  ============================================================
13:07:15.0303 0x0b00  Initialize success
13:07:15.0303 0x0b00  ============================================================
13:07:19.0558 0x08c8  ============================================================
13:07:19.0558 0x08c8  Scan started
13:07:19.0558 0x08c8  Mode: Manual;
13:07:19.0558 0x08c8  ============================================================
13:07:19.0558 0x08c8  KSN ping started
13:07:23.0169 0x08c8  KSN ping finished: true
13:07:23.0854 0x08c8  ================ Scan system memory ========================
13:07:23.0854 0x08c8  System memory - ok
13:07:23.0855 0x08c8  ================ Scan services =============================
13:07:24.0049 0x08c8  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
13:07:24.0066 0x08c8  1394ohci - ok
13:07:24.0089 0x08c8  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
13:07:24.0093 0x08c8  3ware - ok
13:07:24.0149 0x08c8  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:07:24.0161 0x08c8  ACPI - ok
13:07:24.0177 0x08c8  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
13:07:24.0179 0x08c8  acpiex - ok
13:07:24.0185 0x08c8  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
13:07:24.0186 0x08c8  acpipagr - ok
13:07:24.0191 0x08c8  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
13:07:24.0193 0x08c8  AcpiPmi - ok
13:07:24.0198 0x08c8  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
13:07:24.0200 0x08c8  acpitime - ok
13:07:24.0309 0x08c8  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:07:24.0316 0x08c8  AdobeFlashPlayerUpdateSvc - ok
13:07:24.0338 0x08c8  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:07:24.0350 0x08c8  adp94xx - ok
13:07:24.0370 0x08c8  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:07:24.0379 0x08c8  adpahci - ok
13:07:24.0389 0x08c8  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:07:24.0394 0x08c8  adpu320 - ok
13:07:24.0629 0x08c8  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:07:24.0643 0x08c8  AeLookupSvc - ok
13:07:24.0740 0x08c8  [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD             C:\Windows\system32\drivers\afd.sys
13:07:24.0763 0x08c8  AFD - ok
13:07:24.0771 0x08c8  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:07:24.0773 0x08c8  agp440 - ok
13:07:24.0792 0x08c8  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
13:07:24.0794 0x08c8  ALG - ok
13:07:24.0818 0x08c8  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
13:07:24.0822 0x08c8  AllUserInstallAgent - ok
13:07:24.0869 0x08c8  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
13:07:24.0877 0x08c8  AmdK8 - ok
13:07:24.0925 0x08c8  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
13:07:24.0932 0x08c8  AmdPPM - ok
13:07:24.0949 0x08c8  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:07:24.0956 0x08c8  amdsata - ok
13:07:24.0978 0x08c8  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:07:24.0988 0x08c8  amdsbs - ok
13:07:24.0996 0x08c8  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:07:24.0998 0x08c8  amdxata - ok
13:07:25.0006 0x08c8  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
13:07:25.0008 0x08c8  AppID - ok
13:07:25.0035 0x08c8  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:07:25.0037 0x08c8  AppIDSvc - ok
13:07:25.0139 0x08c8  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll
13:07:25.0149 0x08c8  Appinfo - ok
13:07:25.0191 0x08c8  [ 2D14788C5D0836292BEB27BBE109BE56, D032FDBD9E1708F77348655DE00DB395E38EB27A7EC3FB2EF3BA07D22CBC1402 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:07:25.0199 0x08c8  AppMgmt - ok
13:07:25.0209 0x08c8  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
13:07:25.0214 0x08c8  arc - ok
13:07:25.0235 0x08c8  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:07:25.0260 0x08c8  arcsas - ok
13:07:25.0302 0x08c8  [ 9F34AA1124EEA112E49E48258B1D6394, F8648E5EDD7DDFE8D0F5F410E90D0713381A5DB0980D4F0D13D6A5B1F9F4E9A6 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
13:07:25.0307 0x08c8  aswFsBlk - ok
13:07:25.0340 0x08c8  [ 57483E691D635510533E081EC4CB81EC, 5A963D1A51EAE53271820824522DD0372789035FEC8EEDA7B03A5049E0F85AF8 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
13:07:25.0343 0x08c8  aswKbd - ok
13:07:25.0361 0x08c8  [ 5C49AB607897C94E123EC8364FF4BF61, 77F69B00DDE1433C115AA617E0063CB93EE29B3E8D168EF2497E31DD573D5A13 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:07:25.0365 0x08c8  aswMonFlt - ok
13:07:25.0403 0x08c8  [ F342BA969535A992208ABC670CA89171, 51AF58D9964347258408FC706B4013B81D52B3874F1D57EB157429FAB68D90DC ] aswNdisFlt      C:\Windows\system32\DRIVERS\aswNdisFlt.sys
13:07:25.0419 0x08c8  aswNdisFlt - ok
13:07:25.0436 0x08c8  [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
13:07:25.0439 0x08c8  aswRdr - ok
13:07:25.0458 0x08c8  [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
13:07:25.0460 0x08c8  aswRvrt - ok
13:07:25.0497 0x08c8  [ 1BA60C77EB3CDB6129DAD25BAF675F43, 1D5BB6B427E065494C8A363996974048C890F9DBBEEF305B7034873696DFD969 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:07:25.0529 0x08c8  aswSnx - ok
13:07:25.0558 0x08c8  [ 79ADA401A6E2054F110E7FBDFAC71942, 0E551FB9E5FE598900036E872E16EB407F7F63FD7A8A0AFAB5094D9DFA75CFCF ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:07:25.0568 0x08c8  aswSP - ok
13:07:25.0589 0x08c8  [ 59787B95DD9CA44CB139D96863438587, C36E1A812931BBEACE38BF1E621C950439144979E31961C016AD1AE323579058 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
13:07:25.0594 0x08c8  aswVmm - ok
13:07:25.0600 0x08c8  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:07:25.0602 0x08c8  AsyncMac - ok
13:07:25.0613 0x08c8  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:07:25.0614 0x08c8  atapi - ok
13:07:25.0705 0x08c8  [ D278B7C0205249398F434856F5329FC9, 19526BC7D85D1EA63449A94274183EA051AB9F0F32209514041906E691060405 ] AU8168          C:\Windows\system32\DRIVERS\au630x64.sys
13:07:25.0732 0x08c8  AU8168 - ok
13:07:25.0781 0x08c8  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
13:07:25.0786 0x08c8  AudioEndpointBuilder - ok
13:07:25.0852 0x08c8  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:07:25.0884 0x08c8  Audiosrv - ok
13:07:25.0960 0x08c8  [ 4D41D30E2FAB3307967C7A0B045DC874, 620482D08544478862C78285E17DEE9BC3466DF8B62BD502B0C17AE6501D2B5E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:07:25.0964 0x08c8  avast! Antivirus - ok
13:07:25.0996 0x08c8  [ A1053E63A2C435F0A7E148BA10085DF8, E2B2F0F6AD3EB4D8DC6F890E1E338A271A1EC360049F396B88945B15D878429C ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
13:07:26.0005 0x08c8  avast! Firewall - ok
13:07:26.0040 0x08c8  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:07:26.0045 0x08c8  AxInstSV - ok
13:07:26.0111 0x08c8  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:07:26.0130 0x08c8  b06bdrv - ok
13:07:26.0151 0x08c8  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
13:07:26.0153 0x08c8  BasicDisplay - ok
13:07:26.0165 0x08c8  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
13:07:26.0167 0x08c8  BasicRender - ok
13:07:26.0218 0x08c8  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
13:07:26.0223 0x08c8  BDESVC - ok
13:07:26.0229 0x08c8  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
13:07:26.0230 0x08c8  Beep - ok
13:07:26.0284 0x08c8  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\Windows\System32\bfe.dll
13:07:26.0302 0x08c8  BFE - ok
13:07:26.0340 0x08c8  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
13:07:26.0564 0x08c8  BITS - ok
13:07:26.0573 0x08c8  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:07:26.0577 0x08c8  bowser - ok
13:07:26.0634 0x08c8  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
13:07:26.0640 0x08c8  BrokerInfrastructure - ok
13:07:26.0662 0x08c8  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
13:07:26.0667 0x08c8  Browser - ok
13:07:26.0711 0x08c8  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
13:07:26.0716 0x08c8  BthAvrcpTg - ok
13:07:26.0736 0x08c8  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
13:07:26.0741 0x08c8  BthHFEnum - ok
13:07:26.0787 0x08c8  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
13:07:26.0792 0x08c8  bthhfhid - ok
13:07:26.0813 0x08c8  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
13:07:26.0816 0x08c8  BTHMODEM - ok
13:07:26.0837 0x08c8  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
13:07:26.0841 0x08c8  bthserv - ok
13:07:26.0866 0x08c8  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:07:26.0871 0x08c8  cdfs - ok
13:07:26.0884 0x08c8  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
13:07:26.0891 0x08c8  cdrom - ok
13:07:26.0917 0x08c8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:07:26.0922 0x08c8  CertPropSvc - ok
13:07:26.0936 0x08c8  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
13:07:26.0938 0x08c8  circlass - ok
13:07:26.0952 0x08c8  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
13:07:26.0960 0x08c8  CLFS - ok
13:07:26.0983 0x08c8  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
13:07:26.0985 0x08c8  CmBatt - ok
13:07:27.0042 0x08c8  [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:07:27.0056 0x08c8  CNG - ok
13:07:27.0065 0x08c8  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
13:07:27.0067 0x08c8  CompositeBus - ok
13:07:27.0072 0x08c8  COMSysApp - ok
13:07:27.0087 0x08c8  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
13:07:27.0089 0x08c8  condrv - ok
13:07:27.0127 0x08c8  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:07:27.0130 0x08c8  CryptSvc - ok
13:07:27.0217 0x08c8  [ F2C69C3D98249DE14D4B2832516D4FD5, 5F622A61A99202802B35532036CFCFDFB1FDEC32465BA8CCAB4C4FAFA336FC2A ] CSC             C:\Windows\system32\drivers\csc.sys
13:07:27.0250 0x08c8  CSC - ok
13:07:27.0295 0x08c8  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4, 7F6F888CF4D7EF93144A791891E41858F7C0CDDC0B65ED09B9CD55EE3734FCCF ] CscService      C:\Windows\System32\cscsvc.dll
13:07:27.0323 0x08c8  CscService - ok
13:07:27.0391 0x08c8  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\Windows\system32\drivers\dam.sys
13:07:27.0393 0x08c8  dam - ok
13:07:27.0438 0x08c8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:07:27.0470 0x08c8  DcomLaunch - ok
13:07:27.0489 0x08c8  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll
13:07:27.0497 0x08c8  defragsvc - ok
13:07:27.0524 0x08c8  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
13:07:27.0533 0x08c8  DeviceAssociationService - ok
13:07:27.0574 0x08c8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
13:07:27.0580 0x08c8  DeviceInstall - ok
13:07:27.0594 0x08c8  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
13:07:27.0598 0x08c8  Dfsc - ok
13:07:27.0647 0x08c8  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:07:27.0656 0x08c8  Dhcp - ok
13:07:27.0663 0x08c8  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
13:07:27.0665 0x08c8  discache - ok
13:07:27.0672 0x08c8  [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6 ] disk            C:\Windows\system32\drivers\disk.sys
13:07:27.0675 0x08c8  disk - ok
13:07:27.0695 0x08c8  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
13:07:27.0697 0x08c8  dmvsc - ok
13:07:27.0748 0x08c8  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:07:27.0764 0x08c8  Dnscache - ok
13:07:27.0788 0x08c8  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
13:07:27.0796 0x08c8  dot3svc - ok
13:07:27.0822 0x08c8  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
13:07:27.0830 0x08c8  DPS - ok
13:07:27.0874 0x08c8  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:07:27.0875 0x08c8  drmkaud - ok
13:07:27.0936 0x08c8  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
13:07:27.0948 0x08c8  DsmSvc - ok
13:07:28.0005 0x08c8  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\System32\drivers\dtsoftbus01.sys
13:07:28.0025 0x08c8  dtsoftbus01 - ok
13:07:28.0169 0x08c8  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9, 3D348D3EFCA9C2AC25C3D0722FB8F64820936DEFD3926888740442972A0A8189 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:07:28.0222 0x08c8  DXGKrnl - ok
13:07:28.0247 0x08c8  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
13:07:28.0251 0x08c8  Eaphost - ok
13:07:28.0384 0x08c8  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:07:28.0518 0x08c8  ebdrv - ok
13:07:28.0576 0x08c8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS             C:\Windows\System32\lsass.exe
13:07:28.0586 0x08c8  EFS - ok
13:07:28.0603 0x08c8  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
13:07:28.0607 0x08c8  EhStorClass - ok
13:07:28.0636 0x08c8  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
13:07:28.0641 0x08c8  EhStorTcgDrv - ok
13:07:28.0653 0x08c8  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
13:07:28.0655 0x08c8  ErrDev - ok
13:07:28.0692 0x08c8  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
13:07:28.0706 0x08c8  EventSystem - ok
13:07:28.0727 0x08c8  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
13:07:28.0733 0x08c8  exfat - ok
13:07:28.0753 0x08c8  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:07:28.0759 0x08c8  fastfat - ok
13:07:28.0817 0x08c8  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
13:07:28.0856 0x08c8  Fax - ok
13:07:28.0875 0x08c8  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
13:07:28.0876 0x08c8  fdc - ok
13:07:28.0891 0x08c8  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:07:28.0894 0x08c8  fdPHost - ok
13:07:28.0910 0x08c8  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:07:28.0912 0x08c8  FDResPub - ok
13:07:28.0958 0x08c8  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
13:07:28.0963 0x08c8  fhsvc - ok
13:07:28.0970 0x08c8  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:07:28.0972 0x08c8  FileInfo - ok
13:07:28.0996 0x08c8  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:07:28.0998 0x08c8  Filetrace - ok
13:07:29.0014 0x08c8  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
13:07:29.0015 0x08c8  flpydisk - ok
13:07:29.0029 0x08c8  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:07:29.0038 0x08c8  FltMgr - ok
13:07:29.0137 0x08c8  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll
13:07:29.0180 0x08c8  FontCache - ok
13:07:29.0313 0x08c8  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:07:29.0318 0x08c8  FontCache3.0.0.0 - ok
13:07:29.0349 0x08c8  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:07:29.0355 0x08c8  FsDepends - ok
13:07:29.0378 0x08c8  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:07:29.0381 0x08c8  Fs_Rec - ok
13:07:29.0457 0x08c8  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:07:29.0473 0x08c8  fvevol - ok
13:07:29.0517 0x08c8  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
13:07:29.0519 0x08c8  FxPPM - ok
13:07:29.0537 0x08c8  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:07:29.0539 0x08c8  gagp30kx - ok
13:07:29.0578 0x08c8  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
13:07:29.0579 0x08c8  gencounter - ok
13:07:29.0639 0x08c8  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
13:07:29.0649 0x08c8  GPIOClx0101 - ok
13:07:29.0738 0x08c8  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:07:29.0789 0x08c8  gpsvc - ok
13:07:29.0811 0x08c8  gupdate - ok
13:07:29.0814 0x08c8  gupdatem - ok
13:07:29.0890 0x08c8  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:07:29.0912 0x08c8  HdAudAddService - ok
13:07:29.0958 0x08c8  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
13:07:29.0965 0x08c8  HDAudBus - ok
13:07:29.0999 0x08c8  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
13:07:30.0001 0x08c8  HidBatt - ok
13:07:30.0060 0x08c8  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
13:07:30.0068 0x08c8  HidBth - ok
13:07:30.0116 0x08c8  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
13:07:30.0121 0x08c8  hidi2c - ok
13:07:30.0146 0x08c8  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
13:07:30.0152 0x08c8  HidIr - ok
13:07:30.0165 0x08c8  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
13:07:30.0169 0x08c8  hidserv - ok
13:07:30.0199 0x08c8  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
13:07:30.0201 0x08c8  HidUsb - ok
13:07:30.0219 0x08c8  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:07:30.0226 0x08c8  hkmsvc - ok
13:07:30.0284 0x08c8  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:07:30.0297 0x08c8  HomeGroupListener - ok
13:07:30.0357 0x08c8  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:07:30.0388 0x08c8  HomeGroupProvider - ok
13:07:30.0407 0x08c8  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:07:30.0411 0x08c8  HpSAMD - ok
13:07:30.0508 0x08c8  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:07:30.0536 0x08c8  HTTP - ok
13:07:30.0553 0x08c8  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:07:30.0554 0x08c8  hwpolicy - ok
13:07:30.0574 0x08c8  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
13:07:30.0576 0x08c8  hyperkbd - ok
13:07:30.0585 0x08c8  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
13:07:30.0587 0x08c8  HyperVideo - ok
13:07:30.0601 0x08c8  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
13:07:30.0605 0x08c8  i8042prt - ok
13:07:30.0630 0x08c8  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:07:30.0640 0x08c8  iaStorV - ok
13:07:30.0653 0x08c8  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:07:30.0655 0x08c8  iirsp - ok
13:07:30.0733 0x08c8  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:07:30.0772 0x08c8  IKEEXT - ok
13:07:30.0791 0x08c8  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:07:30.0792 0x08c8  intelide - ok
13:07:30.0808 0x08c8  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
13:07:30.0811 0x08c8  intelppm - ok
13:07:30.0835 0x08c8  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:07:30.0838 0x08c8  IpFilterDriver - ok
13:07:30.0944 0x08c8  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:07:30.0979 0x08c8  iphlpsvc - ok
13:07:30.0995 0x08c8  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
13:07:30.0998 0x08c8  IPMIDRV - ok
13:07:31.0021 0x08c8  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:07:31.0025 0x08c8  IPNAT - ok
13:07:31.0038 0x08c8  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:07:31.0039 0x08c8  IRENUM - ok
13:07:31.0052 0x08c8  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:07:31.0053 0x08c8  isapnp - ok
13:07:31.0121 0x08c8  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
13:07:31.0144 0x08c8  iScsiPrt - ok
13:07:31.0164 0x08c8  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
13:07:31.0167 0x08c8  kbdclass - ok
13:07:31.0187 0x08c8  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
13:07:31.0189 0x08c8  kbdhid - ok
13:07:31.0200 0x08c8  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
13:07:31.0202 0x08c8  kdnic - ok
13:07:31.0219 0x08c8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso          C:\Windows\system32\lsass.exe
13:07:31.0223 0x08c8  KeyIso - ok
13:07:31.0280 0x08c8  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:07:31.0288 0x08c8  KSecDD - ok
13:07:31.0365 0x08c8  [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:07:31.0378 0x08c8  KSecPkg - ok
13:07:31.0405 0x08c8  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:07:31.0407 0x08c8  ksthunk - ok
13:07:31.0434 0x08c8  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:07:31.0451 0x08c8  KtmRm - ok
13:07:31.0476 0x08c8  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:07:31.0486 0x08c8  LanmanServer - ok
13:07:31.0509 0x08c8  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:07:31.0518 0x08c8  LanmanWorkstation - ok
13:07:31.0526 0x08c8  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:07:31.0529 0x08c8  lltdio - ok
13:07:31.0558 0x08c8  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:07:31.0567 0x08c8  lltdsvc - ok
13:07:31.0580 0x08c8  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:07:31.0583 0x08c8  lmhosts - ok
13:07:31.0610 0x08c8  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:07:31.0614 0x08c8  LSI_SAS - ok
13:07:31.0633 0x08c8  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:07:31.0636 0x08c8  LSI_SAS2 - ok
13:07:31.0654 0x08c8  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:07:31.0657 0x08c8  LSI_SCSI - ok
13:07:31.0665 0x08c8  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
13:07:31.0667 0x08c8  LSI_SSS - ok
13:07:31.0694 0x08c8  [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM             C:\Windows\System32\lsm.dll
13:07:31.0707 0x08c8  LSM - ok
13:07:31.0715 0x08c8  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:07:31.0719 0x08c8  luafv - ok
13:07:31.0777 0x08c8  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:07:31.0780 0x08c8  MBAMProtector - ok
13:07:31.0933 0x08c8  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:07:31.0996 0x08c8  MBAMScheduler - ok
13:07:32.0039 0x08c8  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:07:32.0057 0x08c8  MBAMService - ok
13:07:32.0072 0x08c8  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:07:32.0074 0x08c8  megasas - ok
13:07:32.0099 0x08c8  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:07:32.0108 0x08c8  MegaSR - ok
13:07:32.0153 0x08c8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll
13:07:32.0158 0x08c8  MMCSS - ok
13:07:32.0178 0x08c8  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
13:07:32.0180 0x08c8  Modem - ok
13:07:32.0230 0x08c8  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys
13:07:32.0255 0x08c8  monitor - ok
13:07:32.0267 0x08c8  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
13:07:32.0269 0x08c8  mouclass - ok
13:07:32.0311 0x08c8  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
13:07:32.0313 0x08c8  mouhid - ok
13:07:32.0323 0x08c8  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:07:32.0327 0x08c8  mountmgr - ok
13:07:32.0365 0x08c8  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:07:32.0370 0x08c8  MozillaMaintenance - ok
13:07:32.0427 0x08c8  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C, BCBFF081FAFB822CE29D291FB329FC310D90F0EC0D1BB69CF8CB09ED5A2E84D1 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:07:32.0434 0x08c8  mpsdrv - ok
13:07:32.0536 0x08c8  [ 3031573A739DBEE8923851929D0AF423, E9EA6C0D12A896AC745173B1F1A58192B52724AA424718B16B8D05E9AC091741 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:07:32.0575 0x08c8  MpsSvc - ok
13:07:32.0601 0x08c8  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:07:32.0605 0x08c8  MRxDAV - ok
13:07:32.0675 0x08c8  [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:07:32.0698 0x08c8  mrxsmb - ok
13:07:32.0714 0x08c8  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:07:32.0721 0x08c8  mrxsmb10 - ok
13:07:32.0787 0x08c8  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:07:32.0803 0x08c8  mrxsmb20 - ok
13:07:32.0819 0x08c8  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
13:07:32.0823 0x08c8  MsBridge - ok
13:07:32.0846 0x08c8  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
13:07:32.0853 0x08c8  MSDTC - ok
13:07:32.0871 0x08c8  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:07:32.0873 0x08c8  Msfs - ok
13:07:32.0889 0x08c8  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
13:07:32.0891 0x08c8  msgpiowin32 - ok
13:07:32.0905 0x08c8  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:07:32.0906 0x08c8  mshidkmdf - ok
13:07:32.0912 0x08c8  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
13:07:32.0914 0x08c8  mshidumdf - ok
13:07:32.0932 0x08c8  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:07:32.0933 0x08c8  msisadrv - ok
13:07:32.0964 0x08c8  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:07:32.0970 0x08c8  MSiSCSI - ok
13:07:32.0975 0x08c8  msiserver - ok
13:07:32.0993 0x08c8  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:07:32.0994 0x08c8  MSKSSRV - ok
13:07:33.0001 0x08c8  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
13:07:33.0003 0x08c8  MsLldp - ok
13:07:33.0022 0x08c8  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:07:33.0023 0x08c8  MSPCLOCK - ok
13:07:33.0028 0x08c8  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:07:33.0030 0x08c8  MSPQM - ok
13:07:33.0064 0x08c8  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:07:33.0073 0x08c8  MsRPC - ok
13:07:33.0093 0x08c8  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
13:07:33.0095 0x08c8  mssmbios - ok
13:07:33.0208 0x08c8  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:07:33.0228 0x08c8  MSTEE - ok
13:07:33.0249 0x08c8  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
13:07:33.0253 0x08c8  MTConfig - ok
13:07:33.0303 0x08c8  [ 640617B6E682A150C36BE39D78547F6C, 784F712E9DC3EEE81F07946BBA08AA2BEAC7B3961E430B75043645EF7ECA715C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
13:07:33.0306 0x08c8  MTsensor - ok
13:07:33.0323 0x08c8  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
13:07:33.0331 0x08c8  Mup - ok
13:07:33.0360 0x08c8  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
13:07:33.0364 0x08c8  mvumis - ok
13:07:33.0432 0x08c8  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
13:07:33.0464 0x08c8  napagent - ok
13:07:33.0504 0x08c8  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:07:33.0520 0x08c8  NativeWifiP - ok
13:07:33.0544 0x08c8  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
13:07:33.0551 0x08c8  NcaSvc - ok
13:07:33.0562 0x08c8  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
13:07:33.0566 0x08c8  NcdAutoSetup - ok
13:07:33.0657 0x08c8  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:07:33.0689 0x08c8  NDIS - ok
13:07:33.0706 0x08c8  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:07:33.0708 0x08c8  NdisCap - ok
13:07:33.0725 0x08c8  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
13:07:33.0728 0x08c8  NdisImPlatform - ok
13:07:33.0769 0x08c8  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:07:33.0771 0x08c8  NdisTapi - ok
13:07:33.0789 0x08c8  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:07:33.0791 0x08c8  Ndisuio - ok
13:07:33.0800 0x08c8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:07:33.0805 0x08c8  NdisWan - ok
13:07:33.0813 0x08c8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
13:07:33.0816 0x08c8  NDISWANLEGACY - ok
13:07:33.0861 0x08c8  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:07:33.0863 0x08c8  NDProxy - ok
13:07:33.0871 0x08c8  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
13:07:33.0874 0x08c8  Ndu - ok
13:07:33.0880 0x08c8  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:07:33.0882 0x08c8  NetBIOS - ok
13:07:33.0896 0x08c8  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:07:33.0904 0x08c8  NetBT - ok
13:07:33.0918 0x08c8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon        C:\Windows\system32\lsass.exe
13:07:33.0921 0x08c8  Netlogon - ok
13:07:33.0943 0x08c8  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
13:07:33.0951 0x08c8  Netman - ok
13:07:34.0003 0x08c8  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
13:07:34.0016 0x08c8  netprofm - ok
13:07:34.0059 0x08c8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:07:34.0087 0x08c8  NetTcpPortSharing - ok
13:07:34.0140 0x08c8  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:07:34.0145 0x08c8  nfrd960 - ok
13:07:34.0221 0x08c8  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:07:34.0255 0x08c8  NlaSvc - ok
13:07:34.0269 0x08c8  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:07:34.0272 0x08c8  Npfs - ok
13:07:34.0390 0x08c8  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
13:07:34.0393 0x08c8  npsvctrig - ok
13:07:34.0437 0x08c8  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
13:07:34.0449 0x08c8  nsi - ok
13:07:34.0465 0x08c8  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:07:34.0469 0x08c8  nsiproxy - ok
13:07:34.0640 0x08c8  [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:07:34.0684 0x08c8  Ntfs - ok
13:07:34.0700 0x08c8  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
13:07:34.0701 0x08c8  Null - ok
13:07:34.0728 0x08c8  [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
13:07:34.0734 0x08c8  NVHDA - ok
13:07:35.0103 0x08c8  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:07:35.0451 0x08c8  nvlddmkm - ok
13:07:35.0500 0x08c8  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:07:35.0504 0x08c8  nvraid - ok
13:07:35.0522 0x08c8  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:07:35.0527 0x08c8  nvstor - ok
13:07:35.0597 0x08c8  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:07:35.0633 0x08c8  nvsvc - ok
13:07:35.0640 0x08c8  nvvad_WaveExtensible - ok
13:07:35.0659 0x08c8  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:07:35.0662 0x08c8  nv_agp - ok
13:07:35.0690 0x08c8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:07:35.0700 0x08c8  p2pimsvc - ok
13:07:35.0726 0x08c8  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:07:35.0739 0x08c8  p2psvc - ok
13:07:35.0747 0x08c8  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
13:07:35.0751 0x08c8  Parport - ok
13:07:35.0793 0x08c8  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:07:35.0795 0x08c8  partmgr - ok
13:07:35.0834 0x08c8  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:07:35.0856 0x08c8  PcaSvc - ok
13:07:35.0868 0x08c8  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
13:07:35.0875 0x08c8  pci - ok
13:07:35.0892 0x08c8  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
13:07:35.0893 0x08c8  pciide - ok
13:07:35.0914 0x08c8  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:07:35.0920 0x08c8  pcmcia - ok
13:07:35.0927 0x08c8  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
13:07:35.0929 0x08c8  pcw - ok
13:07:35.0979 0x08c8  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys
13:07:35.0981 0x08c8  pdc - ok
13:07:36.0039 0x08c8  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:07:36.0073 0x08c8  PEAUTH - ok
13:07:36.0165 0x08c8  [ DF0D9BDCB600913F40FF125BF8CE1979, 63544C3CEAF47FEEB761FD25BCAE53610C7AD65B7B2295C49D72A7C3C78A376D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:07:36.0245 0x08c8  PeerDistSvc - ok
13:07:36.0328 0x08c8  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:07:36.0331 0x08c8  PerfHost - ok
13:07:36.0421 0x08c8  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
13:07:36.0463 0x08c8  pla - ok
13:07:36.0507 0x08c8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:07:36.0513 0x08c8  PlugPlay - ok
13:07:36.0526 0x08c8  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:07:36.0530 0x08c8  PNRPAutoReg - ok
13:07:36.0546 0x08c8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:07:36.0555 0x08c8  PNRPsvc - ok
13:07:36.0589 0x08c8  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:07:36.0602 0x08c8  PolicyAgent - ok
13:07:36.0662 0x08c8  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll
13:07:36.0677 0x08c8  Power - ok
13:07:36.0687 0x08c8  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:07:36.0692 0x08c8  PptpMiniport - ok
13:07:36.0814 0x08c8  [ 9D59831262CAD44E709D695FC9D5E7AB, F95C5475F91DA667C8D5C96253944CE8A0F2C9B1ED4DF8703E5D1D47A0C730B5 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
13:07:36.0935 0x08c8  PrintNotify - ok
13:07:36.0977 0x08c8  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys
13:07:36.0980 0x08c8  Processor - ok
13:07:37.0007 0x08c8  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll
13:07:37.0015 0x08c8  ProfSvc - ok
13:07:37.0023 0x08c8  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:07:37.0027 0x08c8  Psched - ok
13:07:37.0060 0x08c8  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
13:07:37.0070 0x08c8  QWAVE - ok
13:07:37.0079 0x08c8  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:07:37.0081 0x08c8  QWAVEdrv - ok
13:07:37.0101 0x08c8  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:07:37.0102 0x08c8  RasAcd - ok
13:07:37.0116 0x08c8  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:07:37.0118 0x08c8  RasAgileVpn - ok
13:07:37.0133 0x08c8  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
13:07:37.0138 0x08c8  RasAuto - ok
13:07:37.0146 0x08c8  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:07:37.0150 0x08c8  Rasl2tp - ok
13:07:37.0169 0x08c8  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
13:07:37.0180 0x08c8  RasMan - ok
13:07:37.0188 0x08c8  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:07:37.0190 0x08c8  RasPppoe - ok
13:07:37.0198 0x08c8  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:07:37.0201 0x08c8  RasSstp - ok
13:07:37.0277 0x08c8  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:07:37.0303 0x08c8  rdbss - ok
13:07:37.0322 0x08c8  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
13:07:37.0324 0x08c8  rdpbus - ok
13:07:37.0341 0x08c8  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:07:37.0346 0x08c8  RDPDR - ok
13:07:37.0400 0x08c8  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:07:37.0405 0x08c8  RdpVideoMiniport - ok
13:07:37.0431 0x08c8  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:07:37.0439 0x08c8  RDPWD - ok
13:07:37.0454 0x08c8  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:07:37.0459 0x08c8  rdyboost - ok
13:07:37.0489 0x08c8  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:07:37.0494 0x08c8  RemoteAccess - ok
13:07:37.0512 0x08c8  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:07:37.0519 0x08c8  RemoteRegistry - ok
13:07:37.0571 0x08c8  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:07:37.0582 0x08c8  RpcEptMapper - ok
13:07:37.0602 0x08c8  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
13:07:37.0607 0x08c8  RpcLocator - ok
13:07:37.0654 0x08c8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
13:07:37.0675 0x08c8  RpcSs - ok
13:07:37.0684 0x08c8  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:07:37.0686 0x08c8  rspndr - ok
13:07:37.0742 0x08c8  [ 15923AA360F7675D3D43C9669316A0BA, AD1852732082140C62CC44A01914162E44BF412B4A852DF27DC0E0765E64288F ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
13:07:37.0769 0x08c8  RTL8168 - ok
13:07:37.0789 0x08c8  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
13:07:37.0791 0x08c8  s3cap - ok
13:07:37.0841 0x08c8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs           C:\Windows\system32\lsass.exe
13:07:37.0844 0x08c8  SamSs - ok
13:07:37.0861 0x08c8  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:07:37.0864 0x08c8  sbp2port - ok
13:07:37.0888 0x08c8  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:07:37.0896 0x08c8  SCardSvr - ok
13:07:37.0909 0x08c8  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:07:37.0914 0x08c8  scfilter - ok
13:07:38.0055 0x08c8  [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule        C:\Windows\system32\schedsvc.dll
13:07:38.0110 0x08c8  Schedule - ok
13:07:38.0129 0x08c8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:07:38.0133 0x08c8  SCPolicySvc - ok
13:07:38.0188 0x08c8  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
13:07:38.0203 0x08c8  sdbus - ok
13:07:38.0240 0x08c8  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:07:38.0257 0x08c8  SDRSVC - ok
13:07:38.0299 0x08c8  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
13:07:38.0305 0x08c8  sdstor - ok
13:07:38.0326 0x08c8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:07:38.0330 0x08c8  secdrv - ok
13:07:38.0350 0x08c8  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
13:07:38.0358 0x08c8  seclogon - ok
13:07:38.0377 0x08c8  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
13:07:38.0385 0x08c8  SENS - ok
13:07:38.0416 0x08c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] SensorsSimulatorDriver C:\Windows\system32\DRIVERS\WUDFRd.sys
13:07:38.0424 0x08c8  SensorsSimulatorDriver - ok
13:07:38.0445 0x08c8  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:07:38.0452 0x08c8  SensrSvc - ok
13:07:38.0465 0x08c8  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
13:07:38.0468 0x08c8  SerCx - ok
13:07:38.0486 0x08c8  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
13:07:38.0487 0x08c8  Serenum - ok
13:07:38.0508 0x08c8  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
13:07:38.0510 0x08c8  Serial - ok
13:07:38.0534 0x08c8  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
13:07:38.0535 0x08c8  sermouse - ok
13:07:38.0565 0x08c8  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:07:38.0576 0x08c8  SessionEnv - ok
13:07:38.0592 0x08c8  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
13:07:38.0594 0x08c8  sfloppy - ok
13:07:38.0626 0x08c8  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:07:38.0638 0x08c8  SharedAccess - ok
13:07:38.0673 0x08c8  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:07:38.0689 0x08c8  ShellHWDetection - ok
13:07:38.0706 0x08c8  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:07:38.0708 0x08c8  SiSRaid2 - ok
13:07:38.0727 0x08c8  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:07:38.0730 0x08c8  SiSRaid4 - ok
13:07:38.0748 0x08c8  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:07:38.0752 0x08c8  SNMPTRAP - ok
13:07:38.0820 0x08c8  [ FD3AF5575B99871BADB94E7699DBCE08, 847A78C1388683984AFA7D00B7C7F8741BC1DFBF4999AAD1E2EFC22D3C316846 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
13:07:38.0836 0x08c8  spaceport - ok
13:07:38.0860 0x08c8  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
13:07:38.0862 0x08c8  SpbCx - ok
13:07:38.0906 0x08c8  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
13:07:38.0941 0x08c8  Spooler - ok
13:07:39.0147 0x08c8  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe
13:07:39.0333 0x08c8  sppsvc - ok
13:07:39.0443 0x08c8  [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:07:39.0453 0x08c8  SQLWriter - ok
13:07:39.0480 0x08c8  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:07:39.0495 0x08c8  srv - ok
13:07:39.0592 0x08c8  [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:07:39.0628 0x08c8  srv2 - ok
13:07:39.0680 0x08c8  [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:07:39.0687 0x08c8  srvnet - ok
13:07:39.0712 0x08c8  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:07:39.0721 0x08c8  SSDPSRV - ok
13:07:39.0729 0x08c8  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:07:39.0744 0x08c8  SstpSvc - ok
13:07:39.0845 0x08c8  [ 8F60F242379A191E47EE8CDEEBD17C8B, 3D4438EA73990BC680506A2BB41EA6E7E8F44A4FF717023717F7922091DBD1D3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:07:39.0864 0x08c8  Steam Client Service - ok
13:07:40.0007 0x08c8  [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:07:40.0031 0x08c8  Stereo Service - ok
13:07:40.0053 0x08c8  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:07:40.0055 0x08c8  stexstor - ok
13:07:40.0084 0x08c8  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
13:07:40.0101 0x08c8  stisvc - ok
13:07:40.0118 0x08c8  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys
13:07:40.0121 0x08c8  storahci - ok
13:07:40.0144 0x08c8  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
13:07:40.0146 0x08c8  storflt - ok
13:07:40.0167 0x08c8  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
13:07:40.0171 0x08c8  StorSvc - ok
13:07:40.0190 0x08c8  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:07:40.0192 0x08c8  storvsc - ok
13:07:40.0211 0x08c8  [ 1A36AC469140F87CDE62D7F8524E270C, B07086E0D844567FF0A880366EA8ED8042F8ED744E6AB1FD9539F360905A07F2 ] storvsp         C:\Windows\System32\drivers\storvsp.sys
13:07:40.0213 0x08c8  storvsp - ok
13:07:40.0235 0x08c8  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
13:07:40.0239 0x08c8  svsvc - ok
13:07:40.0253 0x08c8  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
13:07:40.0255 0x08c8  swenum - ok
13:07:40.0425 0x08c8  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:07:40.0448 0x08c8  SwitchBoard - ok
13:07:40.0482 0x08c8  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
13:07:40.0497 0x08c8  swprv - ok
13:07:40.0598 0x08c8  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\Windows\system32\sysmain.dll
13:07:40.0650 0x08c8  SysMain - ok
13:07:40.0708 0x08c8  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
13:07:40.0727 0x08c8  SystemEventsBroker - ok
13:07:40.0742 0x08c8  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
13:07:40.0751 0x08c8  TabletInputService - ok
13:07:40.0778 0x08c8  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:07:40.0791 0x08c8  TapiSrv - ok
13:07:40.0936 0x08c8  [ 37D85E873C9531A2F88DD9C63D3F8A9E, C31FF8324962B72DAED445F0A264E3E2E51296DDC98A5914DCE155693FB18868 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:07:41.0007 0x08c8  Tcpip - ok
13:07:41.0104 0x08c8  [ 37D85E873C9531A2F88DD9C63D3F8A9E, C31FF8324962B72DAED445F0A264E3E2E51296DDC98A5914DCE155693FB18868 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:07:41.0145 0x08c8  TCPIP6 - ok
13:07:41.0167 0x08c8  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:07:41.0168 0x08c8  tcpipreg - ok
13:07:41.0179 0x08c8  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:07:41.0182 0x08c8  tdx - ok
13:07:41.0199 0x08c8  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
13:07:41.0201 0x08c8  terminpt - ok
13:07:41.0243 0x08c8  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll
13:07:41.0264 0x08c8  TermService - ok
13:07:41.0278 0x08c8  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
13:07:41.0283 0x08c8  Themes - ok
13:07:41.0335 0x08c8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll
13:07:41.0347 0x08c8  THREADORDER - ok
13:07:41.0403 0x08c8  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
13:07:41.0431 0x08c8  TimeBroker - ok
13:07:41.0472 0x08c8  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\Windows\system32\drivers\tpm.sys
13:07:41.0476 0x08c8  TPM - ok
13:07:41.0488 0x08c8  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
13:07:41.0494 0x08c8  TrkWks - ok
13:07:41.0563 0x08c8  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:07:41.0566 0x08c8  TrustedInstaller - ok
13:07:41.0594 0x08c8  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:07:41.0596 0x08c8  TsUsbFlt - ok
13:07:41.0606 0x08c8  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
13:07:41.0608 0x08c8  TsUsbGD - ok
13:07:41.0617 0x08c8  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:07:41.0621 0x08c8  tunnel - ok
13:07:41.0640 0x08c8  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:07:41.0643 0x08c8  uagp35 - ok
13:07:41.0658 0x08c8  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
13:07:41.0662 0x08c8  UASPStor - ok
13:07:41.0692 0x08c8  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
13:07:41.0697 0x08c8  UCX01000 - ok
13:07:41.0745 0x08c8  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:07:41.0754 0x08c8  udfs - ok
13:07:41.0783 0x08c8  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:07:41.0787 0x08c8  UI0Detect - ok
13:07:41.0809 0x08c8  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:07:41.0811 0x08c8  uliagpkx - ok
13:07:41.0818 0x08c8  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
13:07:41.0820 0x08c8  umbus - ok
13:07:41.0830 0x08c8  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
13:07:41.0832 0x08c8  UmPass - ok
13:07:41.0859 0x08c8  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:07:41.0869 0x08c8  UmRdpService - ok
13:07:41.0900 0x08c8  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
13:07:41.0916 0x08c8  upnphost - ok
13:07:41.0940 0x08c8  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
13:07:41.0943 0x08c8  usbccgp - ok
13:07:41.0966 0x08c8  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\Windows\System32\drivers\usbcir.sys
13:07:41.0969 0x08c8  usbcir - ok
13:07:41.0983 0x08c8  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
13:07:41.0986 0x08c8  usbehci - ok
13:07:42.0020 0x08c8  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
13:07:42.0035 0x08c8  usbhub - ok
13:07:42.0062 0x08c8  [ B1E910DDC08A8536116214326124903C, 8A1C69DD8ACC00A42CD86791397093342A86B2428DCBFC2CB21F0232D948B7B5 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
13:07:42.0073 0x08c8  USBHUB3 - ok
13:07:42.0097 0x08c8  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
13:07:42.0098 0x08c8  usbohci - ok
13:07:42.0117 0x08c8  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
13:07:42.0119 0x08c8  usbprint - ok
13:07:42.0140 0x08c8  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
13:07:42.0144 0x08c8  USBSTOR - ok
13:07:42.0155 0x08c8  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
13:07:42.0156 0x08c8  usbuhci - ok
13:07:42.0182 0x08c8  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
13:07:42.0191 0x08c8  USBXHCI - ok
13:07:42.0207 0x08c8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc        C:\Windows\system32\lsass.exe
13:07:42.0210 0x08c8  VaultSvc - ok
13:07:42.0216 0x08c8  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:07:42.0217 0x08c8  vdrvroot - ok
13:07:42.0286 0x08c8  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\Windows\System32\vds.exe
13:07:42.0320 0x08c8  vds - ok
13:07:42.0328 0x08c8  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
13:07:42.0332 0x08c8  VerifierExt - ok
13:07:42.0363 0x08c8  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
13:07:42.0375 0x08c8  vhdmp - ok
13:07:42.0388 0x08c8  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:07:42.0390 0x08c8  viaide - ok
13:07:42.0408 0x08c8  [ 0E43886F01C85B47BA0A3157274BCF59, C81E1841B1138D8C224FAF76258F7EB65145CCAF7938CA86CBADD8FFF79BA596 ] Vid             C:\Windows\System32\drivers\Vid.sys
13:07:42.0414 0x08c8  Vid - ok
13:07:42.0432 0x08c8  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:07:42.0436 0x08c8  vmbus - ok
13:07:42.0450 0x08c8  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
13:07:42.0452 0x08c8  VMBusHID - ok
13:07:42.0473 0x08c8  [ B4F432A51826FFC66F4DF72A83E8E4B1, 2C6F4D477F91605A3685FCF9EC6EA798E74C6853CC91547A749E9C050E7C19E8 ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
13:07:42.0476 0x08c8  vmbusr - ok
13:07:42.0510 0x08c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
13:07:42.0519 0x08c8  vmicheartbeat - ok
13:07:42.0531 0x08c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
13:07:42.0538 0x08c8  vmickvpexchange - ok
13:07:42.0550 0x08c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
13:07:42.0558 0x08c8  vmicrdv - ok
13:07:42.0571 0x08c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
13:07:42.0578 0x08c8  vmicshutdown - ok
13:07:42.0589 0x08c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
13:07:42.0597 0x08c8  vmictimesync - ok
13:07:42.0608 0x08c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
13:07:42.0615 0x08c8  vmicvss - ok
13:07:42.0623 0x08c8  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:07:42.0626 0x08c8  volmgr - ok
13:07:42.0639 0x08c8  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:07:42.0649 0x08c8  volmgrx - ok
13:07:42.0695 0x08c8  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:07:42.0703 0x08c8  volsnap - ok
13:07:42.0724 0x08c8  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
13:07:42.0727 0x08c8  vpci - ok
13:07:42.0738 0x08c8  [ 0190AFFF28F600461C0164353CC7EE27, D112DF69C9E629EC77FB95E7ACDDAAE24B5028C84454134BD26FEF9CC953AC0E ] vpcivsp         C:\Windows\System32\drivers\vpcivsp.sys
13:07:42.0741 0x08c8  vpcivsp - ok
13:07:42.0911 0x08c8  [ 9B4F6978628D07FAEBF77FF6F8F2960D, FC36FE6BE77445D55E4E92CE3EAF172E253EC8CF8D2EBCA204969CF21FFA5600 ] VsEtwService120 C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
13:07:42.0919 0x08c8  VsEtwService120 - ok
13:07:42.0947 0x08c8  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:07:42.0954 0x08c8  vsmraid - ok
13:07:43.0042 0x08c8  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\Windows\system32\vssvc.exe
13:07:43.0088 0x08c8  VSS - ok
13:07:43.0119 0x08c8  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
13:07:43.0128 0x08c8  VSTXRAID - ok
13:07:43.0142 0x08c8  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:07:43.0143 0x08c8  vwifibus - ok
13:07:43.0171 0x08c8  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
13:07:43.0183 0x08c8  W32Time - ok
13:07:43.0199 0x08c8  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
13:07:43.0201 0x08c8  WacomPen - ok
13:07:43.0238 0x08c8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
13:07:43.0240 0x08c8  Wanarp - ok
13:07:43.0253 0x08c8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:07:43.0260 0x08c8  Wanarpv6 - ok
13:07:43.0339 0x08c8  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
13:07:43.0393 0x08c8  wbengine - ok
13:07:43.0416 0x08c8  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:07:43.0428 0x08c8  WbioSrvc - ok
13:07:43.0489 0x08c8  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
13:07:43.0520 0x08c8  Wcmsvc - ok
13:07:43.0627 0x08c8  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:07:43.0677 0x08c8  wcncsvc - ok
13:07:43.0696 0x08c8  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:07:43.0702 0x08c8  WcsPlugInService - ok
13:07:43.0723 0x08c8  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
13:07:43.0724 0x08c8  Wd - ok
13:07:43.0835 0x08c8  [ FD47DF026B32969B8A68721A0243E8EE, 57A7B9B40CEDADFB023AEDD9F29869F1B93EA2596F47B5DDC233D57FC585CCE1 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
13:07:43.0841 0x08c8  WdBoot - ok
13:07:44.0004 0x08c8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:07:44.0051 0x08c8  Wdf01000 - ok
13:07:44.0080 0x08c8  [ 5F425D842DD6ADE9F95A51A0616AFAD7, 807B8E6A4FE443A362076C225F588A8C897CFE24A6367F4D461C8F6D3EF004C5 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
13:07:44.0087 0x08c8  WdFilter - ok
13:07:44.0094 0x08c8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:07:44.0100 0x08c8  WdiServiceHost - ok
13:07:44.0106 0x08c8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:07:44.0112 0x08c8  WdiSystemHost - ok
13:07:44.0130 0x08c8  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6 ] WebClient       C:\Windows\System32\webclnt.dll
13:07:44.0139 0x08c8  WebClient - ok
13:07:44.0160 0x08c8  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:07:44.0169 0x08c8  Wecsvc - ok
13:07:44.0187 0x08c8  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:07:44.0192 0x08c8  wercplsupport - ok
13:07:44.0228 0x08c8  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:07:44.0234 0x08c8  WerSvc - ok
13:07:44.0265 0x08c8  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
13:07:44.0268 0x08c8  WFPLWFS - ok
13:07:44.0288 0x08c8  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
13:07:44.0294 0x08c8  WiaRpc - ok
13:07:44.0309 0x08c8  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:07:44.0311 0x08c8  WIMMount - ok
13:07:44.0335 0x08c8  WinDefend - ok
13:07:44.0421 0x08c8  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
13:07:44.0466 0x08c8  WinHttpAutoProxySvc - ok
13:07:44.0509 0x08c8  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:07:44.0515 0x08c8  Winmgmt - ok
13:07:44.0636 0x08c8  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:07:44.0720 0x08c8  WinRM - ok
13:07:44.0833 0x08c8  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll
13:07:44.0914 0x08c8  WlanSvc - ok
13:07:45.0042 0x08c8  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
13:07:45.0142 0x08c8  wlidsvc - ok
13:07:45.0159 0x08c8  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
13:07:45.0160 0x08c8  WmiAcpi - ok
13:07:45.0187 0x08c8  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:07:45.0193 0x08c8  wmiApSrv - ok
13:07:45.0207 0x08c8  WMPNetworkSvc - ok
13:07:45.0225 0x08c8  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
13:07:45.0227 0x08c8  wpcfltr - ok
13:07:45.0239 0x08c8  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:07:45.0244 0x08c8  WPCSvc - ok
13:07:45.0297 0x08c8  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:07:45.0315 0x08c8  WPDBusEnum - ok
13:07:45.0336 0x08c8  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
13:07:45.0338 0x08c8  WpdUpFltr - ok
13:07:45.0381 0x08c8  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:07:45.0385 0x08c8  ws2ifsl - ok
13:07:45.0448 0x08c8  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll
13:07:45.0466 0x08c8  wscsvc - ok
13:07:45.0472 0x08c8  WSearch - ok
13:07:45.0617 0x08c8  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\Windows\System32\WSService.dll
13:07:45.0692 0x08c8  WSService - ok
13:07:45.0873 0x08c8  [ 5EE919B9C3056B399E488A9B253E258A, DEB92A99F7BCDD3575C737EDEFF853A9BD4E5D523C4D11C205C6C7257A5A79B7 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:07:46.0004 0x08c8  wuauserv - ok
13:07:46.0024 0x08c8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:07:46.0027 0x08c8  WudfPf - ok
13:07:46.0047 0x08c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
13:07:46.0052 0x08c8  WUDFRd - ok
13:07:46.0061 0x08c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
13:07:46.0065 0x08c8  WUDFSensorLP - ok
13:07:46.0083 0x08c8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:07:46.0089 0x08c8  wudfsvc - ok
13:07:46.0114 0x08c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
13:07:46.0119 0x08c8  WUDFWpdFs - ok
13:07:46.0176 0x08c8  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:07:46.0210 0x08c8  WwanSvc - ok
13:07:46.0221 0x08c8  ================ Scan global ===============================
13:07:46.0249 0x08c8  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
13:07:46.0305 0x08c8  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
13:07:46.0335 0x08c8  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
13:07:46.0413 0x08c8  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
13:07:46.0467 0x08c8  [ Global ] - ok
13:07:46.0470 0x08c8  ================ Scan MBR ==================================
13:07:46.0474 0x08c8  [ C06575B18B90345CE86AB291B56DB94D ] \Device\Harddisk0\DR0
13:07:46.0521 0x08c8  \Device\Harddisk0\DR0 - ok
13:07:46.0535 0x08c8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:07:46.0878 0x08c8  \Device\Harddisk1\DR1 - ok
13:07:46.0879 0x08c8  ================ Scan VBR ==================================
13:07:46.0899 0x08c8  [ 7130642DC18B5170AE00F34F1909F7B1 ] \Device\Harddisk1\DR1\Partition1
13:07:46.0900 0x08c8  \Device\Harddisk1\DR1\Partition1 - ok
13:07:46.0903 0x08c8  [ E3B0CD62A343B32ECB509C89D05497A6 ] \Device\Harddisk1\DR1\Partition2
13:07:46.0905 0x08c8  \Device\Harddisk1\DR1\Partition2 - ok
13:07:46.0908 0x08c8  [ 779435607FEDD67A52712CF773BB3D34 ] \Device\Harddisk1\DR1\Partition3
13:07:46.0910 0x08c8  \Device\Harddisk1\DR1\Partition3 - ok
13:07:46.0911 0x08c8  Waiting for KSN requests completion. In queue: 39
13:07:47.0912 0x08c8  Waiting for KSN requests completion. In queue: 39
13:07:48.0913 0x08c8  Waiting for KSN requests completion. In queue: 39
13:07:50.0013 0x08c8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.215.0 ), 0x60100 ( disabled : updated )
13:07:50.0029 0x08c8  AV detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2008.177 ), 0x41000 ( enabled : updated )
13:07:50.0033 0x08c8  FW detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2008.177 ), 0x41010 ( enabled )
13:07:52.0508 0x08c8  ============================================================
13:07:52.0508 0x08c8  Scan finished
13:07:52.0508 0x08c8  ============================================================
13:07:52.0530 0x0600  Detected object count: 0
13:07:52.0530 0x0600  Actual detected object count: 0


ADW Cleaner

# AdwCleaner v3.012 - Report created 20/11/2013 at 13:11:12
# Updated 11/11/2013 by Xplode
# Operating System : Windows 8 Pro  (64 bits)
# Username : Dark - XXDARKSHADOWXX
# Running from : C:\Users\Dark\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\APN PIP

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Dark\AppData\Roaming\Mozilla\Firefox\Profiles\ftlkzn6e.default-1384902233131\prefs.js ]


*************************

AdwCleaner[R0].txt - [845 octets] - [20/11/2013 13:09:38]
AdwCleaner[S0].txt - [728 octets] - [20/11/2013 13:11:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [787 octets] ##########


JunkWare Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 Pro x64
Ran by Dark on Wed 11/20/2013 at 13:19:33.09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Dark\AppData\Roaming\mozilla\firefox\profiles\ftlkzn6e.default-1384902233131\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/20/2013 at 13:25:38.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


ESET

C:\Users\Dark\AppData\Local\Temp\cdFwvq8X.exe.part    Win32/InstalleRex.L application    cleaned by deleting - quarantined
C:\Windows\KJ\BIOS.EXE    Win32/HackTool.SLICMod.C application    cleaned by deleting - quarantined
C:\Windows\KJ\OEM_info\oem.exe    a variant of MSIL/HackTool.WinActivator.A application    cleaned by deleting - quarantined
C:\Windows\KJ\Pirate\WinRR.exe    a variant of Win32/HackTool.WinActivator.J application    cleaned by deleting - quarantined
D:\Users\Panda\Downloads\DaemonTool\DTLite4454-0315.exe    Win32/OpenCandy application    cleaned by deleting - quarantined



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:22 AM

Posted 20 November 2013 - 10:07 PM

It does not look to be malware, at least these were not serious findings. Looks like VLC player could be reinstalled.
Probably need to start a new Win8 topic so they can look at your system.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 darkritual

darkritual
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 21 November 2013 - 01:22 AM

So that's it, we're done?

That's a bit odd.

Last time i posted a thread here, we found 2 viruses and i ended up running at least 20 different programs.
But now, you've found 11 threats on my computer and everything is gonna be alright?
I don't buy it but alright, thanks for the help and pointing out i should reinstall VLC.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:22 AM

Posted 21 November 2013 - 12:18 PM

You want to scan more and get a deeper look to be certain we did not miss anything, you can but then we still have to repost.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 darkritual

darkritual
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 21 November 2013 - 02:49 PM

All went well, i followed the steps provided and made a new thread in the specified category.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:22 AM

Posted 21 November 2013 - 02:58 PM

Thank you!
 
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 2 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users