Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Split from: How Do I get rid of "Nation Zoom" ???


  • This topic is locked This topic is locked
16 replies to this topic

#1 blazela

blazela

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 05 December 2013 - 11:09 PM

Split from: http://www.bleepingcomputer.com/forums/t/516342 ~Budapest

Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org

Database version: v2013.12.06.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Cheryl :: CHERYL-HP [administrator]

12/5/2013 7:33:22 PM
mbar-log-2013-12-05 (19-33-22).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 274567
Time elapsed: 18 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Edited by Budapest, 06 December 2013 - 03:28 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:50 AM

Posted 06 December 2013 - 11:48 AM

Hello also please run these.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 blazela

blazela
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 06 December 2013 - 10:47 PM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Cheryl (administrator) on 06-12-2013 at 19:43:21
Running from "C:\Users\Cheryl\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Ultimate-N 6300 AGN = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?4. subinterface=ethernet_6 mtu=1477
set subinterface interface=?4. subinterface=ethernet_7 mtu=1477
add address name="Wireless Network Connection 2" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Cheryl-HP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : E4-11-5B-4D-73-62
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 24-77-03-64-6C-E5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 24-77-03-64-6C-E5
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
   Physical Address. . . . . . . . . : 24-77-03-64-6C-E4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::44de:1a:691e:d98d%14(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.110(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, December 06, 2013 6:07:35 PM
   Lease Expires . . . . . . . . . . : Saturday, December 07, 2013 6:32:15 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 321156867
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-10-16-2A-24-77-03-64-6C-E4
   DNS Servers . . . . . . . . . . . : 209.237.67.8
                                       209.237.67.12
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:189f:d12a:bafe:9099(Preferred)
   Link-local IPv6 Address . . . . . : fe80::189f:d12a:bafe:9099%18(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{357D9A24-B51B-4572-965F-6603E02B4BC1}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F44DBE86-D2F4-4409-AB3F-C028C9D183AB}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{36781F84-5CCF-46E9-8D94-9228BB821F90}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D1E690C9-D7BE-495D-B65C-22631FE6F690}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  www.croisancreek.com
Address:  209.237.67.8

Name:    google.com
Addresses:  2607:f8b0:400a:802::1001
      173.194.33.64
      173.194.33.68
      173.194.33.65
      173.194.33.72
      173.194.33.71
      173.194.33.67
      173.194.33.73
      173.194.33.66
      173.194.33.70
      173.194.33.78
      173.194.33.69


Pinging google.com [173.194.33.64] with 32 bytes of data:
Reply from 173.194.33.64: bytes=32 time=42ms TTL=57
Reply from 173.194.33.64: bytes=32 time=20ms TTL=57

Ping statistics for 173.194.33.64:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 20ms, Maximum = 42ms, Average = 31ms
Server:  www.croisancreek.com
Address:  209.237.67.8

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=44ms TTL=52
Reply from 206.190.36.45: bytes=32 time=61ms TTL=52

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 44ms, Maximum = 61ms, Average = 52ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 3ms, Maximum = 4ms, Average = 3ms
===========================================================================
Interface List
 17...e4 11 5b 4d 73 62 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
 16...24 77 03 64 6c e5 ......Microsoft Virtual WiFi Miniport Adapter #2
 15...24 77 03 64 6c e5 ......Microsoft Virtual WiFi Miniport Adapter
 14...24 77 03 64 6c e4 ......Intel® Centrino® Ultimate-N 6300 AGN
  1...........................Software Loopback Interface 1
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.110     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.110    281
    192.168.1.110  255.255.255.255         On-link     192.168.1.110    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.110    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.110    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.110    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 18     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 18     58 2001::/32                On-link
 18    306 2001:0:9d38:6abd:189f:d12a:bafe:9099/128
                                    On-link
 14    281 fe80::/64                On-link
 18    306 fe80::/64                On-link
 18    306 fe80::189f:d12a:bafe:9099/128
                                    On-link
 14    281 fe80::44de:1a:691e:d98d/128
                                    On-link
  1    306 ff00::/8                 On-link
 18    306 ff00::/8                 On-link
 14    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/06/2013 06:32:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4992

Error: (12/06/2013 06:32:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4992

Error: (12/06/2013 06:32:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/06/2013 06:07:40 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/06/2013 06:07:32 PM) (Source: ISCT Agent) (User: )
Description: CIRSTDriverApi::CreateInstance   *****Unable to open the IRST device driver

Error: (12/06/2013 06:07:32 PM) (Source: ISCT Agent) (User: )
Description: CDriverApi::GetInterfaceAlias   *****Unable to enumerate device interfaces, error=0x103

Error: (12/06/2013 04:49:27 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/06/2013 04:49:22 PM) (Source: ISCT Agent) (User: )
Description: CIRSTDriverApi::CreateInstance   *****Unable to open the IRST device driver

Error: (12/06/2013 04:49:22 PM) (Source: ISCT Agent) (User: )
Description: CDriverApi::GetInterfaceAlias   *****Unable to enumerate device interfaces, error=0x103

Error: (12/06/2013 04:20:40 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (12/06/2013 06:07:20 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:04:48 PM on ?12/?6/?2013 was unexpected.

Error: (12/06/2013 06:04:48 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.

Error: (12/06/2013 06:04:18 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.

Error: (12/06/2013 04:49:09 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:47:09 PM on ?12/?6/?2013 was unexpected.

Error: (12/06/2013 04:23:05 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Centrino® Wireless Bluetooth® + High Speed Service service failed to start due to the following error:
%%1053

Error: (12/06/2013 04:23:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Centrino® Wireless Bluetooth® + High Speed Service service to connect.

Error: (12/06/2013 04:20:18 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:18:12 PM on ?12/?6/?2013 was unexpected.

Error: (12/06/2013 04:17:21 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPPRXSVC service.

Error: (12/06/2013 04:16:51 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (12/06/2013 03:37:21 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:59:18 AM on ?12/?6/?2013 was unexpected.


Microsoft Office Sessions:
=========================
Error: (12/06/2013 06:32:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4992

Error: (12/06/2013 06:32:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4992

Error: (12/06/2013 06:32:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/06/2013 06:07:40 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2013 06:07:32 PM) (Source: ISCT Agent)(User: )
Description: CIRSTDriverApi::CreateInstance   *****Unable to open the IRST device driver

Error: (12/06/2013 06:07:32 PM) (Source: ISCT Agent)(User: )
Description: CDriverApi::GetInterfaceAlias   *****Unable to enumerate device interfaces, error=0x103

Error: (12/06/2013 04:49:27 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2013 04:49:22 PM) (Source: ISCT Agent)(User: )
Description: CIRSTDriverApi::CreateInstance   *****Unable to open the IRST device driver

Error: (12/06/2013 04:49:22 PM) (Source: ISCT Agent)(User: )
Description: CDriverApi::GetInterfaceAlias   *****Unable to enumerate device interfaces, error=0x103

Error: (12/06/2013 04:20:40 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe AIR (Version: 1.5.3.9130)
Adobe Community Help (Version: 3.2.1)
Adobe Community Help (Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.152)
Adobe Photoshop Elements 9 (Version: 9.0.3.0)
Adobe Premiere Elements 9 (Version: 9.0)
Adobe Premiere Elements 9 (Version: 9.0.1)
Adobe Reader X (10.1.8) MUI (Version: 10.1.8)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
AMD APP SDK Runtime (Version: 2.5.709.2)
AMD Catalyst Install Manager (Version: 3.0.838.0)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoStudio 5.5
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.2.43)
awinterscene_3274380 Screen Saver
Bing Bar (Version: 7.3.107.0)
Bing Desktop (Version: 1.3.171.0)
Bonjour (Version: 3.0.0.10)
Broadcom Bluetooth Software (Version: 6.5.0.2100)
Broadcom InConcert Maestro (Version: 1.0.1.2100)
Canon Auto Update Service (Version: 1.1.2.18)
Canon Camera Window DC_DV 6 for ZoomBrowser EX (Version: 6.4.0.9)
Canon Camera Window MC 6 for ZoomBrowser EX (Version: 6.3.0.8)
Canon CanoScan 4400F User Registration
Canon CanoScan Toolbox 5.0
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.4.0.14)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.6.0.13)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.7.0.8)
Canon Utilities PhotoStitch (Version: 3.1.19.43)
Canon Utilities ZoomBrowser EX (Version: 5.8.0.74)
CanoScan 4400F
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0930.2209.37895)
Catalyst Control Center Graphics Previews Common (Version: 2011.0930.2209.37895)
Catalyst Control Center InstallProxy (Version: 2011.0930.2209.37895)
Catalyst Control Center Localization All (Version: 2011.0930.2209.37895)
Catalyst Control Center Profiles Mobile (Version: 2011.0930.2209.37895)
CCC Help Chinese Standard (Version: 2011.0930.2208.37895)
CCC Help Chinese Traditional (Version: 2011.0930.2208.37895)
CCC Help Czech (Version: 2011.0930.2208.37895)
CCC Help Danish (Version: 2011.0930.2208.37895)
CCC Help Dutch (Version: 2011.0930.2208.37895)
CCC Help English (Version: 2011.0930.2208.37895)
CCC Help Finnish (Version: 2011.0930.2208.37895)
CCC Help French (Version: 2011.0930.2208.37895)
CCC Help German (Version: 2011.0930.2208.37895)
CCC Help Greek (Version: 2011.0930.2208.37895)
CCC Help Hungarian (Version: 2011.0930.2208.37895)
CCC Help Italian (Version: 2011.0930.2208.37895)
CCC Help Japanese (Version: 2011.0930.2208.37895)
CCC Help Korean (Version: 2011.0930.2208.37895)
CCC Help Norwegian (Version: 2011.0930.2208.37895)
CCC Help Polish (Version: 2011.0930.2208.37895)
CCC Help Portuguese (Version: 2011.0930.2208.37895)
CCC Help Russian (Version: 2011.0930.2208.37895)
CCC Help Spanish (Version: 2011.0930.2208.37895)
CCC Help Swedish (Version: 2011.0930.2208.37895)
CCC Help Thai (Version: 2011.0930.2208.37895)
CCC Help Turkish (Version: 2011.0930.2208.37895)
ccc-utility64 (Version: 2011.0930.2209.37895)
Cisco WebEx Meeting Center for Firefox or Chrome (Version: 8.29.3202)
Cisco WebEx Meetings
CyberLink PowerDVD (Version: 10.0.5.3817)
CyberLink YouCam (Version: 3.5.0.4305)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
ESU for Microsoft Windows 7 SP1 (Version: 2.1.1)
felinefright_3169436 Screen Saver
Google Chrome (Version: 31.0.1650.63)
Google Drive (Version: 1.12.5329.1887)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Talk Plugin (Version: 4.9.1.16010)
Google Update Helper (Version: 1.3.22.3)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.16.1)
HP CoolSense (Version: 2.10.42)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.2.0.0)
HP MovieStore (Version: 2.1.091)
HP MovieStore (Version: 2.1.21091.0)
HP On Screen Display (Version: 1.3.5)
HP Power Manager (Version: 1.4.8)
HP Product Detection (Version: 11.15.0004)
HP Proximity Sensor Utility (Version: 1.0.18)
HP Quick Launch (Version: 2.7.2)
HP Setup (Version: 8.7.4751.3798)
HP Software Framework (Version: 4.6.10.1)
HP Support Assistant (Version: 7.0.39.15)
HP Wireless Audio Manager 1.2.4 (Version: 1.2.4)
iCloud (Version: 3.0.2.163)
IDT Audio (Version: 1.0.6381.0)
Intel Digital Logo (Version: 1.0.6)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Display Audio Driver (Version: 6.14.00.3074)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.0.0096)
Intel® Rapid Storage Technology (Version: 10.6.2.1001)
Intel® Smart Connect Technology 1.0 (Version: 1.0.698.0)
Intel® WiDi (Version: 3.5.34.0)
Intel® PROSet/Wireless WiFi Software (Version: 15.01.0500.0903)
iTunes (Version: 11.1.2.32)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
midnightmadness_3279185 Screen Saver
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Internet Security (Version: 21.1.0.18)
Picasa 3 (Version: 3.9)
Power2Go (Version: 6.1.5125)
Presto! PageManager 7.15.14 (Version: 7.15.14E)
PX Profile Update (Version: 1.00.1.)
Quicken 2004 (Version: 13.00.0000)
QuickTime (Version: 7.74.80.86)
Realtek PCIE Card Reader (Version: 6.1.7601.83)
Recovery Manager (Version: 2.0.0)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.19.0)
Safari (Version: 5.34.57.2)
santasflight_3173336 Screen Saver
ScanSoft OmniPage SE 4.0 (Version: 15.00.0020)
Skype™ 5.10 (Version: 5.10.116)
SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090)
swMSM (Version: 12.0.0.1)
Synaptics ClickPad Driver (Version: 15.3.29.0)
tannenbaum_3147186 Screen Saver
thescarecrow_3264060 Screen Saver
thethanksgivingfeast_3264061 Screen Saver
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Zip Extractor Packages

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 6091.86 MB
Available physical RAM: 3472.09 MB
Total Pagefile: 12181.9 MB
Available Pagefile: 9336.97 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.77 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:677.9 GB) (Free:599.98 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:20.44 GB) (Free:2.21 GB) NTFS

========================= Users: ========================================

User accounts for \\CHERYL-HP

Administrator            Cheryl                   Guest                    


**** End of log ****
 



#4 blazela

blazela
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 06 December 2013 - 11:06 PM

19:49:25.0152 0x04dc  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
19:49:33.0551 0x04dc  ============================================================
19:49:33.0551 0x04dc  Current date / time: 2013/12/06 19:49:33.0551
19:49:33.0551 0x04dc  SystemInfo:
19:49:33.0551 0x04dc  
19:49:33.0551 0x04dc  OS Version: 6.1.7601 ServicePack: 1.0
19:49:33.0551 0x04dc  Product type: Workstation
19:49:33.0552 0x04dc  ComputerName: CHERYL-HP
19:49:33.0552 0x04dc  UserName: Cheryl
19:49:33.0552 0x04dc  Windows directory: C:\Windows
19:49:33.0552 0x04dc  System windows directory: C:\Windows
19:49:33.0552 0x04dc  Running under WOW64
19:49:33.0552 0x04dc  Processor architecture: Intel x64
19:49:33.0552 0x04dc  Number of processors: 4
19:49:33.0552 0x04dc  Page size: 0x1000
19:49:33.0552 0x04dc  Boot type: Normal boot
19:49:33.0552 0x04dc  ============================================================
19:49:34.0333 0x04dc  KLMD registered as C:\Windows\system32\drivers\75675969.sys
19:49:34.0790 0x04dc  System UUID: {0500ADB7-7915-2D90-2F20-058C1CDA75CC}
19:49:35.0601 0x04dc  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:49:35.0612 0x04dc  ============================================================
19:49:35.0612 0x04dc  \Device\Harddisk0\DR0:
19:49:35.0613 0x04dc  MBR partitions:
19:49:35.0613 0x04dc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:49:35.0613 0x04dc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x54BCD000
19:49:35.0613 0x04dc  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x54C31000, BlocksNum 0x28E1800
19:49:35.0613 0x04dc  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
19:49:35.0613 0x04dc  ============================================================
19:49:35.0629 0x04dc  C: <-> \Device\Harddisk0\DR0\Partition2
19:49:35.0676 0x04dc  D: <-> \Device\Harddisk0\DR0\Partition3
19:49:35.0676 0x04dc  ============================================================
19:49:35.0676 0x04dc  Initialize success
19:49:35.0676 0x04dc  ============================================================
19:49:44.0861 0x0798  ============================================================
19:49:44.0861 0x0798  Scan started
19:49:44.0861 0x0798  Mode: Manual;
19:49:44.0861 0x0798  ============================================================
19:49:44.0861 0x0798  KSN ping started
19:49:48.0452 0x0798  KSN ping finished: true
19:49:49.0022 0x0798  ================ Scan system memory ========================
19:49:49.0022 0x0798  System memory - ok
19:49:49.0022 0x0798  ================ Scan services =============================
19:49:49.0202 0x0798  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:49:49.0212 0x0798  1394ohci - ok
19:49:49.0282 0x0798  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
19:49:49.0292 0x0798  Accelerometer - ok
19:49:49.0322 0x0798  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:49:49.0342 0x0798  ACPI - ok
19:49:49.0352 0x0798  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:49:49.0352 0x0798  AcpiPmi - ok
19:49:49.0432 0x0798  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
19:49:49.0442 0x0798  AdobeActiveFileMonitor9.0 - ok
19:49:49.0512 0x0798  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:49:49.0522 0x0798  AdobeARMservice - ok
19:49:49.0652 0x0798  [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:49:49.0672 0x0798  AdobeFlashPlayerUpdateSvc - ok
19:49:49.0712 0x0798  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:49:49.0742 0x0798  adp94xx - ok
19:49:49.0762 0x0798  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:49:49.0782 0x0798  adpahci - ok
19:49:49.0802 0x0798  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:49:49.0802 0x0798  adpu320 - ok
19:49:49.0832 0x0798  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:49:49.0832 0x0798  AeLookupSvc - ok
19:49:49.0912 0x0798  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
19:49:49.0912 0x0798  AESTFilters - ok
19:49:50.0002 0x0798  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
19:49:50.0022 0x0798  AFD - ok
19:49:50.0042 0x0798  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:49:50.0042 0x0798  agp440 - ok
19:49:50.0082 0x0798  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:49:50.0092 0x0798  ALG - ok
19:49:50.0132 0x0798  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:49:50.0132 0x0798  aliide - ok
19:49:50.0172 0x0798  [ C53D784D7303C463D004C0D5782917B4, 004918DC540E81B0034ECDBB525C4108D6D4EA896033323651FAB2490A0B7E11 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:49:50.0182 0x0798  AMD External Events Utility - ok
19:49:50.0202 0x0798  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:49:50.0202 0x0798  amdide - ok
19:49:50.0222 0x0798  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:49:50.0232 0x0798  AmdK8 - ok
19:49:50.0522 0x0798  [ 06778049A44C316E8D016039B9D14667, 78C7CA39107B4EEEBF96A0C7C0470BD2A63A3FDF5CA1E1FEC3F058F61BF16569 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:49:50.0822 0x0798  amdkmdag - ok
19:49:50.0862 0x0798  [ 94B4028F0EEA1F166D78186A254676B5, 4004ADCC91B4D6F3C516A514DA7840789D4ED14E081AD123C735495B2074EC79 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:49:50.0872 0x0798  amdkmdap - ok
19:49:50.0882 0x0798  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:49:50.0882 0x0798  AmdPPM - ok
19:49:50.0902 0x0798  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:49:50.0912 0x0798  amdsata - ok
19:49:50.0932 0x0798  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:49:50.0942 0x0798  amdsbs - ok
19:49:50.0952 0x0798  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:49:50.0952 0x0798  amdxata - ok
19:49:50.0982 0x0798  [ 157B1C973637919DCD0D0464167C86BA, 26495E1390392694F0E33100FB26B2539015414C9F8384F73C66B370A16FD187 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
19:49:50.0992 0x0798  AMPPAL - ok
19:49:51.0012 0x0798  [ 157B1C973637919DCD0D0464167C86BA, 26495E1390392694F0E33100FB26B2539015414C9F8384F73C66B370A16FD187 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
19:49:51.0022 0x0798  AMPPALP - ok
19:49:51.0072 0x0798  [ FB70F8C1283C8CC6BFAA6F9971107E68, 3EAB3703DC27EE94531DA60C2ACF73CAF33F6BA2ED5822D90BF2A97A3A98C4EA ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
19:49:51.0082 0x0798  AMPPALR3 - ok
19:49:51.0122 0x0798  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:49:51.0122 0x0798  AppID - ok
19:49:51.0142 0x0798  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:49:51.0142 0x0798  AppIDSvc - ok
19:49:51.0192 0x0798  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
19:49:51.0192 0x0798  Appinfo - ok
19:49:51.0262 0x0798  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:49:51.0262 0x0798  Apple Mobile Device - ok
19:49:51.0292 0x0798  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:49:51.0292 0x0798  arc - ok
19:49:51.0322 0x0798  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:49:51.0322 0x0798  arcsas - ok
19:49:51.0402 0x0798  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:49:51.0412 0x0798  aspnet_state - ok
19:49:51.0442 0x0798  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:49:51.0442 0x0798  AsyncMac - ok
19:49:51.0482 0x0798  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:49:51.0482 0x0798  atapi - ok
19:49:51.0552 0x0798  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:49:51.0572 0x0798  AudioEndpointBuilder - ok
19:49:51.0612 0x0798  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:49:51.0622 0x0798  AudioSrv - ok
19:49:51.0642 0x0798  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:49:51.0652 0x0798  AxInstSV - ok
19:49:51.0672 0x0798  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:49:51.0692 0x0798  b06bdrv - ok
19:49:51.0732 0x0798  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:49:51.0742 0x0798  b57nd60a - ok
19:49:51.0832 0x0798  [ AC9585B420C7FF0A25B078EBB7642AE9, 999F09645F675436ADE79083CC038C44527C6B287D19D6FC6575B5D1EFC45631 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.exe
19:49:51.0842 0x0798  BBSvc - ok
19:49:51.0862 0x0798  [ D829E0575EE424F77E78340D362B3664, 54255DCD0A36FCE189C29C9457F17AA6A095C60EB93C94A7DB3B77FC9891185C ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe
19:49:51.0872 0x0798  BBUpdate - ok
19:49:51.0922 0x0798  [ 09A19C806110CE839111850EC27E65F5, 828251F2183AA42F9556F820025A612CDC52E57424C10738F7A4640CAB7E06E7 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
19:49:51.0922 0x0798  bcbtums - ok
19:49:51.0982 0x0798  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
19:49:52.0022 0x0798  BCM43XX - ok
19:49:52.0042 0x0798  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:49:52.0062 0x0798  BDESVC - ok
19:49:52.0092 0x0798  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:49:52.0092 0x0798  Beep - ok
19:49:52.0142 0x0798  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:49:52.0152 0x0798  BFE - ok
19:49:52.0322 0x0798  [ 613883A3BAC6920149C83ED751589433, 9846C1EE0916120C56F598AEA9C2C5B8F1AEDA06FDC3CCE8BAFD0480ACE93078 ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys
19:49:52.0352 0x0798  BHDrvx64 - ok
19:49:52.0422 0x0798  [ 65608C44E71D7BA056C9EFCD8A00A7FE, A6B581A8354C7E2902AA1FFDD87C9465EFA2CD75A920CE3098E774292E4825CE ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
19:49:52.0442 0x0798  BingDesktopUpdate - ok
19:49:52.0482 0x0798  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:49:52.0502 0x0798  BITS - ok
19:49:52.0532 0x0798  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
19:49:52.0532 0x0798  blbdrive - ok
19:49:52.0582 0x0798  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:49:52.0592 0x0798  Bonjour Service - ok
19:49:52.0622 0x0798  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:49:52.0622 0x0798  bowser - ok
19:49:52.0642 0x0798  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:49:52.0642 0x0798  BrFiltLo - ok
19:49:52.0652 0x0798  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:49:52.0652 0x0798  BrFiltUp - ok
19:49:52.0682 0x0798  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:49:52.0682 0x0798  Browser - ok
19:49:52.0702 0x0798  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:49:52.0712 0x0798  Brserid - ok
19:49:52.0722 0x0798  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:49:52.0732 0x0798  BrSerWdm - ok
19:49:52.0742 0x0798  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:49:52.0742 0x0798  BrUsbMdm - ok
19:49:52.0762 0x0798  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:49:52.0762 0x0798  BrUsbSer - ok
19:49:52.0792 0x0798  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
19:49:52.0812 0x0798  BthEnum - ok
19:49:52.0832 0x0798  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:49:52.0832 0x0798  BTHMODEM - ok
19:49:52.0852 0x0798  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:49:52.0862 0x0798  BthPan - ok
19:49:52.0892 0x0798  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
19:49:52.0902 0x0798  BTHPORT - ok
19:49:52.0932 0x0798  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:49:52.0932 0x0798  bthserv - ok
19:49:52.0942 0x0798  [ FA2D081709A764F6BEE16B7FFE03E36C, 2BBDFBD313ABB87B76D4A30EC042B9D72ED4F62CF18B98229A6366B1A7211ECD ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
19:49:52.0942 0x0798  BTHSSecurityMgr - ok
19:49:52.0972 0x0798  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
19:49:52.0972 0x0798  BTHUSB - ok
19:49:53.0002 0x0798  [ 4E4F563F17A6D75D4CBD677470DAFAEE, 657F9D782161ABD8DD7E5E24C3FBCCF2020DA667906519A6BA6CF439BD38A662 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
19:49:53.0022 0x0798  btwampfl - ok
19:49:53.0032 0x0798  [ 409C4117E6027672EF41E68ACE1468AD, 8FB0A11E5147EEB245527E68FCD8FEC4BF5DC820BA1F99F983CDA10829DB4F5D ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
19:49:53.0042 0x0798  btwaudio - ok
19:49:53.0052 0x0798  [ 8CA7CABD13316ABACE386D9F380B4CF3, 6BB8142760E3440543991A6C2A2B5CB7450E7936C9A9F9038622AAC0D79C7667 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
19:49:53.0062 0x0798  btwavdt - ok
19:49:53.0112 0x0798  [ 8DD1CA4FCF8B875725FE049ACD3800E4, 9986E0B5CAD5C16F5D0015BB4A4C9AF38B1B3C27DDE819CB30B6EB94B18426C2 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:49:53.0132 0x0798  btwdins - ok
19:49:53.0152 0x0798  [ 41933521A618475644B6E8D8487AF326, A50D6CF096E45E4EA2491D61CFE165C8C8A8956E699519C4314918DE1FD31056 ] BTWDPAN         C:\Windows\system32\DRIVERS\btwdpan.sys
19:49:53.0152 0x0798  BTWDPAN - ok
19:49:53.0162 0x0798  [ B9354F9F111C64F2495B60F1E24CB453, 67B3F5867B00F84832EF5AD649D817D27B3F200351C7C53579A63D30F8E2BFDD ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
19:49:53.0172 0x0798  btwl2cap - ok
19:49:53.0182 0x0798  [ 71A04F2D9DEB21B162561EB574D7D629, C4E477F38CA3C76A966DA9145ABA55EE316BDEC84FE647DB06BCB1604EFE1A94 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
19:49:53.0182 0x0798  btwrchid - ok
19:49:53.0272 0x0798  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys
19:49:53.0282 0x0798  ccSet_NIS - ok
19:49:53.0322 0x0798  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:49:53.0322 0x0798  cdfs - ok
19:49:53.0342 0x0798  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:49:53.0352 0x0798  cdrom - ok
19:49:53.0382 0x0798  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:49:53.0382 0x0798  CertPropSvc - ok
19:49:53.0402 0x0798  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:49:53.0402 0x0798  circlass - ok
19:49:53.0432 0x0798  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:49:53.0452 0x0798  CLFS - ok
19:49:53.0492 0x0798  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:49:53.0492 0x0798  clr_optimization_v2.0.50727_32 - ok
19:49:53.0522 0x0798  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:49:53.0532 0x0798  clr_optimization_v2.0.50727_64 - ok
19:49:53.0593 0x0798  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:49:53.0593 0x0798  clr_optimization_v4.0.30319_32 - ok
19:49:53.0613 0x0798  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:49:53.0613 0x0798  clr_optimization_v4.0.30319_64 - ok
19:49:53.0643 0x0798  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
19:49:53.0653 0x0798  clwvd - ok
19:49:53.0673 0x0798  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:49:53.0673 0x0798  CmBatt - ok
19:49:53.0693 0x0798  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:49:53.0693 0x0798  cmdide - ok
19:49:53.0743 0x0798  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
19:49:53.0753 0x0798  CNG - ok
19:49:53.0783 0x0798  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:49:53.0783 0x0798  Compbatt - ok
19:49:53.0793 0x0798  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:49:53.0793 0x0798  CompositeBus - ok
19:49:53.0803 0x0798  COMSysApp - ok
19:49:53.0813 0x0798  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:49:53.0813 0x0798  crcdisk - ok
19:49:53.0853 0x0798  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:49:53.0853 0x0798  CryptSvc - ok
19:49:53.0893 0x0798  [ C6E1C081C0849E08FECEC18DF73B10C4, B5E552F4744C91836CBAF3F62CB861C1D9422721870D11B5CCE21B45E384985A ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
19:49:53.0893 0x0798  dc3d - ok
19:49:53.0933 0x0798  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:49:53.0943 0x0798  DcomLaunch - ok
19:49:53.0963 0x0798  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:49:53.0973 0x0798  defragsvc - ok
19:49:53.0993 0x0798  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:49:53.0993 0x0798  DfsC - ok
19:49:54.0023 0x0798  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:49:54.0033 0x0798  Dhcp - ok
19:49:54.0043 0x0798  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:49:54.0043 0x0798  discache - ok
19:49:54.0063 0x0798  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:49:54.0063 0x0798  Disk - ok
19:49:54.0103 0x0798  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:49:54.0103 0x0798  Dnscache - ok
19:49:54.0123 0x0798  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:49:54.0133 0x0798  dot3svc - ok
19:49:54.0153 0x0798  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:49:54.0163 0x0798  DPS - ok
19:49:54.0183 0x0798  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:49:54.0183 0x0798  drmkaud - ok
19:49:54.0223 0x0798  [ 53BD875C7C0808235BFB803C1A8BE009, E56CFA0BD65E09C5F6957E1BF89824A3DF53E715A5BAE5B649D85C3AFF23D2C4 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:49:54.0243 0x0798  DXGKrnl - ok
19:49:54.0263 0x0798  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:49:54.0263 0x0798  EapHost - ok
19:49:54.0383 0x0798  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:49:54.0523 0x0798  ebdrv - ok
19:49:54.0613 0x0798  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:49:54.0633 0x0798  eeCtrl - ok
19:49:54.0653 0x0798  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
19:49:54.0653 0x0798  EFS - ok
19:49:54.0743 0x0798  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:49:54.0763 0x0798  ehRecvr - ok
19:49:54.0783 0x0798  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:49:54.0783 0x0798  ehSched - ok
19:49:54.0833 0x0798  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:49:54.0863 0x0798  elxstor - ok
19:49:54.0933 0x0798  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:49:54.0943 0x0798  EraserUtilRebootDrv - ok
19:49:54.0963 0x0798  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:49:54.0973 0x0798  ErrDev - ok
19:49:55.0023 0x0798  esgiguard - ok
19:49:55.0083 0x0798  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:49:55.0103 0x0798  EventSystem - ok
19:49:55.0183 0x0798  [ 23D401A43DADED10A153B9F3A7E66C91, 3B6466108FFB04EC07CA07D2EAAA9F6537CBE1F2D800AAADE9C1E0C8DBADDFB5 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:49:55.0203 0x0798  EvtEng - ok
19:49:55.0253 0x0798  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:49:55.0253 0x0798  exfat - ok
19:49:55.0273 0x0798  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:49:55.0283 0x0798  fastfat - ok
19:49:55.0313 0x0798  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:49:55.0333 0x0798  Fax - ok
19:49:55.0343 0x0798  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:49:55.0343 0x0798  fdc - ok
19:49:55.0353 0x0798  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:49:55.0363 0x0798  fdPHost - ok
19:49:55.0373 0x0798  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:49:55.0373 0x0798  FDResPub - ok
19:49:55.0393 0x0798  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:49:55.0393 0x0798  FileInfo - ok
19:49:55.0413 0x0798  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:49:55.0413 0x0798  Filetrace - ok
19:49:55.0433 0x0798  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:49:55.0433 0x0798  flpydisk - ok
19:49:55.0453 0x0798  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:49:55.0453 0x0798  FltMgr - ok
19:49:55.0523 0x0798  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
19:49:55.0543 0x0798  FontCache - ok
19:49:55.0583 0x0798  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:49:55.0583 0x0798  FontCache3.0.0.0 - ok
19:49:55.0603 0x0798  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:49:55.0603 0x0798  FsDepends - ok
19:49:55.0633 0x0798  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:49:55.0643 0x0798  Fs_Rec - ok
19:49:55.0693 0x0798  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:49:55.0703 0x0798  fvevol - ok
19:49:55.0743 0x0798  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:49:55.0743 0x0798  gagp30kx - ok
19:49:55.0783 0x0798  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:49:55.0783 0x0798  GEARAspiWDM - ok
19:49:55.0843 0x0798  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:49:55.0853 0x0798  gpsvc - ok
19:49:55.0943 0x0798  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:55.0953 0x0798  gupdate - ok
19:49:55.0963 0x0798  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:55.0973 0x0798  gupdatem - ok
19:49:56.0013 0x0798  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:49:56.0013 0x0798  gusvc - ok
19:49:56.0033 0x0798  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:49:56.0043 0x0798  hcw85cir - ok
19:49:56.0063 0x0798  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:49:56.0073 0x0798  HdAudAddService - ok
19:49:56.0103 0x0798  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:49:56.0113 0x0798  HDAudBus - ok
19:49:56.0123 0x0798  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:49:56.0123 0x0798  HidBatt - ok
19:49:56.0133 0x0798  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:49:56.0143 0x0798  HidBth - ok
19:49:56.0163 0x0798  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:49:56.0163 0x0798  HidIr - ok
19:49:56.0193 0x0798  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:49:56.0193 0x0798  hidserv - ok
19:49:56.0223 0x0798  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:49:56.0223 0x0798  HidUsb - ok
19:49:56.0253 0x0798  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:49:56.0263 0x0798  hkmsvc - ok
19:49:56.0283 0x0798  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:49:56.0293 0x0798  HomeGroupListener - ok
19:49:56.0313 0x0798  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:49:56.0313 0x0798  HomeGroupProvider - ok
19:49:56.0393 0x0798  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:49:56.0403 0x0798  HP Support Assistant Service - ok
19:49:56.0423 0x0798  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
19:49:56.0433 0x0798  hpdskflt - ok
19:49:56.0453 0x0798  [ DD1C51DF08CC320CF44A3EA65C6AEBA5, A8128A64D151386612E73FC55F395E50C64EF39B2CD15374F6BA50CDA21DF37F ] HPPRXSVC        C:\Program Files (x86)\Hewlett-Packard\HP Proximity Sensor\HPPRXSVC.exe
19:49:56.0453 0x0798  HPPRXSVC - ok
19:49:56.0553 0x0798  [ 514455F6586473791C5C6B25BA4E1BAB, 0C2CAE8F35241F1B936C502AAB7C9303C643D898BAB1D060FCA1E6B3A7D9FDB9 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:49:56.0573 0x0798  hpqwmiex - ok
19:49:56.0593 0x0798  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:49:56.0604 0x0798  HpSAMD - ok
19:49:56.0604 0x0798  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
19:49:56.0604 0x0798  hpsrv - ok
19:49:56.0634 0x0798  [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
19:49:56.0634 0x0798  HPWMISVC - ok
19:49:56.0674 0x0798  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:49:56.0684 0x0798  HTTP - ok
19:49:56.0694 0x0798  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:49:56.0694 0x0798  hwpolicy - ok
19:49:56.0724 0x0798  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:49:56.0724 0x0798  i8042prt - ok
19:49:56.0764 0x0798  [ F981817D0BD03EAC4FA60D0B2551A310, 662CA75185EEAA9D622834F95BC6B8FB48C5732FA5C14D08043C545916FB7F47 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:49:56.0774 0x0798  iaStor - ok
19:49:56.0804 0x0798  [ B1CC71046A714E6A6AF0A09EB7E05299, 75AC58DC7EE7391F6EB6AC93FF6AF510674D5C1BB6ABFE03AF0A524071554910 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:49:56.0804 0x0798  IAStorDataMgrSvc - ok
19:49:56.0824 0x0798  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:49:56.0834 0x0798  iaStorV - ok
19:49:56.0954 0x0798  [ 3A0FF117B4ADC5ABE4D968E26A337158, 95F4EB09158DD9B4927F71F83BE3A10DDD99C131C28D9683A7CCBB8C30769AB8 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:49:56.0994 0x0798  IconMan_R - ok
19:49:57.0074 0x0798  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:49:57.0094 0x0798  idsvc - ok
19:49:57.0204 0x0798  [ B96F641291378569E8525383FAA183EB, 9C728BA6B1D558B5C3F76003AE93DA61793DB4684E8FC326FF002CDC6060EED7 ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20131205.001\IDSvia64.sys
19:49:57.0224 0x0798  IDSVia64 - ok
19:49:57.0254 0x0798  IEEtwCollectorService - ok
19:49:57.0274 0x0798  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:49:57.0284 0x0798  iirsp - ok
19:49:57.0334 0x0798  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:49:57.0344 0x0798  IKEEXT - ok
19:49:57.0384 0x0798  [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
19:49:57.0384 0x0798  intaud_WaveExtensible - ok
19:49:57.0424 0x0798  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:49:57.0434 0x0798  IntcDAud - ok
19:49:57.0464 0x0798  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:49:57.0464 0x0798  intelide - ok
19:49:57.0804 0x0798  [ 33FAA40B288002C89529DBD14F3AB72C, 670BA536796322122EBD93F256331899DD2E1834471B017A58F74132EE8DFDB7 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
19:49:58.0164 0x0798  intelkmd - ok
19:49:58.0214 0x0798  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:49:58.0214 0x0798  intelppm - ok
19:49:58.0254 0x0798  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:49:58.0264 0x0798  IPBusEnum - ok
19:49:58.0284 0x0798  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:49:58.0284 0x0798  IpFilterDriver - ok
19:49:58.0344 0x0798  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:49:58.0364 0x0798  iphlpsvc - ok
19:49:58.0384 0x0798  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:49:58.0384 0x0798  IPMIDRV - ok
19:49:58.0394 0x0798  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:49:58.0404 0x0798  IPNAT - ok
19:49:58.0484 0x0798  [ B6E8B931EFEF4112C6A401931627DC6B, 89A0745360928F7DD0A522FF5FBFEED4FC831F37D6CF88D5E66FA91FD6F0A1DF ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:49:58.0494 0x0798  iPod Service - ok
19:49:58.0514 0x0798  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:49:58.0514 0x0798  IRENUM - ok
19:49:58.0524 0x0798  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:49:58.0524 0x0798  isapnp - ok
19:49:58.0544 0x0798  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:49:58.0554 0x0798  iScsiPrt - ok
19:49:58.0574 0x0798  [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
19:49:58.0574 0x0798  ISCT - ok
19:49:58.0594 0x0798  [ 24D261738C2AFB8A8D10821440C49EAA, 9781E89BD99887605B5E5956749A6094111D66F147F2D4DF3047E80CD9600850 ] ISCTAgent       C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
19:49:58.0594 0x0798  ISCTAgent - ok
19:49:58.0624 0x0798  [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
19:49:58.0624 0x0798  iwdbus - ok
19:49:58.0644 0x0798  JLTECH0227 - ok
19:49:58.0674 0x0798  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:49:58.0674 0x0798  kbdclass - ok
19:49:58.0694 0x0798  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:49:58.0704 0x0798  kbdhid - ok
19:49:58.0714 0x0798  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
19:49:58.0714 0x0798  KeyIso - ok
19:49:58.0744 0x0798  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:49:58.0754 0x0798  KSecDD - ok
19:49:58.0774 0x0798  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:49:58.0774 0x0798  KSecPkg - ok
19:49:58.0804 0x0798  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:49:58.0804 0x0798  ksthunk - ok
19:49:58.0834 0x0798  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:49:58.0844 0x0798  KtmRm - ok
19:49:58.0884 0x0798  [ 3CE6A9BEF066BF9488E6BC4D6C62F77E, CDE0A0DCD9A5A2E49DE55E720B5A6FFF502EE139C0EC8793638560E75BF2118C ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
19:49:58.0884 0x0798  L1C - ok
19:49:58.0934 0x0798  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:49:58.0954 0x0798  LanmanServer - ok
19:49:58.0974 0x0798  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:49:58.0984 0x0798  LanmanWorkstation - ok
19:49:59.0024 0x0798  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:49:59.0024 0x0798  lltdio - ok
19:49:59.0044 0x0798  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:49:59.0054 0x0798  lltdsvc - ok
19:49:59.0084 0x0798  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:49:59.0084 0x0798  lmhosts - ok
19:49:59.0114 0x0798  [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:49:59.0124 0x0798  LMS - ok
19:49:59.0164 0x0798  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:49:59.0164 0x0798  LSI_FC - ok
19:49:59.0194 0x0798  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:49:59.0194 0x0798  LSI_SAS - ok
19:49:59.0204 0x0798  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:49:59.0204 0x0798  LSI_SAS2 - ok
19:49:59.0224 0x0798  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:49:59.0224 0x0798  LSI_SCSI - ok
19:49:59.0234 0x0798  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:49:59.0234 0x0798  luafv - ok
19:49:59.0304 0x0798  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:49:59.0304 0x0798  MBAMProtector - ok
19:49:59.0384 0x0798  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:49:59.0394 0x0798  MBAMScheduler - ok
19:49:59.0484 0x0798  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:49:59.0504 0x0798  MBAMService - ok
19:49:59.0554 0x0798  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:49:59.0574 0x0798  Mcx2Svc - ok
19:49:59.0594 0x0798  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:49:59.0604 0x0798  megasas - ok
19:49:59.0644 0x0798  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:49:59.0654 0x0798  MegaSR - ok
19:49:59.0694 0x0798  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:49:59.0694 0x0798  MEIx64 - ok
19:49:59.0714 0x0798  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:49:59.0714 0x0798  MMCSS - ok
19:49:59.0734 0x0798  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:49:59.0734 0x0798  Modem - ok
19:49:59.0754 0x0798  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:49:59.0754 0x0798  monitor - ok
19:49:59.0764 0x0798  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:49:59.0764 0x0798  mouclass - ok
19:49:59.0794 0x0798  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:49:59.0794 0x0798  mouhid - ok
19:49:59.0814 0x0798  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:49:59.0824 0x0798  mountmgr - ok
19:49:59.0874 0x0798  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:49:59.0874 0x0798  MozillaMaintenance - ok
19:49:59.0894 0x0798  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:49:59.0904 0x0798  mpio - ok
19:49:59.0914 0x0798  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:49:59.0914 0x0798  mpsdrv - ok
19:49:59.0954 0x0798  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:49:59.0974 0x0798  MpsSvc - ok
19:49:59.0994 0x0798  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:50:00.0004 0x0798  MRxDAV - ok
19:50:00.0034 0x0798  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:50:00.0034 0x0798  mrxsmb - ok
19:50:00.0054 0x0798  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:50:00.0064 0x0798  mrxsmb10 - ok
19:50:00.0084 0x0798  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:50:00.0084 0x0798  mrxsmb20 - ok
19:50:00.0114 0x0798  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:50:00.0114 0x0798  msahci - ok
19:50:00.0134 0x0798  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:50:00.0134 0x0798  msdsm - ok
19:50:00.0154 0x0798  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:50:00.0154 0x0798  MSDTC - ok
19:50:00.0174 0x0798  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:50:00.0184 0x0798  Msfs - ok
19:50:00.0204 0x0798  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:50:00.0204 0x0798  mshidkmdf - ok
19:50:00.0224 0x0798  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:50:00.0224 0x0798  msisadrv - ok
19:50:00.0254 0x0798  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:50:00.0254 0x0798  MSiSCSI - ok
19:50:00.0264 0x0798  msiserver - ok
19:50:00.0284 0x0798  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:50:00.0284 0x0798  MSKSSRV - ok
19:50:00.0294 0x0798  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:50:00.0294 0x0798  MSPCLOCK - ok
19:50:00.0304 0x0798  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:50:00.0304 0x0798  MSPQM - ok
19:50:00.0324 0x0798  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:50:00.0334 0x0798  MsRPC - ok
19:50:00.0354 0x0798  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:50:00.0354 0x0798  mssmbios - ok
19:50:00.0364 0x0798  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:50:00.0364 0x0798  MSTEE - ok
19:50:00.0374 0x0798  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:50:00.0374 0x0798  MTConfig - ok
19:50:00.0384 0x0798  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:50:00.0384 0x0798  Mup - ok
19:50:00.0424 0x0798  [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3, 9CAFFECB0F59CC758C646F886D7A9A276A152B94EE58564BD03FBB48C4C7E396 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:50:00.0424 0x0798  MyWiFiDHCPDNS - ok
19:50:00.0444 0x0798  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:50:00.0454 0x0798  napagent - ok
19:50:00.0474 0x0798  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:50:00.0484 0x0798  NativeWifiP - ok
19:50:00.0564 0x0798  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131206.002\ENG64.SYS
19:50:00.0574 0x0798  NAVENG - ok
19:50:00.0654 0x0798  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131206.002\EX64.SYS
19:50:00.0684 0x0798  NAVEX15 - ok
19:50:00.0774 0x0798  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:50:00.0804 0x0798  NDIS - ok
19:50:00.0834 0x0798  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:50:00.0844 0x0798  NdisCap - ok
19:50:00.0864 0x0798  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:50:00.0864 0x0798  NdisTapi - ok
19:50:00.0874 0x0798  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:50:00.0874 0x0798  Ndisuio - ok
19:50:00.0894 0x0798  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:50:00.0904 0x0798  NdisWan - ok
19:50:00.0914 0x0798  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:50:00.0924 0x0798  NDProxy - ok
19:50:00.0924 0x0798  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:50:00.0934 0x0798  NetBIOS - ok
19:50:00.0944 0x0798  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:50:00.0954 0x0798  NetBT - ok
19:50:00.0964 0x0798  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
19:50:00.0964 0x0798  Netlogon - ok
19:50:00.0994 0x0798  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:50:00.0994 0x0798  Netman - ok
19:50:01.0034 0x0798  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:50:01.0034 0x0798  NetMsmqActivator - ok
19:50:01.0044 0x0798  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:50:01.0044 0x0798  NetPipeActivator - ok
19:50:01.0074 0x0798  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:50:01.0074 0x0798  netprofm - ok
19:50:01.0084 0x0798  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:50:01.0084 0x0798  NetTcpActivator - ok
19:50:01.0094 0x0798  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:50:01.0094 0x0798  NetTcpPortSharing - ok
19:50:01.0434 0x0798  [ FAD6C5610D020534401966CD72A1C306, 49D1AF9682464638BF7AC29A83E090F037543C3AA1F7E5970040633AFD5EAF29 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
19:50:01.0754 0x0798  NETwNs64 - ok
19:50:01.0804 0x0798  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:50:01.0804 0x0798  nfrd960 - ok
19:50:01.0964 0x0798  [ C87442B6D17912785DC143CEDCA508C9, 58599BC7EE1FFC66291BF38F1800AFE087195EE3E2305BAB9C7F18F9033A93E0 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
19:50:01.0974 0x0798  NIS - ok
19:50:02.0004 0x0798  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:50:02.0024 0x0798  NlaSvc - ok
19:50:02.0044 0x0798  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:50:02.0044 0x0798  Npfs - ok
19:50:02.0064 0x0798  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:50:02.0064 0x0798  nsi - ok
19:50:02.0074 0x0798  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:50:02.0074 0x0798  nsiproxy - ok
19:50:02.0144 0x0798  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:50:02.0244 0x0798  Ntfs - ok
19:50:02.0254 0x0798  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:50:02.0254 0x0798  Null - ok
19:50:02.0274 0x0798  [ 9A33100AC62A0463C49E47EE8E77083A, A4DD5329448A684E4EC83AEC229DA468E074D54BCBDBB6D938274B46202CDA18 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
19:50:02.0274 0x0798  nusb3hub - ok
19:50:02.0294 0x0798  [ 87C321F7BEE646B7EC6EEDD6EB725741, C21067F40656588203B8C938857B5598D201C59BD69F47715EF21EEE536BB882 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:50:02.0304 0x0798  nusb3xhc - ok
19:50:02.0334 0x0798  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
19:50:02.0344 0x0798  NVENETFD - ok
19:50:02.0374 0x0798  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:50:02.0384 0x0798  nvraid - ok
19:50:02.0394 0x0798  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:50:02.0404 0x0798  nvstor - ok
19:50:02.0414 0x0798  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:50:02.0424 0x0798  nv_agp - ok
19:50:02.0434 0x0798  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:50:02.0434 0x0798  ohci1394 - ok
19:50:02.0484 0x0798  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:50:02.0494 0x0798  ose - ok
19:50:02.0704 0x0798  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:50:02.0784 0x0798  osppsvc - ok
19:50:02.0824 0x0798  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:50:02.0834 0x0798  p2pimsvc - ok
19:50:02.0864 0x0798  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:50:02.0864 0x0798  p2psvc - ok
19:50:02.0874 0x0798  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
19:50:02.0884 0x0798  Parport - ok
19:50:02.0914 0x0798  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:50:02.0914 0x0798  partmgr - ok
19:50:02.0924 0x0798  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:50:02.0934 0x0798  PcaSvc - ok
19:50:02.0954 0x0798  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:50:02.0954 0x0798  pci - ok
19:50:02.0984 0x0798  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:50:02.0984 0x0798  pciide - ok
19:50:03.0004 0x0798  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:50:03.0004 0x0798  pcmcia - ok
19:50:03.0034 0x0798  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:50:03.0034 0x0798  pcw - ok
19:50:03.0054 0x0798  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:50:03.0074 0x0798  PEAUTH - ok
19:50:03.0134 0x0798  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:50:03.0134 0x0798  PerfHost - ok
19:50:03.0194 0x0798  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:50:03.0244 0x0798  pla - ok
19:50:03.0284 0x0798  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:50:03.0294 0x0798  PlugPlay - ok
19:50:03.0304 0x0798  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:50:03.0304 0x0798  PNRPAutoReg - ok
19:50:03.0324 0x0798  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:50:03.0324 0x0798  PNRPsvc - ok
19:50:03.0374 0x0798  [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64         C:\Windows\system32\DRIVERS\point64.sys
19:50:03.0374 0x0798  Point64 - ok
19:50:03.0414 0x0798  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:50:03.0424 0x0798  PolicyAgent - ok
19:50:03.0454 0x0798  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:50:03.0454 0x0798  Power - ok
19:50:03.0474 0x0798  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:50:03.0484 0x0798  PptpMiniport - ok
19:50:03.0504 0x0798  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:50:03.0504 0x0798  Processor - ok
19:50:03.0534 0x0798  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:50:03.0534 0x0798  ProfSvc - ok
19:50:03.0544 0x0798  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:50:03.0554 0x0798  ProtectedStorage - ok
19:50:03.0574 0x0798  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:50:03.0584 0x0798  Psched - ok
19:50:03.0604 0x0798  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
19:50:03.0604 0x0798  PxHlpa64 - ok
19:50:03.0654 0x0798  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:50:03.0694 0x0798  ql2300 - ok
19:50:03.0714 0x0798  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:50:03.0724 0x0798  ql40xx - ok
19:50:03.0744 0x0798  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:50:03.0754 0x0798  QWAVE - ok
19:50:03.0774 0x0798  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:50:03.0774 0x0798  QWAVEdrv - ok
19:50:03.0784 0x0798  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:50:03.0784 0x0798  RasAcd - ok
19:50:03.0814 0x0798  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:50:03.0814 0x0798  RasAgileVpn - ok
19:50:03.0824 0x0798  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:50:03.0834 0x0798  RasAuto - ok
19:50:03.0844 0x0798  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:50:03.0854 0x0798  Rasl2tp - ok
19:50:03.0864 0x0798  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:50:03.0874 0x0798  RasMan - ok
19:50:03.0884 0x0798  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:50:03.0884 0x0798  RasPppoe - ok
19:50:03.0904 0x0798  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:50:03.0904 0x0798  RasSstp - ok
19:50:03.0924 0x0798  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:50:03.0934 0x0798  rdbss - ok
19:50:03.0944 0x0798  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:50:03.0944 0x0798  rdpbus - ok
19:50:03.0964 0x0798  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:50:03.0964 0x0798  RDPCDD - ok
19:50:03.0974 0x0798  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:50:03.0974 0x0798  RDPENCDD - ok
19:50:03.0974 0x0798  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:50:03.0974 0x0798  RDPREFMP - ok
19:50:04.0014 0x0798  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:50:04.0024 0x0798  RdpVideoMiniport - ok
19:50:04.0054 0x0798  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:50:04.0054 0x0798  RDPWD - ok
19:50:04.0084 0x0798  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:50:04.0084 0x0798  rdyboost - ok
19:50:04.0134 0x0798  [ 0C2B4C3B10D183BE116A38353E937F62, 2523E6FAB400EA1F9B4A634C1CC427D1D6FDE4B36018FF469470961EB8E432FA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:50:04.0134 0x0798  RegSrvc - ok
19:50:04.0164 0x0798  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:50:04.0164 0x0798  RemoteAccess - ok
19:50:04.0194 0x0798  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:50:04.0194 0x0798  RemoteRegistry - ok
19:50:04.0224 0x0798  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:50:04.0224 0x0798  RFCOMM - ok
19:50:04.0234 0x0798  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:50:04.0234 0x0798  RpcEptMapper - ok
19:50:04.0264 0x0798  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:50:04.0264 0x0798  RpcLocator - ok
19:50:04.0284 0x0798  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:50:04.0294 0x0798  RpcSs - ok
19:50:04.0324 0x0798  [ 1F5E7AF59B390261A85F5BEDB1BB88B3, 8A0B23EED74475E6790EF03E54B53BB964A0EC08ADF28BD6AAFA9CF6BE6F20DA ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
19:50:04.0334 0x0798  RSPCIESTOR - ok
19:50:04.0354 0x0798  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:50:04.0364 0x0798  rspndr - ok
19:50:04.0374 0x0798  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
19:50:04.0374 0x0798  SamSs - ok
19:50:04.0394 0x0798  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:50:04.0394 0x0798  sbp2port - ok
19:50:04.0414 0x0798  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:50:04.0414 0x0798  SCardSvr - ok
19:50:04.0424 0x0798  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:50:04.0424 0x0798  scfilter - ok
19:50:04.0464 0x0798  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:50:04.0484 0x0798  Schedule - ok
19:50:04.0504 0x0798  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:50:04.0514 0x0798  SCPolicySvc - ok
19:50:04.0534 0x0798  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
19:50:04.0534 0x0798  sdbus - ok
19:50:04.0554 0x0798  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:50:04.0554 0x0798  SDRSVC - ok
19:50:04.0574 0x0798  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:50:04.0574 0x0798  secdrv - ok
19:50:04.0594 0x0798  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:50:04.0594 0x0798  seclogon - ok
19:50:04.0604 0x0798  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:50:04.0604 0x0798  SENS - ok
19:50:04.0624 0x0798  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:50:04.0624 0x0798  SensrSvc - ok
19:50:04.0644 0x0798  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:50:04.0644 0x0798  Serenum - ok
19:50:04.0654 0x0798  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
19:50:04.0664 0x0798  Serial - ok
19:50:04.0694 0x0798  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:50:04.0694 0x0798  sermouse - ok
19:50:04.0714 0x0798  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:50:04.0724 0x0798  SessionEnv - ok
19:50:04.0734 0x0798  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:50:04.0744 0x0798  sffdisk - ok
19:50:04.0754 0x0798  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:50:04.0754 0x0798  sffp_mmc - ok
19:50:04.0764 0x0798  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:50:04.0764 0x0798  sffp_sd - ok
19:50:04.0784 0x0798  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:50:04.0784 0x0798  sfloppy - ok
19:50:04.0824 0x0798  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:50:04.0834 0x0798  SharedAccess - ok
19:50:04.0854 0x0798  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:50:04.0864 0x0798  ShellHWDetection - ok
19:50:04.0884 0x0798  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:50:04.0884 0x0798  SiSRaid2 - ok
19:50:04.0894 0x0798  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:50:04.0904 0x0798  SiSRaid4 - ok
19:50:04.0944 0x0798  [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:50:04.0954 0x0798  SkypeUpdate - ok
19:50:04.0964 0x0798  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:50:04.0974 0x0798  Smb - ok
19:50:04.0994 0x0798  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:50:05.0004 0x0798  SNMPTRAP - ok
19:50:05.0004 0x0798  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:50:05.0004 0x0798  spldr - ok
19:50:05.0054 0x0798  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:50:05.0064 0x0798  Spooler - ok
19:50:05.0174 0x0798  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:50:05.0264 0x0798  sppsvc - ok
19:50:05.0284 0x0798  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:50:05.0284 0x0798  sppuinotify - ok
19:50:05.0424 0x0798  [ 8BFD1752AAA15BF47D668E9AC5AF96FB, EEC6CDA06A971D2E2C2634987228E550970C9246659C25DCCF87AC9CD08F55F3 ] SRTSP           C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS
19:50:05.0444 0x0798  SRTSP - ok
19:50:05.0454 0x0798  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS
19:50:05.0454 0x0798  SRTSPX - ok
19:50:05.0484 0x0798  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:50:05.0494 0x0798  srv - ok
19:50:05.0524 0x0798  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:50:05.0534 0x0798  srv2 - ok
19:50:05.0554 0x0798  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:50:05.0564 0x0798  SrvHsfHDA - ok
19:50:05.0614 0x0798  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:50:05.0654 0x0798  SrvHsfV92 - ok
19:50:05.0684 0x0798  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:50:05.0704 0x0798  SrvHsfWinac - ok
19:50:05.0724 0x0798  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:50:05.0734 0x0798  srvnet - ok
19:50:05.0744 0x0798  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:50:05.0754 0x0798  SSDPSRV - ok
19:50:05.0774 0x0798  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:50:05.0774 0x0798  SstpSvc - ok
19:50:05.0834 0x0798  [ D30FE3ECF1D6D521365FAE307B500BC0, 108C64964BE77994F0B8252759648BF87D1C4E6BC9678DE1D61008C99FD21049 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
19:50:05.0834 0x0798  STacSV - ok
19:50:05.0844 0x0798  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:50:05.0854 0x0798  stexstor - ok
19:50:05.0894 0x0798  [ 6F69D75F50E8FAF1003AA6CFB18B91EC, CADA1FE0B21830C45A4527BBF77B45DA8EA51350B6D7CAB9B880496D949FC6FF ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
19:50:05.0904 0x0798  STHDA - ok
19:50:05.0934 0x0798  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:50:05.0944 0x0798  stisvc - ok
19:50:05.0954 0x0798  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:50:05.0954 0x0798  swenum - ok
19:50:05.0984 0x0798  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:50:05.0994 0x0798  swprv - ok
19:50:06.0034 0x0798  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS
19:50:06.0044 0x0798  SymDS - ok
19:50:06.0154 0x0798  [ 08AF51153E441687130B759A8F6892ED, C9DFC0667EF9CE7FACBBB0DE53BD6E0DC9E0ED582CB89FBB2E7FE91CEAC47C5B ] SymEFA          C:\Windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS
19:50:06.0174 0x0798  SymEFA - ok
19:50:06.0254 0x0798  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:50:06.0254 0x0798  SymEvent - ok
19:50:06.0294 0x0798  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS
19:50:06.0304 0x0798  SymIRON - ok
19:50:06.0384 0x0798  [ 78A2F073AD9EA5EBC04A70931EA36C9A, 011395F07D7879D30E1700F060CA8C02407F8FFC99998B2E7507E7AF22578B68 ] SymNetS         C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS
19:50:06.0404 0x0798  SymNetS - ok
19:50:06.0454 0x0798  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:50:06.0464 0x0798  SynTP - ok
19:50:06.0524 0x0798  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:50:06.0564 0x0798  SysMain - ok
19:50:06.0574 0x0798  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:50:06.0584 0x0798  TabletInputService - ok
19:50:06.0604 0x0798  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:50:06.0604 0x0798  TapiSrv - ok
19:50:06.0614 0x0798  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:50:06.0624 0x0798  TBS - ok
19:50:06.0694 0x0798  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:50:06.0744 0x0798  Tcpip - ok
19:50:06.0804 0x0798  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:50:06.0834 0x0798  TCPIP6 - ok
19:50:06.0864 0x0798  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:50:06.0864 0x0798  tcpipreg - ok
19:50:06.0904 0x0798  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:50:06.0904 0x0798  TDPIPE - ok
19:50:06.0924 0x0798  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:50:06.0924 0x0798  TDTCP - ok
19:50:06.0934 0x0798  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:50:06.0944 0x0798  tdx - ok
19:50:06.0944 0x0798  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:50:06.0954 0x0798  TermDD - ok
19:50:06.0984 0x0798  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
19:50:06.0994 0x0798  TermService - ok
19:50:07.0004 0x0798  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:50:07.0004 0x0798  Themes - ok
19:50:07.0024 0x0798  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:50:07.0024 0x0798  THREADORDER - ok
19:50:07.0044 0x0798  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:50:07.0044 0x0798  TrkWks - ok
19:50:07.0094 0x0798  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:50:07.0094 0x0798  TrustedInstaller - ok
19:50:07.0124 0x0798  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:50:07.0124 0x0798  tssecsrv - ok
19:50:07.0154 0x0798  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:50:07.0154 0x0798  TsUsbFlt - ok
19:50:07.0184 0x0798  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:50:07.0194 0x0798  TsUsbGD - ok
19:50:07.0224 0x0798  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:50:07.0234 0x0798  tunnel - ok
19:50:07.0254 0x0798  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:50:07.0254 0x0798  uagp35 - ok
19:50:07.0274 0x0798  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:50:07.0284 0x0798  udfs - ok
19:50:07.0314 0x0798  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:50:07.0314 0x0798  UI0Detect - ok
19:50:07.0334 0x0798  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:50:07.0334 0x0798  uliagpkx - ok
19:50:07.0354 0x0798  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:50:07.0354 0x0798  umbus - ok
19:50:07.0374 0x0798  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:50:07.0374 0x0798  UmPass - ok
19:50:07.0524 0x0798  [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:50:07.0564 0x0798  UNS - ok
19:50:07.0574 0x0798  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:50:07.0584 0x0798  upnphost - ok
19:50:07.0614 0x0798  [ 30F02F642C2D141CAABD412B48A29D76, E94610E0CB46A9DD811AC03B028310D91E13B63A57A39749EEAC70FB5E729EE3 ] usb3Hub         C:\Windows\system32\DRIVERS\usb3Hub.sys
19:50:07.0624 0x0798  usb3Hub - ok
19:50:07.0664 0x0798  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:50:07.0675 0x0798  usbaudio - ok
19:50:07.0715 0x0798  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:50:07.0725 0x0798  usbccgp - ok
19:50:07.0755 0x0798  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:50:07.0765 0x0798  usbcir - ok
19:50:07.0785 0x0798  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:50:07.0795 0x0798  usbehci - ok
19:50:07.0835 0x0798  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:50:07.0845 0x0798  usbhub - ok
19:50:07.0865 0x0798  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:50:07.0865 0x0798  usbohci - ok
19:50:07.0895 0x0798  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:50:07.0895 0x0798  usbprint - ok
19:50:07.0935 0x0798  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:50:07.0935 0x0798  usbscan - ok
19:50:07.0955 0x0798  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:50:07.0965 0x0798  USBSTOR - ok
19:50:07.0985 0x0798  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:50:07.0985 0x0798  usbuhci - ok
19:50:08.0025 0x0798  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:50:08.0035 0x0798  usbvideo - ok
19:50:08.0055 0x0798  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:50:08.0065 0x0798  UxSms - ok
19:50:08.0075 0x0798  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
19:50:08.0075 0x0798  VaultSvc - ok
19:50:08.0095 0x0798  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:50:08.0095 0x0798  vdrvroot - ok
19:50:08.0125 0x0798  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:50:08.0155 0x0798  vds - ok
19:50:08.0175 0x0798  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:50:08.0175 0x0798  vga - ok
19:50:08.0195 0x0798  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:50:08.0195 0x0798  VgaSave - ok
19:50:08.0215 0x0798  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:50:08.0225 0x0798  vhdmp - ok
19:50:08.0245 0x0798  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:50:08.0245 0x0798  viaide - ok
19:50:08.0265 0x0798  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:50:08.0265 0x0798  volmgr - ok
19:50:08.0285 0x0798  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:50:08.0295 0x0798  volmgrx - ok
19:50:08.0315 0x0798  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:50:08.0325 0x0798  volsnap - ok
19:50:08.0345 0x0798  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:50:08.0355 0x0798  vsmraid - ok
19:50:08.0415 0x0798  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:50:08.0455 0x0798  VSS - ok
19:50:08.0465 0x0798  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:50:08.0475 0x0798  vwifibus - ok
19:50:08.0495 0x0798  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:50:08.0495 0x0798  vwififlt - ok
19:50:08.0515 0x0798  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:50:08.0515 0x0798  vwifimp - ok
19:50:08.0545 0x0798  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:50:08.0555 0x0798  W32Time - ok
19:50:08.0565 0x0798  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:50:08.0565 0x0798  WacomPen - ok
19:50:08.0595 0x0798  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:50:08.0595 0x0798  WANARP - ok
19:50:08.0605 0x0798  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:50:08.0605 0x0798  Wanarpv6 - ok
19:50:08.0695 0x0798  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:50:08.0745 0x0798  WatAdminSvc - ok
19:50:08.0795 0x0798  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:50:08.0835 0x0798  wbengine - ok
19:50:08.0865 0x0798  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:50:08.0865 0x0798  WbioSrvc - ok
19:50:08.0895 0x0798  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:50:08.0895 0x0798  wcncsvc - ok
19:50:08.0915 0x0798  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:50:08.0915 0x0798  WcsPlugInService - ok
19:50:08.0935 0x0798  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:50:08.0935 0x0798  Wd - ok
19:50:08.0975 0x0798  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:50:09.0005 0x0798  Wdf01000 - ok
19:50:09.0015 0x0798  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:50:09.0025 0x0798  WdiServiceHost - ok
19:50:09.0025 0x0798  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:50:09.0025 0x0798  WdiSystemHost - ok
19:50:09.0065 0x0798  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
19:50:09.0065 0x0798  WebClient - ok
19:50:09.0095 0x0798  [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:50:09.0105 0x0798  Wecsvc - ok
19:50:09.0115 0x0798  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:50:09.0115 0x0798  wercplsupport - ok
19:50:09.0135 0x0798  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:50:09.0135 0x0798  WerSvc - ok
19:50:09.0155 0x0798  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:50:09.0155 0x0798  WfpLwf - ok
19:50:09.0165 0x0798  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:50:09.0165 0x0798  WIMMount - ok
19:50:09.0195 0x0798  WinDefend - ok
19:50:09.0205 0x0798  WinHttpAutoProxySvc - ok
19:50:09.0265 0x0798  [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:50:09.0275 0x0798  Winmgmt - ok
19:50:09.0425 0x0798  [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:50:09.0545 0x0798  WinRM - ok
19:50:09.0595 0x0798  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:50:09.0595 0x0798  WinUsb - ok
19:50:09.0635 0x0798  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:50:09.0655 0x0798  Wlansvc - ok
19:50:09.0675 0x0798  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:50:09.0686 0x0798  wlcrasvc - ok
19:50:09.0796 0x0798  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:50:09.0836 0x0798  wlidsvc - ok
19:50:09.0866 0x0798  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:50:09.0866 0x0798  WmiAcpi - ok
19:50:09.0896 0x0798  [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:50:09.0896 0x0798  wmiApSrv - ok
19:50:09.0916 0x0798  WMPNetworkSvc - ok
19:50:09.0936 0x0798  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:50:09.0936 0x0798  WPCSvc - ok
19:50:09.0956 0x0798  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:50:09.0956 0x0798  WPDBusEnum - ok
19:50:09.0976 0x0798  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:50:09.0976 0x0798  ws2ifsl - ok
19:50:09.0986 0x0798  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:50:09.0986 0x0798  wscsvc - ok
19:50:09.0996 0x0798  WSearch - ok
19:50:10.0106 0x0798  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:50:10.0166 0x0798  wuauserv - ok
19:50:10.0196 0x0798  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:50:10.0206 0x0798  WudfPf - ok
19:50:10.0216 0x0798  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:50:10.0216 0x0798  wudfsvc - ok
19:50:10.0246 0x0798  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:50:10.0256 0x0798  WwanSvc - ok
19:50:10.0286 0x0798  [ 6FDEE5E0741A3FFA5E5772C6C94E3F64, 859EBC7F8FF3CE9F3301B5BF93CF0C84C2A4271F205B67D9B8DC463DC67DE661 ] XHCIPort        C:\Windows\system32\DRIVERS\XHCIPort.sys
19:50:10.0296 0x0798  XHCIPort - ok
19:50:10.0426 0x0798  [ D2FE4103450E52CB248D842501F84B90, 0775E540B5ACEE6FA90FC7BE87F45EB005F6593CDA252D64EBC509A350DDA038 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:50:10.0466 0x0798  ZeroConfigService - ok
19:50:10.0486 0x0798  ================ Scan global ===============================
19:50:10.0506 0x0798  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:50:10.0526 0x0798  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:50:10.0536 0x0798  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:50:10.0556 0x0798  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:50:10.0576 0x0798  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:50:10.0586 0x0798  [ Global ] - ok
19:50:10.0586 0x0798  ================ Scan MBR ==================================
19:50:10.0596 0x0798  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:50:10.0826 0x0798  \Device\Harddisk0\DR0 - ok
19:50:10.0826 0x0798  ================ Scan VBR ==================================
19:50:10.0826 0x0798  [ 83A352AD2557166D90F46E940F4BAE9C ] \Device\Harddisk0\DR0\Partition1
19:50:10.0826 0x0798  \Device\Harddisk0\DR0\Partition1 - ok
19:50:10.0836 0x0798  [ F3DE7075805F8CB1EB376CE75E24D385 ] \Device\Harddisk0\DR0\Partition2
19:50:10.0836 0x0798  \Device\Harddisk0\DR0\Partition2 - ok
19:50:10.0866 0x0798  [ 5F9320049EFC20210F5DCA776330FA58 ] \Device\Harddisk0\DR0\Partition3
19:50:10.0866 0x0798  \Device\Harddisk0\DR0\Partition3 - ok
19:50:10.0886 0x0798  [ CF1FF332C30E145908F48404B0E4BA1C ] \Device\Harddisk0\DR0\Partition4
19:50:10.0886 0x0798  \Device\Harddisk0\DR0\Partition4 - ok
19:50:10.0886 0x0798  Waiting for KSN requests completion. In queue: 391
19:50:11.0886 0x0798  Waiting for KSN requests completion. In queue: 80
19:50:12.0886 0x0798  Waiting for KSN requests completion. In queue: 80
19:50:13.0886 0x0798  Waiting for KSN requests completion. In queue: 80
19:50:14.0926 0x0798  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51000 ( enabled : updated )
19:50:14.0936 0x0798  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled )
19:50:17.0887 0x0798  ============================================================
19:50:17.0887 0x0798  Scan finished
19:50:17.0887 0x0798  ============================================================
19:50:17.0897 0x2524  Detected object count: 0
19:50:17.0897 0x2524  Actual detected object count: 0
 



#5 blazela

blazela
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 06 December 2013 - 11:15 PM

# AdwCleaner v3.014 - Report created 06/12/2013 at 20:10:32
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Cheryl - CHERYL-HP
# Running from : C:\Users\Cheryl\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Cheryl\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Cheryl\AppData\Roaming\digitalsite
Folder Deleted : C:\Users\Cheryl\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Cheryl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Folder Deleted : C:\Users\Cheryl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Cheryl\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Cheryl\AppData\Roaming\Mozilla\Firefox\Profiles\wp9cpn04.default\searchplugins\safesearch.xml
File Deleted : C:\Users\Cheryl\AppData\Roaming\Mozilla\Firefox\Profiles\wp9cpn04.default\user.js
File Deleted : C:\Users\Cheryl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Deleted : C:\Users\Cheryl\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Windows\Tasks\digitalsite.job
File Deleted : C:\Windows\System32\Tasks\digitalsite
File Deleted : C:\Windows\System32\Tasks\LaunchApp

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022442293}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445593}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446693}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044444493}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445593}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446693}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\Freeze.com
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Cheryl\AppData\Roaming\Mozilla\Firefox\Profiles\wp9cpn04.default\prefs.js ]

Line Deleted : user_pref("CT3297955_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1380302070990,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3297955");
Line Deleted : user_pref("extensions.crossrider.bic", "13b3e12df0840a16d77cf0c2fe871eee");
Line Deleted : user_pref("smartbar.machineId", "YPPU3CFQCFP1SKHWG0UCTJ33O39SQTWNNDHXFISOT6TRSQMX16OAIVVWN0DT2K8RSU5WQDKCNAZNZC76VBPJ0A");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Cheryl\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8685 octets] - [06/12/2013 20:08:38]
AdwCleaner[S0].txt - [8005 octets] - [06/12/2013 20:10:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8065 octets] ##########
 



#6 blazela

blazela
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 06 December 2013 - 11:30 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Cheryl on Fri 12/06/2013 at 20:20:39.36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441193}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441193}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Cheryl\AppData\Roaming\w3i, llc"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Cheryl\appdata\local\{1E7D33C6-D2EA-4D35-BA37-D5D1FC711AFD}
Successfully deleted: [Empty Folder] C:\Users\Cheryl\appdata\local\{661978D7-2CAD-44CF-8653-4033BF293CB4}
Successfully deleted: [Empty Folder] C:\Users\Cheryl\appdata\local\{9120EB85-EB9F-4FD4-BA5B-F8263E410606}
Successfully deleted: [Empty Folder] C:\Users\Cheryl\appdata\local\{92CDCD82-0587-40E9-A10B-44C579726BBD}
Successfully deleted: [Empty Folder] C:\Users\Cheryl\appdata\local\{D9BE40A6-A1DC-4DED-87A7-4BD40A285BD2}
Successfully deleted: [Empty Folder] C:\Users\Cheryl\appdata\local\{E2444ABA-B30C-4AC2-A176-F9283454C41C}



~~~ FireFox

Successfully deleted the following from C:\Users\Cheryl\AppData\Roaming\mozilla\firefox\profiles\wp9cpn04.default\prefs.js

user_pref("settings.premium.greatarcadehits.cl_addonData", "hxxp://tt.greatarcadehits.com/cljs?options=YTIyODg2NjQzNzT2v%2BSF2QBrgdO%2F19KzXG2Bph246%2BcInJoYAcgr1iRxnn6%2FnjTF
Emptied folder: C:\Users\Cheryl\AppData\Roaming\mozilla\firefox\profiles\wp9cpn04.default\minidumps [259 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Cheryl\appdata\local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 12/06/2013 at 20:28:32.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#7 blazela

blazela
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 07 December 2013 - 12:43 AM

I have completed all the steps on the above list.  Is there anything else I need to do? I hope this will clean-up my computer and eliminate the nationzoom virus that infected it.  If not, what is next?

 

I greatly appreciate all of you who have been helping solve my computer problem and apologize for being such a newbie.

 

Thank you very much. 



#8 blazela

blazela
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 07 December 2013 - 12:55 AM

I just finished all the steps which I thought would remove nationzoom.  I turned off my computer off completely, then started fresh.  I opened Firefox like I always do, and, nationzoom is still there!! First thing. I have to click on the home icon to open my home page. Then opening a tab which should open my most used sites, opens nationzoom instead.  It seems nothing has changed.  Now what? What else can you/I do?
 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:50 AM

Posted 07 December 2013 - 10:13 AM

It may be an Add On in FF
Look and see if you can Disable or remove Add-ons
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 blazela

blazela
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 07 December 2013 - 01:13 PM

I've been through the add-ons steps. That was one of my first attempts to remove nationzoom. It didn't work.  I reset FF to its default original setting, that didn't help. When I open FF the first page that comes up is nationzoom.  If I click on a tab, it goes to nationzoom. If I click on my homepage icon, I can get to my homepage, but again, a click on any tab takes me to nationzoom.  I am very frustrated, as the malware techs must be. What can be done with this short of stripping everything out of my computer, if that is even possible. More help please. 



#11 Quads

Quads

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CHCH New Zealand
  • Local time:05:50 PM

Posted 07 December 2013 - 06:02 PM

For Boopme

 

From what I have found in at least some (I can't say all systems)  nationzoom uses the Shortcut target infector method  and at the moment Adwcleaner and Shortcut cleaner does not detect the browser shortcuts for this domain,  Unless the programs were updated over night NZDT time.

 

 

Quads



#12 blazela

blazela
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 07 December 2013 - 06:19 PM

How does this help me. Is there something I should do? ---  Another thought.  I just opened Safari and nation zoom didn't load. I

 

uninstalled Chrome, and Mozilla Firefox.  I don't know if that helps anything,  nation zoom is probably still in there, but at least I don't

 

have to deal with it.  I still want to remove it entirely from my computer.  If could get IE out, too, I would.  Any thoughts?  -- Is there a

 

way to get this 'shortcut target infector method' removed?   Should I go through the whole cleanup process again?   Thanks again to 

 

you all for your help.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:50 AM

Posted 09 December 2013 - 11:40 AM

Best thing now is to get a deeper look and find where it is hooked.. Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:50 AM

Posted 09 December 2013 - 02:45 PM

Hi Grinler just added a removal tutorial
 
http://www.bleepingcomputer.com/virus-removal/remove-nationzoom.com-browser-hijacker
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 blazela

blazela
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 09 December 2013 - 09:14 PM

Unavailable until tomorrow or Wed to try next steps for nation zoom removal, but plan to try them out then.  thanks for advice.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users