Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer keeps turning off


  • This topic is locked This topic is locked
6 replies to this topic

#1 bcole

bcole

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 16 December 2013 - 07:48 PM

My computer randomly turns off. I think it is infected with something. Generally running very slow....

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16750  BrowserJavaVersion: 1.6.0_31
Run by BCole at 10:48:49 on 2013-12-16
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3032.1578 [GMT -8:00]
.
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\Program Files (x86)\Lenovo\System Update\SUService.exe
C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Windows\System32\TpShocks.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Digital Line Detect\DLG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\a\internetport3.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
C:\Users\BCole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BCole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BCole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BCole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BCole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BCole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uProxyServer = hxxp=127.0.0.1:8877;https=127.0.0.1:8877
uProxyOverride = <-loopback>
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: {E8C4D482-8BAA-4147-B4FC-79D89BA793A8} - <orphaned>
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
uRun: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
uRun: [Google Update] "C:\Users\BCole\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [autoauto] c.bat
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\BCole\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\BCole\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DIGITA~1.LNK - C:\Program Files (x86)\Digital Line Detect\DLG.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/swdir8d204.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{61CF3DBC-7BCE-4345-A5F7-61D3F4EF8C47} : DHCPNameServer = 68.87.66.249 162.150.8.28
TCP: Interfaces\{8B11442E-132C-4EE4-BE9A-D9FDC12757BF} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{8B11442E-132C-4EE4-BE9A-D9FDC12757BF}\4586560275169707F63747 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{8B11442E-132C-4EE4-BE9A-D9FDC12757BF}\64249402355727675696C6C616E63656026516E6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{8B11442E-132C-4EE4-BE9A-D9FDC12757BF}\649637860756F607C656 : DHCPNameServer = 75.75.75.75 75.75.76.76
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
x64-Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
x64-Run: [TpShocks] TpShocks.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\BCole\AppData\Roaming\Mozilla\Firefox\Profiles\4tmwxpxt.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Users\BCole\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\BCole\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32old.dll
FF - ExtSQL: 2013-12-13 23:26; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFF
FF - ExtSQL: 2013-12-15 19:19; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-12-19 55856]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-2-5 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-2-5 1129120]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2009-6-29 23592]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-3 1526488]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-2-5 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20131213.001\IDSviA64.sys [2013-12-13 521944]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2009-7-16 15400]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-2-5 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-2-5 405624]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2009-7-13 27136]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-2-5 138272]
R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2009-10-5 62320]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2009-12-19 292864]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-12-19 56344]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-2 31744]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2009-7-2 41536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2009-10-5 45424]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-10-28 107288]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 PCDSRVC{184E4FA0-DE8C26D4-06000000}_0;PCDSRVC{184E4FA0-DE8C26D4-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\progra~1\pc-doc~1\pcdsrvc_x64.pkms [2009-8-17 23536]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2009-12-19 75040]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-8-4 1124848]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2013-10-29 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2013-10-29 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2013-10-29 177640]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-10-28 204568]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-30 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2009-10-15 50176]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-22 1255736]
.
=============== Created Last 30 ================
.
2013-12-14 07:50:49 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-12-14 07:50:17 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-14 07:50:17 -------- d-----w- C:\Program Files\iTunes
2013-12-14 07:50:17 -------- d-----w- C:\Program Files\iPod
2013-12-14 07:50:17 -------- d-----w- C:\Program Files (x86)\iTunes
2013-12-14 07:46:57 -------- d-----w- C:\Program Files\Bonjour
2013-12-14 07:46:57 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-12-14 07:35:36 -------- d-----w- C:\Users\BCole\AppData\Roaming\Dropbox
2013-12-13 01:52:47 -------- d-----w- C:\Users\BCole\AppData\Roaming\uPlayer
2013-12-13 01:52:46 -------- d-----w- C:\Program Files (x86)\uPlayer
2013-12-13 01:52:26 -------- d-----w- C:\ProgramData\Updater
2013-12-13 01:52:26 -------- d-----w- C:\ProgramData\RHelpers
2013-12-13 01:52:17 -------- d-----w- C:\Users\BCole\AppData\Local\TNT2
2013-12-13 01:51:02 -------- d--h--w- C:\a
2013-12-12 11:04:22 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-12 11:04:22 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 11:04:21 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-12 11:04:21 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-11 16:54:18 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-12-04 01:48:45 -------- d-sh--w- C:\$RECYCLE.BIN
2013-12-04 01:44:23 -------- d-s---w- C:\ComboFix
2013-12-03 05:15:10 -------- d-----w- C:\Program Files\Waterfox
2013-11-24 06:59:54 14 ----a-w- C:\Windows\SysWow64\c.bat
.
==================== Find3M  ====================
.
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-10-28 09:12:12 204568 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2013-10-28 09:12:10 107288 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2013-10-25 06:19:22 2241536 ----a-w- C:\Windows\System32\wininet.dll
2013-10-25 06:17:57 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2013-10-25 06:17:52 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-10-25 06:17:52 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-10-25 04:45:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-10-25 04:43:42 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-10-25 04:43:38 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-10-25 04:43:38 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-10-25 04:07:48 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-10-25 03:41:01 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-10-25 03:17:49 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-10-25 02:49:34 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 02:16:30 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-04 01:36:04 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
.
============= FINISH: 10:49:57.50 ===============
 


BC AdBot (Login to Remove)

 


#2 bcole

bcole
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 18 December 2013 - 12:03 PM

Apologies about posting a couple times..my internet seems to be running slow.  Let me know if you ca still help me.



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,743 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:21 PM

Posted 21 December 2013 - 07:50 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/517694 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:21 AM

Posted 21 December 2013 - 10:28 PM

Hello,

Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan
    • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
    • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
===================================================

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

===================================================

On your next reply please post :
aswMBR log
MBR.dat (attached)
TDSS Killer log



Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#5 bcole

bcole
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 22 December 2013 - 11:08 PM

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-12-22 20:00:31
-----------------------------
20:00:31.189    OS Version: Windows x64 6.1.7601 Service Pack 1
20:00:31.190    Number of processors: 2 586 0x170A
20:00:31.192    ComputerName: BCOLE-LAPTOP  UserName: BCole
20:00:33.381    Initialize success
20:00:51.563    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:00:51.569    Disk 0 Vendor: FUJITSU_ 0084 Size: 152627MB BusType: 3
20:00:51.674    Disk 0 MBR read successfully
20:00:51.681    Disk 0 MBR scan
20:00:51.688    Disk 0 unknown MBR code
20:00:51.702    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS         1200 MB offset 2048
20:00:51.718    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       151425 MB offset 2459648
20:00:51.751    Disk 0 scanning C:\Windows\system32\drivers
20:01:00.151    Service scanning
20:01:02.796    Service BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20131203.001\BHDrvx64.sys **LOCKED** 5
20:01:03.620    Service ccSet_NIS C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys **LOCKED** 5
20:01:05.216    Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
20:01:05.646    Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
20:01:07.817    Service IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20131220.001\IDSvia64.sys **LOCKED** 5
20:01:10.710    Service NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20131222.006\ENG64.SYS **LOCKED** 5
20:01:10.808    Service NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20131222.006\EX64.SYS **LOCKED** 5
20:01:15.724    Service SRTSPX C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS **LOCKED** 5
20:01:16.416    Service SymDS C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS **LOCKED** 5
20:01:16.532    Service SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS **LOCKED** 5
20:01:16.606    Service SymIRON C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS **LOCKED** 5
20:01:16.677    Service SymNetS C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS **LOCKED** 5
20:01:20.835    Modules scanning
20:01:20.858    Disk 0 trace - called modules:
20:01:20.906    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
20:01:20.919    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003f17060]
20:01:20.939    3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8002e3ec10]
20:01:20.950    5 ACPI.sys[fffff88000f387a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002e77050]
20:01:20.958    Scan finished successfully
20:01:48.605    Disk 0 MBR has been saved successfully to "C:\Users\BCole\Desktop\CompFix\MBR.dat"
20:01:48.611    The log file has been saved successfully to "C:\Users\BCole\Desktop\CompFix\aswMBR.txt"
 

20:03:31.0083 0x06b0  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
20:03:34.0594 0x06b0  ============================================================
20:03:34.0594 0x06b0  Current date / time: 2013/12/22 20:03:34.0594
20:03:34.0594 0x06b0  SystemInfo:
20:03:34.0595 0x06b0  
20:03:34.0595 0x06b0  OS Version: 6.1.7601 ServicePack: 1.0
20:03:34.0595 0x06b0  Product type: Workstation
20:03:34.0595 0x06b0  ComputerName: BCOLE-LAPTOP
20:03:34.0595 0x06b0  UserName: BCole
20:03:34.0595 0x06b0  Windows directory: C:\Windows
20:03:34.0595 0x06b0  System windows directory: C:\Windows
20:03:34.0595 0x06b0  Running under WOW64
20:03:34.0595 0x06b0  Processor architecture: Intel x64
20:03:34.0595 0x06b0  Number of processors: 2
20:03:34.0595 0x06b0  Page size: 0x1000
20:03:34.0595 0x06b0  Boot type: Normal boot
20:03:34.0595 0x06b0  ============================================================
20:03:34.0918 0x06b0  KLMD registered as C:\Windows\system32\drivers\96053026.sys
20:03:35.0452 0x06b0  System UUID: {F8C7D91C-F964-6803-7B26-8EC55925938F}
20:03:35.0948 0x06b0  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
20:03:35.0959 0x06b0  ============================================================
20:03:35.0959 0x06b0  \Device\Harddisk0\DR0:
20:03:35.0959 0x06b0  MBR partitions:
20:03:35.0959 0x06b0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
20:03:35.0959 0x06b0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x127C0EB0
20:03:35.0959 0x06b0  ============================================================
20:03:35.0985 0x06b0  C: <-> \Device\Harddisk0\DR0\Partition2
20:03:35.0985 0x06b0  ============================================================
20:03:35.0985 0x06b0  Initialize success
20:03:35.0985 0x06b0  ============================================================
20:03:42.0188 0x0e08  ============================================================
20:03:42.0188 0x0e08  Scan started
20:03:42.0188 0x0e08  Mode: Manual; 
20:03:42.0189 0x0e08  ============================================================
20:03:42.0189 0x0e08  KSN ping started
20:03:44.0924 0x0e08  KSN ping finished: true
20:03:45.0219 0x0e08  ================ Scan system memory ========================
20:03:45.0219 0x0e08  System memory - ok
20:03:45.0220 0x0e08  ================ Scan services =============================
20:03:45.0767 0x0e08  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:03:45.0781 0x0e08  1394ohci - ok
20:03:45.0852 0x0e08  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:03:45.0877 0x0e08  ACPI - ok
20:03:45.0928 0x0e08  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:03:45.0929 0x0e08  AcpiPmi - ok
20:03:46.0024 0x0e08  [ BCAB739E5FEA28407076D757044A629F, D5CD8D60D2DA833E5240B95D864A1A3A7F946E7EDF843C5FBB4532A72270E2AC ] AcPrfMgrSvc     C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
20:03:46.0040 0x0e08  AcPrfMgrSvc - ok
20:03:46.0082 0x0e08  [ D6DD4F1596C54AFA5C6CCAE6842F9E44, 3E8C2C068768855DBD7EC73D78D714D297C02DCB4DAC874458EC0289A8CE7F0F ] AcSvc           C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
20:03:46.0099 0x0e08  AcSvc - ok
20:03:46.0175 0x0e08  [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:03:46.0179 0x0e08  AdobeARMservice - ok
20:03:46.0242 0x0e08  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:03:46.0284 0x0e08  adp94xx - ok
20:03:46.0328 0x0e08  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:03:46.0345 0x0e08  adpahci - ok
20:03:46.0361 0x0e08  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:03:46.0365 0x0e08  adpu320 - ok
20:03:46.0388 0x0e08  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:03:46.0389 0x0e08  AeLookupSvc - ok
20:03:46.0473 0x0e08  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
20:03:46.0490 0x0e08  AFD - ok
20:03:46.0538 0x0e08  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:03:46.0542 0x0e08  agp440 - ok
20:03:46.0577 0x0e08  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:03:46.0581 0x0e08  ALG - ok
20:03:46.0644 0x0e08  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:03:46.0645 0x0e08  aliide - ok
20:03:46.0691 0x0e08  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:03:46.0691 0x0e08  amdide - ok
20:03:46.0722 0x0e08  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:03:46.0724 0x0e08  AmdK8 - ok
20:03:46.0745 0x0e08  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:03:46.0748 0x0e08  AmdPPM - ok
20:03:46.0790 0x0e08  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:03:46.0793 0x0e08  amdsata - ok
20:03:46.0835 0x0e08  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:03:46.0842 0x0e08  amdsbs - ok
20:03:46.0860 0x0e08  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:03:46.0861 0x0e08  amdxata - ok
20:03:46.0915 0x0e08  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
20:03:46.0919 0x0e08  AppID - ok
20:03:46.0960 0x0e08  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:03:46.0962 0x0e08  AppIDSvc - ok
20:03:47.0014 0x0e08  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
20:03:47.0019 0x0e08  Appinfo - ok
20:03:47.0083 0x0e08  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:03:47.0089 0x0e08  Apple Mobile Device - ok
20:03:47.0151 0x0e08  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:03:47.0156 0x0e08  arc - ok
20:03:47.0182 0x0e08  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:03:47.0188 0x0e08  arcsas - ok
20:03:47.0227 0x0e08  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:03:47.0228 0x0e08  AsyncMac - ok
20:03:47.0255 0x0e08  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:03:47.0256 0x0e08  atapi - ok
20:03:47.0344 0x0e08  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:03:47.0367 0x0e08  AudioEndpointBuilder - ok
20:03:47.0398 0x0e08  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:03:47.0408 0x0e08  AudioSrv - ok
20:03:47.0461 0x0e08  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:03:47.0464 0x0e08  AxInstSV - ok
20:03:47.0512 0x0e08  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:03:47.0529 0x0e08  b06bdrv - ok
20:03:47.0570 0x0e08  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:03:47.0576 0x0e08  b57nd60a - ok
20:03:47.0622 0x0e08  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:03:47.0630 0x0e08  BDESVC - ok
20:03:47.0653 0x0e08  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:03:47.0654 0x0e08  Beep - ok
20:03:47.0757 0x0e08  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:03:47.0784 0x0e08  BFE - ok
20:03:47.0968 0x0e08  [ 613883A3BAC6920149C83ED751589433, 9846C1EE0916120C56F598AEA9C2C5B8F1AEDA06FDC3CCE8BAFD0480ACE93078 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20131203.001\BHDrvx64.sys
20:03:47.0993 0x0e08  BHDrvx64 - ok
20:03:48.0032 0x0e08  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
20:03:48.0066 0x0e08  BITS - ok
20:03:48.0104 0x0e08  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:03:48.0105 0x0e08  blbdrive - ok
20:03:48.0213 0x0e08  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:03:48.0232 0x0e08  Bonjour Service - ok
20:03:48.0282 0x0e08  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:03:48.0288 0x0e08  bowser - ok
20:03:48.0318 0x0e08  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:03:48.0319 0x0e08  BrFiltLo - ok
20:03:48.0341 0x0e08  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:03:48.0342 0x0e08  BrFiltUp - ok
20:03:48.0358 0x0e08  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
20:03:48.0361 0x0e08  BridgeMP - ok
20:03:48.0411 0x0e08  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:03:48.0416 0x0e08  Browser - ok
20:03:48.0452 0x0e08  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:03:48.0466 0x0e08  Brserid - ok
20:03:48.0496 0x0e08  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:03:48.0497 0x0e08  BrSerWdm - ok
20:03:48.0519 0x0e08  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:03:48.0520 0x0e08  BrUsbMdm - ok
20:03:48.0525 0x0e08  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:03:48.0525 0x0e08  BrUsbSer - ok
20:03:48.0586 0x0e08  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
20:03:48.0589 0x0e08  BthEnum - ok
20:03:48.0618 0x0e08  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:03:48.0623 0x0e08  BTHMODEM - ok
20:03:48.0650 0x0e08  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:03:48.0652 0x0e08  BthPan - ok
20:03:48.0682 0x0e08  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
20:03:48.0699 0x0e08  BTHPORT - ok
20:03:48.0747 0x0e08  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:03:48.0750 0x0e08  bthserv - ok
20:03:48.0767 0x0e08  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
20:03:48.0769 0x0e08  BTHUSB - ok
20:03:48.0798 0x0e08  catchme - ok
20:03:48.0844 0x0e08  [ 48360B88C4BF45850653BB7C86888ED4, 454C2DD81BFCC7FF4819CDFE3C5506E31A3FE86B06FB18009783CD2FEA74B0BF ] CAXHWAZL        C:\Windows\system32\DRIVERS\CAXHWAZL.sys
20:03:48.0864 0x0e08  CAXHWAZL - ok
20:03:48.0930 0x0e08  [ 2C6FFCCA37B002AAB3C7C31A6D780A76, C28B4B8CE8D42D4F3EECB2F47DC0DADE560E0725E7D41CD42F39F179D3C8F6B0 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys
20:03:48.0935 0x0e08  ccSet_NIS - ok
20:03:48.0949 0x0e08  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:03:48.0952 0x0e08  cdfs - ok
20:03:49.0012 0x0e08  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
20:03:49.0017 0x0e08  cdrom - ok
20:03:49.0071 0x0e08  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:03:49.0075 0x0e08  CertPropSvc - ok
20:03:49.0124 0x0e08  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:03:49.0128 0x0e08  circlass - ok
20:03:49.0175 0x0e08  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
20:03:49.0192 0x0e08  CLFS - ok
20:03:49.0264 0x0e08  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:03:49.0270 0x0e08  clr_optimization_v2.0.50727_32 - ok
20:03:49.0329 0x0e08  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:03:49.0337 0x0e08  clr_optimization_v2.0.50727_64 - ok
20:03:49.0417 0x0e08  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:03:49.0446 0x0e08  clr_optimization_v4.0.30319_32 - ok
20:03:49.0490 0x0e08  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:03:49.0495 0x0e08  clr_optimization_v4.0.30319_64 - ok
20:03:49.0526 0x0e08  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:03:49.0527 0x0e08  CmBatt - ok
20:03:49.0571 0x0e08  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:03:49.0573 0x0e08  cmdide - ok
20:03:49.0657 0x0e08  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
20:03:49.0682 0x0e08  CNG - ok
20:03:49.0740 0x0e08  [ A358EF95AFACC93AFCC2292F160A5FE4, 9AE68EF71AD62A2028E0A71428F9CCCD5E52A3FBB3C70CC04449479C58FA8171 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
20:03:49.0765 0x0e08  CnxtHdAudService - ok
20:03:49.0785 0x0e08  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:03:49.0785 0x0e08  Compbatt - ok
20:03:49.0832 0x0e08  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:03:49.0833 0x0e08  CompositeBus - ok
20:03:49.0847 0x0e08  COMSysApp - ok
20:03:49.0880 0x0e08  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:03:49.0881 0x0e08  crcdisk - ok
20:03:49.0946 0x0e08  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:03:49.0952 0x0e08  CryptSvc - ok
20:03:50.0019 0x0e08  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:03:50.0044 0x0e08  DcomLaunch - ok
20:03:50.0080 0x0e08  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:03:50.0097 0x0e08  defragsvc - ok
20:03:50.0145 0x0e08  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:03:50.0152 0x0e08  DfsC - ok
20:03:50.0198 0x0e08  [ 955FFE2B1D74A9E0E3E0E558E6A17F3B, C046C2EF86ED847954931E714A82A0F65ECB6B64068F4EB6F69C2A26CD5B848B ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
20:03:50.0205 0x0e08  dg_ssudbus - ok
20:03:50.0239 0x0e08  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:03:50.0246 0x0e08  Dhcp - ok
20:03:50.0273 0x0e08  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:03:50.0274 0x0e08  discache - ok
20:03:50.0305 0x0e08  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:03:50.0310 0x0e08  Disk - ok
20:03:50.0361 0x0e08  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:03:50.0366 0x0e08  Dnscache - ok
20:03:50.0404 0x0e08  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:03:50.0421 0x0e08  dot3svc - ok
20:03:50.0460 0x0e08  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:03:50.0465 0x0e08  DPS - ok
20:03:50.0515 0x0e08  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:03:50.0515 0x0e08  drmkaud - ok
20:03:50.0601 0x0e08  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:03:50.0621 0x0e08  DXGKrnl - ok
20:03:50.0661 0x0e08  [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
20:03:50.0668 0x0e08  e1yexpress - ok
20:03:50.0700 0x0e08  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:03:50.0702 0x0e08  EapHost - ok
20:03:50.0845 0x0e08  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:03:51.0002 0x0e08  ebdrv - ok
20:03:51.0122 0x0e08  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:03:51.0132 0x0e08  eeCtrl - ok
20:03:51.0169 0x0e08  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
20:03:51.0172 0x0e08  EFS - ok
20:03:51.0274 0x0e08  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:03:51.0346 0x0e08  ehRecvr - ok
20:03:51.0389 0x0e08  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:03:51.0395 0x0e08  ehSched - ok
20:03:51.0461 0x0e08  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:03:51.0486 0x0e08  elxstor - ok
20:03:51.0574 0x0e08  [ B5581646636759D0DAFA8B008881C079, 0CADE029ABDCDE3A89C0786F1698C93D9A7CC981EFB3761CF243E19E178FF611 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
20:03:51.0587 0x0e08  EPSON_EB_RPCV4_01 - ok
20:03:51.0604 0x0e08  [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
20:03:51.0608 0x0e08  EPSON_PM_RPCV4_01 - ok
20:03:51.0655 0x0e08  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:03:51.0658 0x0e08  EraserUtilRebootDrv - ok
20:03:51.0696 0x0e08  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:03:51.0698 0x0e08  ErrDev - ok
20:03:51.0760 0x0e08  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:03:51.0776 0x0e08  EventSystem - ok
20:03:51.0914 0x0e08  [ 51643EE2712D9212E1E53CA7E8D8EB4A, A365245D1F0354E57FDD23925259787ECE63E6B0C29F3DC2D43BD7027F06D906 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:03:51.0969 0x0e08  EvtEng - ok
20:03:51.0992 0x0e08  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:03:51.0996 0x0e08  exfat - ok
20:03:52.0036 0x0e08  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:03:52.0040 0x0e08  fastfat - ok
20:03:52.0132 0x0e08  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:03:52.0163 0x0e08  Fax - ok
20:03:52.0194 0x0e08  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:03:52.0195 0x0e08  fdc - ok
20:03:52.0207 0x0e08  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:03:52.0208 0x0e08  fdPHost - ok
20:03:52.0226 0x0e08  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:03:52.0228 0x0e08  FDResPub - ok
20:03:52.0245 0x0e08  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:03:52.0247 0x0e08  FileInfo - ok
20:03:52.0266 0x0e08  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:03:52.0267 0x0e08  Filetrace - ok
20:03:52.0285 0x0e08  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:03:52.0286 0x0e08  flpydisk - ok
20:03:52.0343 0x0e08  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:03:52.0357 0x0e08  FltMgr - ok
20:03:52.0454 0x0e08  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
20:03:52.0499 0x0e08  FontCache - ok
20:03:52.0560 0x0e08  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:03:52.0563 0x0e08  FontCache3.0.0.0 - ok
20:03:52.0591 0x0e08  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:03:52.0593 0x0e08  FsDepends - ok
20:03:52.0630 0x0e08  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:03:52.0631 0x0e08  Fs_Rec - ok
20:03:52.0699 0x0e08  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:03:52.0714 0x0e08  fvevol - ok
20:03:52.0736 0x0e08  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:03:52.0738 0x0e08  gagp30kx - ok
20:03:52.0807 0x0e08  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:03:52.0810 0x0e08  GEARAspiWDM - ok
20:03:52.0898 0x0e08  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:03:52.0929 0x0e08  gpsvc - ok
20:03:53.0070 0x0e08  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:03:53.0087 0x0e08  gupdate - ok
20:03:53.0107 0x0e08  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:03:53.0111 0x0e08  gupdatem - ok
20:03:53.0152 0x0e08  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:03:53.0153 0x0e08  hcw85cir - ok
20:03:53.0220 0x0e08  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:03:53.0237 0x0e08  HdAudAddService - ok
20:03:53.0281 0x0e08  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:03:53.0286 0x0e08  HDAudBus - ok
20:03:53.0315 0x0e08  [ 15C9789470B8855AC2F54FDF96802D13, 5375BBA13219456DA87023F206732BF76F934DC04C8E298C7C5E94944CC268D4 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
20:03:53.0317 0x0e08  HECIx64 - ok
20:03:53.0338 0x0e08  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:03:53.0339 0x0e08  HidBatt - ok
20:03:53.0361 0x0e08  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:03:53.0365 0x0e08  HidBth - ok
20:03:53.0389 0x0e08  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:03:53.0391 0x0e08  HidIr - ok
20:03:53.0415 0x0e08  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
20:03:53.0417 0x0e08  hidserv - ok
20:03:53.0458 0x0e08  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
20:03:53.0460 0x0e08  HidUsb - ok
20:03:53.0494 0x0e08  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:03:53.0499 0x0e08  hkmsvc - ok
20:03:53.0531 0x0e08  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:03:53.0548 0x0e08  HomeGroupListener - ok
20:03:53.0617 0x0e08  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:03:53.0632 0x0e08  HomeGroupProvider - ok
20:03:53.0685 0x0e08  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:03:53.0690 0x0e08  HpSAMD - ok
20:03:53.0835 0x0e08  [ 447256D1C026654C5CD3CC17E7B20631, F89589AC17BC50483E6687963370937E6CD19D6030F30D70577A7DA266116919 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
20:03:53.0878 0x0e08  HsfXAudioService - ok
20:03:53.0963 0x0e08  [ F6AC1087A131FBB385400667BEA64FBE, 131661287953708893FE564602E8ED6832B96CCA523C205EDE0C9E82DD930178 ] HSF_DPV         C:\Windows\system32\DRIVERS\CAX_DPV.sys
20:03:54.0053 0x0e08  HSF_DPV - ok
20:03:54.0129 0x0e08  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:03:54.0164 0x0e08  HTTP - ok
20:03:54.0199 0x0e08  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:03:54.0200 0x0e08  hwpolicy - ok
20:03:54.0251 0x0e08  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:03:54.0258 0x0e08  i8042prt - ok
20:03:54.0306 0x0e08  [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:03:54.0314 0x0e08  iaStor - ok
20:03:54.0361 0x0e08  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:03:54.0378 0x0e08  iaStorV - ok
20:03:54.0407 0x0e08  [ B8E7CA64FFF8B71636DEA3A845CC23E5, 84267CB5A930F9FF965C2DE23081F842BFC30C1A103877DFE47D9BBA938FD729 ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
20:03:54.0408 0x0e08  IBMPMDRV - ok
20:03:54.0418 0x0e08  [ 6DAEDF692B52B7C238C7199419318D16, D29F47AE2DA9D59479816370722A5789F8A9670E1F5EEA8E55365335007E7F8B ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
20:03:54.0421 0x0e08  IBMPMSVC - ok
20:03:54.0479 0x0e08  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:03:54.0522 0x0e08  idsvc - ok
20:03:54.0697 0x0e08  [ D7CB14B41DA52DF2EC143768E02F0E97, 97D6A49CA10508454F487F87F14249AE11646E365E89E3A2854AE05834DE9575 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20131220.001\IDSvia64.sys
20:03:54.0712 0x0e08  IDSVia64 - ok
20:03:55.0008 0x0e08  [ DFEAF0A1D98D397035012C8E28D1520F, 72C869B61E973E874D4F126AB4401E3B844B03D9AB91E44A23A0250B80DC99F9 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:03:55.0263 0x0e08  igfx - ok
20:03:55.0316 0x0e08  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:03:55.0317 0x0e08  iirsp - ok
20:03:55.0397 0x0e08  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:03:55.0445 0x0e08  IKEEXT - ok
20:03:55.0484 0x0e08  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:03:55.0485 0x0e08  intelide - ok
20:03:55.0501 0x0e08  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:03:55.0503 0x0e08  intelppm - ok
20:03:55.0538 0x0e08  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:03:55.0547 0x0e08  IPBusEnum - ok
20:03:55.0580 0x0e08  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:03:55.0583 0x0e08  IpFilterDriver - ok
20:03:55.0638 0x0e08  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:03:55.0672 0x0e08  iphlpsvc - ok
20:03:55.0709 0x0e08  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:03:55.0710 0x0e08  IPMIDRV - ok
20:03:55.0744 0x0e08  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:03:55.0747 0x0e08  IPNAT - ok
20:03:55.0803 0x0e08  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:03:55.0835 0x0e08  iPod Service - ok
20:03:55.0876 0x0e08  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:03:55.0878 0x0e08  IRENUM - ok
20:03:55.0901 0x0e08  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:03:55.0903 0x0e08  isapnp - ok
20:03:55.0935 0x0e08  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:03:55.0952 0x0e08  iScsiPrt - ok
20:03:55.0993 0x0e08  [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:03:55.0998 0x0e08  IviRegMgr - ok
20:03:56.0010 0x0e08  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
20:03:56.0012 0x0e08  kbdclass - ok
20:03:56.0052 0x0e08  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:03:56.0054 0x0e08  kbdhid - ok
20:03:56.0072 0x0e08  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
20:03:56.0075 0x0e08  KeyIso - ok
20:03:56.0125 0x0e08  [ 07071C1E3CD8F0F9114AAC8B072CA1E5, F72E49D9A77BBE28B135D5DDBD9037083D90400A6D61DA45B5D53C4ACFFAF932 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
20:03:56.0126 0x0e08  KMWDFILTER - ok
20:03:56.0171 0x0e08  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:03:56.0175 0x0e08  KSecDD - ok
20:03:56.0187 0x0e08  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:03:56.0193 0x0e08  KSecPkg - ok
20:03:56.0212 0x0e08  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:03:56.0213 0x0e08  ksthunk - ok
20:03:56.0245 0x0e08  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:03:56.0262 0x0e08  KtmRm - ok
20:03:56.0305 0x0e08  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:03:56.0311 0x0e08  LanmanServer - ok
20:03:56.0355 0x0e08  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:03:56.0367 0x0e08  LanmanWorkstation - ok
20:03:56.0415 0x0e08  [ D584216C7767DCFB4B812B9B60A4A4E7, D514959ECA9287B77DB2E28E2AD31AD1529939559D3E59F97F43BE11EB8DE954 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
20:03:56.0418 0x0e08  LENOVO.MICMUTE - ok
20:03:56.0429 0x0e08  [ 5ACFF5823634BC2C4EBF559C3B33E18E, 40E4E52C1A96F8E7F3A0E7755CBD27F7F55FC7CD682E61A496313D16BBE2C08C ] lenovo.smi      C:\Windows\system32\DRIVERS\smiifx64.sys
20:03:56.0431 0x0e08  lenovo.smi - ok
20:03:56.0458 0x0e08  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:03:56.0460 0x0e08  lltdio - ok
20:03:56.0506 0x0e08  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:03:56.0522 0x0e08  lltdsvc - ok
20:03:56.0538 0x0e08  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:03:56.0539 0x0e08  lmhosts - ok
20:03:56.0578 0x0e08  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:03:56.0581 0x0e08  LSI_FC - ok
20:03:56.0591 0x0e08  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:03:56.0594 0x0e08  LSI_SAS - ok
20:03:56.0613 0x0e08  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:03:56.0614 0x0e08  LSI_SAS2 - ok
20:03:56.0634 0x0e08  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:03:56.0637 0x0e08  LSI_SCSI - ok
20:03:56.0663 0x0e08  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:03:56.0666 0x0e08  luafv - ok
20:03:56.0708 0x0e08  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:03:56.0725 0x0e08  Mcx2Svc - ok
20:03:56.0757 0x0e08  [ E4F44EC214B3E381E1FC844A02926666, 6EE8C87EFCEFFBEA08B9B9DA036B37564542EE4D31942115CDBF895295DD5FE2 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:03:56.0758 0x0e08  mdmxsdk - ok
20:03:56.0779 0x0e08  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:03:56.0781 0x0e08  megasas - ok
20:03:56.0813 0x0e08  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:03:56.0829 0x0e08  MegaSR - ok
20:03:56.0866 0x0e08  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:03:56.0869 0x0e08  MMCSS - ok
20:03:56.0878 0x0e08  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:03:56.0879 0x0e08  Modem - ok
20:03:56.0908 0x0e08  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:03:56.0909 0x0e08  monitor - ok
20:03:56.0955 0x0e08  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
20:03:56.0957 0x0e08  mouclass - ok
20:03:56.0994 0x0e08  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:03:56.0996 0x0e08  mouhid - ok
20:03:57.0048 0x0e08  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:03:57.0052 0x0e08  mountmgr - ok
20:03:57.0115 0x0e08  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:03:57.0119 0x0e08  MozillaMaintenance - ok
20:03:57.0151 0x0e08  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:03:57.0156 0x0e08  mpio - ok
20:03:57.0164 0x0e08  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:03:57.0166 0x0e08  mpsdrv - ok
20:03:57.0248 0x0e08  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:03:57.0279 0x0e08  MpsSvc - ok
20:03:57.0319 0x0e08  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:03:57.0323 0x0e08  MRxDAV - ok
20:03:57.0376 0x0e08  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:03:57.0392 0x0e08  mrxsmb - ok
20:03:57.0458 0x0e08  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:03:57.0476 0x0e08  mrxsmb10 - ok
20:03:57.0501 0x0e08  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:03:57.0505 0x0e08  mrxsmb20 - ok
20:03:57.0549 0x0e08  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:03:57.0550 0x0e08  msahci - ok
20:03:57.0571 0x0e08  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:03:57.0575 0x0e08  msdsm - ok
20:03:57.0599 0x0e08  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:03:57.0604 0x0e08  MSDTC - ok
20:03:57.0644 0x0e08  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:03:57.0645 0x0e08  Msfs - ok
20:03:57.0666 0x0e08  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:03:57.0666 0x0e08  mshidkmdf - ok
20:03:57.0694 0x0e08  [ 26668CC2920DE2497A8E369B16E48CA3, 968E2000F20E538922288AB57596B8134E98946899D98E2493722CB3EEE18B14 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
20:03:57.0695 0x0e08  MSHUSBVideo - ok
20:03:57.0728 0x0e08  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:03:57.0729 0x0e08  msisadrv - ok
20:03:57.0761 0x0e08  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:03:57.0766 0x0e08  MSiSCSI - ok
20:03:57.0769 0x0e08  msiserver - ok
20:03:57.0802 0x0e08  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:03:57.0803 0x0e08  MSKSSRV - ok
20:03:57.0816 0x0e08  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:03:57.0816 0x0e08  MSPCLOCK - ok
20:03:57.0834 0x0e08  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:03:57.0835 0x0e08  MSPQM - ok
20:03:57.0886 0x0e08  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:03:57.0902 0x0e08  MsRPC - ok
20:03:57.0916 0x0e08  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:03:57.0917 0x0e08  mssmbios - ok
20:03:57.0931 0x0e08  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:03:57.0931 0x0e08  MSTEE - ok
20:03:57.0948 0x0e08  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:03:57.0948 0x0e08  MTConfig - ok
20:03:57.0960 0x0e08  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:03:57.0962 0x0e08  Mup - ok
20:03:58.0025 0x0e08  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:03:58.0046 0x0e08  napagent - ok
20:03:58.0102 0x0e08  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:03:58.0119 0x0e08  NativeWifiP - ok
20:03:58.0223 0x0e08  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20131222.006\ENG64.SYS
20:03:58.0240 0x0e08  NAVENG - ok
20:03:58.0364 0x0e08  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20131222.006\EX64.SYS
20:03:58.0471 0x0e08  NAVEX15 - ok
20:03:58.0581 0x0e08  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:03:58.0627 0x0e08  NDIS - ok
20:03:58.0665 0x0e08  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:03:58.0666 0x0e08  NdisCap - ok
20:03:58.0692 0x0e08  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:03:58.0692 0x0e08  NdisTapi - ok
20:03:58.0733 0x0e08  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:03:58.0734 0x0e08  Ndisuio - ok
20:03:58.0772 0x0e08  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:03:58.0779 0x0e08  NdisWan - ok
20:03:58.0824 0x0e08  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:03:58.0828 0x0e08  NDProxy - ok
20:03:58.0877 0x0e08  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:03:58.0881 0x0e08  NetBIOS - ok
20:03:58.0936 0x0e08  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:03:58.0952 0x0e08  NetBT - ok
20:03:58.0964 0x0e08  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
20:03:58.0966 0x0e08  Netlogon - ok
20:03:59.0000 0x0e08  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:03:59.0016 0x0e08  Netman - ok
20:03:59.0034 0x0e08  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:03:59.0046 0x0e08  netprofm - ok
20:03:59.0070 0x0e08  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:03:59.0073 0x0e08  NetTcpPortSharing - ok
20:03:59.0335 0x0e08  [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
20:03:59.0558 0x0e08  NETw5s64 - ok
20:03:59.0812 0x0e08  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
20:04:00.0024 0x0e08  netw5v64 - ok
20:04:00.0069 0x0e08  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:04:00.0070 0x0e08  nfrd960 - ok
20:04:00.0172 0x0e08  [ F2840DBFE9322F35557219AE82CC4597, 51AADE48DB7F61DFB3AF7CADF46250211B210DF35EA12E7767F1CACBA3B8F4D3 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
20:04:00.0175 0x0e08  NIS - ok
20:04:00.0236 0x0e08  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:04:00.0250 0x0e08  NlaSvc - ok
20:04:00.0261 0x0e08  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:04:00.0262 0x0e08  Npfs - ok
20:04:00.0283 0x0e08  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:04:00.0284 0x0e08  nsi - ok
20:04:00.0298 0x0e08  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:04:00.0299 0x0e08  nsiproxy - ok
20:04:00.0419 0x0e08  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:04:00.0506 0x0e08  Ntfs - ok
20:04:00.0529 0x0e08  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:04:00.0530 0x0e08  Null - ok
20:04:00.0561 0x0e08  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:04:00.0564 0x0e08  nvraid - ok
20:04:00.0601 0x0e08  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:04:00.0605 0x0e08  nvstor - ok
20:04:00.0639 0x0e08  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:04:00.0646 0x0e08  nv_agp - ok
20:04:00.0679 0x0e08  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:04:00.0681 0x0e08  ohci1394 - ok
20:04:00.0709 0x0e08  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:04:00.0726 0x0e08  p2pimsvc - ok
20:04:00.0761 0x0e08  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:04:00.0794 0x0e08  p2psvc - ok
20:04:00.0839 0x0e08  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:04:00.0843 0x0e08  Parport - ok
20:04:00.0885 0x0e08  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:04:00.0888 0x0e08  partmgr - ok
20:04:00.0919 0x0e08  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:04:00.0936 0x0e08  PcaSvc - ok
20:04:01.0030 0x0e08  [ 51209FBDB13A46E05C1B0077A9310264, 2EB5E29476A07B9E114F36DEFFAF71B3C6A4F2371E09AFDF12B37D5EA9890972 ] PCDSRVC{184E4FA0-DE8C26D4-06000000}_0 c:\progra~1\pc-doc~1\pcdsrvc_x64.pkms
20:04:01.0248 0x0e08  PCDSRVC{184E4FA0-DE8C26D4-06000000}_0 - ok
20:04:01.0305 0x0e08  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:04:01.0322 0x0e08  pci - ok
20:04:01.0361 0x0e08  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:04:01.0362 0x0e08  pciide - ok
20:04:01.0397 0x0e08  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:04:01.0405 0x0e08  pcmcia - ok
20:04:01.0421 0x0e08  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:04:01.0422 0x0e08  pcw - ok
20:04:01.0454 0x0e08  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:04:01.0479 0x0e08  PEAUTH - ok
20:04:01.0560 0x0e08  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:04:01.0561 0x0e08  PerfHost - ok
20:04:01.0654 0x0e08  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:04:01.0727 0x0e08  pla - ok
20:04:01.0763 0x0e08  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:04:01.0780 0x0e08  PlugPlay - ok
20:04:01.0806 0x0e08  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:04:01.0808 0x0e08  PNRPAutoReg - ok
20:04:01.0833 0x0e08  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:04:01.0839 0x0e08  PNRPsvc - ok
20:04:01.0877 0x0e08  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:04:01.0902 0x0e08  PolicyAgent - ok
20:04:01.0930 0x0e08  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:04:01.0935 0x0e08  Power - ok
20:04:01.0991 0x0e08  [ BF179CFCFDB28B9E28397835BEAFE332, D57C5AC11634944D06B66F7C28A784699B26D70AD31F0AF532F30CEE6ED37F5F ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
20:04:01.0998 0x0e08  Power Manager DBC Service - ok
20:04:02.0049 0x0e08  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:04:02.0056 0x0e08  PptpMiniport - ok
20:04:02.0085 0x0e08  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:04:02.0089 0x0e08  Processor - ok
20:04:02.0138 0x0e08  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:04:02.0147 0x0e08  ProfSvc - ok
20:04:02.0182 0x0e08  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:04:02.0184 0x0e08  ProtectedStorage - ok
20:04:02.0215 0x0e08  [ 515A7C5A0886FCC60901916785EFD549, B9B7C39CDBFC3860752C305433EADBC594AC2EEC66818E91F4AA779915A3A21C ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
20:04:02.0217 0x0e08  psadd - ok
20:04:02.0268 0x0e08  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:04:02.0273 0x0e08  Psched - ok
20:04:02.0296 0x0e08  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
20:04:02.0298 0x0e08  PxHlpa64 - ok
20:04:02.0380 0x0e08  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:04:02.0428 0x0e08  ql2300 - ok
20:04:02.0443 0x0e08  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:04:02.0446 0x0e08  ql40xx - ok
20:04:02.0491 0x0e08  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:04:02.0507 0x0e08  QWAVE - ok
20:04:02.0532 0x0e08  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:04:02.0534 0x0e08  QWAVEdrv - ok
20:04:02.0547 0x0e08  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:04:02.0548 0x0e08  RasAcd - ok
20:04:02.0579 0x0e08  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:04:02.0581 0x0e08  RasAgileVpn - ok
20:04:02.0604 0x0e08  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:04:02.0610 0x0e08  RasAuto - ok
20:04:02.0649 0x0e08  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:04:02.0653 0x0e08  Rasl2tp - ok
20:04:02.0705 0x0e08  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:04:02.0718 0x0e08  RasMan - ok
20:04:02.0749 0x0e08  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:04:02.0752 0x0e08  RasPppoe - ok
20:04:02.0769 0x0e08  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:04:02.0772 0x0e08  RasSstp - ok
20:04:02.0797 0x0e08  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:04:02.0814 0x0e08  rdbss - ok
20:04:02.0828 0x0e08  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:04:02.0829 0x0e08  rdpbus - ok
20:04:02.0847 0x0e08  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:04:02.0848 0x0e08  RDPCDD - ok
20:04:02.0877 0x0e08  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:04:02.0878 0x0e08  RDPENCDD - ok
20:04:02.0886 0x0e08  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:04:02.0886 0x0e08  RDPREFMP - ok
20:04:02.0924 0x0e08  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:04:02.0928 0x0e08  RDPWD - ok
20:04:02.0996 0x0e08  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:04:03.0012 0x0e08  rdyboost - ok
20:04:03.0127 0x0e08  [ 3B71B5B91E7DCA93585D5A86C897ADC4, F0A17C1282F7613B35932226598AF7B3F653FF74DB0107EBB63BC5F1DCFC757B ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:04:03.0168 0x0e08  RegSrvc - ok
20:04:03.0210 0x0e08  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:04:03.0215 0x0e08  RemoteAccess - ok
20:04:03.0252 0x0e08  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:04:03.0269 0x0e08  RemoteRegistry - ok
20:04:03.0312 0x0e08  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:04:03.0318 0x0e08  RFCOMM - ok
20:04:03.0356 0x0e08  [ F45D6E12EB99A668F52201637C67C8F5, B89F8F80A46C30C22FE5593E67FC42D5166F84429A3393ADB4B0BE71CA5513B1 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
20:04:03.0359 0x0e08  rimmptsk - ok
20:04:03.0383 0x0e08  [ EAC02ED935A9C1F2DDD8D985C465B854, 27CD869E30B2646A31A6A451D4800020505F64AEC3A9ACF59534955DE0C59033 ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
20:04:03.0385 0x0e08  rimsptsk - ok
20:04:03.0401 0x0e08  RimUsb - ok
20:04:03.0447 0x0e08  [ C903D49655B4AAE46673F0AAA6BE0F58, 0F861775323CC1792A4A4B43D6375532D982FBC9FCC03184B55101A2A579A832 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
20:04:03.0448 0x0e08  RimVSerPort - ok
20:04:03.0464 0x0e08  [ 931A8F843B4120DF527C3684DAF77FD9, 19EC186DFA31742A243414D1E31F7529FF69DD3E6DA545AB5FAD01269A3DB37E ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
20:04:03.0466 0x0e08  rismxdp - ok
20:04:03.0481 0x0e08  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
20:04:03.0482 0x0e08  ROOTMODEM - ok
20:04:03.0609 0x0e08  [ D8C44229EB2495E774350529ED9BE08D, D1EDBC7081B402B6DF5AB754EAF3042BADCF5A59C7C853282BB45C7F55B7545B ] RoxMediaDB10    C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
20:04:03.0652 0x0e08  RoxMediaDB10 - ok
20:04:03.0677 0x0e08  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:04:03.0679 0x0e08  RpcEptMapper - ok
20:04:03.0701 0x0e08  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:04:03.0703 0x0e08  RpcLocator - ok
20:04:03.0778 0x0e08  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\System32\rpcss.dll
20:04:03.0793 0x0e08  RpcSs - ok
20:04:03.0825 0x0e08  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:04:03.0827 0x0e08  rspndr - ok
20:04:03.0840 0x0e08  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
20:04:03.0842 0x0e08  SamSs - ok
20:04:03.0876 0x0e08  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:04:03.0879 0x0e08  sbp2port - ok
20:04:03.0926 0x0e08  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:04:03.0933 0x0e08  SCardSvr - ok
20:04:03.0963 0x0e08  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:04:03.0966 0x0e08  scfilter - ok
20:04:04.0059 0x0e08  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
20:04:04.0124 0x0e08  Schedule - ok
20:04:04.0166 0x0e08  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:04:04.0168 0x0e08  SCPolicySvc - ok
20:04:04.0234 0x0e08  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
20:04:04.0242 0x0e08  sdbus - ok
20:04:04.0278 0x0e08  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:04:04.0288 0x0e08  SDRSVC - ok
20:04:04.0367 0x0e08  [ 271077B91D7AD1B616F8AFDFE8E3F981, 1007314A72040A113AF2D7FE09139FD0E7E605CBFEC2287C0829FBE052A30882 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:04:04.0383 0x0e08  SeaPort - ok
20:04:04.0421 0x0e08  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:04:04.0422 0x0e08  secdrv - ok
20:04:04.0430 0x0e08  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
20:04:04.0433 0x0e08  seclogon - ok
20:04:04.0457 0x0e08  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
20:04:04.0460 0x0e08  SENS - ok
20:04:04.0485 0x0e08  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:04:04.0488 0x0e08  SensrSvc - ok
20:04:04.0520 0x0e08  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:04:04.0522 0x0e08  Serenum - ok
20:04:04.0549 0x0e08  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:04:04.0553 0x0e08  Serial - ok
20:04:04.0602 0x0e08  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:04:04.0605 0x0e08  sermouse - ok
20:04:04.0658 0x0e08  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:04:04.0664 0x0e08  SessionEnv - ok
20:04:04.0700 0x0e08  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:04:04.0701 0x0e08  sffdisk - ok
20:04:04.0714 0x0e08  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:04:04.0715 0x0e08  sffp_mmc - ok
20:04:04.0728 0x0e08  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:04:04.0729 0x0e08  sffp_sd - ok
20:04:04.0749 0x0e08  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:04:04.0750 0x0e08  sfloppy - ok
20:04:04.0806 0x0e08  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:04:04.0824 0x0e08  SharedAccess - ok
20:04:04.0851 0x0e08  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:04:04.0868 0x0e08  ShellHWDetection - ok
20:04:04.0907 0x0e08  [ 5A5346931CE61EA85F8338F7A03131F7, 365E1DF99E1D07FAB191CB959C2872CC9252D7C3F960A73FC47006A26152557C ] Shockprf        C:\Windows\system32\DRIVERS\Apsx64.sys
20:04:04.0910 0x0e08  Shockprf - ok
20:04:04.0947 0x0e08  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:04:04.0949 0x0e08  SiSRaid2 - ok
20:04:04.0972 0x0e08  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:04:04.0974 0x0e08  SiSRaid4 - ok
20:04:05.0053 0x0e08  [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:04:05.0070 0x0e08  SkypeUpdate - ok
20:04:05.0101 0x0e08  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:04:05.0103 0x0e08  Smb - ok
20:04:05.0138 0x0e08  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:04:05.0141 0x0e08  SNMPTRAP - ok
20:04:05.0151 0x0e08  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:04:05.0152 0x0e08  spldr - ok
20:04:05.0224 0x0e08  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:04:05.0248 0x0e08  Spooler - ok
20:04:05.0400 0x0e08  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:04:05.0546 0x0e08  sppsvc - ok
20:04:05.0580 0x0e08  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:04:05.0583 0x0e08  sppuinotify - ok
20:04:05.0629 0x0e08  [ D63FC56C7C3F9B576BC25F617E3F7963, 1F1D024A6A41DD93DE4F09999D90DB5148D87C1C1DDEFFC0407C6E59EB7199D1 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:04:05.0633 0x0e08  SQLWriter - ok
20:04:05.0755 0x0e08  [ 891793E00432FA055CF040605C260E49, 3DB1251B5473CDE19CAAA6C4FAC00414120209534F45A5CE24DCCC9645C989C2 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS
20:04:05.0794 0x0e08  SRTSP - ok
20:04:05.0840 0x0e08  [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E, E911DA0DCEE83F92DB97D933C8E35548C2D8F21850720E197DC31F75F681F32D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS
20:04:05.0842 0x0e08  SRTSPX - ok
20:04:05.0910 0x0e08  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:04:05.0937 0x0e08  srv - ok
20:04:05.0958 0x0e08  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:04:05.0975 0x0e08  srv2 - ok
20:04:06.0025 0x0e08  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:04:06.0032 0x0e08  SrvHsfHDA - ok
20:04:06.0095 0x0e08  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:04:06.0168 0x0e08  SrvHsfV92 - ok
20:04:06.0209 0x0e08  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:04:06.0243 0x0e08  SrvHsfWinac - ok
20:04:06.0268 0x0e08  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:04:06.0272 0x0e08  srvnet - ok
20:04:06.0327 0x0e08  [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
20:04:06.0343 0x0e08  ssadbus - ok
20:04:06.0381 0x0e08  [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:04:06.0383 0x0e08  ssadmdfl - ok
20:04:06.0411 0x0e08  [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
20:04:06.0416 0x0e08  ssadmdm - ok
20:04:06.0458 0x0e08  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:04:06.0477 0x0e08  SSDPSRV - ok
20:04:06.0503 0x0e08  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:04:06.0512 0x0e08  SstpSvc - ok
20:04:06.0550 0x0e08  [ BB94A5E2CEE5FD83BA5A72A37AECADDF, 2A94AFAF671F11CD496A41687C48B3FF2870B6CA12184E2E29FDCA73544C2B2A ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
20:04:06.0557 0x0e08  ssudmdm - ok
20:04:06.0587 0x0e08  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:04:06.0588 0x0e08  stexstor - ok
20:04:06.0663 0x0e08  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:04:06.0697 0x0e08  stisvc - ok
20:04:06.0764 0x0e08  [ 3119E9BC5FAD5EA1CD31AE200A1DA591, 4F70033913545127026E0E738227F1010820F595747E5FFABFB15FFD5F8FF51D ] SUService       c:\Program Files (x86)\Lenovo\System Update\SUService.exe
20:04:06.0765 0x0e08  SUService - ok
20:04:06.0810 0x0e08  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:04:06.0812 0x0e08  swenum - ok
20:04:06.0844 0x0e08  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:04:06.0877 0x0e08  swprv - ok
20:04:06.0953 0x0e08  [ 8B2430762099598DA40686F754632EFD, BEF443EB8CDB8792E8B9CF861E8D2205DEA336BC24A92417D67DD5A28DD35BE9 ] SymDS           C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS
20:04:06.0977 0x0e08  SymDS - ok
20:04:07.0051 0x0e08  [ 5CB7F2FD7E30A0F52F93574BFC3A8041, C44FC8931C6BC5F9B0EDC64796ED87A68CDCF9D88815A7CE8D73CC195DAF00DE ] SymEFA          C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS
20:04:07.0121 0x0e08  SymEFA - ok
20:04:07.0182 0x0e08  [ 894579207E39C465737E850A252CE4F2, 9441C99E4853183E53E201FE7D3271ECFAEFD124DF77802B3DCA3728F09293DA ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:04:07.0199 0x0e08  SymEvent - ok
20:04:07.0243 0x0e08  [ 5013A76CAAA1D7CF1C55214B490B4E35, B7AC28C29C4152977A6313FB47984643EC395BCDD9B417853D4E31D7AD98598B ] SymIRON         C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS
20:04:07.0250 0x0e08  SymIRON - ok
20:04:07.0278 0x0e08  [ 3911BD0E68C010E5438A87706ABBE9AB, C79D2444830E4AE8A36D8686635463BF34B22913AA417A48AB0AC0A48F7D227B ] SymNetS         C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS
20:04:07.0312 0x0e08  SymNetS - ok
20:04:07.0356 0x0e08  [ 929C9FA0B18AD2EBC8340591C4BF00FF, 710704028A069EEC918F67D9776AF1367005E3EF8536F2516CB5A12163AFDE8E ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:04:07.0373 0x0e08  SynTP - ok
20:04:07.0479 0x0e08  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
20:04:07.0532 0x0e08  SysMain - ok
20:04:07.0565 0x0e08  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:04:07.0569 0x0e08  TabletInputService - ok
20:04:07.0597 0x0e08  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:04:07.0614 0x0e08  TapiSrv - ok
20:04:07.0633 0x0e08  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:04:07.0636 0x0e08  TBS - ok
20:04:07.0769 0x0e08  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:04:07.0831 0x0e08  Tcpip - ok
20:04:07.0917 0x0e08  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:04:07.0948 0x0e08  TCPIP6 - ok
20:04:08.0001 0x0e08  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:04:08.0003 0x0e08  tcpipreg - ok
20:04:08.0027 0x0e08  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:04:08.0028 0x0e08  TDPIPE - ok
20:04:08.0064 0x0e08  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:04:08.0065 0x0e08  TDTCP - ok
20:04:08.0100 0x0e08  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:04:08.0102 0x0e08  tdx - ok
20:04:08.0149 0x0e08  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:04:08.0154 0x0e08  TermDD - ok
20:04:08.0228 0x0e08  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
20:04:08.0267 0x0e08  TermService - ok
20:04:08.0291 0x0e08  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:04:08.0293 0x0e08  Themes - ok
20:04:08.0382 0x0e08  [ 39AC444E07FDBD8C2E8E291A65D515D3, 4BFAEF295168AF4A78D3DE456B3819368BF55302EB17E1DB5391BDABB0E577A4 ] ThinkVantage Registry Monitor Service C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
20:04:08.0419 0x0e08  ThinkVantage Registry Monitor Service - ok
20:04:08.0451 0x0e08  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:04:08.0453 0x0e08  THREADORDER - ok
20:04:08.0461 0x0e08  [ 7E25F9AE51DAAC0791DF1EB949A58DBE, 6F29DBE6A779449849C8A52E6F880FCA6BA793E5D7F6737C29F14CFDFDC0CC5F ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM64.sys
20:04:08.0461 0x0e08  TPDIGIMN - ok
20:04:08.0491 0x0e08  [ DD96DE244CB186207149BC897E67217A, 5D58B752D0E0A7068F3D816A696E180FC213B68AAF02D5797B8563318F3DA9A6 ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG64.exe
20:04:08.0494 0x0e08  TPHDEXLGSVC - ok
20:04:08.0542 0x0e08  [ 3C6A42A8494D74F44F048BB7F9F2DB44, EE1E8F0C08502E4188865547B55EA4083795602AF68783E8C1A5C3BE04D0C063 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
20:04:08.0547 0x0e08  TPHKSVC - ok
20:04:08.0580 0x0e08  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
20:04:08.0582 0x0e08  TPM - ok
20:04:08.0610 0x0e08  [ 2C067E01D6BBCCC88B233B868E210907, F3BA21931BA25A773112CFB6EAD43CDF6EA3E7EA797BA1FFA99B5F1889DE6C7E ] TPPWRIF         C:\Windows\system32\drivers\Tppwr64v.sys
20:04:08.0612 0x0e08  TPPWRIF - ok
20:04:08.0639 0x0e08  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:04:08.0645 0x0e08  TrkWks - ok
20:04:08.0719 0x0e08  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:04:08.0735 0x0e08  TrustedInstaller - ok
20:04:08.0775 0x0e08  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:04:08.0777 0x0e08  tssecsrv - ok
20:04:08.0838 0x0e08  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:04:08.0840 0x0e08  TsUsbFlt - ok
20:04:08.0896 0x0e08  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:04:08.0900 0x0e08  tunnel - ok
20:04:09.0013 0x0e08  [ B56DA1AA776C15043D10F82B32AA000D, F9AC51F63994343D454168FACE284411A5F63CF98A253171C62FB8B1A06E1529 ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
20:04:09.0079 0x0e08  TVT Backup Service - ok
20:04:09.0119 0x0e08  [ FCFA0CFF6C50FF3A58A22A15EA2A9FE5, D9E9A2817FA1B672B0FB10892ADEF0EF634BC34AC08BE0B43A57D528E98938BF ] TVTI2C          C:\Windows\system32\DRIVERS\Tvti2c.sys
20:04:09.0121 0x0e08  TVTI2C - ok
20:04:09.0147 0x0e08  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:04:09.0153 0x0e08  uagp35 - ok
20:04:09.0191 0x0e08  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:04:09.0208 0x0e08  udfs - ok
20:04:09.0248 0x0e08  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:04:09.0256 0x0e08  UI0Detect - ok
20:04:09.0292 0x0e08  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:04:09.0296 0x0e08  uliagpkx - ok
20:04:09.0354 0x0e08  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
20:04:09.0358 0x0e08  umbus - ok
20:04:09.0382 0x0e08  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:04:09.0383 0x0e08  UmPass - ok
20:04:09.0419 0x0e08  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:04:09.0444 0x0e08  upnphost - ok
20:04:09.0481 0x0e08  [ 5CF1EAD086176DD3348E920A40BED03D, 493040014FB4F7122F5CC03AC24E72B3AE899012C3EB0B900915FE5304FE2F9C ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:04:09.0483 0x0e08  USBAAPL64 - ok
20:04:09.0542 0x0e08  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:04:09.0548 0x0e08  usbaudio - ok
20:04:09.0593 0x0e08  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:04:09.0596 0x0e08  usbccgp - ok
20:04:09.0633 0x0e08  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:04:09.0638 0x0e08  usbcir - ok
20:04:09.0682 0x0e08  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:04:09.0684 0x0e08  usbehci - ok
20:04:09.0729 0x0e08  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:04:09.0750 0x0e08  usbhub - ok
20:04:09.0770 0x0e08  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:04:09.0771 0x0e08  usbohci - ok
20:04:09.0817 0x0e08  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:04:09.0818 0x0e08  usbprint - ok
20:04:09.0866 0x0e08  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
20:04:09.0867 0x0e08  usbscan - ok
20:04:09.0902 0x0e08  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
20:04:09.0904 0x0e08  USBSTOR - ok
20:04:09.0929 0x0e08  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:04:09.0933 0x0e08  usbuhci - ok
20:04:09.0997 0x0e08  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:04:10.0014 0x0e08  usbvideo - ok
20:04:10.0052 0x0e08  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:04:10.0056 0x0e08  UxSms - ok
20:04:10.0068 0x0e08  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
20:04:10.0070 0x0e08  VaultSvc - ok
20:04:10.0100 0x0e08  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:04:10.0102 0x0e08  vdrvroot - ok
20:04:10.0174 0x0e08  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:04:10.0203 0x0e08  vds - ok
20:04:10.0241 0x0e08  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:04:10.0244 0x0e08  vga - ok
20:04:10.0290 0x0e08  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:04:10.0292 0x0e08  VgaSave - ok
20:04:10.0368 0x0e08  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:04:10.0381 0x0e08  vhdmp - ok
20:04:10.0412 0x0e08  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:04:10.0413 0x0e08  viaide - ok
20:04:10.0455 0x0e08  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:04:10.0457 0x0e08  volmgr - ok
20:04:10.0513 0x0e08  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:04:10.0538 0x0e08  volmgrx - ok
20:04:10.0564 0x0e08  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:04:10.0579 0x0e08  volsnap - ok
20:04:10.0621 0x0e08  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:04:10.0625 0x0e08  vsmraid - ok
20:04:10.0730 0x0e08  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:04:10.0789 0x0e08  VSS - ok
20:04:10.0810 0x0e08  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:04:10.0811 0x0e08  vwifibus - ok
20:04:10.0822 0x0e08  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:04:10.0824 0x0e08  vwififlt - ok
20:04:10.0850 0x0e08  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:04:10.0851 0x0e08  vwifimp - ok
20:04:10.0902 0x0e08  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:04:10.0930 0x0e08  W32Time - ok
20:04:10.0954 0x0e08  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:04:10.0956 0x0e08  WacomPen - ok
20:04:11.0010 0x0e08  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:04:11.0013 0x0e08  WANARP - ok
20:04:11.0027 0x0e08  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:04:11.0029 0x0e08  Wanarpv6 - ok
20:04:11.0120 0x0e08  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:04:11.0176 0x0e08  WatAdminSvc - ok
20:04:11.0280 0x0e08  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:04:11.0372 0x0e08  wbengine - ok
20:04:11.0418 0x0e08  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:04:11.0434 0x0e08  WbioSrvc - ok
20:04:11.0500 0x0e08  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:04:11.0529 0x0e08  wcncsvc - ok
20:04:11.0547 0x0e08  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:04:11.0552 0x0e08  WcsPlugInService - ok
20:04:11.0579 0x0e08  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:04:11.0580 0x0e08  Wd - ok
20:04:11.0644 0x0e08  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:04:11.0669 0x0e08  Wdf01000 - ok
20:04:11.0687 0x0e08  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:04:11.0691 0x0e08  WdiServiceHost - ok
20:04:11.0704 0x0e08  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:04:11.0706 0x0e08  WdiSystemHost - ok
20:04:11.0744 0x0e08  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
20:04:11.0761 0x0e08  WebClient - ok
20:04:11.0785 0x0e08  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:04:11.0794 0x0e08  Wecsvc - ok
20:04:11.0812 0x0e08  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:04:11.0816 0x0e08  wercplsupport - ok
20:04:11.0838 0x0e08  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:04:11.0842 0x0e08  WerSvc - ok
20:04:11.0861 0x0e08  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:04:11.0862 0x0e08  WfpLwf - ok
20:04:11.0877 0x0e08  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:04:11.0878 0x0e08  WIMMount - ok
20:04:11.0946 0x0e08  [ 1EDBBF412A382550AF6EB35F5E46928E, 23FC32929913CF784A78C334D0B0E9D812EA6BDF70BB5C993DDE492CBEE8265E ] winachsf        C:\Windows\system32\DRIVERS\CAX_CNXT.sys
20:04:11.0975 0x0e08  winachsf - ok
20:04:12.0004 0x0e08  WinDefend - ok
20:04:12.0015 0x0e08  WinHttpAutoProxySvc - ok
20:04:12.0080 0x0e08  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:04:12.0095 0x0e08  Winmgmt - ok
20:04:12.0206 0x0e08  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:04:12.0331 0x0e08  WinRM - ok
20:04:12.0381 0x0e08  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:04:12.0382 0x0e08  WinUsb - ok
20:04:12.0458 0x0e08  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:04:12.0487 0x0e08  Wlansvc - ok
20:04:12.0518 0x0e08  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:04:12.0519 0x0e08  WmiAcpi - ok
20:04:12.0549 0x0e08  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:04:12.0555 0x0e08  wmiApSrv - ok
20:04:12.0579 0x0e08  WMPNetworkSvc - ok
20:04:12.0607 0x0e08  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:04:12.0610 0x0e08  WPCSvc - ok
20:04:12.0657 0x0e08  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:04:12.0662 0x0e08  WPDBusEnum - ok
20:04:12.0677 0x0e08  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:04:12.0677 0x0e08  ws2ifsl - ok
20:04:12.0706 0x0e08  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
20:04:12.0710 0x0e08  wscsvc - ok
20:04:12.0713 0x0e08  WSearch - ok
20:04:12.0847 0x0e08  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:04:13.0022 0x0e08  wuauserv - ok
20:04:13.0057 0x0e08  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:04:13.0059 0x0e08  WudfPf - ok
20:04:13.0101 0x0e08  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:04:13.0105 0x0e08  WUDFRd - ok
20:04:13.0127 0x0e08  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:04:13.0131 0x0e08  wudfsvc - ok
20:04:13.0163 0x0e08  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:04:13.0170 0x0e08  WwanSvc - ok
20:04:13.0199 0x0e08  [ E8F3FA126A06F8E7088F63757112A186, FC742ECA6DD823C5B17A514EC4473F65EE290FA6501370675B3628FD881A1C4B ] XAudio          C:\Windows\system32\DRIVERS\XAudio64.sys
20:04:13.0200 0x0e08  XAudio - ok
20:04:13.0220 0x0e08  ================ Scan global ===============================
20:04:13.0236 0x0e08  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:04:13.0276 0x0e08  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:04:13.0292 0x0e08  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:04:13.0323 0x0e08  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:04:13.0339 0x0e08  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:04:13.0356 0x0e08  [ Global ] - ok
20:04:13.0356 0x0e08  ================ Scan MBR ==================================
20:04:13.0367 0x0e08  [ A0A94833CAA412542273F14394B60D31 ] \Device\Harddisk0\DR0
20:04:13.0701 0x0e08  \Device\Harddisk0\DR0 - ok
20:04:13.0701 0x0e08  ================ Scan VBR ==================================
20:04:13.0703 0x0e08  [ E966E6D1A2BBB22D3B3C35B12C668AD6 ] \Device\Harddisk0\DR0\Partition1
20:04:13.0705 0x0e08  \Device\Harddisk0\DR0\Partition1 - ok
20:04:13.0712 0x0e08  [ AC492913F932E30D1B3BFFA45C2D520A ] \Device\Harddisk0\DR0\Partition2
20:04:13.0713 0x0e08  \Device\Harddisk0\DR0\Partition2 - ok
20:04:13.0714 0x0e08  Waiting for KSN requests completion. In queue: 95
20:04:14.0714 0x0e08  Waiting for KSN requests completion. In queue: 95
20:04:15.0714 0x0e08  Waiting for KSN requests completion. In queue: 95
20:04:16.0745 0x0e08  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe ( 19.9.0.0 ), 0x50000 ( disabled : updated )
20:04:16.0746 0x0e08  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe ( 19.9.0.0 ), 0x50010 ( disabled )
20:04:16.0790 0x0e08  Win FW state via NFP2: enabled
20:04:19.0343 0x0e08  ============================================================
20:04:19.0343 0x0e08  Scan finished
20:04:19.0343 0x0e08  ============================================================
20:04:19.0361 0x137c  Detected object count: 0
20:04:19.0361 0x137c  Actual detected object count: 0

Attached Files

  • Attached File  MBR.zip   554bytes   0 downloads


#6 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:21 AM

Posted 23 December 2013 - 04:50 AM

Please read through these instructions to familiarize yourself with what to expect when this tool runs

Refer to the ComboFix User's Guide


Download ComboFix from one of these locations:

Link 1
Link 2



* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs


====================================================


Double click on combofix.exe & follow the prompts.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#7 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:21 AM

Posted 29 December 2013 - 10:43 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users