Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop infected with Conduit and Quickshare Malware


  • Please log in to reply
15 replies to this topic

#1 her1994

her1994

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:14 PM

Posted 22 December 2013 - 01:36 AM

My operation system is a Windows 8 laptop. 

I was looking for a file converter to convert music...I saw one on cnet downloads so I decided to download it since I usually download stuff from cnet...I downloaded the file and ran it...all of a sudden, programs started popping up on my laptop...like literally! Random icons I never saw before appeared...My laptop began to run slowly...the mouse icon would have a disc next to it, hinting that something was going on with the hard drive...The screen would freeze for a few seconds and then unfreeze. For sure, I knew my laptop was infected..I opened my internet browser [my default is Google Chrome] and the homepage and search engine were changed by the Movie Toolbar and Search which is a subset of Conduit. Conduit and Quickshare made my life miserable for the past three days. It slowed my system down so badly. As I bought this laptop earlier this year, it came with Norton. After the incident, my Norton stopped working...I click on it and it won't load on the lower right side of my toolbar. 

 

I looked at blogs and did a lot of crazy stuff. I scanned my laptop with adware cleaner, Junk Remover Tool, Malware Bytes and HitmanPro...I even ran a system restore to take my laptop to a few days before the infection hit...I scanned before and after the restore and got some files which I deleted which means I did a bad thing since I found malware even after the system restore. I don't want to reset my laptop to factory settings. I thought my laptop was back to normal, but sometimes, it will freeze randomly and my fan and CPU usage is so high...my fan wasn't always so loud or anything...in fact, it has never been loud to the point where I can hear it...

 

On a daily basis now, I scan my laptop with Hitman Pro to get rid of tracking cookies and anything else since Norton stopped working. There are no more infected files [OR I just can't find or see them], but I think my laptop is still infected since it keeps slowing and freezing. 


Edited by her1994, 22 December 2013 - 02:08 AM.


BC AdBot (Login to Remove)

 


#2 Brandon Young

Brandon Young

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hagerstown
  • Local time:07:14 PM

Posted 22 December 2013 - 01:52 AM

Well Did you try and defrag the os: If stuff was installed onto the drive like crazy and deleted you have to go to accessories and then system tools cleanup tool and then defrag tool after. That will Boost the speed up.


Edited by Brandon Young, 22 December 2013 - 01:52 AM.


#3 her1994

her1994
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:14 PM

Posted 22 December 2013 - 01:57 AM

I didn't because I have no idea how to do that; it didn't even cross my mind. Not trying to sound like an idiot or ignorant or anything but how would I do that? Would defrag-ing the system help even if there is a possibility there still might be an infection? 



#4 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 22 December 2013 - 02:13 AM

 
 

G'day 'her1994' and Welcome to BC !!

Can you go to your list of programs and tell me if any of these are present??

LyricsSing, AllLyrics-1, LyricXeeker, Plus-HD 1.3, Browse2Save, WebCake 3.00, DownloadTerms 1.0, QuickShare, TidyNetwork.com, QuickShare-1, QuickShare-1, SimpleLyrics

 

If so...uninstall them.....and keep an eye out for any other recently installed or unfamiliar programs as well.

 

Then, Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

and then  Download  MiniToolBox MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 
Click Go and copy / paste the result (Result.txt).

 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#5 her1994

her1994
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:14 PM

Posted 22 December 2013 - 02:26 AM

Condobloke, I searched in my list of programs and those that you named are not there or they don't show when I typed them into the Start Page for my Windows 8 laptop. Some of them probably existed before I used Hitman Pro and Malware Bytes to search and destroy them, because I do remember having a Quickshare-1 file. 

 

Results of screen317's Security Check version 0.99.77  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender           
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 Windows Defender MsMpEng.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
__________________________________________________________________________________________

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Lisa (administrator) on 21-12-2013 at 23:22:45
Running from "C:\Users\Lisa\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Intel® Centrino® Wireless-N 2230 = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 3 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 14" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 15" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Satellite
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net
 
Ethernet adapter Bluetooth Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #3
   Physical Address. . . . . . . . . : 60-6C-66-97-E9-78
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 60-6C-66-97-E9-75
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D4-C9-EF-80-67-ED
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2230
   Physical Address. . . . . . . . . : 60-6C-66-97-E9-74
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::fc39:4698:efc:bb80%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.75(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, December 21, 2013 7:44:44 PM
   Lease Expires . . . . . . . . . . : Sunday, December 22, 2013 10:23:05 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 207645798
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-31-39-C0-D4-C9-EF-80-67-ED
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.gateway.2wire.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:3823:3ebd:3f57:feb4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3823:3ebd:3f57:feb4%21(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  homeportal
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4005:802::1005
 74.125.239.129
 74.125.239.128
 74.125.239.137
 74.125.239.135
 74.125.239.131
 74.125.239.130
 74.125.239.142
 74.125.239.134
 74.125.239.132
 74.125.239.136
 74.125.239.133
 
 
Pinging google.com [74.125.239.132] with 32 bytes of data:
Reply from 74.125.239.132: bytes=32 time=35ms TTL=52
Reply from 74.125.239.132: bytes=32 time=35ms TTL=52
 
Ping statistics for 74.125.239.132:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 35ms, Maximum = 35ms, Average = 35ms
Server:  homeportal
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=151ms TTL=45
Reply from 98.138.253.109: bytes=32 time=83ms TTL=45
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 83ms, Maximum = 151ms, Average = 117ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=9ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 2ms, Maximum = 9ms, Average = 5ms
===========================================================================
Interface List
 28...60 6c 66 97 e9 78 ......Bluetooth Device (Personal Area Network) #3
 16...60 6c 66 97 e9 75 ......Microsoft Wi-Fi Direct Virtual Adapter
 13...d4 c9 ef 80 67 ed ......Realtek PCIe GBE Family Controller
 12...60 6c 66 97 e9 74 ......Intel® Centrino® Wireless-N 2230
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 21...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.75     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.75    281
     192.168.1.75  255.255.255.255         On-link      192.168.1.75    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.75    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.75    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.75    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 21    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 21    306 2001::/32                On-link
 21    306 2001:0:9d38:90d7:3823:3ebd:3f57:feb4/128
                                    On-link
 12    281 fe80::/64                On-link
 21    306 fe80::/64                On-link
 21    306 fe80::3823:3ebd:3f57:feb4/128
                                    On-link
 12    281 fe80::fc39:4698:efc:bb80/128
                                    On-link
  1    306 ff00::/8                 On-link
 21    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/21/2013 05:40:56 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (12/21/2013 04:52:18 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
 
Error: (12/20/2013 05:40:56 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (12/19/2013 08:25:34 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
 
 
System errors:
=============
 
Microsoft Office Sessions:
=========================
Error: (12/21/2013 05:40:56 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (12/21/2013 04:52:18 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
 
Error: (12/20/2013 05:40:56 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (12/19/2013 08:25:34 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
 
 
=========================== Installed Programs ============================
 
4 Elements II (Version: 2.2.0.98)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Airport Mania (Version: 2.2.0.95)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87)
Azteca (Version: 2.2.0.97)
Bejeweled 3 (Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.97)
Build-a-lot (Version: 2.2.0.98)
Cradle Of Egypt Collector's Edition (Version: 2.2.0.110)
Cradle of Rome 2 (Version: 2.2.0.98)
Curse at Twilight (Version: 3.0.2.32)
CyberLink LabelPrint (Version: 2.5.3.6326)
CyberLink Media Suite 10 (Version: 10.0.4.2928)
Cyberlink PhotoDirector (Version: 3.0.2.4128)
CyberLink Power2Go 8 (Version: 8.0.3.2527)
CyberLink PowerDirector 10 (Version: 10.0.4.3122)
CyberLink PowerDVD (Version: 10.0.8.5511)
CyberLink YouCam (Version: 3.5.6.6117)
D3DX10 (Version: 15.4.2368.0902)
Delicious: Emily's Childhood Memories Premium Edition (Version: 3.0.2.32)
Energy Star (Version: 1.0.9)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Farm Frenzy (Version: 2.2.0.98)
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
Governor of Poker 2 Premium Edition (Version: 2.2.0.110)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HitmanPro 3.7 (Version: 3.7.8.208)
House of 1000 Doors: Family Secrets (Version: 2.2.0.98)
HP 3D DriveGuard (Version: 6.0.15.1)
HP Connected Music (Meridian - installer) (Version: 1.0)
HP Connected Music (Meridian - player) (Version: 1.1 (build 71) hp)
HP CoolSense (Version: 2.20.11)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.3.0.0)
HP Postscript Converter (Version: 4.0.4100)
HP Quick Start (Version: 1.0.4660.30220)
HP Recovery Manager (Version: 9.00)
HP Registration Service (Version: 1.2.6317.4309)
HP SimplePass (Version: 6.0.100.276)
HP Support Assistant (Version: 7.0.39.15)
HP System Event Utility (Version: 1.0.10)
HP Utility Center (Version: 2.1.5)
HP Wireless Button Driver (Version: 1.1.2.1)
IDT Audio (Version: 1.0.6454.0)
Intel® Management Engine Components (Version: 8.1.30.1349)
Intel® PRO/Wireless Driver (Version: 16.01.5000.0577)
Intel® Processor Graphics (Version: 9.18.10.3071)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 3.0.1303.0326)
Intel® Rapid Storage Technology (Version: 12.0.7.1002)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 3.0.0.63463)
Intel® Smart Connect Technology 4.0 x64 (Version: 4.0.41.2072)
Intel® Update Manager (Version: 1.5.0.87)
Intel® WiDi (Version: 4.0.18.0)
Intel® PROSet/Wireless Software (Version: 16.1.5)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
Jewel Match 3 (Version: 2.2.0.98)
Luxor Evolved (Version: 2.2.0.98)
Mah Jong Medley (Version: 2.2.0.95)
Mahjongg Dimensions Deluxe: Tiles in Time (Version: 2.2.0.98)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1011)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Movie Maker (Version: 16.4.3505.0912)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Mystery P.I. - Curious Case of Counterfeit Cove (Version: 2.2.0.98)
Norton Internet Security (Version: 20.4.0.40)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4551.1011)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1011)
Office 15 Click-to-Run Localization Component (Version: 15.0.4551.1011)
oZone3D.Net FurMark v1.8.2
Peggle Nights (Version: 2.2.0.98)
Photo Gallery (Version: 16.4.3505.0912)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
Polar Bowler (Version: 2.2.0.97)
Realtek Ethernet Controller Driver (Version: 8.10.1226.2012)
Realtek PCIE Card Reader (Version: 6.2.9200.29053)
Roads of Rome 3 (Version: 2.2.0.98)
Royal Envoy 2 Collector's Edition (Version: 3.0.2.32)
swMSM (Version: 12.0.0.1)
Synaptics ClickPad Driver (Version: 16.5.3.3)
Tales of Lagoona (Version: 2.2.0.110)
Update Installer for WildTangent Games App
Vacation Quest™ - Australia (Version: 3.0.2.32)
Validity WBF DDK (Version: 4.5.122.0)
WildTangent Games (Version: 1.0.4.0)
WildTangent Games App (HP Games) (Version: 4.0.10.5)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Youda Jewel Shop (Version: 3.0.2.32)
Zuma's Revenge (Version: 2.2.0.98)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 20%
Total physical RAM: 8081.27 MB
Available physical RAM: 6418.39 MB
Total Pagefile: 9297.27 MB
Available Pagefile: 7572.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.1 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows) (Fixed) (Total:904.87 GB) (Free:837.45 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:25.87 GB) (Free:2.6 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\SATELLITE
 
Administrator            Guest                    Lisa                     
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 


#6 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 22 December 2013 - 02:43 AM

 
 

 Click the Chrome menu Chrome-button.png  button on the browser toolbar, select Tools and then click on Extensions.

In the Extensions tab, remove QuickShare, QuickShare-1 and any other unknown extensions by clicking the trash can Trash-Can-Chrome.png icon.
Basically, if you have not installed an extension, you should remove it from your web browser.

 

Don't get worried if there is nothing there.

 

Please Download  AdwCleaner
* Close all open programs and internet browsers.
* Double click on adwcleaner.exe to run the tool.
* Click on the Scan button.
* When the scan has finished click on the
Clean button.
* NOTE : Your computer will be
rebooted automatically. A text file will open after the restart.
* Please post the contents of that logfile with your next reply.
* You can find the logfile at C:\AdwCleaner.txt as well.
Once I OK the log, please click the Uninstall button to fully remove all items

 

 

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

 

I see you already have MBAM (malwarebytes) installed on your computer.

Please close all open applications and temporarily shutdown your antivirus to avoid any conflicts when running the tool.

Please UPDATE it, and run a quick scan.

It will ask to restart your computer, please allow it to do so.... very important
    Make sure you have re-enabled your Anti-Virus/Internet-Security applications after the restart

 

Post the log here for me

 

 

 

 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#7 her1994

her1994
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:14 PM

Posted 22 December 2013 - 03:29 AM

# AdwCleaner v3.015 - Report created 21/12/2013 at 23:51:07
# Updated 10/12/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Lisa - SATELLITE
# Running from : C:\Users\Lisa\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [6850 octets] - [15/12/2013 10:03:23]
AdwCleaner[R1].txt - [906 octets] - [15/12/2013 17:30:15]
AdwCleaner[R2].txt - [971 octets] - [19/12/2013 16:24:26]
AdwCleaner[R3].txt - [1091 octets] - [21/12/2013 23:50:14]
AdwCleaner[S0].txt - [6544 octets] - [15/12/2013 10:04:17]
AdwCleaner[S1].txt - [968 octets] - [15/12/2013 17:31:24]
AdwCleaner[S2].txt - [1031 octets] - [19/12/2013 16:25:54]
AdwCleaner[S3].txt - [1013 octets] - [21/12/2013 23:51:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1073 octets] ##########
______________________________________________________________________________
**I ran Adware many times already starting on the 15th of this month. Do you want to see the earlier logs? I have to go to Windows C: to see the Adware folder and then see the log. I see the quarantined stuff in the folder too. What should I do? 
______________________________________________________________________________
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 x64
Ran by Lisa on Sun 12/22/2013 at  0:09:47.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/22/2013 at  0:16:06.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
___________________________________________________________________________
**The JRT log is pretty empty because the "bad" eggs are mostly gone or hidden now. 
 
___________________________________________________________________________
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.22.02
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Lisa :: SATELLITE [administrator]
 
Protection: Enabled
 
12/22/2013 12:17:24 AM
mbam-log-2013-12-22 (00-17-24).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233898
Time elapsed: 4 minute(s), 55 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKCU\Software\koyotesoftmoviestoolbarha (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#8 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 22 December 2013 - 03:42 AM

Download TDSSKiller and save it to your desktop.
* Extract (unzip) its contents to your desktop.
* Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
* If an infected file is detected, the default action will be Cure, click on Continue.
* If a suspicious file is detected, the default action will be Skip, click on Continue.
* It may ask you to reboot the computer to complete the process. Click on Reboot Now.
* If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#9 her1994

her1994
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:14 PM

Posted 22 December 2013 - 03:49 AM

Here is the TDSSKILLER Log from today:

 

00:44:37.0486 0x07d8  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50

00:44:37.0486 0x07d8  UEFI system
00:44:41.0708 0x07d8  ============================================================
00:44:41.0708 0x07d8  Current date / time: 2013/12/22 00:44:41.0708
00:44:41.0708 0x07d8  SystemInfo:
00:44:41.0708 0x07d8  
00:44:41.0708 0x07d8  OS Version: 6.2.9200 ServicePack: 0.0
00:44:41.0708 0x07d8  Product type: Workstation
00:44:41.0708 0x07d8  ComputerName: SATELLITE
00:44:41.0708 0x07d8  UserName: Lisa
00:44:41.0708 0x07d8  Windows directory: C:\Windows
00:44:41.0708 0x07d8  System windows directory: C:\Windows
00:44:41.0708 0x07d8  Running under WOW64
00:44:41.0708 0x07d8  Processor architecture: Intel x64
00:44:41.0708 0x07d8  Number of processors: 4
00:44:41.0708 0x07d8  Page size: 0x1000
00:44:41.0708 0x07d8  Boot type: Normal boot
00:44:41.0708 0x07d8  ============================================================
00:44:42.0430 0x07d8  KLMD registered as C:\Windows\system32\drivers\36914160.sys
00:44:43.0040 0x07d8  System UUID: {EF6FA9F4-EE05-2191-E0CC-469838879DC7}
00:44:44.0227 0x07d8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:44:44.0227 0x07d8  ============================================================
00:44:44.0227 0x07d8  \Device\Harddisk0\DR0:
00:44:44.0227 0x07d8  GPT partitions:
00:44:44.0227 0x07d8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BDE3FE13-566E-4AF0-B766-E8D73BD702C7}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
00:44:44.0227 0x07d8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4D23FA5E-C98C-485F-9773-39C0D3D1BF77}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
00:44:44.0227 0x07d8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A77C97C7-7CEB-47FB-A864-B86D5552D89C}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
00:44:44.0227 0x07d8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9530E7C9-B57E-426E-91D8-D1910D29E25A}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x711BC800
00:44:44.0227 0x07d8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0520FE51-C79B-4A23-9DD4-E631B29C48A4}, Name: Basic data partition, StartLBA 0x71347000, BlocksNum 0x33BD000
00:44:44.0227 0x07d8  MBR partitions:
00:44:44.0227 0x07d8  ============================================================
00:44:44.0243 0x07d8  C: <-> \Device\Harddisk0\DR0\Partition4
00:44:44.0305 0x07d8  D: <-> \Device\Harddisk0\DR0\Partition5
00:44:44.0305 0x07d8  ============================================================
00:44:44.0305 0x07d8  Initialize success
00:44:44.0305 0x07d8  ============================================================
00:44:45.0922 0x0020  ============================================================
00:44:45.0922 0x0020  Scan started
00:44:45.0922 0x0020  Mode: Manual; 
00:44:45.0922 0x0020  ============================================================
00:44:45.0922 0x0020  KSN ping started
00:44:48.0404 0x0020  KSN ping finished: true
00:44:48.0804 0x0020  ================ Scan system memory ========================
00:44:48.0804 0x0020  System memory - ok
00:44:48.0804 0x0020  ================ Scan services =============================
00:44:48.0960 0x0020  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
00:44:48.0976 0x0020  1394ohci - ok
00:44:49.0007 0x0020  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
00:44:49.0007 0x0020  3ware - ok
00:44:49.0038 0x0020  [ F39180029723D7779C80360F9E255709, F4831FEE79AAF4DB66BF58D3F89B8A6DD8F38CD546B3C653BFF7052DDA112CC6 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
00:44:49.0054 0x0020  Accelerometer - ok
00:44:49.0085 0x0020  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
00:44:49.0101 0x0020  ACPI - ok
00:44:49.0116 0x0020  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
00:44:49.0132 0x0020  acpiex - ok
00:44:49.0147 0x0020  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
00:44:49.0147 0x0020  acpipagr - ok
00:44:49.0163 0x0020  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
00:44:49.0163 0x0020  AcpiPmi - ok
00:44:49.0194 0x0020  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
00:44:49.0194 0x0020  acpitime - ok
00:44:49.0226 0x0020  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
00:44:49.0241 0x0020  adp94xx - ok
00:44:49.0272 0x0020  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
00:44:49.0288 0x0020  adpahci - ok
00:44:49.0304 0x0020  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
00:44:49.0319 0x0020  adpu320 - ok
00:44:49.0351 0x0020  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:44:49.0366 0x0020  AeLookupSvc - ok
00:44:49.0413 0x0020  [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD             C:\Windows\system32\drivers\afd.sys
00:44:49.0429 0x0020  AFD - ok
00:44:49.0460 0x0020  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
00:44:49.0460 0x0020  agp440 - ok
00:44:49.0491 0x0020  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
00:44:49.0491 0x0020  ALG - ok
00:44:49.0523 0x0020  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
00:44:49.0523 0x0020  AllUserInstallAgent - ok
00:44:49.0538 0x0020  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
00:44:49.0554 0x0020  AmdK8 - ok
00:44:49.0585 0x0020  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
00:44:49.0585 0x0020  AmdPPM - ok
00:44:49.0601 0x0020  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:44:49.0601 0x0020  amdsata - ok
00:44:49.0632 0x0020  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
00:44:49.0648 0x0020  amdsbs - ok
00:44:49.0679 0x0020  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:44:49.0679 0x0020  amdxata - ok
00:44:49.0741 0x0020  [ 823F34D1DEF120A657BB7529ABF4461F, C56D6614F6B3DA13DF7F6AC6B70ACA39D1DB146F7324CF96029CA038C3063DB3 ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
00:44:49.0741 0x0020  AppHostSvc - ok
00:44:49.0757 0x0020  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
00:44:49.0757 0x0020  AppID - ok
00:44:49.0819 0x0020  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:44:49.0819 0x0020  AppIDSvc - ok
00:44:49.0835 0x0020  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll
00:44:49.0835 0x0020  Appinfo - ok
00:44:49.0882 0x0020  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
00:44:49.0882 0x0020  arc - ok
00:44:49.0898 0x0020  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
00:44:49.0898 0x0020  arcsas - ok
00:44:49.0991 0x0020  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:44:49.0991 0x0020  aspnet_state - ok
00:44:50.0011 0x0020  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:44:50.0011 0x0020  AsyncMac - ok
00:44:50.0027 0x0020  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
00:44:50.0027 0x0020  atapi - ok
00:44:50.0074 0x0020  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
00:44:50.0074 0x0020  AudioEndpointBuilder - ok
00:44:50.0137 0x0020  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
00:44:50.0168 0x0020  Audiosrv - ok
00:44:50.0199 0x0020  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:44:50.0199 0x0020  AxInstSV - ok
00:44:50.0246 0x0020  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
00:44:50.0277 0x0020  b06bdrv - ok
00:44:50.0293 0x0020  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
00:44:50.0293 0x0020  BasicDisplay - ok
00:44:50.0308 0x0020  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
00:44:50.0308 0x0020  BasicRender - ok
00:44:50.0340 0x0020  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
00:44:50.0355 0x0020  BDESVC - ok
00:44:50.0371 0x0020  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
00:44:50.0371 0x0020  Beep - ok
00:44:50.0433 0x0020  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\Windows\System32\bfe.dll
00:44:50.0465 0x0020  BFE - ok
00:44:50.0621 0x0020  [ 613883A3BAC6920149C83ED751589433, 9846C1EE0916120C56F598AEA9C2C5B8F1AEDA06FDC3CCE8BAFD0480ACE93078 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20131203.001\BHDrvx64.sys
00:44:50.0668 0x0020  BHDrvx64 - ok
00:44:50.0730 0x0020  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
00:44:50.0762 0x0020  BITS - ok
00:44:50.0902 0x0020  [ A7AC8620334CF1E5CAA28E1A17F4B06F, D2ACC95E170D3452A8943DE8EB96BA75B5C0BC047FD61CD12D4180234A8EB6D4 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
00:44:50.0934 0x0020  Bluetooth Device Monitor - ok
00:44:51.0027 0x0020  [ C7EBBF3A5F43FEE7D41C178019683570, A121063AF2D783102EEC38451A17A5066779D09786A380F2AC19C1EB76B41F6C ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
00:44:51.0059 0x0020  Bluetooth OBEX Service - ok
00:44:51.0152 0x0020  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:44:51.0168 0x0020  Bonjour Service - ok
00:44:51.0199 0x0020  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:44:51.0199 0x0020  bowser - ok
00:44:51.0231 0x0020  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
00:44:51.0246 0x0020  BrokerInfrastructure - ok
00:44:51.0277 0x0020  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
00:44:51.0277 0x0020  Browser - ok
00:44:51.0293 0x0020  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
00:44:51.0293 0x0020  BthAvrcpTg - ok
00:44:51.0324 0x0020  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
00:44:51.0340 0x0020  BthEnum - ok
00:44:51.0356 0x0020  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
00:44:51.0356 0x0020  BthHFEnum - ok
00:44:51.0387 0x0020  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
00:44:51.0387 0x0020  bthhfhid - ok
00:44:51.0418 0x0020  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
00:44:51.0434 0x0020  BthLEEnum - ok
00:44:51.0449 0x0020  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
00:44:51.0465 0x0020  BTHMODEM - ok
00:44:51.0481 0x0020  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
00:44:51.0481 0x0020  BthPan - ok
00:44:51.0559 0x0020  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
00:44:51.0606 0x0020  BTHPORT - ok
00:44:51.0637 0x0020  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
00:44:51.0637 0x0020  bthserv - ok
00:44:51.0668 0x0020  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
00:44:51.0668 0x0020  BTHUSB - ok
00:44:51.0699 0x0020  [ 7E65D1FB41C98C99E17FC2C8E1483D1C, 3738AAD8A2D7F9EF1B7F51D9F1D1B57F66C57D06F184A2765AFD0660303C218B ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
00:44:51.0715 0x0020  btmaux - ok
00:44:51.0793 0x0020  [ 6B6ED5D18816D9582C5CF1298D5E2E5D, A7E24054979ABEC59E02CB956344B0D6A6BFD8668936073128571ECFB37419EB ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
00:44:51.0840 0x0020  btmhsf - ok
00:44:51.0902 0x0020  [ 56685951208AC81CF923B9B08BEDF3B7, F5FF438B9A54AD8D54E82DE60E1771C9685A95D5E590D69EB1E4E78D3B9B7769 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
00:44:51.0902 0x0020  ccSet_NIS - ok
00:44:51.0918 0x0020  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:44:51.0934 0x0020  cdfs - ok
00:44:51.0965 0x0020  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
00:44:51.0965 0x0020  cdrom - ok
00:44:51.0996 0x0020  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
00:44:51.0996 0x0020  CertPropSvc - ok
00:44:52.0012 0x0020  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
00:44:52.0027 0x0020  circlass - ok
00:44:52.0059 0x0020  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
00:44:52.0074 0x0020  CLFS - ok
00:44:52.0109 0x0020  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
00:44:52.0109 0x0020  CLVirtualDrive - ok
00:44:52.0140 0x0020  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
00:44:52.0140 0x0020  CmBatt - ok
00:44:52.0171 0x0020  [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG             C:\Windows\system32\Drivers\cng.sys
00:44:52.0202 0x0020  CNG - ok
00:44:52.0218 0x0020  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
00:44:52.0218 0x0020  CompositeBus - ok
00:44:52.0234 0x0020  COMSysApp - ok
00:44:52.0249 0x0020  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
00:44:52.0249 0x0020  condrv - ok
00:44:52.0341 0x0020  [ A50E7C03777DE632BE9A063363161752, 5F3A7E5AFCEBE75F6CD3AEC543045A2AF5E0EA2DB1FB7A63C4140982BC127F2F ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
00:44:52.0341 0x0020  cphs - ok
00:44:52.0387 0x0020  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:44:52.0403 0x0020  CryptSvc - ok
00:44:52.0434 0x0020  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\Windows\system32\drivers\dam.sys
00:44:52.0434 0x0020  dam - ok
00:44:52.0497 0x0020  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:44:52.0528 0x0020  DcomLaunch - ok
00:44:52.0582 0x0020  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll
00:44:52.0598 0x0020  defragsvc - ok
00:44:52.0614 0x0020  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
00:44:52.0629 0x0020  DeviceAssociationService - ok
00:44:52.0660 0x0020  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
00:44:52.0676 0x0020  DeviceInstall - ok
00:44:52.0707 0x0020  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
00:44:52.0707 0x0020  Dfsc - ok
00:44:52.0754 0x0020  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:44:52.0770 0x0020  Dhcp - ok
00:44:52.0801 0x0020  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
00:44:52.0801 0x0020  discache - ok
00:44:52.0832 0x0020  [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6 ] disk            C:\Windows\system32\drivers\disk.sys
00:44:52.0832 0x0020  disk - ok
00:44:52.0848 0x0020  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
00:44:52.0848 0x0020  dmvsc - ok
00:44:52.0895 0x0020  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:44:52.0895 0x0020  Dnscache - ok
00:44:52.0942 0x0020  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
00:44:52.0957 0x0020  dot3svc - ok
00:44:52.0989 0x0020  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
00:44:52.0989 0x0020  dot4 - ok
00:44:53.0020 0x0020  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
00:44:53.0020 0x0020  Dot4Print - ok
00:44:53.0035 0x0020  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
00:44:53.0035 0x0020  dot4usb - ok
00:44:53.0082 0x0020  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
00:44:53.0098 0x0020  DPS - ok
00:44:53.0114 0x0020  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:44:53.0114 0x0020  drmkaud - ok
00:44:53.0160 0x0020  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
00:44:53.0160 0x0020  DsmSvc - ok
00:44:53.0254 0x0020  [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:44:53.0301 0x0020  DXGKrnl - ok
00:44:53.0332 0x0020  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
00:44:53.0332 0x0020  Eaphost - ok
00:44:53.0504 0x0020  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
00:44:53.0645 0x0020  ebdrv - ok
00:44:53.0739 0x0020  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
00:44:53.0754 0x0020  eeCtrl - ok
00:44:53.0786 0x0020  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS             C:\Windows\System32\lsass.exe
00:44:53.0786 0x0020  EFS - ok
00:44:53.0817 0x0020  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
00:44:53.0817 0x0020  EhStorClass - ok
00:44:53.0832 0x0020  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
00:44:53.0848 0x0020  EhStorTcgDrv - ok
00:44:53.0864 0x0020  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:44:53.0864 0x0020  EraserUtilRebootDrv - ok
00:44:53.0895 0x0020  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
00:44:53.0895 0x0020  ErrDev - ok
00:44:53.0959 0x0020  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
00:44:53.0974 0x0020  EventSystem - ok
00:44:54.0052 0x0020  [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:44:54.0068 0x0020  EvtEng - ok
00:44:54.0099 0x0020  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
00:44:54.0099 0x0020  exfat - ok
00:44:54.0146 0x0020  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:44:54.0162 0x0020  fastfat - ok
00:44:54.0209 0x0020  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
00:44:54.0224 0x0020  Fax - ok
00:44:54.0240 0x0020  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
00:44:54.0240 0x0020  fdc - ok
00:44:54.0274 0x0020  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
00:44:54.0274 0x0020  fdPHost - ok
00:44:54.0290 0x0020  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:44:54.0290 0x0020  FDResPub - ok
00:44:54.0321 0x0020  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
00:44:54.0321 0x0020  fhsvc - ok
00:44:54.0353 0x0020  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:44:54.0368 0x0020  FileInfo - ok
00:44:54.0385 0x0020  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:44:54.0385 0x0020  Filetrace - ok
00:44:54.0403 0x0020  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
00:44:54.0405 0x0020  flpydisk - ok
00:44:54.0436 0x0020  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:44:54.0451 0x0020  FltMgr - ok
00:44:54.0529 0x0020  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll
00:44:54.0592 0x0020  FontCache - ok
00:44:54.0654 0x0020  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:44:54.0654 0x0020  FontCache3.0.0.0 - ok
00:44:54.0779 0x0020  [ 60BCE8BBD1C515007BB335ACEFBFC246, 263E55B718C34A308AE318A09A1A8F09D7AEC680D82B03AE1D258FC1707625FB ] FPLService      C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
00:44:54.0842 0x0020  FPLService - ok
00:44:54.0858 0x0020  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:44:54.0859 0x0020  FsDepends - ok
00:44:54.0876 0x0020  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:44:54.0891 0x0020  Fs_Rec - ok
00:44:54.0922 0x0020  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:44:54.0938 0x0020  fvevol - ok
00:44:54.0954 0x0020  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
00:44:54.0954 0x0020  FxPPM - ok
00:44:54.0985 0x0020  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:44:55.0001 0x0020  gagp30kx - ok
00:44:55.0047 0x0020  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
00:44:55.0063 0x0020  GamesAppService - ok
00:44:55.0079 0x0020  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
00:44:55.0079 0x0020  gencounter - ok
00:44:55.0126 0x0020  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
00:44:55.0126 0x0020  GPIOClx0101 - ok
00:44:55.0204 0x0020  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
00:44:55.0251 0x0020  gpsvc - ok
00:44:55.0297 0x0020  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:44:55.0297 0x0020  gupdate - ok
00:44:55.0313 0x0020  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:44:55.0313 0x0020  gupdatem - ok
00:44:55.0360 0x0020  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:44:55.0360 0x0020  HdAudAddService - ok
00:44:55.0407 0x0020  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
00:44:55.0407 0x0020  HDAudBus - ok
00:44:55.0422 0x0020  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
00:44:55.0422 0x0020  HidBatt - ok
00:44:55.0454 0x0020  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
00:44:55.0454 0x0020  HidBth - ok
00:44:55.0469 0x0020  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
00:44:55.0469 0x0020  hidi2c - ok
00:44:55.0501 0x0020  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
00:44:55.0501 0x0020  HidIr - ok
00:44:55.0532 0x0020  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
00:44:55.0532 0x0020  hidserv - ok
00:44:55.0563 0x0020  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
00:44:55.0563 0x0020  HidUsb - ok
00:44:55.0626 0x0020  [ AACD31D9B4129F05ECDE27DE98E6D96A, A07BBDF2B4D40D5B59A0E6C92C2A9805BACD3A7A53658DA62EF46F17079FF7A3 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
00:44:55.0626 0x0020  HitmanProScheduler - ok
00:44:55.0657 0x0020  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:44:55.0672 0x0020  hkmsvc - ok
00:44:55.0704 0x0020  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:44:55.0704 0x0020  HomeGroupListener - ok
00:44:55.0735 0x0020  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:44:55.0766 0x0020  HomeGroupProvider - ok
00:44:55.0829 0x0020  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
00:44:55.0844 0x0020  HP Support Assistant Service - ok
00:44:55.0863 0x0020  [ 8B8E6BD988EAF18C1B86704BF05E5C03, 84052C116032F3DC47B0D3A7A8FC8E86DF94DDB3136C866D8FC8A3DF23209DEC ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
00:44:55.0863 0x0020  hpdskflt - ok
00:44:55.0957 0x0020  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
00:44:55.0988 0x0020  hpqwmiex - ok
00:44:56.0019 0x0020  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
00:44:56.0019 0x0020  HpSAMD - ok
00:44:56.0051 0x0020  [ 0865F178E272C682B0689F1AA269128D, F8CC23EA339F0C917C3948FF35BEFE10664CCFF8796954898E41F4EC1618E5E1 ] hpsrv           C:\Windows\system32\Hpservice.exe
00:44:56.0051 0x0020  hpsrv - ok
00:44:56.0130 0x0020  [ F5F3F27E5823A4DF0193CC2534029742, F0126009F8CE9B85A2E9CFC257D1A3117B1CD5A739369502576B1CDF49E1DF85 ] HPWMISVC        c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
00:44:56.0176 0x0020  HPWMISVC - ok
00:44:56.0239 0x0020  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:44:56.0270 0x0020  HTTP - ok
00:44:56.0286 0x0020  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:44:56.0286 0x0020  hwpolicy - ok
00:44:56.0333 0x0020  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
00:44:56.0333 0x0020  hyperkbd - ok
00:44:56.0348 0x0020  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
00:44:56.0348 0x0020  HyperVideo - ok
00:44:56.0364 0x0020  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
00:44:56.0364 0x0020  i8042prt - ok
00:44:56.0427 0x0020  [ 118CBC8D092787B604115F5267F77AE8, 6617C5C0659523351F232DFF1C56B29E3DD8A7D56ED4CBDB3E9F374CE0E205C7 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
00:44:56.0442 0x0020  iaStorA - ok
00:44:56.0473 0x0020  [ 8B262229FF72E822E51080AD9B22D4CB, 34DAC09BC693A7A38BA88306A02157C74BFADF96CAC2BE16112DC2C22CDF78D8 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
00:44:56.0473 0x0020  IAStorDataMgrSvc - ok
00:44:56.0520 0x0020  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:44:56.0536 0x0020  iaStorV - ok
00:44:56.0552 0x0020  [ 7274E304EACD1FE0A4F5047CE6B4DC61, 2FD0FBE52359080DCA9D7F94177680A304B0C5E0B701AD3F9E6F09E8E5D5D7D7 ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
00:44:56.0552 0x0020  ibtfltcoex - ok
00:44:56.0598 0x0020  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
00:44:56.0614 0x0020  ICCS - ok
00:44:56.0755 0x0020  [ DEA2F976E7327716AA0038EBF550003A, 5EA4666874F1D03879EA95F28228AC9EA3D7DF0F2E199EEE9B5BC6C81CA290B3 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
00:44:56.0833 0x0020  IconMan_R - ok
00:44:56.0942 0x0020  [ B96F641291378569E8525383FAA183EB, 9C728BA6B1D558B5C3F76003AE93DA61793DB4684E8FC326FF002CDC6060EED7 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131207.001\IDSvia64.sys
00:44:56.0973 0x0020  IDSVia64 - ok
00:44:57.0192 0x0020  [ 7209139C75C6765DFA42912B98672F0B, 7FAD24F4BD91F1192BED1C66DEA079830D7DA6D651298037E5E383EC62B53632 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
00:44:57.0348 0x0020  igfx - ok
00:44:57.0380 0x0020  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:44:57.0411 0x0020  iirsp - ok
00:44:57.0427 0x0020  [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
00:44:57.0427 0x0020  ikbevent - ok
00:44:57.0520 0x0020  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\Windows\System32\ikeext.dll
00:44:57.0552 0x0020  IKEEXT - ok
00:44:57.0585 0x0020  [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
00:44:57.0598 0x0020  imsevent - ok
00:44:57.0628 0x0020  [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA, 46D1DC6A44E20339AD9195EE7CC719DC9BC99C78F8C74E730B671F0D78B9C683 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
00:44:57.0628 0x0020  intaud_WaveExtensible - ok
00:44:57.0659 0x0020  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
00:44:57.0674 0x0020  IntcDAud - ok
00:44:57.0721 0x0020  [ 211E26AB3437B92916DF9263933C0D64, 050885C7B33BDD6D4C8D11CB5608E8E4349CCC21E642D7E2C5748268FBFAF68B ] Intel® Bluetooth Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
00:44:57.0737 0x0020  Intel® Bluetooth Radio Management - ok
00:44:57.0815 0x0020  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
00:44:57.0971 0x0020  Intel® Capability Licensing Service Interface - ok
00:44:58.0020 0x0020  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
00:44:58.0051 0x0020  Intel® Capability Licensing Service TCP IP Interface - ok
00:44:58.0067 0x0020  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
00:44:58.0082 0x0020  intelide - ok
00:44:58.0098 0x0020  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
00:44:58.0098 0x0020  intelppm - ok
00:44:58.0114 0x0020  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:44:58.0114 0x0020  IpFilterDriver - ok
00:44:58.0176 0x0020  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:44:58.0207 0x0020  iphlpsvc - ok
00:44:58.0223 0x0020  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
00:44:58.0223 0x0020  IPMIDRV - ok
00:44:58.0239 0x0020  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:44:58.0254 0x0020  IPNAT - ok
00:44:58.0267 0x0020  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:44:58.0283 0x0020  IRENUM - ok
00:44:58.0299 0x0020  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:44:58.0299 0x0020  isapnp - ok
00:44:58.0346 0x0020  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
00:44:58.0361 0x0020  iScsiPrt - ok
00:44:58.0377 0x0020  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\Windows\System32\drivers\ISCTD64.sys
00:44:58.0377 0x0020  ISCT - ok
00:44:58.0424 0x0020  [ 3DD3B19BB2981F459482D664DA9C7F16, BCA3AAE5A5C4DF04B2C5776BF1E2E805107BDD504CA4B725C3EDAF862DCCDF11 ] ISCTAgent       C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
00:44:58.0424 0x0020  ISCTAgent - ok
00:44:58.0455 0x0020  [ C59B9CE2855E667809F9E63C20FC44A5, 36C71CDAB84296E408F29588E1993B6E2016841435C6F2CABBB716A2E2947BA8 ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
00:44:58.0455 0x0020  iwdbus - ok
00:44:58.0502 0x0020  [ 08B14887C0B98101F8EC207817A0D734, DF2B2C16F9C8EA05533AE26C3302C41D5B67966D8E55ED8625353AE1D70FBD29 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
00:44:58.0518 0x0020  jhi_service - ok
00:44:58.0533 0x0020  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
00:44:58.0533 0x0020  kbdclass - ok
00:44:58.0564 0x0020  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
00:44:58.0564 0x0020  kbdhid - ok
00:44:58.0580 0x0020  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
00:44:58.0580 0x0020  kdnic - ok
00:44:58.0580 0x0020  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso          C:\Windows\system32\lsass.exe
00:44:58.0596 0x0020  KeyIso - ok
00:44:58.0627 0x0020  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:44:58.0627 0x0020  KSecDD - ok
00:44:58.0658 0x0020  [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:44:58.0658 0x0020  KSecPkg - ok
00:44:58.0689 0x0020  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:44:58.0689 0x0020  ksthunk - ok
00:44:58.0736 0x0020  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:44:58.0752 0x0020  KtmRm - ok
00:44:58.0784 0x0020  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:44:58.0799 0x0020  LanmanServer - ok
00:44:58.0830 0x0020  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:44:58.0846 0x0020  LanmanWorkstation - ok
00:44:58.0862 0x0020  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:44:58.0862 0x0020  lltdio - ok
00:44:58.0893 0x0020  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:44:58.0909 0x0020  lltdsvc - ok
00:44:58.0924 0x0020  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:44:58.0924 0x0020  lmhosts - ok
00:44:58.0955 0x0020  [ 920F6774762DE8D8477088B6F38FBD6C, DA056D27FE775835CD6F8F5F3143179D818C20658304E21100B534C24079916C ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:44:58.0955 0x0020  LMS - ok
00:44:58.0987 0x0020  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:44:59.0002 0x0020  LSI_SAS - ok
00:44:59.0018 0x0020  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
00:44:59.0018 0x0020  LSI_SAS2 - ok
00:44:59.0034 0x0020  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:44:59.0034 0x0020  LSI_SCSI - ok
00:44:59.0049 0x0020  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
00:44:59.0049 0x0020  LSI_SSS - ok
00:44:59.0096 0x0020  [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM             C:\Windows\System32\lsm.dll
00:44:59.0112 0x0020  LSM - ok
00:44:59.0143 0x0020  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
00:44:59.0159 0x0020  luafv - ok
00:44:59.0190 0x0020  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
00:44:59.0190 0x0020  MBAMProtector - ok
00:44:59.0252 0x0020  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:44:59.0268 0x0020  MBAMScheduler - ok
00:44:59.0315 0x0020  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
00:44:59.0346 0x0020  MBAMService - ok
00:44:59.0362 0x0020  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
00:44:59.0377 0x0020  megasas - ok
00:44:59.0415 0x0020  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
00:44:59.0430 0x0020  MegaSR - ok
00:44:59.0462 0x0020  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
00:44:59.0462 0x0020  MEIx64 - ok
00:44:59.0501 0x0020  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll
00:44:59.0501 0x0020  MMCSS - ok
00:44:59.0517 0x0020  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
00:44:59.0517 0x0020  Modem - ok
00:44:59.0533 0x0020  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys
00:44:59.0533 0x0020  monitor - ok
00:44:59.0579 0x0020  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
00:44:59.0579 0x0020  mouclass - ok
00:44:59.0595 0x0020  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
00:44:59.0595 0x0020  mouhid - ok
00:44:59.0626 0x0020  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:44:59.0626 0x0020  mountmgr - ok
00:44:59.0642 0x0020  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C, BCBFF081FAFB822CE29D291FB329FC310D90F0EC0D1BB69CF8CB09ED5A2E84D1 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:44:59.0642 0x0020  mpsdrv - ok
00:44:59.0704 0x0020  [ 3031573A739DBEE8923851929D0AF423, E9EA6C0D12A896AC745173B1F1A58192B52724AA424718B16B8D05E9AC091741 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:44:59.0736 0x0020  MpsSvc - ok
00:44:59.0798 0x0020  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:44:59.0798 0x0020  MRxDAV - ok
00:44:59.0845 0x0020  [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:44:59.0861 0x0020  mrxsmb - ok
00:44:59.0908 0x0020  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:44:59.0923 0x0020  mrxsmb10 - ok
00:44:59.0954 0x0020  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:44:59.0954 0x0020  mrxsmb20 - ok
00:44:59.0986 0x0020  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
00:45:00.0001 0x0020  MsBridge - ok
00:45:00.0017 0x0020  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
00:45:00.0033 0x0020  MSDTC - ok
00:45:00.0048 0x0020  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:45:00.0048 0x0020  Msfs - ok
00:45:00.0079 0x0020  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
00:45:00.0079 0x0020  msgpiowin32 - ok
00:45:00.0095 0x0020  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:45:00.0095 0x0020  mshidkmdf - ok
00:45:00.0111 0x0020  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
00:45:00.0111 0x0020  mshidumdf - ok
00:45:00.0126 0x0020  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:45:00.0126 0x0020  msisadrv - ok
00:45:00.0173 0x0020  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:45:00.0189 0x0020  MSiSCSI - ok
00:45:00.0189 0x0020  msiserver - ok
00:45:00.0204 0x0020  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:45:00.0204 0x0020  MSKSSRV - ok
00:45:00.0236 0x0020  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
00:45:00.0236 0x0020  MsLldp - ok
00:45:00.0251 0x0020  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:45:00.0251 0x0020  MSPCLOCK - ok
00:45:00.0267 0x0020  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:45:00.0267 0x0020  MSPQM - ok
00:45:00.0298 0x0020  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:45:00.0314 0x0020  MsRPC - ok
00:45:00.0329 0x0020  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
00:45:00.0345 0x0020  mssmbios - ok
00:45:00.0345 0x0020  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:45:00.0345 0x0020  MSTEE - ok
00:45:00.0381 0x0020  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
00:45:00.0381 0x0020  MTConfig - ok
00:45:00.0396 0x0020  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
00:45:00.0396 0x0020  Mup - ok
00:45:00.0427 0x0020  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
00:45:00.0427 0x0020  mvumis - ok
00:45:00.0459 0x0020  [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:45:00.0459 0x0020  MyWiFiDHCPDNS - ok
00:45:00.0505 0x0020  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
00:45:00.0521 0x0020  napagent - ok
00:45:00.0568 0x0020  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:45:00.0584 0x0020  NativeWifiP - ok
00:45:00.0631 0x0020  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131210.004\ENG64.SYS
00:45:00.0631 0x0020  NAVENG - ok
00:45:00.0741 0x0020  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131210.004\EX64.SYS
00:45:00.0803 0x0020  NAVEX15 - ok
00:45:00.0852 0x0020  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
00:45:00.0852 0x0020  NcaSvc - ok
00:45:00.0868 0x0020  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
00:45:00.0868 0x0020  NcdAutoSetup - ok
00:45:00.0962 0x0020  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:45:00.0993 0x0020  NDIS - ok
00:45:01.0024 0x0020  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:45:01.0024 0x0020  NdisCap - ok
00:45:01.0040 0x0020  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
00:45:01.0055 0x0020  NdisImPlatform - ok
00:45:01.0087 0x0020  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:45:01.0087 0x0020  NdisTapi - ok
00:45:01.0102 0x0020  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:45:01.0118 0x0020  Ndisuio - ok
00:45:01.0134 0x0020  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:45:01.0134 0x0020  NdisWan - ok
00:45:01.0149 0x0020  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
00:45:01.0149 0x0020  NDISWANLEGACY - ok
00:45:01.0180 0x0020  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:45:01.0196 0x0020  NDProxy - ok
00:45:01.0212 0x0020  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
00:45:01.0227 0x0020  Ndu - ok
00:45:01.0243 0x0020  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:45:01.0243 0x0020  NetBIOS - ok
00:45:01.0266 0x0020  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:45:01.0281 0x0020  NetBT - ok
00:45:01.0297 0x0020  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon        C:\Windows\system32\lsass.exe
00:45:01.0297 0x0020  Netlogon - ok
00:45:01.0328 0x0020  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
00:45:01.0344 0x0020  Netman - ok
00:45:01.0391 0x0020  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
00:45:01.0406 0x0020  netprofm - ok
00:45:01.0469 0x0020  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:45:01.0469 0x0020  NetTcpPortSharing - ok
00:45:01.0641 0x0020  [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64        C:\Windows\system32\DRIVERS\NETwew00.sys
00:45:01.0766 0x0020  NETwNe64 - ok
00:45:01.0797 0x0020  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:45:01.0797 0x0020  nfrd960 - ok
00:45:01.0891 0x0020  [ 1BF9D6476061B31CD7FC2BF848529A56, 95B585543240E823D7850ADEEEA7A4738EF9E18A4B07D921F145F6EF466F0271 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
00:45:01.0891 0x0020  NIS - ok
00:45:01.0938 0x0020  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:45:01.0953 0x0020  NlaSvc - ok
00:45:01.0969 0x0020  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:45:01.0969 0x0020  Npfs - ok
00:45:01.0985 0x0020  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
00:45:02.0000 0x0020  npsvctrig - ok
00:45:02.0016 0x0020  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
00:45:02.0016 0x0020  nsi - ok
00:45:02.0031 0x0020  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:45:02.0047 0x0020  nsiproxy - ok
00:45:02.0156 0x0020  [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:45:02.0235 0x0020  Ntfs - ok
00:45:02.0250 0x0020  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
00:45:02.0250 0x0020  Null - ok
00:45:02.0266 0x0020  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:45:02.0281 0x0020  nvraid - ok
00:45:02.0297 0x0020  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:45:02.0313 0x0020  nvstor - ok
00:45:02.0328 0x0020  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:45:02.0328 0x0020  nv_agp - ok
00:45:02.0469 0x0020  [ D02B9C22F789B320CD87A4A9D1C0FC09, EAD880B6697EB1CE90A358F8FC37C5C09D320F63BD750254F92F825E104A038B ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
00:45:02.0532 0x0020  OfficeSvc - ok
00:45:02.0594 0x0020  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:45:02.0594 0x0020  ose - ok
00:45:02.0641 0x0020  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:45:02.0657 0x0020  p2pimsvc - ok
00:45:02.0688 0x0020  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
00:45:02.0703 0x0020  p2psvc - ok
00:45:02.0735 0x0020  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
00:45:02.0750 0x0020  Parport - ok
00:45:02.0766 0x0020  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:45:02.0782 0x0020  partmgr - ok
00:45:02.0813 0x0020  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:45:02.0828 0x0020  PcaSvc - ok
00:45:02.0891 0x0020  PcdrNdisuio - ok
00:45:02.0907 0x0020  PCDSRVC{8D309633-BE82774E-06000000}_0 - ok
00:45:02.0938 0x0020  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
00:45:02.0938 0x0020  pci - ok
00:45:02.0953 0x0020  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
00:45:02.0969 0x0020  pciide - ok
00:45:03.0000 0x0020  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
00:45:03.0016 0x0020  pcmcia - ok
00:45:03.0032 0x0020  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
00:45:03.0032 0x0020  pcw - ok
00:45:03.0063 0x0020  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys
00:45:03.0078 0x0020  pdc - ok
00:45:03.0127 0x0020  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:45:03.0142 0x0020  PEAUTH - ok
00:45:03.0173 0x0020  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:45:03.0173 0x0020  PerfHost - ok
00:45:03.0267 0x0020  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
00:45:03.0314 0x0020  pla - ok
00:45:03.0345 0x0020  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:45:03.0361 0x0020  PlugPlay - ok
00:45:03.0377 0x0020  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:45:03.0392 0x0020  PNRPAutoReg - ok
00:45:03.0408 0x0020  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:45:03.0423 0x0020  PNRPsvc - ok
00:45:03.0470 0x0020  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:45:03.0486 0x0020  PolicyAgent - ok
00:45:03.0533 0x0020  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll
00:45:03.0533 0x0020  Power - ok
00:45:03.0564 0x0020  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:45:03.0564 0x0020  PptpMiniport - ok
00:45:03.0753 0x0020  [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
00:45:03.0846 0x0020  PrintNotify - ok
00:45:03.0863 0x0020  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys
00:45:03.0863 0x0020  Processor - ok
00:45:03.0909 0x0020  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll
00:45:03.0909 0x0020  ProfSvc - ok
00:45:03.0940 0x0020  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:45:03.0940 0x0020  Psched - ok
00:45:03.0956 0x0020  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
00:45:03.0971 0x0020  QWAVE - ok
00:45:04.0003 0x0020  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:45:04.0003 0x0020  QWAVEdrv - ok
00:45:04.0018 0x0020  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:45:04.0018 0x0020  RasAcd - ok
00:45:04.0034 0x0020  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:45:04.0050 0x0020  RasAgileVpn - ok
00:45:04.0065 0x0020  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
00:45:04.0065 0x0020  RasAuto - ok
00:45:04.0096 0x0020  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:45:04.0096 0x0020  Rasl2tp - ok
00:45:04.0117 0x0020  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
00:45:04.0133 0x0020  RasMan - ok
00:45:04.0148 0x0020  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:45:04.0148 0x0020  RasPppoe - ok
00:45:04.0180 0x0020  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:45:04.0180 0x0020  RasSstp - ok
00:45:04.0226 0x0020  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:45:04.0242 0x0020  rdbss - ok
00:45:04.0273 0x0020  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
00:45:04.0273 0x0020  rdpbus - ok
00:45:04.0289 0x0020  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
00:45:04.0305 0x0020  RDPDR - ok
00:45:04.0336 0x0020  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:45:04.0336 0x0020  RdpVideoMiniport - ok
00:45:04.0367 0x0020  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:45:04.0367 0x0020  RDPWD - ok
00:45:04.0398 0x0020  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:45:04.0414 0x0020  rdyboost - ok
00:45:04.0461 0x0020  [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:45:04.0476 0x0020  RegSrvc - ok
00:45:04.0492 0x0020  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:45:04.0492 0x0020  RemoteAccess - ok
00:45:04.0523 0x0020  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:45:04.0539 0x0020  RemoteRegistry - ok
00:45:04.0570 0x0020  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
00:45:04.0586 0x0020  RFCOMM - ok
00:45:04.0617 0x0020  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:45:04.0617 0x0020  RpcEptMapper - ok
00:45:04.0633 0x0020  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
00:45:04.0633 0x0020  RpcLocator - ok
00:45:04.0695 0x0020  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
00:45:04.0726 0x0020  RpcSs - ok
00:45:04.0758 0x0020  [ 60BCF0F09DD963D0F89F571F9D1EB8C1, 59BC9EA4D6C5B24352FC7C2DF4856398F6F734A2C52FD9A9195539593C37C8BC ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
00:45:04.0773 0x0020  RSP2STOR - ok
00:45:04.0789 0x0020  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:45:04.0805 0x0020  rspndr - ok
00:45:04.0851 0x0020  [ D2768897FCEA8EEFAD3D69BAC9DC4180, 81E23AA9E13C06BD417C34566766A9F98FD3A8F916123F282CB6E52AB1A10A1D ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
00:45:04.0883 0x0020  RTL8168 - ok
00:45:04.0898 0x0020  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
00:45:04.0898 0x0020  s3cap - ok
00:45:04.0930 0x0020  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs           C:\Windows\system32\lsass.exe
00:45:04.0930 0x0020  SamSs - ok
00:45:04.0961 0x0020  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:45:04.0961 0x0020  sbp2port - ok
00:45:04.0992 0x0020  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:45:05.0008 0x0020  SCardSvr - ok
00:45:05.0039 0x0020  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:45:05.0039 0x0020  scfilter - ok
00:45:05.0133 0x0020  [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule        C:\Windows\system32\schedsvc.dll
00:45:05.0180 0x0020  Schedule - ok
00:45:05.0273 0x0020  scmsupp - ok
00:45:05.0289 0x0020  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:45:05.0305 0x0020  SCPolicySvc - ok
00:45:05.0336 0x0020  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
00:45:05.0336 0x0020  sdbus - ok
00:45:05.0367 0x0020  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:45:05.0383 0x0020  SDRSVC - ok
00:45:05.0398 0x0020  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
00:45:05.0414 0x0020  sdstor - ok
00:45:05.0430 0x0020  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:45:05.0430 0x0020  secdrv - ok
00:45:05.0476 0x0020  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
00:45:05.0476 0x0020  seclogon - ok
00:45:05.0492 0x0020  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
00:45:05.0492 0x0020  SENS - ok
00:45:05.0523 0x0020  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:45:05.0523 0x0020  SensrSvc - ok
00:45:05.0539 0x0020  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
00:45:05.0539 0x0020  SerCx - ok
00:45:05.0570 0x0020  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
00:45:05.0570 0x0020  Serenum - ok
00:45:05.0586 0x0020  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
00:45:05.0601 0x0020  Serial - ok
00:45:05.0617 0x0020  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
00:45:05.0633 0x0020  sermouse - ok
00:45:05.0680 0x0020  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
00:45:05.0680 0x0020  SessionEnv - ok
00:45:05.0711 0x0020  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
00:45:05.0711 0x0020  sfloppy - ok
00:45:05.0820 0x0020  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:45:05.0836 0x0020  SharedAccess - ok
00:45:05.0883 0x0020  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:45:05.0914 0x0020  ShellHWDetection - ok
00:45:05.0930 0x0020  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
00:45:05.0930 0x0020  SiSRaid2 - ok
00:45:05.0961 0x0020  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:45:05.0976 0x0020  SiSRaid4 - ok
00:45:06.0008 0x0020  [ 3E76F338E42616A22CA3AC379F95F2CB, 8EFE03420FF5BB518D1B9A38770A4A3FF19979D19F023F3C07C21E26676D9317 ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
00:45:06.0008 0x0020  SmbDrv - ok
00:45:06.0023 0x0020  [ 410F4660C8472873818A288EBBE1FC8A, C72F6B9E334F87CFC3C27443CC01D8251EC8878099AF57B9B4A06A855392D342 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
00:45:06.0023 0x0020  SmbDrvI - ok
00:45:06.0055 0x0020  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:45:06.0055 0x0020  SNMPTRAP - ok
00:45:06.0086 0x0020  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
00:45:06.0101 0x0020  spaceport - ok
00:45:06.0117 0x0020  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
00:45:06.0133 0x0020  SpbCx - ok
00:45:06.0167 0x0020  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
00:45:06.0214 0x0020  Spooler - ok
00:45:06.0448 0x0020  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe
00:45:06.0667 0x0020  sppsvc - ok
00:45:06.0745 0x0020  [ 2FD9346F9D76CB4192D37329CFA47A82, 4CD75B4006147D469116F3CBC10528928A592510DA8037D709CB198D89853CAB ] SRTSP           C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
00:45:06.0776 0x0020  SRTSP - ok
00:45:06.0792 0x0020  [ 0E76CEF892C45734F7AED09FDDF35D4D, C25AF31E411AC3A090859C883132B9AE6A80C8D791168FF219BC0895E35A0359 ] SRTSPX          C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
00:45:06.0807 0x0020  SRTSPX - ok
00:45:06.0839 0x0020  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:45:06.0855 0x0020  srv - ok
00:45:06.0902 0x0020  [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:45:06.0933 0x0020  srv2 - ok
00:45:06.0948 0x0020  [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:45:06.0964 0x0020  srvnet - ok
00:45:06.0995 0x0020  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:45:07.0011 0x0020  SSDPSRV - ok
00:45:07.0027 0x0020  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:45:07.0042 0x0020  SstpSvc - ok
00:45:07.0089 0x0020  [ 053A2990CEC9717C143DB87D64DDF189, 1AC977360BCC270D9D0552F6F5F3B3866F6E16F5C8CD849BDB48F6B97E10FBAF ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
00:45:07.0105 0x0020  STacSV - ok
00:45:07.0136 0x0020  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
00:45:07.0136 0x0020  stexstor - ok
00:45:07.0167 0x0020  [ B1EFA62F5C0E4D3C39E24358FA40CC44, 11CA27CCA1B4F94AA32F7CA3D0037415F1DB1B9808A6B35749D8D68779CB0141 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
00:45:07.0198 0x0020  STHDA - ok
00:45:07.0230 0x0020  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
00:45:07.0261 0x0020  stisvc - ok
00:45:07.0292 0x0020  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys
00:45:07.0292 0x0020  storahci - ok
00:45:07.0339 0x0020  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
00:45:07.0339 0x0020  storflt - ok
00:45:07.0355 0x0020  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
00:45:07.0355 0x0020  StorSvc - ok
00:45:07.0370 0x0020  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
00:45:07.0370 0x0020  storvsc - ok
00:45:07.0402 0x0020  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
00:45:07.0402 0x0020  svsvc - ok
00:45:07.0433 0x0020  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
00:45:07.0433 0x0020  swenum - ok
00:45:07.0511 0x0020  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
00:45:07.0527 0x0020  swprv - ok
00:45:07.0580 0x0020  [ 52DC0048D667757A8A2E4C87182890AC, 7B43DF6DADFDDBBC5402477FE832052ADB6A39B90111CDA89B5E01CE900F55C5 ] SymDS           C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
00:45:07.0596 0x0020  SymDS - ok
00:45:07.0643 0x0020  [ 599872BAD7CFB45C7CE47CDED4B726D8, 5B15B1B22C3ACA1BC56CAFCAFFC2E974C75C77C0AB7355FBA91F2147C0911499 ] SymEFA          C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
00:45:07.0690 0x0020  SymEFA - ok
00:45:07.0721 0x0020  [ 42947647F71E9EF2167B42B372F1DDB7, AE825B7DFFAE8BCF5598C512EFAF5645C5A6C4DC90F8B3073A255223DF3AAA4A ] SymELAM         C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys
00:45:07.0721 0x0020  SymELAM - ok
00:45:07.0739 0x0020  [ F19E5E37ED8134B9E5F6287F2D3A75D7, 5804D6DF529213CCF7CD2C345483940554CAA5C6EA065A1B09AA54D114C612F8 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
00:45:07.0755 0x0020  SymEvent - ok
00:45:07.0770 0x0020  [ ADF37F1A715D6C56C8E065FD8569A9A4, 33E895CB326F62D4D22E345563B0641EB88D23B2104A07E8CEBE5ED150882767 ] SymIRON         C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
00:45:07.0786 0x0020  SymIRON - ok
00:45:07.0833 0x0020  [ 9CDCA70485BD6B9D230365F67C31F132, 137995F1F0124E3A10AAA25551F811602BB5FE8361AE8CBA899C6B98486F4CF3 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
00:45:07.0848 0x0020  SymNetS - ok
00:45:07.0895 0x0020  [ 0F34FE968C91D02CE30D76C257F2BDA0, 4BD7BD9B94C14D14214910EF83D5F7B62081D02F9EE80E2FC6103D385482A605 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
00:45:07.0911 0x0020  SynTP - ok
00:45:07.0989 0x0020  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\Windows\system32\sysmain.dll
00:45:08.0051 0x0020  SysMain - ok
00:45:08.0083 0x0020  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
00:45:08.0098 0x0020  SystemEventsBroker - ok
00:45:08.0130 0x0020  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
00:45:08.0130 0x0020  TabletInputService - ok
00:45:08.0161 0x0020  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:45:08.0176 0x0020  TapiSrv - ok
00:45:08.0301 0x0020  [ 37D85E873C9531A2F88DD9C63D3F8A9E, C31FF8324962B72DAED445F0A264E3E2E51296DDC98A5914DCE155693FB18868 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:45:08.0380 0x0020  Tcpip - ok
00:45:08.0473 0x0020  [ 37D85E873C9531A2F88DD9C63D3F8A9E, C31FF8324962B72DAED445F0A264E3E2E51296DDC98A5914DCE155693FB18868 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:45:08.0551 0x0020  TCPIP6 - ok
00:45:08.0583 0x0020  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:45:08.0583 0x0020  tcpipreg - ok
00:45:08.0614 0x0020  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:45:08.0614 0x0020  tdx - ok
00:45:08.0645 0x0020  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
00:45:08.0645 0x0020  terminpt - ok
00:45:08.0708 0x0020  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll
00:45:08.0739 0x0020  TermService - ok
00:45:08.0770 0x0020  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
00:45:08.0770 0x0020  Themes - ok
00:45:08.0801 0x0020  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll
00:45:08.0801 0x0020  THREADORDER - ok
00:45:08.0833 0x0020  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
00:45:08.0848 0x0020  TimeBroker - ok
00:45:08.0880 0x0020  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\Windows\system32\drivers\tpm.sys
00:45:08.0895 0x0020  TPM - ok
00:45:08.0927 0x0020  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
00:45:08.0942 0x0020  TrkWks - ok
00:45:08.0989 0x0020  [ 6BFB75B76411CC57A72FCC1D0201E166, 8F3A97E7651501F58018EB6081178B2A05ADFBF48C6126E0176FE231A261893E ] TrueService     C:\Program Files\Common Files\AuthenTec\TrueService.exe
00:45:09.0005 0x0020  TrueService - ok
00:45:09.0067 0x0020  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:45:09.0067 0x0020  TrustedInstaller - ok
00:45:09.0098 0x0020  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:45:09.0098 0x0020  TsUsbFlt - ok
00:45:09.0114 0x0020  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
00:45:09.0130 0x0020  TsUsbGD - ok
00:45:09.0145 0x0020  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:45:09.0145 0x0020  tunnel - ok
00:45:09.0177 0x0020  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:45:09.0177 0x0020  uagp35 - ok
00:45:09.0208 0x0020  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
00:45:09.0208 0x0020  UASPStor - ok
00:45:09.0239 0x0020  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
00:45:09.0239 0x0020  UCX01000 - ok
00:45:09.0270 0x0020  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:45:09.0286 0x0020  udfs - ok
00:45:09.0317 0x0020  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:45:09.0317 0x0020  UI0Detect - ok
00:45:09.0348 0x0020  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:45:09.0364 0x0020  uliagpkx - ok
00:45:09.0364 0x0020  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
00:45:09.0380 0x0020  umbus - ok
00:45:09.0395 0x0020  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
00:45:09.0395 0x0020  UmPass - ok
00:45:09.0411 0x0020  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
00:45:09.0427 0x0020  UmRdpService - ok
00:45:09.0536 0x0020  [ 9B8C9350985983E9760E1786731A8728, 78178FDE1329E5B55F77FF73C66B01279A03E2E3C3CB7E3D9DF14291D206D780 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:45:09.0552 0x0020  UNS - ok
00:45:09.0598 0x0020  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
00:45:09.0630 0x0020  upnphost - ok
00:45:09.0645 0x0020  [ C5C45CE1C5B3CC9D5A9826F76709D7A4, 60DD04D7898E4D3AF1565C56664952FF2AE1799AAA3991D9544DB4AFD9F2D506 ] usb3Hub         C:\Windows\System32\drivers\usb3Hub.sys
00:45:09.0645 0x0020  usb3Hub - ok
00:45:09.0677 0x0020  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
00:45:09.0677 0x0020  USBAAPL64 - ok
00:45:09.0723 0x0020  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
00:45:09.0723 0x0020  usbccgp - ok
00:45:09.0739 0x0020  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\Windows\System32\drivers\usbcir.sys
00:45:09.0739 0x0020  usbcir - ok
00:45:09.0770 0x0020  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
00:45:09.0770 0x0020  usbehci - ok
00:45:09.0802 0x0020  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
00:45:09.0833 0x0020  usbhub - ok
00:45:09.0864 0x0020  [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
00:45:09.0880 0x0020  USBHUB3 - ok
00:45:09.0911 0x0020  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
00:45:09.0911 0x0020  usbohci - ok
00:45:09.0942 0x0020  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
00:45:09.0942 0x0020  usbprint - ok
00:45:09.0958 0x0020  [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan         C:\Windows\System32\drivers\usbscan.sys
00:45:09.0958 0x0020  usbscan - ok
00:45:09.0989 0x0020  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
00:45:10.0005 0x0020  USBSTOR - ok
00:45:10.0005 0x0020  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
00:45:10.0020 0x0020  usbuhci - ok
00:45:10.0036 0x0020  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
00:45:10.0052 0x0020  usbvideo - ok
00:45:10.0083 0x0020  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
00:45:10.0083 0x0020  USBXHCI - ok
00:45:10.0114 0x0020  [ 7F103D160831D09E995EB022132D9DBD, 6FC413C27FE1A1BA5B851C9B97E857D4629E177EDE74945773F8F1B9F17E9476 ] valWBFPolicyService C:\Windows\system32\valWBFPolicyService.exe
00:45:10.0145 0x0020  valWBFPolicyService - ok
00:45:10.0161 0x0020  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc        C:\Windows\system32\lsass.exe
00:45:10.0161 0x0020  VaultSvc - ok
00:45:10.0192 0x0020  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:45:10.0192 0x0020  vdrvroot - ok
00:45:10.0270 0x0020  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\Windows\System32\vds.exe
00:45:10.0302 0x0020  vds - ok
00:45:10.0317 0x0020  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
00:45:10.0317 0x0020  VerifierExt - ok
00:45:10.0364 0x0020  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
00:45:10.0380 0x0020  vhdmp - ok
00:45:10.0395 0x0020  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:45:10.0395 0x0020  viaide - ok
00:45:10.0427 0x0020  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
00:45:10.0427 0x0020  vmbus - ok
00:45:10.0458 0x0020  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
00:45:10.0458 0x0020  VMBusHID - ok
00:45:10.0489 0x0020  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
00:45:10.0505 0x0020  vmicheartbeat - ok
00:45:10.0520 0x0020  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
00:45:10.0536 0x0020  vmickvpexchange - ok
00:45:10.0552 0x0020  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
00:45:10.0567 0x0020  vmicrdv - ok
00:45:10.0583 0x0020  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
00:45:10.0599 0x0020  vmicshutdown - ok
00:45:10.0614 0x0020  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
00:45:10.0630 0x0020  vmictimesync - ok
00:45:10.0645 0x0020  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
00:45:10.0661 0x0020  vmicvss - ok
00:45:10.0677 0x0020  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:45:10.0677 0x0020  volmgr - ok
00:45:10.0724 0x0020  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:45:10.0739 0x0020  volmgrx - ok
00:45:10.0770 0x0020  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:45:10.0786 0x0020  volsnap - ok
00:45:10.0802 0x0020  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
00:45:10.0802 0x0020  vpci - ok
00:45:10.0833 0x0020  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:45:10.0833 0x0020  vsmraid - ok
00:45:10.0927 0x0020  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\Windows\system32\vssvc.exe
00:45:10.0989 0x0020  VSS - ok
00:45:11.0034 0x0020  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
00:45:11.0034 0x0020  VSTXRAID - ok
00:45:11.0049 0x0020  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
00:45:11.0065 0x0020  vwifibus - ok
00:45:11.0081 0x0020  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:45:11.0081 0x0020  vwififlt - ok
00:45:11.0096 0x0020  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
00:45:11.0096 0x0020  vwifimp - ok
00:45:11.0143 0x0020  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
00:45:11.0159 0x0020  W32Time - ok
00:45:11.0174 0x0020  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
00:45:11.0190 0x0020  WacomPen - ok
00:45:11.0206 0x0020  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
00:45:11.0206 0x0020  Wanarp - ok
00:45:11.0221 0x0020  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:45:11.0221 0x0020  Wanarpv6 - ok
00:45:11.0284 0x0020  [ 901CC968412F8155B08D7ABE0171166A, D05A8E3D4D159546394E902C618D0583FE497B51C8F1C86D8E3B9E046819DD53 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
00:45:11.0299 0x0020  WAS - ok
00:45:11.0393 0x0020  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
00:45:11.0456 0x0020  wbengine - ok
00:45:11.0500 0x0020  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:45:11.0516 0x0020  WbioSrvc - ok
00:45:11.0547 0x0020  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
00:45:11.0562 0x0020  Wcmsvc - ok
00:45:11.0625 0x0020  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:45:11.0641 0x0020  wcncsvc - ok
00:45:11.0672 0x0020  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:45:11.0687 0x0020  WcsPlugInService - ok
00:45:11.0703 0x0020  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
00:45:11.0703 0x0020  Wd - ok
00:45:11.0734 0x0020  [ FD47DF026B32969B8A68721A0243E8EE, 57A7B9B40CEDADFB023AEDD9F29869F1B93EA2596F47B5DDC233D57FC585CCE1 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
00:45:11.0734 0x0020  WdBoot - ok
00:45:11.0812 0x0020  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:45:11.0844 0x0020  Wdf01000 - ok
00:45:11.0875 0x0020  [ 5F425D842DD6ADE9F95A51A0616AFAD7, 807B8E6A4FE443A362076C225F588A8C897CFE24A6367F4D461C8F6D3EF004C5 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
00:45:11.0875 0x0020  WdFilter - ok
00:45:11.0906 0x0020  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:45:11.0922 0x0020  WdiServiceHost - ok
00:45:11.0922 0x0020  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:45:11.0922 0x0020  WdiSystemHost - ok
00:45:11.0953 0x0020  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6 ] WebClient       C:\Windows\System32\webclnt.dll
00:45:11.0969 0x0020  WebClient - ok
00:45:11.0984 0x0020  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:45:12.0000 0x0020  Wecsvc - ok
00:45:12.0031 0x0020  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:45:12.0031 0x0020  wercplsupport - ok
00:45:12.0062 0x0020  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:45:12.0062 0x0020  WerSvc - ok
00:45:12.0094 0x0020  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
00:45:12.0094 0x0020  WFPLWFS - ok
00:45:12.0109 0x0020  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
00:45:12.0109 0x0020  WiaRpc - ok
00:45:12.0141 0x0020  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:45:12.0141 0x0020  WIMMount - ok
00:45:12.0172 0x0020  WinDefend - ok
00:45:12.0234 0x0020  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
00:45:12.0266 0x0020  WinHttpAutoProxySvc - ok
00:45:12.0329 0x0020  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:45:12.0329 0x0020  Winmgmt - ok
00:45:12.0485 0x0020  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:45:12.0610 0x0020  WinRM - ok
00:45:12.0657 0x0020  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\Windows\System32\drivers\WinUSB.sys
00:45:12.0657 0x0020  WinUsb - ok
00:45:12.0688 0x0020  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
00:45:12.0688 0x0020  WirelessButtonDriver - ok
00:45:12.0767 0x0020  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll
00:45:12.0829 0x0020  WlanSvc - ok
00:45:12.0954 0x0020  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
00:45:13.0032 0x0020  wlidsvc - ok
00:45:13.0063 0x0020  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
00:45:13.0063 0x0020  WmiAcpi - ok
00:45:13.0095 0x0020  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:45:13.0110 0x0020  wmiApSrv - ok
00:45:13.0126 0x0020  WMPNetworkSvc - ok
00:45:13.0157 0x0020  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
00:45:13.0173 0x0020  wpcfltr - ok
00:45:13.0204 0x0020  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:45:13.0204 0x0020  WPCSvc - ok
00:45:13.0235 0x0020  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:45:13.0235 0x0020  WPDBusEnum - ok
00:45:13.0251 0x0020  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
00:45:13.0251 0x0020  WpdUpFltr - ok
00:45:13.0282 0x0020  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\Windows\system32\drivers\WPRO_41_2001.sys
00:45:13.0282 0x0020  WPRO_41_2001 - ok
00:45:13.0313 0x0020  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:45:13.0313 0x0020  ws2ifsl - ok
00:45:13.0345 0x0020  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll
00:45:13.0360 0x0020  wscsvc - ok
00:45:13.0360 0x0020  WSearch - ok
00:45:13.0485 0x0020  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\Windows\System32\WSService.dll
00:45:13.0579 0x0020  WSService - ok
00:45:13.0735 0x0020  [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:45:13.0876 0x0020  wuauserv - ok
00:45:13.0907 0x0020  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:45:13.0923 0x0020  WudfPf - ok
00:45:13.0939 0x0020  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
00:45:13.0954 0x0020  WUDFRd - ok
00:45:13.0954 0x0020  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
00:45:13.0970 0x0020  WUDFSensorLP - ok
00:45:13.0985 0x0020  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:45:13.0985 0x0020  wudfsvc - ok
00:45:14.0001 0x0020  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
00:45:14.0017 0x0020  WUDFWpdFs - ok
00:45:14.0017 0x0020  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
00:45:14.0032 0x0020  WUDFWpdMtp - ok
00:45:14.0079 0x0020  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:45:14.0095 0x0020  WwanSvc - ok
00:45:14.0126 0x0020  [ 93BFBB02C88EF306C8FB82213E07B845, F9E91A80B11997188446A83E6A1A66A503D3B58D8808AB7E869EE1550F1EA44F ] XHCIPort        C:\Windows\System32\drivers\XHCIPort.sys
00:45:14.0142 0x0020  XHCIPort - ok
00:45:14.0345 0x0020  [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
00:45:14.0455 0x0020  ZeroConfigService - ok
00:45:14.0486 0x0020  ================ Scan global ===============================
00:45:14.0580 0x0020  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
00:45:14.0611 0x0020  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
00:45:14.0658 0x0020  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
00:45:14.0705 0x0020  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
00:45:14.0720 0x0020  [ Global ] - ok
00:45:14.0720 0x0020  ================ Scan MBR ==================================
00:45:14.0720 0x0020  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
00:45:14.0767 0x0020  \Device\Harddisk0\DR0 - ok
00:45:14.0783 0x0020  ================ Scan VBR ==================================
00:45:14.0783 0x0020  [ 479DBE21BD5EAAECF263A08CCDBDDABA ] \Device\Harddisk0\DR0\Partition1
00:45:14.0783 0x0020  \Device\Harddisk0\DR0\Partition1 - ok
00:45:14.0798 0x0020  [ FC54720AFE6BC0F574404B967781CAB3 ] \Device\Harddisk0\DR0\Partition2
00:45:14.0798 0x0020  \Device\Harddisk0\DR0\Partition2 - ok
00:45:14.0814 0x0020  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
00:45:14.0814 0x0020  \Device\Harddisk0\DR0\Partition3 - ok
00:45:14.0830 0x0020  [ 366FC5B677F29B0051C11E0FB5DE0C78 ] \Device\Harddisk0\DR0\Partition4
00:45:14.0830 0x0020  \Device\Harddisk0\DR0\Partition4 - ok
00:45:14.0861 0x0020  [ 0C185377F68249B9FD0AC43146699A7C ] \Device\Harddisk0\DR0\Partition5
00:45:14.0861 0x0020  \Device\Harddisk0\DR0\Partition5 - ok
00:45:14.0861 0x0020  Waiting for KSN requests completion. In queue: 133
00:45:15.0876 0x0020  Waiting for KSN requests completion. In queue: 133
00:45:16.0879 0x0020  Waiting for KSN requests completion. In queue: 133
00:45:18.0005 0x0020  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.215.0 ), 0x61100 ( enabled : updated )
00:45:18.0005 0x0020  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x50000 ( disabled : updated )
00:45:18.0005 0x0020  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x50010 ( disabled )
00:45:18.0036 0x0020  Win FW state via NFP2: enabled
00:45:20.0680 0x0020  ============================================================
00:45:20.0680 0x0020  Scan finished
00:45:20.0680 0x0020  ============================================================
00:45:20.0680 0x0e98  Detected object count: 0
00:45:20.0680 0x0e98  Actual detected object count: 0
00:46:00.0807 0x13ec  Deinitialize success


#10 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 22 December 2013 - 04:11 AM

Uninstall Norton by using the Norton Removal Tool

 

Be SURE to REBOOT after it uninstalls.

 

Install ONE of the following::

Microsoft Security Essentials  provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.

AVIRA   Free Download   Protect your investment without sacrificing performance

AVAST  Download  After 25 years of innovation, still the most trusted antivirus in the world

 

I use Avira becasue it is simple and straightforward.......but the choice is yours.


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#11 her1994

her1994
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:14 PM

Posted 22 December 2013 - 12:02 PM

Should I undo my system restore that I did and go through the steps we did again or is it fine as is? 



#12 her1994

her1994
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:14 PM

Posted 22 December 2013 - 12:58 PM

I have removed Norton and installed Avira. When I rebooted my laptop, it was slow. The screen was black and the start page has been acting whacky. 



#13 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 22 December 2013 - 05:01 PM

 
 

Please DELETE your previously used link for TDSS

 

Please run TDSS again for me.......but follow the instructions HERE....

 

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.

    Click on Change Parameters and click Detect TDLFS File System.
    Click the Start Scan button.
    Do not use the computer during the scan
    If the scan completes with nothing found, click Close to exit.
    If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
    A TDSSKiller text file would be saved in Local Disk C.
    Copy and paste the contents of that file in your next reply.

 


Edited by Condobloke, 22 December 2013 - 05:18 PM.

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#14 her1994

her1994
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:14 PM

Posted 22 December 2013 - 07:41 PM

Thanks Condobloke, but the problem is solved now. I have decided to reset the laptop to factory settings. 



#15 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 22 December 2013 - 07:55 PM

As much as that will be a hassle....I think you have made a wise choice, Lisa.

 

All the best for Christmas, mate......and I hope next semester is kind to you !!

 

typed-text-smiling-smiley-emoticon.gif


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users