Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious URL Opened by Itself


  • Please log in to reply
7 replies to this topic

#1 Nayde

Nayde

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 13 January 2014 - 01:12 PM

Hello everyone,

 

Recently when I was away from my computer for about an hour, I came back to discover that a website had appeared in my Chrome browser with a very suspicious URL. On the website associated with this there were links offering me to update my version of Java as it was insecure. I immediately closed the tab without clicking on anything on the page after logging down the URL. I say it was suspicious as it was a seemingly random collection of letters, e.g. jdwoflfwwofjd.com. If necessary I can post the actual URL but I thought I'd better not in case others are tempted to click on it.

 

Most concerning to me is that Chrome is not my default browser - if I click a link in another program it will open in Firefox rather than Chrome, which makes me think my computer may have been controlled remotely for a period of time in order to open this URL, however it does seem strange that the aggressor didn't close the page if that was the case, as it has clued me into the possibility I may be infected. Research into the URL has indicated it may be used for infecting machines via drive-by downloads.

 

So, is anyone able to help with advice? Let me know what to do and I'll do my best to follow.

 

Thanks very much.

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:07 AM

Posted 13 January 2014 - 04:41 PM

Hi Nayde, looks like you may have a browser hijack.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Nayde

Nayde
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 14 January 2014 - 04:45 PM

Thanks very much for your reply. I'm surprised to hear it might be a browser hijack since I thought those were designed to deliver advertisements to you, rather than being used as a vector to install malware. I'm no expert however so it wouldn't surprise me to be wrong! Here are the logs you requested below.

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Jack (administrator) on 13-01-2014 at 22:13:14
Running from "C:\Users\Jack\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.autoconfig_url", "http://wwwcache.lancs.ac.uk/"
"network.proxy.no_proxies_on", "192.168.1.1, whatismyip.com"
"network.proxy.socks_remote_dns", true
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : STUDENT00044207
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
   Physical Address. . . . . . . . . : 10-BF-48-86-55-2B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a106:895:413d:911%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 13 January 2014 22:07:43
   Lease Expires . . . . . . . . . . : 14 January 2014 22:07:43
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 235978568
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-F8-D5-DC-10-BF-48-86-55-2B
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{00039D9E-A30D-4A73-A9B9-98C6134CC584}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:3464:1e51:ae9f:99b4(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3464:1e51:ae9f:99b4%11(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  routerlogin.net
Address:  192.168.0.1

Name:    google.com
Addresses:  2a00:1450:4009:805::1009
      173.194.34.162
      173.194.34.164
      173.194.34.169
      173.194.34.166
      173.194.34.165
      173.194.34.167
      173.194.34.163
      173.194.34.160
      173.194.34.168
      173.194.34.174
      173.194.34.161


Pinging google.com [173.194.34.161] with 32 bytes of data:
Reply from 173.194.34.161: bytes=32 time=22ms TTL=56
Reply from 173.194.34.161: bytes=32 time=23ms TTL=56

Ping statistics for 173.194.34.161:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 22ms, Maximum = 23ms, Average = 22ms
Server:  routerlogin.net
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=236ms TTL=45
Reply from 206.190.36.45: bytes=32 time=186ms TTL=45

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 186ms, Maximum = 236ms, Average = 211ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...10 bf 48 86 55 2b ......Intel® 82579V Gigabit Network Connection
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.4     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.4    266
      192.168.0.4  255.255.255.255         On-link       192.168.0.4    266
    192.168.0.255  255.255.255.255         On-link       192.168.0.4    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.4    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.4    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     58 2001::/32                On-link
 11    306 2001:0:5ef5:79fb:3464:1e51:ae9f:99b4/128
                                    On-link
 10    266 fe80::/64                On-link
 11    306 fe80::/64                On-link
 11    306 fe80::3464:1e51:ae9f:99b4/128
                                    On-link
 10    266 fe80::a106:895:413d:911/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/12/2014 11:21:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/12/2014 11:21:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/12/2014 11:21:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/12/2014 11:20:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/12/2014 11:20:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/12/2014 11:20:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/12/2014 10:43:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/11/2014 02:02:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/07/2014 11:57:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 26.0.0.5087, time stamp: 0x52a0d273
Faulting module name: xul.dll, version: 26.0.0.5087, time stamp: 0x52a0d20a
Exception code: 0xc0000005
Fault offset: 0x0014e1a8
Faulting process id: 0xcc8
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (01/07/2014 09:51:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: update.exe_TeamSpeak 3 Client Updater, version: 1.0.0.0, time stamp: 0x5225aa6e
Faulting module name: QtCore4.dll, version: 4.8.3.0, time stamp: 0x50a20ceb
Exception code: 0xc0000005
Fault offset: 0x000000000002acac
Faulting process id: 0x20ac
Faulting application start time: 0xupdate.exe_TeamSpeak 3 Client Updater0
Faulting application path: update.exe_TeamSpeak 3 Client Updater1
Faulting module path: update.exe_TeamSpeak 3 Client Updater2
Report Id: update.exe_TeamSpeak 3 Client Updater3


System errors:
=============
Error: (01/13/2014 10:12:31 PM) (Source: NetBT) (User: )
Description: The name "STUDENT00044207:0" could not be registered on the interface with IP address 192.168.0.4.
The computer with the IP address 192.168.0.5 did not allow the name to be claimed by
this computer.

Error: (01/13/2014 10:12:13 PM) (Source: NetBT) (User: )
Description: The name "STUDENT00044207:0" could not be registered on the interface with IP address 192.168.0.4.
The computer with the IP address 192.168.0.5 did not allow the name to be claimed by
this computer.

Error: (01/13/2014 10:11:54 PM) (Source: NetBT) (User: )
Description: The name "STUDENT00044207:0" could not be registered on the interface with IP address 192.168.0.4.
The computer with the IP address 192.168.0.5 did not allow the name to be claimed by
this computer.

Error: (01/13/2014 10:09:49 PM) (Source: NetBT) (User: )
Description: The name "STUDENT00044207:0" could not be registered on the interface with IP address 192.168.0.4.
The computer with the IP address 192.168.0.5 did not allow the name to be claimed by
this computer.

Error: (01/13/2014 10:09:45 PM) (Source: NetBT) (User: )
Description: The name "STUDENT00044207:0" could not be registered on the interface with IP address 192.168.0.4.
The computer with the IP address 192.168.0.5 did not allow the name to be claimed by
this computer.

Error: (01/13/2014 10:07:44 PM) (Source: NetBT) (User: )
Description: The name "STUDENT00044207:0" could not be registered on the interface with IP address 192.168.0.4.
The computer with the IP address 192.168.0.5 did not allow the name to be claimed by
this computer.

Error: (01/13/2014 10:07:43 PM) (Source: NetBT) (User: )
Description: The name "STUDENT00044207:20" could not be registered on the interface with IP address 192.168.0.4.
The computer with the IP address 192.168.0.5 did not allow the name to be claimed by
this computer.

Error: (01/13/2014 10:07:43 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{00039D9E-A30D-4A73-A9B9-98C6134CC584} because another computer on the network has the same name.  The server could not start.

Error: (01/10/2014 07:43:05 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MACBOOKPRO-DD1E
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{00039D9E-A30D-4A73-A9B9-98C6134CC584}.
The master browser is stopping or an election is being forced.

Error: (01/10/2014 07:01:44 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (01/12/2014 11:21:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jack\Downloads\esetsmartinstaller_enu.exe

Error: (01/12/2014 11:21:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jack\Downloads\esetsmartinstaller_enu.exe

Error: (01/12/2014 11:21:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jack\Downloads\esetsmartinstaller_enu.exe

Error: (01/12/2014 11:20:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jack\Downloads\esetsmartinstaller_enu.exe

Error: (01/12/2014 11:20:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jack\Downloads\esetsmartinstaller_enu.exe

Error: (01/12/2014 11:20:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jack\Downloads\esetsmartinstaller_enu.exe

Error: (01/12/2014 10:43:13 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/11/2014 02:02:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/07/2014 11:57:10 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8cc801cf0bcf65d9c30cC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll6b85cf2f-77f7-11e3-88df-10bf4886552b

Error: (01/07/2014 09:51:17 PM) (Source: Application Error)(User: )
Description: update.exe_TeamSpeak 3 Client Updater1.0.0.05225aa6eQtCore4.dll4.8.3.050a20cebc0000005000000000002acac20ac01cf0bf27a27da99C:\Program Files\TeamSpeak 3 Client\update.exeC:\Program Files\TeamSpeak 3 Client\QtCore4.dlld56c44f0-77e5-11e3-88df-10bf4886552b


=========================== Installed Programs ============================

1... 2... 3... KICK IT! (Drop That Beat Like an Ugly Baby)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABC Amber Nokia Converter
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
AI War: Fleet Command
Alan Wake
Alan Wake's American Nightmare
AMD Catalyst Install Manager (Version: 8.0.911.0)
ANNO 1404 - Gold Edition (Version: 3.10.0000)
ANNO 2070 (Version: 1.0.0.0)
Arma 3 Beta
Aslain's XVM mod version 3.0.31 (Version: 3.0.31)
Aslain's XVM Mod version 3.1.22 (Version: 3.1.22)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.3.0)
Asmedia ASM106x SATA Host Controller Driver (Version: 1.3.4.000)
Assassin's Creed II (Version: 1.01)
ASUS Xonar DG Audio Driver
Batman: Arkham Asylum GOTY Edition
Batman: Arkham City GOTY
Batman: Arkham City™
Battlefield 3™ (Version: 1.6.0.0)
Battlelog Web Plugins (Version: 2.1.7)
Binary Domain
Bionic Dues
Blitzkrieg Anthology
Bonjour (Version: 2.0.2.0)
Bonjour Print Services (Version: 2.0.2.0)
Borderlands 2
Brother HL-2150N (Version: 1.00)
Caesar 3 (Version: 2.0.0.9)
Call of Duty: Modern Warfare 2
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (Version: 2013.0328.2217.38225)
CCC Help Czech (Version: 2013.0328.2217.38225)
CCC Help Danish (Version: 2013.0328.2217.38225)
CCC Help Dutch (Version: 2013.0328.2217.38225)
CCC Help English (Version: 2013.0328.2217.38225)
CCC Help Finnish (Version: 2013.0328.2217.38225)
CCC Help French (Version: 2013.0328.2217.38225)
CCC Help German (Version: 2013.0328.2217.38225)
CCC Help Greek (Version: 2013.0328.2217.38225)
CCC Help Hungarian (Version: 2013.0328.2217.38225)
CCC Help Italian (Version: 2013.0328.2217.38225)
CCC Help Japanese (Version: 2013.0328.2217.38225)
CCC Help Korean (Version: 2013.0328.2217.38225)
CCC Help Norwegian (Version: 2013.0328.2217.38225)
CCC Help Polish (Version: 2013.0328.2217.38225)
CCC Help Portuguese (Version: 2013.0328.2217.38225)
CCC Help Russian (Version: 2013.0328.2217.38225)
CCC Help Spanish (Version: 2013.0328.2217.38225)
CCC Help Swedish (Version: 2013.0328.2217.38225)
CCC Help Thai (Version: 2013.0328.2217.38225)
CCC Help Turkish (Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.04)
Company of Heroes: Tales of Valor
Counter-Strike: Global Offensive
Darksiders
DarksidersInstaller (Version: 1.00.1000)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Deus Ex: Human Revolution
DigitalHazard (remove only)
Dokan Library 0.6.0
Dota 2
Dual-Core Optimizer (Version: 1.1.4.0169)
Dwarfs!?
E.Y.E: Divine Cybermancy
Eraser 6.0.10.2620 (Version: 6.0.2620)
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
EVE Online (remove only)
EVEMon (Version: 1.8.3.4116)
Evince 2.32.0.145 (Version: 2.32.0.145)
foobar2000 v1.1.18 (Version: 1.1.18)
Foxit Reader (Version: 6.0.6.722)
FTL: Faster Than Light
GameMaker-Studio 1.2
Giana Sisters: Twisted Dreams
Gmask 1.70 English
GOG.com Downloader version 3.6.0 (Version: 3.6.0)
Google Chrome (Version: 31.0.1650.63)
Google Talk Plugin (Version: 4.9.1.16010)
Google Update Helper (Version: 1.3.22.3)
Gratuitous Space Battles
Guild Wars 2
Half-Life 2: Episode Two
Hotline Miami
Intel® Management Engine Components (Version: 8.0.2.1410)
Intel® Network Connections 16.6.126.0 (Version: 16.6.126.0)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.1.209)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
IrfanView (remove only) (Version: 4.35)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
KeePass Password Safe 2.22
King's Bounty: The Legend
La-Mulana (Version: 2.0.0.7)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MATLAB R2012a (Version: 7.14)
Medal of Honor - Allied Assault War Chest (Version: 2.0.0.21)
Medal of Honor™ Single Player
Metro 2033
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Monaco
Mozilla Firefox 26.0 (x86 en-GB) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MPC-HC 1.6.4.6052 (Version: 1.6.4.6052)
Mumble 1.2.3 (Version: 1.2.3)
Natural Selection 2
Neverwinter Nights 2 Complete (Version: 2.1.0.6)
NextSharePC (remove only)
Notepad++ (Version: 6.2.1)
NVIDIA PhysX (Version: 9.12.0613)
OpenAL
Origin (Version: 9.3.2.2730)
Paint.NET v3.5.11 (Version: 3.61.0)
Papers, Please (Version: 2.0.0.4)
PAYDAY: The Heist
Peggle Deluxe
PlanetSide 2
PSTViewer Pro (Version: 5.0.2.2805)
PunkBuster Services (Version: 0.991)
Python 3.3.0 (Version: 3.3.150)
Quake Live Mozilla Plugin (Version: 1.0.520)
Quassel (remove only) (Version: 0.9.0)
QuickSharp Version 2.0.0.26942
Rayman Origins (Version: 1.02)
Reiner Knizia's Samurai 1.5.3 (Version: 1.5.3)
ResearchSoft Direct Export Helper
Saints Row: The Third
Samsung Kies (Version: 2.5.3.13052_10)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.24.0)
Sanctum 2
Serious Sam 3: BFE
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Six Updater (Version: 2.09.7016)
Skype™ 6.11 (Version: 6.11.102)
Skyward Collapse - Nihon no Mura (Version: 1.500)
Source SDK Base 2007
Steam (Version: 1.0.0.0)
Supreme Commander 2
Supreme Commander: Forged Alliance
TeamSpeak 3 Client (Version: 3.0.13.1)
Tidalis
Titan Quest
Titan Quest: Immortal Throne
Torchlight II
TrackMania² Stadium
Trine 2
TrueCrypt (Version: 7.1a)
Ubisoft Game Launcher (Version: 1.0.0.0)
UnInstall Project Eden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
VLC media player 2.0.4 (Version: 2.0.4)
Warhammer® 40,000™: Dawn of War® II
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™
Warhammer® 40,000™: Dawn of War® II – Retribution™
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
World of Tanks
WoT Statistics (Version: 2.0.6.63)
YNAB 4 version 4.3.196 (Version: 4.3.196)

========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 8147.12 MB
Available physical RAM: 6560.15 MB
Total Pagefile: 16292.41 MB
Available Pagefile: 14507.29 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.99 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:1862.92 GB) (Free:1337.33 GB) NTFS

========================= Users: ========================================

User accounts for \\STUDENT00044207

Administrator            Guest                    Jack                     


**** End of log ****
 

 

 

 

 

22:14:55.0945 0x0c94  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
22:15:15.0612 0x0c94  ============================================================
22:15:15.0612 0x0c94  Current date / time: 2014/01/13 22:15:15.0612
22:15:15.0612 0x0c94  SystemInfo:
22:15:15.0612 0x0c94  
22:15:15.0612 0x0c94  OS Version: 6.1.7601 ServicePack: 1.0
22:15:15.0612 0x0c94  Product type: Workstation
22:15:15.0612 0x0c94  ComputerName: STUDENT00044207
22:15:15.0612 0x0c94  UserName: Jack
22:15:15.0612 0x0c94  Windows directory: C:\Windows
22:15:15.0612 0x0c94  System windows directory: C:\Windows
22:15:15.0612 0x0c94  Running under WOW64
22:15:15.0612 0x0c94  Processor architecture: Intel x64
22:15:15.0612 0x0c94  Number of processors: 4
22:15:15.0612 0x0c94  Page size: 0x1000
22:15:15.0612 0x0c94  Boot type: Normal boot
22:15:15.0612 0x0c94  ============================================================
22:15:17.0372 0x0c94  KLMD registered as C:\Windows\system32\drivers\65394831.sys
22:15:17.0499 0x0c94  System UUID: {D8BC6665-E352-2D78-3027-41F778A1D262}
22:15:17.0976 0x0c94  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:15:17.0978 0x0c94  ============================================================
22:15:17.0978 0x0c94  \Device\Harddisk0\DR0:
22:15:17.0978 0x0c94  MBR partitions:
22:15:17.0978 0x0c94  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:15:17.0978 0x0c94  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
22:15:17.0978 0x0c94  ============================================================
22:15:18.0004 0x0c94  C: <-> \Device\Harddisk0\DR0\Partition2
22:15:18.0004 0x0c94  ============================================================
22:15:18.0004 0x0c94  Initialize success
22:15:18.0004 0x0c94  ============================================================
22:15:37.0647 0x0a68  ============================================================
22:15:37.0647 0x0a68  Scan started
22:15:37.0647 0x0a68  Mode: Manual;
22:15:37.0647 0x0a68  ============================================================
22:15:37.0647 0x0a68  KSN ping started
22:15:40.0364 0x0a68  KSN ping finished: true
22:15:40.0735 0x0a68  ================ Scan system memory ========================
22:15:40.0735 0x0a68  System memory - ok
22:15:40.0735 0x0a68  ================ Scan services =============================
22:15:40.0957 0x0a68  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:15:40.0961 0x0a68  1394ohci - ok
22:15:40.0999 0x0a68  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:15:41.0004 0x0a68  ACPI - ok
22:15:41.0023 0x0a68  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:15:41.0024 0x0a68  AcpiPmi - ok
22:15:41.0099 0x0a68  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:15:41.0101 0x0a68  AdobeARMservice - ok
22:15:41.0165 0x0a68  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:15:41.0169 0x0a68  AdobeFlashPlayerUpdateSvc - ok
22:15:41.0204 0x0a68  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:15:41.0211 0x0a68  adp94xx - ok
22:15:41.0226 0x0a68  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:15:41.0231 0x0a68  adpahci - ok
22:15:41.0243 0x0a68  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:15:41.0246 0x0a68  adpu320 - ok
22:15:41.0259 0x0a68  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:15:41.0261 0x0a68  AeLookupSvc - ok
22:15:41.0311 0x0a68  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
22:15:41.0318 0x0a68  AFD - ok
22:15:41.0352 0x0a68  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:15:41.0353 0x0a68  agp440 - ok
22:15:41.0366 0x0a68  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:15:41.0368 0x0a68  ALG - ok
22:15:41.0390 0x0a68  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:15:41.0391 0x0a68  aliide - ok
22:15:41.0447 0x0a68  [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:15:41.0451 0x0a68  AMD External Events Utility - ok
22:15:41.0481 0x0a68  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:15:41.0482 0x0a68  amdide - ok
22:15:41.0497 0x0a68  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:15:41.0499 0x0a68  AmdK8 - ok
22:15:41.0750 0x0a68  [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:15:41.0968 0x0a68  amdkmdag - ok
22:15:41.0991 0x0a68  [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:15:41.0997 0x0a68  amdkmdap - ok
22:15:42.0007 0x0a68  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:15:42.0009 0x0a68  AmdPPM - ok
22:15:42.0042 0x0a68  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:15:42.0044 0x0a68  amdsata - ok
22:15:42.0081 0x0a68  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:15:42.0084 0x0a68  amdsbs - ok
22:15:42.0099 0x0a68  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:15:42.0100 0x0a68  amdxata - ok
22:15:42.0130 0x0a68  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
22:15:42.0131 0x0a68  AppID - ok
22:15:42.0141 0x0a68  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:15:42.0142 0x0a68  AppIDSvc - ok
22:15:42.0173 0x0a68  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:15:42.0175 0x0a68  Appinfo - ok
22:15:42.0224 0x0a68  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:15:42.0228 0x0a68  AppMgmt - ok
22:15:42.0245 0x0a68  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:15:42.0247 0x0a68  arc - ok
22:15:42.0255 0x0a68  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:15:42.0257 0x0a68  arcsas - ok
22:15:42.0285 0x0a68  [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
22:15:42.0286 0x0a68  asahci64 - ok
22:15:42.0298 0x0a68  [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
22:15:42.0300 0x0a68  asmthub3 - ok
22:15:42.0322 0x0a68  [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
22:15:42.0326 0x0a68  asmtxhci - ok
22:15:42.0400 0x0a68  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:15:42.0401 0x0a68  aspnet_state - ok
22:15:42.0428 0x0a68  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:15:42.0429 0x0a68  AsyncMac - ok
22:15:42.0465 0x0a68  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:15:42.0466 0x0a68  atapi - ok
22:15:42.0521 0x0a68  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:15:42.0530 0x0a68  AudioEndpointBuilder - ok
22:15:42.0541 0x0a68  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:15:42.0548 0x0a68  AudioSrv - ok
22:15:42.0590 0x0a68  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:15:42.0592 0x0a68  AxInstSV - ok
22:15:42.0611 0x0a68  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:15:42.0618 0x0a68  b06bdrv - ok
22:15:42.0642 0x0a68  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:15:42.0646 0x0a68  b57nd60a - ok
22:15:42.0665 0x0a68  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:15:42.0667 0x0a68  BDESVC - ok
22:15:42.0669 0x0a68  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:15:42.0669 0x0a68  Beep - ok
22:15:42.0778 0x0a68  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:15:42.0787 0x0a68  BFE - ok
22:15:42.0830 0x0a68  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:15:42.0842 0x0a68  BITS - ok
22:15:42.0845 0x0a68  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:15:42.0846 0x0a68  blbdrive - ok
22:15:42.0921 0x0a68  [ 5AB58C337AC65837FE404462AD6265AB, F7E145F5D8DB1017D5B7B9D5380100F170FE5CC2050B5F7346A521B7B72D2166 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
22:15:42.0926 0x0a68  Bonjour Service - ok
22:15:42.0958 0x0a68  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:15:42.0959 0x0a68  bowser - ok
22:15:42.0969 0x0a68  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:15:42.0970 0x0a68  BrFiltLo - ok
22:15:42.0977 0x0a68  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:15:42.0977 0x0a68  BrFiltUp - ok
22:15:42.0992 0x0a68  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:15:42.0994 0x0a68  Browser - ok
22:15:43.0011 0x0a68  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:15:43.0015 0x0a68  Brserid - ok
22:15:43.0025 0x0a68  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:15:43.0026 0x0a68  BrSerWdm - ok
22:15:43.0040 0x0a68  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:15:43.0041 0x0a68  BrUsbMdm - ok
22:15:43.0043 0x0a68  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:15:43.0044 0x0a68  BrUsbSer - ok
22:15:43.0060 0x0a68  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:15:43.0062 0x0a68  BTHMODEM - ok
22:15:43.0079 0x0a68  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:15:43.0081 0x0a68  bthserv - ok
22:15:43.0097 0x0a68  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:15:43.0099 0x0a68  cdfs - ok
22:15:43.0127 0x0a68  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
22:15:43.0130 0x0a68  cdrom - ok
22:15:43.0171 0x0a68  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:15:43.0172 0x0a68  CertPropSvc - ok
22:15:43.0180 0x0a68  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:15:43.0181 0x0a68  circlass - ok
22:15:43.0204 0x0a68  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
22:15:43.0210 0x0a68  CLFS - ok
22:15:43.0261 0x0a68  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:15:43.0263 0x0a68  clr_optimization_v2.0.50727_32 - ok
22:15:43.0300 0x0a68  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:15:43.0302 0x0a68  clr_optimization_v2.0.50727_64 - ok
22:15:43.0361 0x0a68  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:15:43.0364 0x0a68  clr_optimization_v4.0.30319_32 - ok
22:15:43.0374 0x0a68  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:15:43.0376 0x0a68  clr_optimization_v4.0.30319_64 - ok
22:15:43.0393 0x0a68  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:15:43.0393 0x0a68  CmBatt - ok
22:15:43.0429 0x0a68  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:15:43.0430 0x0a68  cmdide - ok
22:15:43.0520 0x0a68  [ 6B56A1437913C1DEA2EE1F8B5DB1ED74, 9DAD4084BECAED81F9646960A971496810CCAD2A129743E24A9AA4D63A991BFB ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
22:15:43.0594 0x0a68  cmudaxp - ok
22:15:43.0643 0x0a68  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
22:15:43.0649 0x0a68  CNG - ok
22:15:43.0661 0x0a68  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:15:43.0662 0x0a68  Compbatt - ok
22:15:43.0694 0x0a68  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:15:43.0695 0x0a68  CompositeBus - ok
22:15:43.0703 0x0a68  COMSysApp - ok
22:15:43.0816 0x0a68  cpuz136 - ok
22:15:43.0827 0x0a68  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:15:43.0828 0x0a68  crcdisk - ok
22:15:43.0877 0x0a68  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:15:43.0881 0x0a68  CryptSvc - ok
22:15:43.0909 0x0a68  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
22:15:43.0916 0x0a68  CSC - ok
22:15:43.0952 0x0a68  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
22:15:43.0961 0x0a68  CscService - ok
22:15:43.0986 0x0a68  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:15:43.0994 0x0a68  DcomLaunch - ok
22:15:44.0026 0x0a68  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:15:44.0030 0x0a68  defragsvc - ok
22:15:44.0055 0x0a68  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:15:44.0057 0x0a68  DfsC - ok
22:15:44.0081 0x0a68  [ 0B3F6C8F93C5C25977EA5A8B2E656357, 1B1C8DA8592D2B892382E062017E60BF02B1B6642822039F21446DF01FAFDEE1 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
22:15:44.0083 0x0a68  dg_ssudbus - ok
22:15:44.0105 0x0a68  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:15:44.0110 0x0a68  Dhcp - ok
22:15:44.0119 0x0a68  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:15:44.0119 0x0a68  discache - ok
22:15:44.0136 0x0a68  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:15:44.0137 0x0a68  Disk - ok
22:15:44.0157 0x0a68  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:15:44.0160 0x0a68  Dnscache - ok
22:15:44.0184 0x0a68  [ FA122BC1451B1B35B7814FBE1ACF1924, 4E27B5E6201EC8B02EC578E4D16E8D34AC178081781E70FEA94D9D0A9B4C24D0 ] Dokan           C:\Windows\system32\drivers\dokan.sys
22:15:44.0186 0x0a68  Dokan - ok
22:15:44.0202 0x0a68  [ 8C856E531A1170F53AC6844E89CD0B5F, 64202D7CEF356A1BADE59A8D1F005483B69655D13BCA008110D667855DC6EE89 ] DokanMounter    C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
22:15:44.0209 0x0a68  DokanMounter - ok
22:15:44.0238 0x0a68  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:15:44.0243 0x0a68  dot3svc - ok
22:15:44.0265 0x0a68  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:15:44.0268 0x0a68  DPS - ok
22:15:44.0318 0x0a68  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:15:44.0319 0x0a68  drmkaud - ok
22:15:44.0364 0x0a68  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:15:44.0375 0x0a68  DXGKrnl - ok
22:15:44.0397 0x0a68  [ EAFCB4551836FF44EE775CEDDFA7A77E, 5C01EC0EA6B5B04C51F39EA3B22E1A06F47CB88470A667937C56D4A3BCC19309 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
22:15:44.0400 0x0a68  e1cexpress - ok
22:15:44.0410 0x0a68  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:15:44.0412 0x0a68  EapHost - ok
22:15:44.0491 0x0a68  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:15:44.0564 0x0a68  ebdrv - ok
22:15:44.0596 0x0a68  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
22:15:44.0597 0x0a68  EFS - ok
22:15:44.0635 0x0a68  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:15:44.0645 0x0a68  ehRecvr - ok
22:15:44.0668 0x0a68  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:15:44.0670 0x0a68  ehSched - ok
22:15:44.0692 0x0a68  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:15:44.0699 0x0a68  elxstor - ok
22:15:44.0721 0x0a68  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:15:44.0722 0x0a68  ErrDev - ok
22:15:44.0743 0x0a68  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:15:44.0749 0x0a68  EventSystem - ok
22:15:44.0763 0x0a68  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:15:44.0766 0x0a68  exfat - ok
22:15:44.0781 0x0a68  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:15:44.0785 0x0a68  fastfat - ok
22:15:44.0823 0x0a68  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:15:44.0833 0x0a68  Fax - ok
22:15:44.0861 0x0a68  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:15:44.0862 0x0a68  fdc - ok
22:15:44.0876 0x0a68  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:15:44.0877 0x0a68  fdPHost - ok
22:15:44.0879 0x0a68  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:15:44.0880 0x0a68  FDResPub - ok
22:15:44.0889 0x0a68  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:15:44.0890 0x0a68  FileInfo - ok
22:15:44.0892 0x0a68  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:15:44.0893 0x0a68  Filetrace - ok
22:15:44.0895 0x0a68  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:15:44.0896 0x0a68  flpydisk - ok
22:15:44.0935 0x0a68  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:15:44.0939 0x0a68  FltMgr - ok
22:15:44.0985 0x0a68  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
22:15:45.0005 0x0a68  FontCache - ok
22:15:45.0054 0x0a68  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:15:45.0055 0x0a68  FontCache3.0.0.0 - ok
22:15:45.0064 0x0a68  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:15:45.0066 0x0a68  FsDepends - ok
22:15:45.0083 0x0a68  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:15:45.0084 0x0a68  Fs_Rec - ok
22:15:45.0121 0x0a68  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:15:45.0124 0x0a68  fvevol - ok
22:15:45.0140 0x0a68  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:15:45.0141 0x0a68  gagp30kx - ok
22:15:45.0184 0x0a68  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:15:45.0195 0x0a68  gpsvc - ok
22:15:45.0264 0x0a68  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:15:45.0266 0x0a68  gupdate - ok
22:15:45.0269 0x0a68  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:15:45.0271 0x0a68  gupdatem - ok
22:15:45.0284 0x0a68  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:15:45.0285 0x0a68  hcw85cir - ok
22:15:45.0314 0x0a68  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:15:45.0319 0x0a68  HdAudAddService - ok
22:15:45.0340 0x0a68  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:15:45.0342 0x0a68  HDAudBus - ok
22:15:45.0357 0x0a68  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:15:45.0358 0x0a68  HidBatt - ok
22:15:45.0375 0x0a68  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:15:45.0377 0x0a68  HidBth - ok
22:15:45.0386 0x0a68  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:15:45.0387 0x0a68  HidIr - ok
22:15:45.0394 0x0a68  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:15:45.0395 0x0a68  hidserv - ok
22:15:45.0441 0x0a68  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
22:15:45.0442 0x0a68  HidUsb - ok
22:15:45.0476 0x0a68  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:15:45.0478 0x0a68  hkmsvc - ok
22:15:45.0507 0x0a68  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:15:45.0511 0x0a68  HomeGroupListener - ok
22:15:45.0529 0x0a68  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:15:45.0533 0x0a68  HomeGroupProvider - ok
22:15:45.0541 0x0a68  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:15:45.0543 0x0a68  HpSAMD - ok
22:15:45.0593 0x0a68  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:15:45.0603 0x0a68  HTTP - ok
22:15:45.0618 0x0a68  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:15:45.0618 0x0a68  hwpolicy - ok
22:15:45.0639 0x0a68  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:15:45.0641 0x0a68  i8042prt - ok
22:15:45.0681 0x0a68  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:15:45.0689 0x0a68  iaStor - ok
22:15:45.0707 0x0a68  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:15:45.0713 0x0a68  iaStorV - ok
22:15:45.0761 0x0a68  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:15:45.0773 0x0a68  idsvc - ok
22:15:45.0795 0x0a68  IEEtwCollectorService - ok
22:15:45.0810 0x0a68  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:15:45.0811 0x0a68  iirsp - ok
22:15:45.0853 0x0a68  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:15:45.0865 0x0a68  IKEEXT - ok
22:15:45.0936 0x0a68  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:15:46.0477 0x0a68  Intel® Capability Licensing Service Interface - ok
22:15:46.0504 0x0a68  [ D0E680E2F30FE6611895F2F34324A67C, 5842912FB85FC0B4BD0D2DC9D4F6F14FCA7074384C1D8536E2DAD04B1B58E238 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
22:15:46.0507 0x0a68  Intel® PROSet Monitoring Service - ok
22:15:46.0530 0x0a68  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:15:46.0531 0x0a68  intelide - ok
22:15:46.0551 0x0a68  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:15:46.0553 0x0a68  intelppm - ok
22:15:46.0560 0x0a68  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:15:46.0562 0x0a68  IPBusEnum - ok
22:15:46.0600 0x0a68  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:15:46.0602 0x0a68  IpFilterDriver - ok
22:15:46.0642 0x0a68  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:15:46.0650 0x0a68  iphlpsvc - ok
22:15:46.0682 0x0a68  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:15:46.0684 0x0a68  IPMIDRV - ok
22:15:46.0696 0x0a68  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:15:46.0699 0x0a68  IPNAT - ok
22:15:46.0716 0x0a68  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:15:46.0717 0x0a68  IRENUM - ok
22:15:46.0735 0x0a68  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:15:46.0736 0x0a68  isapnp - ok
22:15:46.0756 0x0a68  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:15:46.0760 0x0a68  iScsiPrt - ok
22:15:46.0768 0x0a68  [ 8E4577C6E0D3114170509159DE658907, 2FC7F96766537716503AB1BAD7EBDB2F16F3CE1584AF4261D57C6A4E00E1A417 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
22:15:46.0768 0x0a68  iusb3hcs - ok
22:15:46.0792 0x0a68  [ FE76346E9B57DA575BD1B3BD0CCAD7FF, 8961A08326F66E9FDF63912797C605FEEC23F9B0453D132AB6897DA98BC9AEAB ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
22:15:46.0796 0x0a68  iusb3hub - ok
22:15:46.0820 0x0a68  [ 1008CD90DA2198FFD250298DEB9DF160, 2CBA5FF2369861E8F8A55799AFFFC8E5B331A8BD17B559641E87A4C6C0D70206 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
22:15:46.0828 0x0a68  iusb3xhc - ok
22:15:46.0881 0x0a68  [ C44B44E24B929631D9D7368F5B2B40CF, A7F11A5A970FA30CC358B9A0FE8163B686208E424C6682AEA45C06B1E7E11963 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
22:15:46.0883 0x0a68  jhi_service - ok
22:15:46.0893 0x0a68  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:15:46.0894 0x0a68  kbdclass - ok
22:15:46.0902 0x0a68  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:15:46.0903 0x0a68  kbdhid - ok
22:15:46.0912 0x0a68  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
22:15:46.0913 0x0a68  KeyIso - ok
22:15:46.0948 0x0a68  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:15:46.0949 0x0a68  KSecDD - ok
22:15:46.0963 0x0a68  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:15:46.0965 0x0a68  KSecPkg - ok
22:15:46.0967 0x0a68  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:15:46.0968 0x0a68  ksthunk - ok
22:15:47.0002 0x0a68  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:15:47.0008 0x0a68  KtmRm - ok
22:15:47.0048 0x0a68  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:15:47.0052 0x0a68  LanmanServer - ok
22:15:47.0094 0x0a68  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:15:47.0096 0x0a68  LanmanWorkstation - ok
22:15:47.0122 0x0a68  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:15:47.0123 0x0a68  lltdio - ok
22:15:47.0156 0x0a68  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:15:47.0161 0x0a68  lltdsvc - ok
22:15:47.0178 0x0a68  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:15:47.0180 0x0a68  lmhosts - ok
22:15:47.0193 0x0a68  [ 75F29D77B0540FCF47EE3BE000BBABDA, 3FFDDC42D51FABAA7F3BFD088F008DE39F3479B25214260D98336F00B6336BFA ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:15:47.0198 0x0a68  LMS - ok
22:15:47.0216 0x0a68  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:15:47.0219 0x0a68  LSI_FC - ok
22:15:47.0230 0x0a68  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:15:47.0232 0x0a68  LSI_SAS - ok
22:15:47.0244 0x0a68  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:15:47.0246 0x0a68  LSI_SAS2 - ok
22:15:47.0256 0x0a68  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:15:47.0258 0x0a68  LSI_SCSI - ok
22:15:47.0274 0x0a68  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:15:47.0276 0x0a68  luafv - ok
22:15:47.0297 0x0a68  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:15:47.0299 0x0a68  Mcx2Svc - ok
22:15:47.0315 0x0a68  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:15:47.0316 0x0a68  megasas - ok
22:15:47.0339 0x0a68  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:15:47.0343 0x0a68  MegaSR - ok
22:15:47.0361 0x0a68  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
22:15:47.0362 0x0a68  MEIx64 - ok
22:15:47.0412 0x0a68  Microsoft SharePoint Workspace Audit Service - ok
22:15:47.0425 0x0a68  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:15:47.0426 0x0a68  MMCSS - ok
22:15:47.0442 0x0a68  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:15:47.0443 0x0a68  Modem - ok
22:15:47.0457 0x0a68  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:15:47.0458 0x0a68  monitor - ok
22:15:47.0472 0x0a68  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:15:47.0473 0x0a68  mouclass - ok
22:15:47.0495 0x0a68  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:15:47.0496 0x0a68  mouhid - ok
22:15:47.0533 0x0a68  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:15:47.0535 0x0a68  mountmgr - ok
22:15:47.0557 0x0a68  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:15:47.0559 0x0a68  MozillaMaintenance - ok
22:15:47.0603 0x0a68  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
22:15:47.0607 0x0a68  MpFilter - ok
22:15:47.0621 0x0a68  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:15:47.0623 0x0a68  mpio - ok
22:15:47.0651 0x0a68  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:15:47.0652 0x0a68  mpsdrv - ok
22:15:47.0706 0x0a68  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:15:47.0718 0x0a68  MpsSvc - ok
22:15:47.0768 0x0a68  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:15:47.0770 0x0a68  MRxDAV - ok
22:15:47.0790 0x0a68  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:15:47.0792 0x0a68  mrxsmb - ok
22:15:47.0801 0x0a68  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:15:47.0805 0x0a68  mrxsmb10 - ok
22:15:47.0820 0x0a68  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:15:47.0822 0x0a68  mrxsmb20 - ok
22:15:47.0851 0x0a68  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:15:47.0852 0x0a68  msahci - ok
22:15:47.0863 0x0a68  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:15:47.0866 0x0a68  msdsm - ok
22:15:47.0883 0x0a68  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:15:47.0886 0x0a68  MSDTC - ok
22:15:47.0899 0x0a68  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:15:47.0899 0x0a68  Msfs - ok
22:15:47.0901 0x0a68  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:15:47.0902 0x0a68  mshidkmdf - ok
22:15:47.0934 0x0a68  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:15:47.0934 0x0a68  msisadrv - ok
22:15:47.0959 0x0a68  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:15:47.0962 0x0a68  MSiSCSI - ok
22:15:47.0964 0x0a68  msiserver - ok
22:15:47.0990 0x0a68  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:15:47.0991 0x0a68  MSKSSRV - ok
22:15:48.0056 0x0a68  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:15:48.0056 0x0a68  MsMpSvc - ok
22:15:48.0069 0x0a68  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:15:48.0070 0x0a68  MSPCLOCK - ok
22:15:48.0085 0x0a68  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:15:48.0086 0x0a68  MSPQM - ok
22:15:48.0124 0x0a68  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:15:48.0129 0x0a68  MsRPC - ok
22:15:48.0160 0x0a68  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:15:48.0160 0x0a68  mssmbios - ok
22:15:48.0170 0x0a68  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:15:48.0171 0x0a68  MSTEE - ok
22:15:48.0182 0x0a68  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:15:48.0183 0x0a68  MTConfig - ok
22:15:48.0189 0x0a68  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:15:48.0190 0x0a68  Mup - ok
22:15:48.0235 0x0a68  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:15:48.0242 0x0a68  napagent - ok
22:15:48.0270 0x0a68  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:15:48.0274 0x0a68  NativeWifiP - ok
22:15:48.0320 0x0a68  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:15:48.0337 0x0a68  NDIS - ok
22:15:48.0352 0x0a68  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:15:48.0354 0x0a68  NdisCap - ok
22:15:48.0376 0x0a68  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:15:48.0377 0x0a68  NdisTapi - ok
22:15:48.0403 0x0a68  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:15:48.0404 0x0a68  Ndisuio - ok
22:15:48.0433 0x0a68  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:15:48.0435 0x0a68  NdisWan - ok
22:15:48.0476 0x0a68  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:15:48.0477 0x0a68  NDProxy - ok
22:15:48.0487 0x0a68  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:15:48.0488 0x0a68  NetBIOS - ok
22:15:48.0511 0x0a68  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:15:48.0515 0x0a68  NetBT - ok
22:15:48.0520 0x0a68  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
22:15:48.0521 0x0a68  Netlogon - ok
22:15:48.0538 0x0a68  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:15:48.0544 0x0a68  Netman - ok
22:15:48.0611 0x0a68  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:15:48.0614 0x0a68  NetMsmqActivator - ok
22:15:48.0617 0x0a68  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:15:48.0618 0x0a68  NetPipeActivator - ok
22:15:48.0634 0x0a68  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:15:48.0641 0x0a68  netprofm - ok
22:15:48.0644 0x0a68  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:15:48.0646 0x0a68  NetTcpActivator - ok
22:15:48.0649 0x0a68  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:15:48.0650 0x0a68  NetTcpPortSharing - ok
22:15:48.0680 0x0a68  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:15:48.0681 0x0a68  nfrd960 - ok
22:15:48.0715 0x0a68  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:15:48.0717 0x0a68  NisDrv - ok
22:15:48.0759 0x0a68  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
22:15:48.0765 0x0a68  NisSrv - ok
22:15:48.0818 0x0a68  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:15:48.0823 0x0a68  NlaSvc - ok
22:15:48.0826 0x0a68  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:15:48.0826 0x0a68  Npfs - ok
22:15:48.0844 0x0a68  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:15:48.0845 0x0a68  nsi - ok
22:15:48.0847 0x0a68  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:15:48.0847 0x0a68  nsiproxy - ok
22:15:48.0900 0x0a68  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:15:48.0936 0x0a68  Ntfs - ok
22:15:48.0948 0x0a68  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:15:48.0949 0x0a68  Null - ok
22:15:48.0984 0x0a68  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:15:48.0986 0x0a68  nvraid - ok
22:15:48.0997 0x0a68  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:15:49.0000 0x0a68  nvstor - ok
22:15:49.0016 0x0a68  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:15:49.0018 0x0a68  nv_agp - ok
22:15:49.0041 0x0a68  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:15:49.0043 0x0a68  ohci1394 - ok
22:15:49.0087 0x0a68  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:15:49.0090 0x0a68  ose - ok
22:15:49.0210 0x0a68  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:15:49.0308 0x0a68  osppsvc - ok
22:15:49.0334 0x0a68  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:15:49.0339 0x0a68  p2pimsvc - ok
22:15:49.0355 0x0a68  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:15:49.0362 0x0a68  p2psvc - ok
22:15:49.0370 0x0a68  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:15:49.0372 0x0a68  Parport - ok
22:15:49.0388 0x0a68  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:15:49.0389 0x0a68  partmgr - ok
22:15:49.0407 0x0a68  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:15:49.0411 0x0a68  PcaSvc - ok
22:15:49.0422 0x0a68  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:15:49.0425 0x0a68  pci - ok
22:15:49.0447 0x0a68  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:15:49.0448 0x0a68  pciide - ok
22:15:49.0469 0x0a68  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:15:49.0473 0x0a68  pcmcia - ok
22:15:49.0481 0x0a68  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:15:49.0482 0x0a68  pcw - ok
22:15:49.0503 0x0a68  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:15:49.0511 0x0a68  PEAUTH - ok
22:15:49.0553 0x0a68  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:15:49.0589 0x0a68  PeerDistSvc - ok
22:15:49.0650 0x0a68  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:15:49.0652 0x0a68  PerfHost - ok
22:15:49.0711 0x0a68  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:15:49.0748 0x0a68  pla - ok
22:15:49.0794 0x0a68  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:15:49.0800 0x0a68  PlugPlay - ok
22:15:49.0816 0x0a68  PnkBstrA - ok
22:15:49.0823 0x0a68  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:15:49.0825 0x0a68  PNRPAutoReg - ok
22:15:49.0831 0x0a68  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:15:49.0835 0x0a68  PNRPsvc - ok
22:15:49.0877 0x0a68  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:15:49.0884 0x0a68  PolicyAgent - ok
22:15:49.0901 0x0a68  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:15:49.0904 0x0a68  Power - ok
22:15:49.0945 0x0a68  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:15:49.0947 0x0a68  PptpMiniport - ok
22:15:49.0966 0x0a68  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:15:49.0967 0x0a68  Processor - ok
22:15:49.0992 0x0a68  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:15:49.0996 0x0a68  ProfSvc - ok
22:15:50.0008 0x0a68  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:15:50.0009 0x0a68  ProtectedStorage - ok
22:15:50.0035 0x0a68  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:15:50.0037 0x0a68  Psched - ok
22:15:50.0092 0x0a68  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:15:50.0128 0x0a68  ql2300 - ok
22:15:50.0140 0x0a68  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:15:50.0142 0x0a68  ql40xx - ok
22:15:50.0159 0x0a68  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:15:50.0163 0x0a68  QWAVE - ok
22:15:50.0179 0x0a68  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:15:50.0180 0x0a68  QWAVEdrv - ok
22:15:50.0195 0x0a68  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:15:50.0196 0x0a68  RasAcd - ok
22:15:50.0224 0x0a68  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:15:50.0225 0x0a68  RasAgileVpn - ok
22:15:50.0240 0x0a68  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:15:50.0242 0x0a68  RasAuto - ok
22:15:50.0268 0x0a68  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:15:50.0270 0x0a68  Rasl2tp - ok
22:15:50.0312 0x0a68  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:15:50.0317 0x0a68  RasMan - ok
22:15:50.0335 0x0a68  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:15:50.0336 0x0a68  RasPppoe - ok
22:15:50.0351 0x0a68  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:15:50.0353 0x0a68  RasSstp - ok
22:15:50.0366 0x0a68  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:15:50.0371 0x0a68  rdbss - ok
22:15:50.0380 0x0a68  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:15:50.0381 0x0a68  rdpbus - ok
22:15:50.0383 0x0a68  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:15:50.0383 0x0a68  RDPCDD - ok
22:15:50.0416 0x0a68  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:15:50.0418 0x0a68  RDPDR - ok
22:15:50.0427 0x0a68  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:15:50.0427 0x0a68  RDPENCDD - ok
22:15:50.0429 0x0a68  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:15:50.0430 0x0a68  RDPREFMP - ok
22:15:50.0457 0x0a68  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:15:50.0460 0x0a68  RDPWD - ok
22:15:50.0493 0x0a68  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:15:50.0496 0x0a68  rdyboost - ok
22:15:50.0521 0x0a68  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:15:50.0523 0x0a68  RemoteAccess - ok
22:15:50.0548 0x0a68  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:15:50.0551 0x0a68  RemoteRegistry - ok
22:15:50.0557 0x0a68  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:15:50.0559 0x0a68  RpcEptMapper - ok
22:15:50.0570 0x0a68  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:15:50.0571 0x0a68  RpcLocator - ok
22:15:50.0610 0x0a68  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:15:50.0616 0x0a68  RpcSs - ok
22:15:50.0620 0x0a68  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:15:50.0621 0x0a68  rspndr - ok
22:15:50.0658 0x0a68  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:15:50.0659 0x0a68  s3cap - ok
22:15:50.0661 0x0a68  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
22:15:50.0662 0x0a68  SamSs - ok
22:15:50.0692 0x0a68  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:15:50.0694 0x0a68  sbp2port - ok
22:15:50.0708 0x0a68  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:15:50.0712 0x0a68  SCardSvr - ok
22:15:50.0754 0x0a68  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:15:50.0755 0x0a68  scfilter - ok
22:15:50.0808 0x0a68  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:15:50.0826 0x0a68  Schedule - ok
22:15:50.0863 0x0a68  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:15:50.0864 0x0a68  SCPolicySvc - ok
22:15:50.0894 0x0a68  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:15:50.0897 0x0a68  SDRSVC - ok
22:15:50.0907 0x0a68  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:15:50.0908 0x0a68  secdrv - ok
22:15:50.0910 0x0a68  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:15:50.0912 0x0a68  seclogon - ok
22:15:50.0930 0x0a68  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:15:50.0932 0x0a68  SENS - ok
22:15:50.0934 0x0a68  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:15:50.0935 0x0a68  SensrSvc - ok
22:15:50.0948 0x0a68  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:15:50.0949 0x0a68  Serenum - ok
22:15:50.0968 0x0a68  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:15:50.0970 0x0a68  Serial - ok
22:15:50.0997 0x0a68  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:15:50.0998 0x0a68  sermouse - ok
22:15:51.0029 0x0a68  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:15:51.0032 0x0a68  SessionEnv - ok
22:15:51.0064 0x0a68  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:15:51.0065 0x0a68  sffdisk - ok
22:15:51.0074 0x0a68  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:15:51.0075 0x0a68  sffp_mmc - ok
22:15:51.0088 0x0a68  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:15:51.0089 0x0a68  sffp_sd - ok
22:15:51.0110 0x0a68  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:15:51.0111 0x0a68  sfloppy - ok
22:15:51.0127 0x0a68  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:15:51.0133 0x0a68  SharedAccess - ok
22:15:51.0167 0x0a68  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:15:51.0173 0x0a68  ShellHWDetection - ok
22:15:51.0199 0x0a68  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:15:51.0201 0x0a68  SiSRaid2 - ok
22:15:51.0216 0x0a68  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:15:51.0217 0x0a68  SiSRaid4 - ok
22:15:51.0275 0x0a68  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:15:51.0278 0x0a68  SkypeUpdate - ok
22:15:51.0308 0x0a68  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:15:51.0310 0x0a68  Smb - ok
22:15:51.0313 0x0a68  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:15:51.0315 0x0a68  SNMPTRAP - ok
22:15:51.0322 0x0a68  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:15:51.0323 0x0a68  spldr - ok
22:15:51.0353 0x0a68  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:15:51.0362 0x0a68  Spooler - ok
22:15:51.0454 0x0a68  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:15:51.0526 0x0a68  sppsvc - ok
22:15:51.0539 0x0a68  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:15:51.0541 0x0a68  sppuinotify - ok
22:15:51.0562 0x0a68  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:15:51.0569 0x0a68  srv - ok
22:15:51.0581 0x0a68  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:15:51.0587 0x0a68  srv2 - ok
22:15:51.0594 0x0a68  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:15:51.0596 0x0a68  srvnet - ok
22:15:51.0604 0x0a68  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:15:51.0607 0x0a68  SSDPSRV - ok
22:15:51.0614 0x0a68  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:15:51.0616 0x0a68  SstpSvc - ok
22:15:51.0659 0x0a68  [ EA8F41484CCC5BA6A1455C2AD3D1BE3C, B206AA8F4BA7C1E15561B4F2011FA483C5401B0300914F747804A116CCE972BF ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
22:15:51.0663 0x0a68  ssudmdm - ok
22:15:51.0709 0x0a68  [ 6E869465A4ECC7AE8DADC9807E0379CC, 03EC993B8307F184D8C3496540C28740369C14B2336CA0F7EFB85C15C345BA14 ] ssudserd        C:\Windows\system32\DRIVERS\ssudserd.sys
22:15:51.0712 0x0a68  ssudserd - ok
22:15:51.0812 0x0a68  [ 8B0E4CCA058C9489D20AAEC2826E1BD5, CAACD4AAA8B557952BFE36CA6BC5F0374F789A3AC0E59165E545EAD9E92E7A7D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:15:51.0820 0x0a68  Steam Client Service - ok
22:15:51.0830 0x0a68  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:15:51.0831 0x0a68  stexstor - ok
22:15:51.0884 0x0a68  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:15:51.0892 0x0a68  stisvc - ok
22:15:51.0898 0x0a68  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:15:51.0898 0x0a68  storflt - ok
22:15:51.0918 0x0a68  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
22:15:51.0919 0x0a68  StorSvc - ok
22:15:51.0948 0x0a68  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:15:51.0949 0x0a68  storvsc - ok
22:15:51.0951 0x0a68  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:15:51.0952 0x0a68  swenum - ok
22:15:51.0972 0x0a68  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:15:51.0979 0x0a68  swprv - ok
22:15:52.0041 0x0a68  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:15:52.0078 0x0a68  SysMain - ok
22:15:52.0110 0x0a68  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:15:52.0112 0x0a68  TabletInputService - ok
22:15:52.0143 0x0a68  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:15:52.0149 0x0a68  TapiSrv - ok
22:15:52.0175 0x0a68  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:15:52.0176 0x0a68  TBS - ok
22:15:52.0242 0x0a68  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:15:52.0279 0x0a68  Tcpip - ok
22:15:52.0318 0x0a68  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:15:52.0338 0x0a68  TCPIP6 - ok
22:15:52.0371 0x0a68  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:15:52.0373 0x0a68  tcpipreg - ok
22:15:52.0391 0x0a68  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:15:52.0392 0x0a68  TDPIPE - ok
22:15:52.0404 0x0a68  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:15:52.0405 0x0a68  TDTCP - ok
22:15:52.0443 0x0a68  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:15:52.0445 0x0a68  tdx - ok
22:15:52.0457 0x0a68  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:15:52.0458 0x0a68  TermDD - ok
22:15:52.0492 0x0a68  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
22:15:52.0502 0x0a68  TermService - ok
22:15:52.0517 0x0a68  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:15:52.0519 0x0a68  Themes - ok
22:15:52.0548 0x0a68  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:15:52.0549 0x0a68  THREADORDER - ok
22:15:52.0556 0x0a68  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:15:52.0559 0x0a68  TrkWks - ok
22:15:52.0615 0x0a68  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
22:15:52.0618 0x0a68  truecrypt - ok
22:15:52.0673 0x0a68  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:15:52.0676 0x0a68  TrustedInstaller - ok
22:15:52.0708 0x0a68  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:15:52.0709 0x0a68  tssecsrv - ok
22:15:52.0738 0x0a68  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:15:52.0739 0x0a68  TsUsbFlt - ok
22:15:52.0769 0x0a68  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:15:52.0772 0x0a68  tunnel - ok
22:15:52.0788 0x0a68  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:15:52.0789 0x0a68  uagp35 - ok
22:15:52.0826 0x0a68  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:15:52.0830 0x0a68  udfs - ok
22:15:52.0834 0x0a68  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:15:52.0836 0x0a68  UI0Detect - ok
22:15:52.0858 0x0a68  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:15:52.0859 0x0a68  uliagpkx - ok
22:15:52.0886 0x0a68  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:15:52.0887 0x0a68  umbus - ok
22:15:52.0895 0x0a68  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:15:52.0896 0x0a68  UmPass - ok
22:15:52.0910 0x0a68  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:15:52.0914 0x0a68  UmRdpService - ok
22:15:52.0962 0x0a68  [ 193AD338F2A64D17300AD640ADFA5D0A, DABFFFE66CE7335F477C14C1D95AB9DB3C2EA3155ACBE41049FE217532E731C0 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:15:52.0967 0x0a68  UNS - ok
22:15:52.0986 0x0a68  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:15:52.0992 0x0a68  upnphost - ok
22:15:53.0046 0x0a68  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:15:53.0070 0x0a68  usbccgp - ok
22:15:53.0104 0x0a68  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:15:53.0106 0x0a68  usbcir - ok
22:15:53.0136 0x0a68  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:15:53.0137 0x0a68  usbehci - ok
22:15:53.0182 0x0a68  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:15:53.0195 0x0a68  usbhub - ok
22:15:53.0214 0x0a68  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:15:53.0215 0x0a68  usbohci - ok
22:15:53.0240 0x0a68  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:15:53.0241 0x0a68  usbprint - ok
22:15:53.0255 0x0a68  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:15:53.0262 0x0a68  USBSTOR - ok
22:15:53.0302 0x0a68  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:15:53.0304 0x0a68  usbuhci - ok
22:15:53.0318 0x0a68  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:15:53.0320 0x0a68  UxSms - ok
22:15:53.0332 0x0a68  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
22:15:53.0333 0x0a68  VaultSvc - ok
22:15:53.0341 0x0a68  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:15:53.0342 0x0a68  vdrvroot - ok
22:15:53.0383 0x0a68  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:15:53.0391 0x0a68  vds - ok
22:15:53.0416 0x0a68  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:15:53.0417 0x0a68  vga - ok
22:15:53.0424 0x0a68  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:15:53.0425 0x0a68  VgaSave - ok
22:15:53.0466 0x0a68  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:15:53.0469 0x0a68  vhdmp - ok
22:15:53.0502 0x0a68  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:15:53.0503 0x0a68  viaide - ok
22:15:53.0533 0x0a68  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:15:53.0536 0x0a68  vmbus - ok
22:15:53.0567 0x0a68  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:15:53.0568 0x0a68  VMBusHID - ok
22:15:53.0583 0x0a68  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:15:53.0585 0x0a68  volmgr - ok
22:15:53.0622 0x0a68  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:15:53.0627 0x0a68  volmgrx - ok
22:15:53.0646 0x0a68  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:15:53.0650 0x0a68  volsnap - ok
22:15:53.0660 0x0a68  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:15:53.0663 0x0a68  vsmraid - ok
22:15:53.0728 0x0a68  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:15:53.0764 0x0a68  VSS - ok
22:15:53.0775 0x0a68  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:15:53.0776 0x0a68  vwifibus - ok
22:15:53.0795 0x0a68  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:15:53.0801 0x0a68  W32Time - ok
22:15:53.0825 0x0a68  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:15:53.0826 0x0a68  WacomPen - ok
22:15:53.0844 0x0a68  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:15:53.0846 0x0a68  WANARP - ok
22:15:53.0849 0x0a68  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:15:53.0850 0x0a68  Wanarpv6 - ok
22:15:53.0894 0x0a68  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:15:53.0931 0x0a68  WatAdminSvc - ok
22:15:53.0975 0x0a68  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:15:54.0011 0x0a68  wbengine - ok
22:15:54.0028 0x0a68  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:15:54.0032 0x0a68  WbioSrvc - ok
22:15:54.0073 0x0a68  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:15:54.0079 0x0a68  wcncsvc - ok
22:15:54.0085 0x0a68  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:15:54.0087 0x0a68  WcsPlugInService - ok
22:15:54.0105 0x0a68  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:15:54.0106 0x0a68  Wd - ok
22:15:54.0155 0x0a68  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:15:54.0165 0x0a68  Wdf01000 - ok
22:15:54.0186 0x0a68  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:15:54.0189 0x0a68  WdiServiceHost - ok
22:15:54.0191 0x0a68  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:15:54.0193 0x0a68  WdiSystemHost - ok
22:15:54.0237 0x0a68  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
22:15:54.0242 0x0a68  WebClient - ok
22:15:54.0252 0x0a68  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:15:54.0257 0x0a68  Wecsvc - ok
22:15:54.0263 0x0a68  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:15:54.0265 0x0a68  wercplsupport - ok
22:15:54.0277 0x0a68  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:15:54.0280 0x0a68  WerSvc - ok
22:15:54.0295 0x0a68  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:15:54.0295 0x0a68  WfpLwf - ok
22:15:54.0298 0x0a68  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:15:54.0299 0x0a68  WIMMount - ok
22:15:54.0324 0x0a68  WinDefend - ok
22:15:54.0332 0x0a68  WinHttpAutoProxySvc - ok
22:15:54.0387 0x0a68  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:15:54.0391 0x0a68  Winmgmt - ok
22:15:54.0437 0x0a68  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:15:54.0485 0x0a68  WinRM - ok
22:15:54.0516 0x0a68  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:15:54.0534 0x0a68  Wlansvc - ok
22:15:54.0635 0x0a68  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:15:54.0685 0x0a68  wlidsvc - ok
22:15:54.0727 0x0a68  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:15:54.0727 0x0a68  WmiAcpi - ok
22:15:54.0736 0x0a68  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:15:54.0740 0x0a68  wmiApSrv - ok
22:15:54.0755 0x0a68  WMPNetworkSvc - ok
22:15:54.0761 0x0a68  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:15:54.0763 0x0a68  WPCSvc - ok
22:15:54.0771 0x0a68  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:15:54.0774 0x0a68  WPDBusEnum - ok
22:15:54.0779 0x0a68  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:15:54.0780 0x0a68  ws2ifsl - ok
22:15:54.0783 0x0a68  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:15:54.0785 0x0a68  wscsvc - ok
22:15:54.0786 0x0a68  WSearch - ok
22:15:54.0854 0x0a68  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:15:54.0902 0x0a68  wuauserv - ok
22:15:54.0942 0x0a68  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:15:54.0944 0x0a68  WudfPf - ok
22:15:54.0968 0x0a68  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:15:54.0971 0x0a68  WUDFRd - ok
22:15:55.0001 0x0a68  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:15:55.0003 0x0a68  wudfsvc - ok
22:15:55.0034 0x0a68  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:15:55.0039 0x0a68  WwanSvc - ok
22:15:55.0041 0x0a68  ================ Scan global ===============================
22:15:55.0070 0x0a68  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:15:55.0107 0x0a68  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:15:55.0114 0x0a68  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:15:55.0133 0x0a68  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:15:55.0162 0x0a68  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:15:55.0168 0x0a68  [ Global ] - ok
22:15:55.0168 0x0a68  ================ Scan MBR ==================================
22:15:55.0186 0x0a68  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:15:55.0331 0x0a68  \Device\Harddisk0\DR0 - ok
22:15:55.0331 0x0a68  ================ Scan VBR ==================================
22:15:55.0332 0x0a68  [ 9BEDA5A8940EE3EA860EB0F737679779 ] \Device\Harddisk0\DR0\Partition1
22:15:55.0333 0x0a68  \Device\Harddisk0\DR0\Partition1 - ok
22:15:55.0356 0x0a68  [ D229CE19600B5447885754BB99D08898 ] \Device\Harddisk0\DR0\Partition2
22:15:55.0357 0x0a68  \Device\Harddisk0\DR0\Partition2 - ok
22:15:55.0358 0x0a68  Waiting for KSN requests completion. In queue: 334
22:15:56.0358 0x0a68  Waiting for KSN requests completion. In queue: 334
22:15:57.0358 0x0a68  Waiting for KSN requests completion. In queue: 23
22:15:58.0365 0x0a68  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
22:15:58.0383 0x0a68  Win FW state via NFP2: enabled
22:16:01.0048 0x0a68  ============================================================
22:16:01.0048 0x0a68  Scan finished
22:16:01.0048 0x0a68  ============================================================
22:16:01.0052 0x0b8c  Detected object count: 0
22:16:01.0052 0x0b8c  Actual detected object count: 0
 

 

 

 

 

# AdwCleaner v3.017 - Report created 13/01/2014 at 22:20:46
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Jack - STUDENT00044207
# Running from : C:\Users\Jack\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\3tmh1080.default\Extensions\anttoolbar@ant.com

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Trymedia Systems

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-GB)

[ File : C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\3tmh1080.default\prefs.js ]

Line Deleted : user_pref("surfcanyon.fractions", "0.0_0.0\r\n");
Line Deleted : user_pref("surfcanyon.last_checked_ts", "1267034761887");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2781 octets] - [13/01/2014 22:17:19]
AdwCleaner[S0].txt - [2695 octets] - [13/01/2014 22:20:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2755 octets] ##########
 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x64
Ran by Jack on 13/01/2014 at 22:25:08.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Jack\AppData\Roaming\mozilla\firefox\profiles\3tmh1080.default\prefs.js

user_pref("extensions.personas.current", "{\"id\":\"66592\",\"name\":\"TF2 Scout - Hot Dog\",\"accentcolor\":\"#707070\",\"textcolor\":\"#000000\",\"description\":\"Team Fortr
user_pref("extensions.personas.lastselected0", "{\"id\":\"66592\",\"name\":\"TF2 Scout - Hot Dog\",\"accentcolor\":\"#707070\",\"textcolor\":\"#000000\",\"description\":\"Team
user_pref("lightweightThemes.usedThemes", "[{\"id\":\"66592\",\"name\":\"TF2 Scout - Hot Dog\",\"headerURL\":\"hxxps://addons.mozilla.org/_files/47949/header.jpg?1257809039\",
Emptied folder: C:\Users\Jack\AppData\Roaming\mozilla\firefox\profiles\3tmh1080.default\minidumps [335 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/01/2014 at 22:28:47.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

ESET found no threats.

 

 

Thanks.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:07 AM

Posted 14 January 2014 - 10:17 PM

You may need to reinstall "caphyon" it was removed. Have to tell the JRT author about that one.


Lets run 2 more quick ones and see how it is.

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).


Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Nayde

Nayde
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 January 2014 - 01:48 PM

In all honestly I don't know what caphyon is so perhaps it's a good thing that it was removed :)

 

Here are the logs:

 

MBAM

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.15.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Jack :: STUDENT00044207 [administrator]

15/01/2014 18:16:51
mbam-log-2014-01-15 (18-16-51).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210165
Time elapsed: 1 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

 

aswMBR

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-01-15 18:18:26
-----------------------------
18:18:26.234    OS Version: Windows x64 6.1.7601 Service Pack 1
18:18:26.234    Number of processors: 4 586 0x3A09
18:18:26.234    ComputerName: STUDENT00044207  UserName: Jack
18:18:28.519    Initialize success
18:19:18.673    AVAST engine defs: 14011401
18:19:32.868    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:19:32.870    Disk 0 Vendor: WDC_WD20EARX-32PASB0 51.0AB51 Size: 1907729MB BusType: 11
18:19:32.976    Disk 0 MBR read successfully
18:19:32.978    Disk 0 MBR scan
18:19:32.981    Disk 0 Windows 7 default MBR code
18:19:32.983    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
18:19:33.002    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS      1907627 MB offset 206848
18:19:33.048    Disk 0 scanning C:\Windows\system32\drivers
18:19:43.950    Service scanning
18:20:04.667    Modules scanning
18:20:04.670    Disk 0 trace - called modules:
18:20:04.690    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
18:20:04.693    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800773c790]
18:20:04.695    3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80076e8680]
18:20:07.143    AVAST engine scan C:\Windows
18:20:10.683    AVAST engine scan C:\Windows\system32
18:23:06.426    AVAST engine scan C:\Windows\system32\drivers
18:23:19.769    AVAST engine scan C:\Users\Jack
18:36:34.647    AVAST engine scan C:\ProgramData
18:37:50.275    Scan finished successfully
18:47:29.595    Disk 0 MBR has been saved successfully to "C:\Users\Jack\Desktop\MBR.dat"
18:47:29.613    The log file has been saved successfully to "C:\Users\Jack\Desktop\aswMBR.txt"

 

 

Cheers.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:07 AM

Posted 15 January 2014 - 03:50 PM

It looks clean here,do you still get the notice?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Nayde

Nayde
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 January 2014 - 04:12 PM

If by notice you mean random appearance of a website, then I haven't had it again since the first occassion. The randomness was what worried me and the fact that it happened while I was away from the computer, but if these scans haven't shown up anything suspicious then I suppose I can rest easy for now. If it happens again, naturally I'll be back here.

 

Thanks very much for your help.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:07 AM

Posted 15 January 2014 - 04:14 PM

You're welcome!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users