Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sneaking suspicion that I have a keylogger, maybe more.


  • Please log in to reply
14 replies to this topic

#1 D&S+14

D&S+14

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 14 March 2014 - 08:13 PM

Hi there,

 

I'm running Windows 8.0 on a 2.40Gz Toshiba C-55A. Just because of how it has been working and things have been happening, I have a sneaking suspicion that I am not alone on this computer...

 

I ran a full Norton scan, and it detected a file that was quarantined (and later deleted from the computer).  However, I really think there's something more going on.  I'd hit it with ComboFix but I'm not a superuser.  I used ASC (IOBit) on it and it found a new piece of adware buried in the computer.  So something is on the computer, there's no question about that.

 

What should I do to bring it to your attention so I can clean it?

 

Thanks much.


Edited by D&S+14, 14 March 2014 - 08:13 PM.


BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 14 March 2014 - 08:54 PM

Hello D&S

Lets see if we can se something...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 14 March 2014 - 09:40 PM

Here is from Minitoobox:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Daniel (administrator) on 14-03-2014 at 16:39:08
Running from "C:\DTA"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188E Wireless LAN 802.11n PCI-E NIC = Wi-Fi (Connected)
Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : MDV88
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 2C-D0-5A-77-D9-03
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8188E Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 2C-D0-5A-77-D9-03
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:304:b0ba:a7c9:ad76:60f3:ac1f:2f39(Preferred)
   Temporary IPv6 Address. . . . . . : 2602:304:b0ba:a7c9:74e9:4ada:3978:9dc2(Preferred)
   Link-local IPv6 Address . . . . . : fe80::ad76:60f3:ac1f:2f39%15(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.247(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, March 14, 2014 4:32:27 PM
   Lease Expires . . . . . . . . . . : Saturday, March 15, 2014 4:32:26 PM
   Default Gateway . . . . . . . . . : fe80::4694:fcff:fe02:b21e%15
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 355258458
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-25-7E-BC-00-8C-FA-4B-82-D5
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : 00-8C-FA-4B-82-D5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{34401365-2B4D-43D9-9AFE-AEBF5EA3E117}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:343b:1cc2:3f57:fe08(Preferred)
   Link-local IPv6 Address . . . . . : fe80::343b:1cc2:3f57:fe08%17(Preferred)
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dslrouter
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4002:c06::8a
      74.125.21.101
      74.125.21.113
      74.125.21.139
      74.125.21.100
      74.125.21.138
      74.125.21.102


Pinging google.com [2607:f8b0:4002:c06::8a] with 32 bytes of data:
Reply from 2607:f8b0:4002:c06::8a: time=97ms
Reply from 2607:f8b0:4002:c06::8a: time=97ms

Ping statistics for 2607:f8b0:4002:c06::8a:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 97ms, Maximum = 97ms, Average = 97ms
Server:  dslrouter
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=138ms TTL=49
Reply from 98.138.253.109: bytes=32 time=110ms TTL=49

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 110ms, Maximum = 138ms, Average = 124ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...2c d0 5a 77 d9 03 ......Microsoft Wi-Fi Direct Virtual Adapter
 15...2c d0 5a 77 d9 03 ......Realtek RTL8188E Wireless LAN 802.11n PCI-E NIC
 12...00 8c fa 4b 82 d5 ......Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.247     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.247    281
    192.168.1.247  255.255.255.255         On-link     192.168.1.247    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.247    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.247    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.247    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15    281 ::/0                     fe80::4694:fcff:fe02:b21e
  1    306 ::1/128                  On-link
 17    306 2001::/32                On-link
 17    306 2001:0:5ef5:79fd:343b:1cc2:3f57:fe08/128
                                    On-link
 15    281 2602:304:b0ba:a7c9::/64  On-link
 15    281 2602:304:b0ba:a7c9:74e9:4ada:3978:9dc2/128
                                    On-link
 15    281 2602:304:b0ba:a7c9:ad76:60f3:ac1f:2f39/128
                                    On-link
 15    281 fe80::/64                On-link
 17    306 fe80::/64                On-link
 17    306 fe80::343b:1cc2:3f57:fe08/128
                                    On-link
 15    281 fe80::ad76:60f3:ac1f:2f39/128
                                    On-link
  1    306 ff00::/8                 On-link
 17    306 ff00::/8                 On-link
 15    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/14/2014 04:33:09 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (03/14/2014 04:23:47 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (03/14/2014 03:24:46 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -528.

Error: (03/14/2014 03:24:46 PM) (Source: ESENT) (User: )
Description: Catalog Database (1148) Catalog Database: Error -1811 (0xfffff8ed) occurred while opening logfile C:\windows\system32\CatRoot2\edb000CE.log.

Error: (03/14/2014 00:32:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (03/14/2014 00:31:03 PM) (Source: Application Hang) (User: )
Description: The program wwahost.exe version 6.2.9200.16420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ba4

Start Time: 01cf3fd4f658d78d

Termination Time: 4294967295

Application Path: C:\windows\system32\wwahost.exe

Report Id: 4e9e7e87-abc8-11e3-be77-008cfa4b82d5

Faulting package full name: Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Error: (03/14/2014 00:30:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: MDV88)
Description: Package Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe was terminated because it took too long to suspend.

Error: (03/14/2014 08:31:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (03/14/2014 08:30:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (03/14/2014 08:09:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.


System errors:
=============
Error: (03/14/2014 04:33:43 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/14/2014 04:32:21 PM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume \\?\Volume{c380dcca-f307-11e2-be76-008cfa4b82d5} encountered a non-retryable error and could not start.  The data contains the error code.

Error: (03/14/2014 04:24:14 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/14/2014 04:22:47 PM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume \\?\Volume{c380dcca-f307-11e2-be76-008cfa4b82d5} encountered a non-retryable error and could not start.  The data contains the error code.

Error: (03/14/2014 04:14:41 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/14/2014 04:13:09 PM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume \\?\Volume{c380dcca-f307-11e2-be76-008cfa4b82d5} encountered a non-retryable error and could not start.  The data contains the error code.

Error: (03/14/2014 04:05:26 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/14/2014 04:03:58 PM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume \\?\Volume{c380dcca-f307-11e2-be76-008cfa4b82d5} encountered a non-retryable error and could not start.  The data contains the error code.

Error: (03/14/2014 03:59:30 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/14/2014 03:57:45 PM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume \\?\Volume{c380dcca-f307-11e2-be76-008cfa4b82d5} encountered a non-retryable error and could not start.  The data contains the error code.


Microsoft Office Sessions:
=========================
Error: (03/14/2014 04:33:09 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (03/14/2014 04:23:47 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (03/14/2014 03:24:46 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -528

Error: (03/14/2014 03:24:46 PM) (Source: ESENT)(User: )
Description: Catalog Database1148Catalog Database: C:\windows\system32\CatRoot2\edb000CE.log-1811 (0xfffff8ed)

Error: (03/14/2014 00:32:36 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\$RECYCLE.BIN\S-1-5-21-1752752159-3194649852-1660913844-1001\$RG7CMHV.exe

Error: (03/14/2014 00:31:03 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.2.9200.16420ba401cf3fd4f658d78d4294967295C:\windows\system32\wwahost.exe4e9e7e87-abc8-11e3-be77-008cfa4b82d5Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbweApp

Error: (03/14/2014 00:30:55 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: MDV88)
Description: Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe

Error: (03/14/2014 08:31:15 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe

Error: (03/14/2014 08:30:01 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe

Error: (03/14/2014 08:09:20 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2014-03-14 16:38:35.267
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-14 16:34:30.450
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-14 16:32:35.840
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-14 16:25:17.062
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-14 16:23:03.409
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-14 16:15:29.973
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-14 16:13:25.870
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-14 16:06:57.961
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-14 16:06:19.531
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-14 16:00:33.380
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

µTorrent (Version: 3.4.0.30635)
7-Zip 9.20
Adobe AIR (Version: 3.6.0.5970)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Reader XI  MUI (Version: 11.0.00)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
Advanced SystemCare Ultimate 7 (Version: 7.0.1)
Bejeweled 3 (Version: 2.2.0.97)
Chuzzle Deluxe (Version: 2.2.0.95)
Cucusoft Auto Update 1.0.5
Cucusoft Net Guard 2.3.4.1
DTS Sound (Version: 1.00.0057)
Elementals - The Magic Key (Version: 2.2.0.97)
Google Earth Plug-in (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.22.5)
Intel® Management Engine Components (Version: 8.1.30.1349)
Intel® Processor Graphics (Version: 9.17.10.3040)
Intel® Rapid Storage Technology (Version: 12.0.4.1001)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
IObit Uninstaller (Version: 3.0.4.1099)
Jack of All Tribes (Version: 2.2.0.97)
Java 7 Update 51 (64-bit) (Version: 7.0.510)
King Oddball (Version: 3.0.2.48)
Luxor Evolved (Version: 2.2.0.98)
Microsoft Office (Version: 15.0.4454.1510)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Movie Studio Platinum 12.0 (64-bit) (Version: 12.0.576)
Mozilla Firefox 27.0.1 (x86 en-US) (Version: 27.0.1)
Mozilla Maintenance Service (Version: 27.0.1)
Mozilla Thunderbird 24.3.0 (x86 en-US) (Version: 24.3.0)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MUSHclient (remove only)
Norton Anti-Theft (Version: 1.6.0.17)
Norton Internet Security (Version: 20.4.0.40)
Norton Online Backup (Version: 2.7.0.24)
Norton Online Backup ARA (Version: 4.3.0.14)
Norton PC Checkup (Version: 3.0.5.38.0)
OpenOffice 4.0.1 (Version: 4.01.9714)
Origin (Version: 9.1.12.73)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Pokki (Version: 0.262.11.408)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.1.0.13)
Realtek High Definition Audio Driver (Version: 6.0.1.6865)
Realtek USB Card Reader (Version: 6.2.9200.39041)
Realtek WLAN Driver (Version: 2.00.0021)
Scorched3D 43.3d (Version: 43.3d)
Surfing Protection (Version: 1.0)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.3.10.4)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.5)
TOSHIBA Audio Enhancement (Version: 2.0.15.4)
Toshiba Book Place (Version: 3.3.9661)
TOSHIBA Desktop Assist (Version: 1.01.02.6405)
TOSHIBA eco Utility (Version: 2.0.3.6403)
TOSHIBA Function Key (Version: 1.00.6629.6406)
TOSHIBA HDD Accelerator (Version: 2.0.0001)
TOSHIBA Password Utility (Version: v2.0.0.7)
TOSHIBA Quality Application (Version: 1.0.8)
TOSHIBA Recovery Media Creator (Version: 3.0.01.55004008)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.2.5.03)
TOSHIBA Service Station (Version: 2.5.6)
Toshiba Start (Version: 1.0.0.0)
TOSHIBA System Driver (Version: 1.00.0020)
TOSHIBA System Settings (Version: 1.00.0007.32003)
TOSHIBA User's Guide (Version: 1.00.02)
TOSHIBA VIDEO PLAYER (Version: 5.3.5.59)
TOSHIBARegistration (Version: 1.1.6)
Update Installer for WildTangent Games App
VLC media player 2.0.7 (Version: 2.0.7)
WildTangent Games (Version: 1.0.4.0)
WildTangent Games App (Toshiba Games) (Version: 4.0.10.15)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Wonderland Solitaire (Version: 2.2.0.110)

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 6023.27 MB
Available physical RAM: 3975.68 MB
Total Pagefile: 10119.27 MB
Available Pagefile: 8053.03 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.11 MB

========================= Partitions: =====================================

1 Drive c: (TI10664600G) (Fixed) (Total:686.53 GB) (Free:434.69 GB) NTFS
3 Drive g: (Western Digital) (Fixed) (Total:148.44 GB) (Free:148.3 GB) NTFS
4 Drive h: (Seagate FreeAgent Drive) (Fixed) (Total:298.09 GB) (Free:77.73 GB) NTFS

========================= Users: ========================================

User accounts for \\MDV88

Administrator            ASPNET                   Daniel                   
Guest                    


**** End of log ****
 



#4 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 14 March 2014 - 09:43 PM

This is the result from TDSS Killer

 

16:40:14.0274 0x0858  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
16:40:14.0274 0x0858  UEFI system
16:41:00.0963 0x0858  ============================================================
16:41:00.0963 0x0858  Current date / time: 2014/03/14 16:41:00.0963
16:41:00.0963 0x0858  SystemInfo:
16:41:00.0963 0x0858  
16:41:00.0963 0x0858  OS Version: 6.2.9200 ServicePack: 0.0
16:41:00.0963 0x0858  Product type: Workstation
16:41:00.0963 0x0858  ComputerName: MDV88
16:41:00.0963 0x0858  UserName: Daniel
16:41:00.0963 0x0858  Windows directory: C:\windows
16:41:00.0963 0x0858  System windows directory: C:\windows
16:41:00.0963 0x0858  Running under WOW64
16:41:00.0963 0x0858  Processor architecture: Intel x64
16:41:00.0963 0x0858  Number of processors: 2
16:41:00.0963 0x0858  Page size: 0x1000
16:41:00.0963 0x0858  Boot type: Normal boot
16:41:00.0963 0x0858  ============================================================
16:41:02.0448 0x0858  KLMD registered as C:\windows\system32\drivers\51176516.sys
16:41:02.0620 0x0858  System UUID: {068DEDEC-6F83-2F99-E39F-ACC13B5F0AE8}
16:41:03.0276 0x0858  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:03.0276 0x0858  Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:41:03.0276 0x0858  Drive \Device\Harddisk2\DR2 - Size: 0x4A85D55C00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:41:03.0588 0x0858  ============================================================
16:41:03.0588 0x0858  \Device\Harddisk0\DR0:
16:41:03.0588 0x0858  GPT partitions:
16:41:03.0588 0x0858  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {296F465A-A39B-11E2-A1A5-D6452F6C7727}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
16:41:03.0588 0x0858  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {296F4660-A39B-11E2-A1A5-D6452F6C7727}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x82000
16:41:03.0588 0x0858  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {296F4662-A39B-11E2-A1A5-D6452F6C7727}, Name: Basic data partition, StartLBA 0x282800, BlocksNum 0x40000
16:41:03.0588 0x0858  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {296F4668-A39B-11E2-A1A5-D6452F6C7727}, Name: Basic data partition, StartLBA 0x2C2800, BlocksNum 0x55D11800
16:41:03.0588 0x0858  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D6817152-FB2F-4CA1-A7F6-3315C67E7F69}, Name: Basic data partition, StartLBA 0x55FD4000, BlocksNum 0x1572000
16:41:03.0588 0x0858  MBR partitions:
16:41:03.0588 0x0858  \Device\Harddisk1\DR1:
16:41:03.0588 0x0858  MBR partitions:
16:41:03.0588 0x0858  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x135000, BlocksNum 0x128E3800
16:41:03.0588 0x0858  \Device\Harddisk2\DR2:
16:41:03.0667 0x0858  MBR partitions:
16:41:03.0667 0x0858  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D680
16:41:03.0667 0x0858  ============================================================
16:41:03.0713 0x0858  C: <-> \Device\Harddisk0\DR0\Partition4
16:41:04.0057 0x0858  G: <-> \Device\Harddisk1\DR1\Partition1
16:41:04.0182 0x0858  H: <-> \Device\Harddisk2\DR2\Partition1
16:41:04.0182 0x0858  ============================================================
16:41:04.0182 0x0858  Initialize success
16:41:04.0182 0x0858  ============================================================
16:41:15.0917 0x133c  ============================================================
16:41:15.0917 0x133c  Scan started
16:41:15.0917 0x133c  Mode: Manual;
16:41:15.0917 0x133c  ============================================================
16:41:15.0917 0x133c  KSN ping started
16:41:19.0058 0x133c  KSN ping finished: true
16:41:20.0261 0x133c  ================ Scan system memory ========================
16:41:20.0261 0x133c  System memory - ok
16:41:20.0261 0x133c  ================ Scan services =============================
16:41:20.0855 0x133c  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
16:41:20.0871 0x133c  1394ohci - ok
16:41:20.0886 0x133c  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\windows\system32\drivers\3ware.sys
16:41:20.0886 0x133c  3ware - ok
16:41:20.0917 0x133c  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\windows\system32\drivers\ACPI.sys
16:41:20.0933 0x133c  ACPI - ok
16:41:20.0949 0x133c  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\windows\system32\Drivers\acpiex.sys
16:41:20.0949 0x133c  acpiex - ok
16:41:20.0949 0x133c  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
16:41:20.0949 0x133c  acpipagr - ok
16:41:20.0964 0x133c  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
16:41:20.0964 0x133c  AcpiPmi - ok
16:41:20.0964 0x133c  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\windows\System32\drivers\acpitime.sys
16:41:20.0980 0x133c  acpitime - ok
16:41:21.0042 0x133c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:41:21.0042 0x133c  AdobeARMservice - ok
16:41:21.0136 0x133c  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:41:21.0152 0x133c  AdobeFlashPlayerUpdateSvc - ok
16:41:21.0199 0x133c  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
16:41:21.0246 0x133c  adp94xx - ok
16:41:21.0261 0x133c  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\windows\system32\drivers\adpahci.sys
16:41:21.0261 0x133c  adpahci - ok
16:41:21.0277 0x133c  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\windows\system32\drivers\adpu320.sys
16:41:21.0277 0x133c  adpu320 - ok
16:41:21.0464 0x133c  [ 0834672395C9DEE6D7C5EF8A3CD26760, 9D081475E6D6F754AA671881F8538894C0B108CA299EAAE29E3C66D6B94A1B1F ] AdvancedSystemCareService7 C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
16:41:21.0480 0x133c  AdvancedSystemCareService7 - ok
16:41:21.0511 0x133c  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
16:41:21.0511 0x133c  AeLookupSvc - ok
16:41:21.0558 0x133c  [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD             C:\windows\system32\drivers\afd.sys
16:41:21.0589 0x133c  AFD - ok
16:41:21.0621 0x133c  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\windows\system32\drivers\agp440.sys
16:41:21.0636 0x133c  agp440 - ok
16:41:21.0652 0x133c  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\windows\System32\alg.exe
16:41:21.0667 0x133c  ALG - ok
16:41:21.0699 0x133c  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
16:41:21.0714 0x133c  AllUserInstallAgent - ok
16:41:21.0714 0x133c  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\windows\System32\drivers\amdk8.sys
16:41:21.0730 0x133c  AmdK8 - ok
16:41:21.0730 0x133c  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
16:41:21.0746 0x133c  AmdPPM - ok
16:41:21.0746 0x133c  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\windows\system32\drivers\amdsata.sys
16:41:21.0746 0x133c  amdsata - ok
16:41:21.0761 0x133c  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
16:41:21.0761 0x133c  amdsbs - ok
16:41:21.0777 0x133c  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\windows\system32\drivers\amdxata.sys
16:41:21.0777 0x133c  amdxata - ok
16:41:21.0792 0x133c  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\windows\system32\drivers\appid.sys
16:41:21.0792 0x133c  AppID - ok
16:41:21.0808 0x133c  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\windows\System32\appidsvc.dll
16:41:21.0824 0x133c  AppIDSvc - ok
16:41:21.0839 0x133c  [ D64C4AFEE8277F35EF729A2B924666B0, 543AA2B2CD09820437646CFE01AFDBA6B764AA588E663759DEB93CB4F25E09D7 ] Appinfo         C:\windows\System32\appinfo.dll
16:41:21.0839 0x133c  Appinfo - ok
16:41:21.0839 0x133c  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\windows\system32\drivers\arc.sys
16:41:21.0839 0x133c  arc - ok
16:41:21.0855 0x133c  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\windows\system32\drivers\arcsas.sys
16:41:21.0855 0x133c  arcsas - ok
16:41:21.0886 0x133c  [ F56A396592D5F3D65AAB953B8C967265, 4EC98E18D7B71937FD4045B4A4AD75E915FD94A5EF76AAAF3392C3E8656186FA ] ASCAntivirusSrv C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe
16:41:21.0902 0x133c  ASCAntivirusSrv - ok
16:41:21.0902 0x133c  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
16:41:21.0902 0x133c  AsyncMac - ok
16:41:21.0917 0x133c  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\windows\system32\drivers\atapi.sys
16:41:21.0917 0x133c  atapi - ok
16:41:21.0933 0x133c  [ 810ED88782952228AF9C0985FB7D259E, 234DE596B4A92BE5955B1D766721FBC55D853D0620BD54E1445FB199434D0052 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
16:41:21.0949 0x133c  AudioEndpointBuilder - ok
16:41:21.0980 0x133c  [ 25CA8B87479A374919563B3EE7136F32, 1954C7C67C6493879D431746BD311BEDBA2C54E689551D45CE1E1D67692E9FF8 ] Audiosrv        C:\windows\System32\Audiosrv.dll
16:41:21.0996 0x133c  Audiosrv - ok
16:41:22.0011 0x133c  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\windows\System32\AxInstSV.dll
16:41:22.0027 0x133c  AxInstSV - ok
16:41:22.0058 0x133c  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
16:41:22.0089 0x133c  b06bdrv - ok
16:41:22.0105 0x133c  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
16:41:22.0105 0x133c  BasicDisplay - ok
16:41:22.0105 0x133c  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
16:41:22.0105 0x133c  BasicRender - ok
16:41:22.0136 0x133c  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\windows\System32\bdesvc.dll
16:41:22.0136 0x133c  BDESVC - ok
16:41:22.0152 0x133c  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\windows\system32\drivers\Beep.sys
16:41:22.0167 0x133c  Beep - ok
16:41:22.0214 0x133c  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\windows\System32\bfe.dll
16:41:22.0230 0x133c  BFE - ok
16:41:22.0558 0x133c  [ F14F048B4D05FBCE536250EA74BF9FDC, 63E25E916209B6AF7AAC98B665E0128842F1EFDDEF95D50095514A9FDDC522A9 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20140214.001\BHDrvx64.sys
16:41:22.0574 0x133c  BHDrvx64 - ok
16:41:22.0667 0x133c  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\windows\System32\qmgr.dll
16:41:22.0714 0x133c  BITS - ok
16:41:22.0730 0x133c  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
16:41:22.0777 0x133c  bowser - ok
16:41:22.0808 0x133c  [ 975398A3D2C1FEA73FC93931978DF354, 623E66E79BF16AC82E5DD579B1D50AA1A884FAFC042C3C8A1B503C97A84098DF ] BrokerInfrastructure C:\windows\System32\bisrv.dll
16:41:22.0824 0x133c  BrokerInfrastructure - ok
16:41:22.0855 0x133c  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\windows\System32\browser.dll
16:41:22.0855 0x133c  Browser - ok
16:41:22.0886 0x133c  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D, 2EA75F8D7D3BDDDE19B48D71D09C797BBACD40800BF557F6FD9047CA62FF2B9F ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
16:41:22.0886 0x133c  BthAvrcpTg - ok
16:41:22.0886 0x133c  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
16:41:22.0886 0x133c  BthHFEnum - ok
16:41:22.0886 0x133c  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
16:41:22.0886 0x133c  bthhfhid - ok
16:41:22.0902 0x133c  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
16:41:22.0902 0x133c  BTHMODEM - ok
16:41:22.0917 0x133c  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\windows\system32\bthserv.dll
16:41:22.0933 0x133c  bthserv - ok
16:41:22.0964 0x133c  [ E41F70406C34F1CB667B4B27D81AD162, 8869C7EB9CBF68B90640765D15DB5B8DACEF45025C1E580AA94D96E32560274B ] ccSet_NARA      C:\windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys
16:41:22.0980 0x133c  ccSet_NARA - ok
16:41:23.0011 0x133c  [ A5C13600F63EB92F8D15123D64BA9895, 16683BDDD32525741FDE4505B9C224382047CC8EE9A7DB35FF0FDF32F7D731F8 ] ccSet_NAT       C:\windows\system32\drivers\NATx64\0106000.011\ccSetx64.sys
16:41:23.0011 0x133c  ccSet_NAT - ok
16:41:23.0074 0x133c  [ 56685951208AC81CF923B9B08BEDF3B7, F5FF438B9A54AD8D54E82DE60E1771C9685A95D5E590D69EB1E4E78D3B9B7769 ] ccSet_NIS       C:\windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
16:41:23.0089 0x133c  ccSet_NIS - ok
16:41:23.0105 0x133c  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
16:41:23.0121 0x133c  cdfs - ok
16:41:23.0136 0x133c  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\windows\System32\drivers\cdrom.sys
16:41:23.0136 0x133c  cdrom - ok
16:41:23.0167 0x133c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\windows\System32\certprop.dll
16:41:23.0167 0x133c  CertPropSvc - ok
16:41:23.0167 0x133c  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\windows\System32\drivers\circlass.sys
16:41:23.0183 0x133c  circlass - ok
16:41:23.0199 0x133c  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\windows\system32\drivers\CLFS.sys
16:41:23.0214 0x133c  CLFS - ok
16:41:23.0214 0x133c  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
16:41:23.0214 0x133c  CmBatt - ok
16:41:23.0246 0x133c  [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG             C:\windows\system32\Drivers\cng.sys
16:41:23.0261 0x133c  CNG - ok
16:41:23.0277 0x133c  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
16:41:23.0277 0x133c  CompositeBus - ok
16:41:23.0277 0x133c  COMSysApp - ok
16:41:23.0277 0x133c  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\windows\system32\drivers\condrv.sys
16:41:23.0293 0x133c  condrv - ok
16:41:23.0355 0x133c  [ 77C18414AC96339C569735D9F6CEA8E4, E1E50FACEC901AEB73A3E30BECA9BA94C9AF99D7F01C6D14055F0FE37BF84DF0 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
16:41:23.0371 0x133c  cphs - ok
16:41:23.0402 0x133c  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\windows\system32\cryptsvc.dll
16:41:23.0418 0x133c  CryptSvc - ok
16:41:23.0480 0x133c  [ 12461829627C6ED75DC2D7AF94097F70, 104D4C8CF72F66D7B58A31AB1B9F16CE1D244EAD0B59C2E644CEE97A8FA018D5 ] CS_AutoUpdate   C:\Program Files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe
16:41:23.0480 0x133c  CS_AutoUpdate - ok
16:41:23.0511 0x133c  [ C62FBA28888618418B377C9E72ED0DE5, 06BE08AA9CB82AAEAEA99ED8FB0EBE94B31CFDB3EE48B06BC366F0C540AB37BA ] CS_BandwidthGuard C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys
16:41:23.0511 0x133c  CS_BandwidthGuard - ok
16:41:23.0527 0x133c  [ 361417A9AFC796BF529F12D78FC1BD2C, C0D6AB9E66384082443DE33CF9EB327404BA2C34E162D29AD773F64F2908D917 ] CS_BandwidthGuard64 C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc64.sys
16:41:23.0527 0x133c  CS_BandwidthGuard64 - ok
16:41:23.0558 0x133c  [ 3856D54FD710AB60B8C7A443BC625EAA, AD2A38803320229B9924AA358A5F453F146E17155C24EC79D83ABD3129DBDF57 ] CS_SysMsgProxy  C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys
16:41:23.0558 0x133c  CS_SysMsgProxy - ok
16:41:23.0589 0x133c  [ C4D01BD86D6B207275FC143EEA951D75, D36F7BBE0DB3EAD0C74DE5E6622C89D4568760D8735B6E191AD30990EA8018DC ] dam             C:\windows\system32\drivers\dam.sys
16:41:23.0589 0x133c  dam - ok
16:41:23.0636 0x133c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\windows\system32\rpcss.dll
16:41:23.0668 0x133c  DcomLaunch - ok
16:41:23.0699 0x133c  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\windows\System32\defragsvc.dll
16:41:23.0699 0x133c  defragsvc - ok
16:41:23.0730 0x133c  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
16:41:23.0730 0x133c  DeviceAssociationService - ok
16:41:23.0746 0x133c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
16:41:23.0777 0x133c  DeviceInstall - ok
16:41:23.0793 0x133c  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
16:41:23.0793 0x133c  Dfsc - ok
16:41:23.0824 0x133c  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\windows\system32\dhcpcore.dll
16:41:23.0839 0x133c  Dhcp - ok
16:41:23.0839 0x133c  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\windows\system32\drivers\discache.sys
16:41:23.0855 0x133c  discache - ok
16:41:23.0886 0x133c  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\windows\system32\drivers\disk.sys
16:41:23.0886 0x133c  disk - ok
16:41:23.0886 0x133c  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
16:41:23.0886 0x133c  dmvsc - ok
16:41:23.0949 0x133c  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\windows\System32\dnsrslvr.dll
16:41:23.0949 0x133c  Dnscache - ok
16:41:23.0964 0x133c  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\windows\System32\dot3svc.dll
16:41:23.0964 0x133c  dot3svc - ok
16:41:23.0980 0x133c  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\windows\system32\dps.dll
16:41:23.0980 0x133c  DPS - ok
16:41:24.0011 0x133c  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
16:41:24.0011 0x133c  drmkaud - ok
16:41:24.0043 0x133c  [ BF48F32EE248C3D371DA5DC93BBEADA7, C8E9B685A8F2F99140382557F11E362D899E7EC6693ADEFE762F0A3850585C63 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
16:41:24.0058 0x133c  DsmSvc - ok
16:41:24.0105 0x133c  [ 46C3174139F85FFAECE774C766E67AEC, 26B201894105D9D4C3D2AC04AB33DE2B2B658E2B1E737ECCB054715F6663B7CC ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
16:41:24.0105 0x133c  dts_apo_service - ok
16:41:24.0168 0x133c  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9, 3D348D3EFCA9C2AC25C3D0722FB8F64820936DEFD3926888740442972A0A8189 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
16:41:24.0230 0x133c  DXGKrnl - ok
16:41:24.0261 0x133c  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\windows\System32\eapsvc.dll
16:41:24.0277 0x133c  Eaphost - ok
16:41:24.0386 0x133c  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\windows\system32\drivers\evbda.sys
16:41:24.0480 0x133c  ebdrv - ok
16:41:24.0543 0x133c  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:41:24.0558 0x133c  eeCtrl - ok
16:41:24.0589 0x133c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS             C:\windows\System32\lsass.exe
16:41:24.0605 0x133c  EFS - ok
16:41:24.0621 0x133c  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
16:41:24.0636 0x133c  EhStorClass - ok
16:41:24.0636 0x133c  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
16:41:24.0636 0x133c  EhStorTcgDrv - ok
16:41:24.0668 0x133c  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:41:24.0683 0x133c  EraserUtilRebootDrv - ok
16:41:24.0699 0x133c  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\windows\System32\drivers\errdev.sys
16:41:24.0699 0x133c  ErrDev - ok
16:41:24.0746 0x133c  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\windows\system32\es.dll
16:41:24.0761 0x133c  EventSystem - ok
16:41:24.0793 0x133c  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\windows\system32\drivers\exfat.sys
16:41:24.0793 0x133c  exfat - ok
16:41:24.0793 0x133c  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\windows\system32\drivers\fastfat.sys
16:41:24.0808 0x133c  fastfat - ok
16:41:24.0839 0x133c  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\windows\system32\fxssvc.exe
16:41:24.0855 0x133c  Fax - ok
16:41:24.0855 0x133c  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\windows\System32\drivers\fdc.sys
16:41:24.0855 0x133c  fdc - ok
16:41:24.0886 0x133c  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\windows\system32\fdPHost.dll
16:41:24.0886 0x133c  fdPHost - ok
16:41:24.0886 0x133c  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\windows\system32\fdrespub.dll
16:41:24.0902 0x133c  FDResPub - ok
16:41:24.0902 0x133c  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\windows\system32\fhsvc.dll
16:41:24.0902 0x133c  fhsvc - ok
16:41:24.0918 0x133c  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
16:41:24.0918 0x133c  FileInfo - ok
16:41:24.0918 0x133c  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
16:41:24.0918 0x133c  Filetrace - ok
16:41:24.0933 0x133c  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
16:41:24.0933 0x133c  flpydisk - ok
16:41:24.0949 0x133c  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
16:41:24.0949 0x133c  FltMgr - ok
16:41:24.0996 0x133c  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\windows\system32\FntCache.dll
16:41:25.0043 0x133c  FontCache - ok
16:41:25.0121 0x133c  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:41:25.0136 0x133c  FontCache3.0.0.0 - ok
16:41:25.0152 0x133c  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
16:41:25.0152 0x133c  FsDepends - ok
16:41:25.0168 0x133c  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
16:41:25.0168 0x133c  Fs_Rec - ok
16:41:25.0183 0x133c  [ FA228F4BB10DC7ED7E7D131C034E2331, 0463B1DB8BB2B5AF95EAD988EA9DEB5483D9E78C07E07BAC1E3CC46C086B3BB0 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
16:41:25.0199 0x133c  fvevol - ok
16:41:25.0215 0x133c  [ 40A5690A50D003429E6AF655D765AAF4, FAE92750AC7F3E8507D9AAA492253E386F807F254E03F412F035CC46412C0FA5 ] FwLnk           C:\windows\System32\drivers\FwLnk.sys
16:41:25.0215 0x133c  FwLnk - ok
16:41:25.0215 0x133c  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
16:41:25.0215 0x133c  FxPPM - ok
16:41:25.0230 0x133c  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
16:41:25.0230 0x133c  gagp30kx - ok
16:41:25.0293 0x133c  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:41:25.0293 0x133c  GamesAppService - ok
16:41:25.0324 0x133c  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
16:41:25.0324 0x133c  gencounter - ok
16:41:25.0355 0x133c  [ CA18ECFCFFDD638ECE80799A9056B238, FEA6778443253CBAA9FF43A980D576A3F449B036151F91495F04CE0C54F02254 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
16:41:25.0386 0x133c  GPIOClx0101 - ok
16:41:25.0449 0x133c  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\windows\System32\gpsvc.dll
16:41:25.0496 0x133c  gpsvc - ok
16:41:25.0527 0x133c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:41:25.0543 0x133c  gupdate - ok
16:41:25.0558 0x133c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:41:25.0558 0x133c  gupdatem - ok
16:41:25.0589 0x133c  [ C2504AA983B5D411F7D31402E8B57725, B07370E6BF87546F2557C423F7450CBE90E2A13042DEA2864B6047EFE9F459C5 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:41:25.0589 0x133c  HdAudAddService - ok
16:41:25.0605 0x133c  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
16:41:25.0605 0x133c  HDAudBus - ok
16:41:25.0605 0x133c  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
16:41:25.0605 0x133c  HidBatt - ok
16:41:25.0621 0x133c  [ A25BAE8C1F2830C8E5625EC7E4E968BE, 81D441B6616094C604453D8EC289C29D9B84A323B5C7C312C96C8380D51538DA ] HidBth          C:\windows\System32\drivers\hidbth.sys
16:41:25.0621 0x133c  HidBth - ok
16:41:25.0621 0x133c  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
16:41:25.0621 0x133c  hidi2c - ok
16:41:25.0636 0x133c  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\windows\System32\drivers\hidir.sys
16:41:25.0636 0x133c  HidIr - ok
16:41:25.0652 0x133c  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\windows\system32\hidserv.dll
16:41:25.0652 0x133c  hidserv - ok
16:41:25.0683 0x133c  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\windows\System32\drivers\hidusb.sys
16:41:25.0683 0x133c  HidUsb - ok
16:41:25.0730 0x133c  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\windows\system32\kmsvc.dll
16:41:25.0730 0x133c  hkmsvc - ok
16:41:25.0746 0x133c  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:41:25.0746 0x133c  HomeGroupListener - ok
16:41:25.0777 0x133c  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:41:25.0808 0x133c  HomeGroupProvider - ok
16:41:25.0824 0x133c  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
16:41:25.0824 0x133c  HpSAMD - ok
16:41:25.0871 0x133c  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\windows\system32\drivers\HTTP.sys
16:41:25.0902 0x133c  HTTP - ok
16:41:25.0918 0x133c  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
16:41:25.0918 0x133c  hwpolicy - ok
16:41:25.0933 0x133c  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
16:41:25.0949 0x133c  hyperkbd - ok
16:41:25.0949 0x133c  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
16:41:25.0949 0x133c  HyperVideo - ok
16:41:25.0965 0x133c  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
16:41:25.0965 0x133c  i8042prt - ok
16:41:25.0996 0x133c  [ 8E139FA049B84B395EA86B59C4C3D917, EEB8E5D5941112090A5A82549EDC41BB557BE50CF24B1859548F9B24202B6FE4 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
16:41:26.0011 0x133c  iaStorA - ok
16:41:26.0027 0x133c  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
16:41:26.0043 0x133c  iaStorV - ok
16:41:26.0090 0x133c  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
16:41:26.0105 0x133c  ICCS - ok
16:41:26.0340 0x133c  [ DAAA22256BCA5E6EB74CD379F3092AAA, B2F8990EE059F201A9EA7C05B56A3FA7EE99EA148240F2997DF2B0DFB2FC9071 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20140313.001\IDSvia64.sys
16:41:26.0355 0x133c  IDSVia64 - ok
16:41:26.0511 0x133c  [ C63C32080615F49A4B8CA50523D6AA59, 918F247E44F58E12F428768C0A52F0960E53D450449FB0A0D12C278D333A3CD4 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
16:41:26.0652 0x133c  igfx - ok
16:41:26.0683 0x133c  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
16:41:26.0699 0x133c  iirsp - ok
16:41:26.0746 0x133c  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\windows\System32\ikeext.dll
16:41:26.0777 0x133c  IKEEXT - ok
16:41:26.0902 0x133c  [ 7D7711B0F972C73AE46105B42092D82E, AC66AE06B65C03BCEE2FF90732B13B651862382CDFEE85A6B5497DF3A2FF75A2 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
16:41:27.0011 0x133c  IntcAzAudAddService - ok
16:41:27.0027 0x133c  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
16:41:27.0043 0x133c  IntcDAud - ok
16:41:27.0121 0x133c  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:41:27.0136 0x133c  Intel® Capability Licensing Service Interface - ok
16:41:27.0183 0x133c  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
16:41:27.0215 0x133c  Intel® Capability Licensing Service TCP IP Interface - ok
16:41:27.0293 0x133c  [ 683CB8EBB08064BD98C1C300938FB82E, 6F728426D3E3A10627A319D185BE9003C8688C0A92C84C818564CF9CFC8E8B2E ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
16:41:27.0293 0x133c  Intel® ME Service - ok
16:41:27.0308 0x133c  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\windows\system32\drivers\intelide.sys
16:41:27.0308 0x133c  intelide - ok
16:41:27.0340 0x133c  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\windows\System32\drivers\intelppm.sys
16:41:27.0340 0x133c  intelppm - ok
16:41:27.0355 0x133c  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
16:41:27.0355 0x133c  IpFilterDriver - ok
16:41:27.0402 0x133c  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
16:41:27.0433 0x133c  iphlpsvc - ok
16:41:27.0433 0x133c  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
16:41:27.0449 0x133c  IPMIDRV - ok
16:41:27.0449 0x133c  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
16:41:27.0449 0x133c  IPNAT - ok
16:41:27.0465 0x133c  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\windows\system32\drivers\irenum.sys
16:41:27.0465 0x133c  IRENUM - ok
16:41:27.0465 0x133c  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\windows\system32\drivers\isapnp.sys
16:41:27.0465 0x133c  isapnp - ok
16:41:27.0480 0x133c  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
16:41:27.0511 0x133c  iScsiPrt - ok
16:41:27.0527 0x133c  [ 6542512E0F91187C65DF2B2532794F7B, 74E6965AF74DA03B712AA2F450D7F690C4CE2A1EBF82F1BC69A58D96092B9202 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
16:41:27.0527 0x133c  jhi_service - ok
16:41:27.0558 0x133c  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
16:41:27.0558 0x133c  kbdclass - ok
16:41:27.0558 0x133c  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
16:41:27.0558 0x133c  kbdhid - ok
16:41:27.0574 0x133c  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
16:41:27.0574 0x133c  kdnic - ok
16:41:27.0574 0x133c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso          C:\windows\system32\lsass.exe
16:41:27.0574 0x133c  KeyIso - ok
16:41:27.0590 0x133c  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
16:41:27.0590 0x133c  KSecDD - ok
16:41:27.0590 0x133c  [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
16:41:27.0590 0x133c  KSecPkg - ok
16:41:27.0605 0x133c  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
16:41:27.0605 0x133c  ksthunk - ok
16:41:27.0636 0x133c  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\windows\system32\msdtckrm.dll
16:41:27.0652 0x133c  KtmRm - ok
16:41:27.0668 0x133c  [ 11DCE6A4A2211C6CA12ABB4346DFFD51, 6E61BC6C12DD46AEF0A0679B7D41949256554DF2F441E1B1F97A49529F9DE70C ] L1C             C:\windows\system32\DRIVERS\L1C63x64.sys
16:41:27.0668 0x133c  L1C - ok
16:41:27.0699 0x133c  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\windows\system32\srvsvc.dll
16:41:27.0715 0x133c  LanmanServer - ok
16:41:27.0730 0x133c  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:41:27.0746 0x133c  LanmanWorkstation - ok
16:41:27.0871 0x133c  [ FD1A725D68F8082323F9F5C6B09DCDE8, 099CDE4E5780348482C93CF283B03EDA87649E71E776D4F74C5856FD31722832 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
16:41:27.0902 0x133c  LiveUpdateSvc - ok
16:41:27.0933 0x133c  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
16:41:27.0933 0x133c  lltdio - ok
16:41:27.0965 0x133c  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\windows\System32\lltdsvc.dll
16:41:27.0996 0x133c  lltdsvc - ok
16:41:27.0996 0x133c  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\windows\System32\lmhsvc.dll
16:41:27.0996 0x133c  lmhosts - ok
16:41:28.0043 0x133c  [ 11A830C20B929E0AA1F4E5BBF98B666F, 54DC0240961992409FC3CA40C659A7866F1442C9767ADCA286BFBBDEE2E350CA ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:41:28.0043 0x133c  LMS - ok
16:41:28.0090 0x133c  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
16:41:28.0121 0x133c  LSI_SAS - ok
16:41:28.0121 0x133c  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
16:41:28.0137 0x133c  LSI_SAS2 - ok
16:41:28.0152 0x133c  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
16:41:28.0199 0x133c  LSI_SCSI - ok
16:41:28.0199 0x133c  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
16:41:28.0199 0x133c  LSI_SSS - ok
16:41:28.0230 0x133c  [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM             C:\windows\System32\lsm.dll
16:41:28.0246 0x133c  LSM - ok
16:41:28.0262 0x133c  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\windows\system32\drivers\luafv.sys
16:41:28.0262 0x133c  luafv - ok
16:41:28.0277 0x133c  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\windows\system32\drivers\megasas.sys
16:41:28.0277 0x133c  megasas - ok
16:41:28.0293 0x133c  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
16:41:28.0308 0x133c  MegaSR - ok
16:41:28.0324 0x133c  [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
16:41:28.0324 0x133c  MEIx64 - ok
16:41:28.0355 0x133c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\windows\system32\mmcss.dll
16:41:28.0355 0x133c  MMCSS - ok
16:41:28.0371 0x133c  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\windows\system32\drivers\modem.sys
16:41:28.0371 0x133c  Modem - ok
16:41:28.0387 0x133c  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\windows\System32\drivers\monitor.sys
16:41:28.0387 0x133c  monitor - ok
16:41:28.0418 0x133c  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\windows\System32\drivers\mouclass.sys
16:41:28.0418 0x133c  mouclass - ok
16:41:28.0433 0x133c  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\windows\System32\drivers\mouhid.sys
16:41:28.0433 0x133c  mouhid - ok
16:41:28.0433 0x133c  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
16:41:28.0449 0x133c  mountmgr - ok
16:41:28.0512 0x133c  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:41:28.0512 0x133c  MozillaMaintenance - ok
16:41:28.0543 0x133c  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
16:41:28.0543 0x133c  mpsdrv - ok
16:41:28.0590 0x133c  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\windows\system32\mpssvc.dll
16:41:28.0621 0x133c  MpsSvc - ok
16:41:28.0652 0x133c  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
16:41:28.0652 0x133c  MRxDAV - ok
16:41:28.0683 0x133c  [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
16:41:28.0683 0x133c  mrxsmb - ok
16:41:28.0699 0x133c  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
16:41:28.0699 0x133c  mrxsmb10 - ok
16:41:28.0715 0x133c  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
16:41:28.0715 0x133c  mrxsmb20 - ok
16:41:28.0746 0x133c  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
16:41:28.0777 0x133c  MsBridge - ok
16:41:28.0793 0x133c  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\windows\System32\msdtc.exe
16:41:28.0808 0x133c  MSDTC - ok
16:41:28.0824 0x133c  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\windows\system32\drivers\Msfs.sys
16:41:28.0824 0x133c  Msfs - ok
16:41:28.0855 0x133c  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
16:41:28.0855 0x133c  msgpiowin32 - ok
16:41:28.0871 0x133c  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
16:41:28.0871 0x133c  mshidkmdf - ok
16:41:28.0871 0x133c  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
16:41:28.0871 0x133c  mshidumdf - ok
16:41:28.0887 0x133c  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
16:41:28.0887 0x133c  msisadrv - ok
16:41:28.0918 0x133c  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\windows\system32\iscsiexe.dll
16:41:28.0933 0x133c  MSiSCSI - ok
16:41:28.0933 0x133c  msiserver - ok
16:41:28.0949 0x133c  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
16:41:28.0949 0x133c  MSKSSRV - ok
16:41:28.0965 0x133c  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
16:41:28.0965 0x133c  MsLldp - ok
16:41:28.0980 0x133c  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
16:41:28.0980 0x133c  MSPCLOCK - ok
16:41:28.0980 0x133c  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
16:41:28.0980 0x133c  MSPQM - ok
16:41:29.0012 0x133c  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
16:41:29.0012 0x133c  MsRPC - ok
16:41:29.0043 0x133c  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
16:41:29.0043 0x133c  mssmbios - ok
16:41:29.0043 0x133c  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
16:41:29.0043 0x133c  MSTEE - ok
16:41:29.0090 0x133c  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
16:41:29.0090 0x133c  MTConfig - ok
16:41:29.0090 0x133c  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\windows\system32\Drivers\mup.sys
16:41:29.0090 0x133c  Mup - ok
16:41:29.0105 0x133c  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\windows\system32\drivers\mvumis.sys
16:41:29.0121 0x133c  mvumis - ok
16:41:29.0152 0x133c  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\windows\system32\qagentRT.dll
16:41:29.0168 0x133c  napagent - ok
16:41:29.0230 0x133c  [ 8D11DA92F83D8C8281689739BEF05FD5, AD1D95CE084D1BD8310F6AA1CB27BEA98D9354E334AEC448AD6E6F68B52EEBC7 ] NAT             C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\ccSvcHst.exe
16:41:29.0230 0x133c  NAT - ok
16:41:29.0262 0x133c  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
16:41:29.0277 0x133c  NativeWifiP - ok
16:41:29.0402 0x133c  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140314.001\ENG64.SYS
16:41:29.0418 0x133c  NAVENG - ok
16:41:29.0683 0x133c  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140314.001\EX64.SYS
16:41:29.0762 0x133c  NAVEX15 - ok
16:41:29.0808 0x133c  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\windows\System32\ncasvc.dll
16:41:29.0840 0x133c  NcaSvc - ok
16:41:29.0840 0x133c  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
16:41:29.0840 0x133c  NcdAutoSetup - ok
16:41:29.0902 0x133c  [ 03CFE4108D1DE16D6C59455B5C73319C, 0816BAB06457F7ED53F658E53314A7A1D5A0398151186A47CE11A3017D002161 ] NDIS            C:\windows\system32\drivers\ndis.sys
16:41:29.0965 0x133c  NDIS - ok
16:41:29.0996 0x133c  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
16:41:29.0996 0x133c  NdisCap - ok
16:41:29.0996 0x133c  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
16:41:29.0996 0x133c  NdisImPlatform - ok
16:41:30.0012 0x133c  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
16:41:30.0012 0x133c  NdisTapi - ok
16:41:30.0012 0x133c  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
16:41:30.0012 0x133c  Ndisuio - ok
16:41:30.0027 0x133c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
16:41:30.0027 0x133c  NdisWan - ok
16:41:30.0027 0x133c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
16:41:30.0043 0x133c  NDISWANLEGACY - ok
16:41:30.0043 0x133c  [ CE6EBC0AD38CC6482D8FBB744FF15CE2, B8712DB2E574ECFBC840FAAFB874644AB56909382BA2A5A8BC599874BBEAA543 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
16:41:30.0043 0x133c  NDProxy - ok
16:41:30.0043 0x133c  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\windows\system32\drivers\Ndu.sys
16:41:30.0058 0x133c  Ndu - ok
16:41:30.0058 0x133c  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
16:41:30.0058 0x133c  NetBIOS - ok
16:41:30.0074 0x133c  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
16:41:30.0074 0x133c  NetBT - ok
16:41:30.0090 0x133c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon        C:\windows\system32\lsass.exe
16:41:30.0090 0x133c  Netlogon - ok
16:41:30.0105 0x133c  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\windows\System32\netman.dll
16:41:30.0121 0x133c  Netman - ok
16:41:30.0137 0x133c  [ 5FF52E13C72838D87DAF228EC9E92C89, DA25B5FB59E5476A3F204298638580AB3E151F339505FCB3756730EE435B1561 ] netprofm        C:\windows\System32\netprofmsvc.dll
16:41:30.0152 0x133c  netprofm - ok
16:41:30.0199 0x133c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:41:30.0230 0x133c  NetTcpPortSharing - ok
16:41:30.0262 0x133c  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
16:41:30.0277 0x133c  nfrd960 - ok
16:41:30.0324 0x133c  [ 1BF9D6476061B31CD7FC2BF848529A56, 95B585543240E823D7850ADEEEA7A4738EF9E18A4B07D921F145F6EF466F0271 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
16:41:30.0324 0x133c  NIS - ok
16:41:30.0371 0x133c  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\windows\System32\nlasvc.dll
16:41:30.0371 0x133c  NlaSvc - ok
16:41:30.0527 0x133c  [ FD8082D64C151589F12A4F620DBA3030, 649D61BF958ED50C0B5F7E0D2E633D20C8AAA00706A7AE9528DA78E2B6B3492E ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
16:41:30.0637 0x133c  NOBU - ok
16:41:30.0683 0x133c  [ 6A12E8B9CA7A29BB9A7B536F851D3DF3, 521642B755541EF1B1B5E36CE4EA72B65D547ADAB79509461C43E63DC4951ED6 ] Norton PC Checkup Application Launcher C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
16:41:30.0683 0x133c  Norton PC Checkup Application Launcher - ok
16:41:30.0699 0x133c  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\windows\system32\drivers\Npfs.sys
16:41:30.0746 0x133c  Npfs - ok
16:41:30.0777 0x133c  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
16:41:30.0777 0x133c  npsvctrig - ok
16:41:30.0793 0x133c  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\windows\system32\nsisvc.dll
16:41:30.0808 0x133c  nsi - ok
16:41:30.0808 0x133c  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
16:41:30.0808 0x133c  nsiproxy - ok
16:41:30.0887 0x133c  [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
16:41:30.0933 0x133c  Ntfs - ok
16:41:30.0949 0x133c  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\windows\system32\drivers\Null.sys
16:41:30.0949 0x133c  Null - ok
16:41:30.0980 0x133c  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\windows\system32\drivers\nvraid.sys
16:41:30.0996 0x133c  nvraid - ok
16:41:30.0996 0x133c  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\windows\system32\drivers\nvstor.sys
16:41:31.0012 0x133c  nvstor - ok
16:41:31.0012 0x133c  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
16:41:31.0012 0x133c  nv_agp - ok
16:41:31.0043 0x133c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
16:41:31.0059 0x133c  p2pimsvc - ok
16:41:31.0090 0x133c  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\windows\system32\p2psvc.dll
16:41:31.0121 0x133c  p2psvc - ok
16:41:31.0137 0x133c  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\windows\System32\drivers\parport.sys
16:41:31.0168 0x133c  Parport - ok
16:41:31.0184 0x133c  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\windows\system32\drivers\partmgr.sys
16:41:31.0184 0x133c  partmgr - ok
16:41:31.0230 0x133c  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\windows\System32\pcasvc.dll
16:41:31.0246 0x133c  PcaSvc - ok
16:41:31.0246 0x133c  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\windows\system32\drivers\pci.sys
16:41:31.0262 0x133c  pci - ok
16:41:31.0277 0x133c  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\windows\system32\drivers\pciide.sys
16:41:31.0277 0x133c  pciide - ok
16:41:31.0293 0x133c  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
16:41:31.0309 0x133c  pcmcia - ok
16:41:31.0324 0x133c  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\windows\system32\drivers\pcw.sys
16:41:31.0324 0x133c  pcw - ok
16:41:31.0340 0x133c  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\windows\system32\drivers\pdc.sys
16:41:31.0355 0x133c  pdc - ok
16:41:31.0387 0x133c  [ 70DBB6A8B52B3830922F1C5789E1BEEB, 30288885789753FE19B51A200137E916E10BCD4211EFF50931C19E88824EADC0 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
16:41:31.0434 0x133c  PEAUTH - ok
16:41:31.0512 0x133c  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\windows\SysWow64\perfhost.exe
16:41:31.0512 0x133c  PerfHost - ok
16:41:31.0574 0x133c  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\windows\system32\pla.dll
16:41:31.0621 0x133c  pla - ok
16:41:31.0652 0x133c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
16:41:31.0652 0x133c  PlugPlay - ok
16:41:31.0668 0x133c  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
16:41:31.0684 0x133c  PNRPAutoReg - ok
16:41:31.0699 0x133c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
16:41:31.0715 0x133c  PNRPsvc - ok
16:41:31.0746 0x133c  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
16:41:31.0762 0x133c  PolicyAgent - ok
16:41:31.0762 0x133c  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\windows\system32\umpo.dll
16:41:31.0762 0x133c  Power - ok
16:41:31.0793 0x133c  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
16:41:31.0809 0x133c  PptpMiniport - ok
16:41:31.0934 0x133c  [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
16:41:32.0012 0x133c  PrintNotify - ok
16:41:32.0027 0x133c  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\windows\System32\drivers\processr.sys
16:41:32.0027 0x133c  Processor - ok
16:41:32.0059 0x133c  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\windows\system32\profsvc.dll
16:41:32.0074 0x133c  ProfSvc - ok
16:41:32.0105 0x133c  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
16:41:32.0105 0x133c  Psched - ok
16:41:32.0121 0x133c  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\windows\system32\qwave.dll
16:41:32.0137 0x133c  QWAVE - ok
16:41:32.0152 0x133c  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
16:41:32.0152 0x133c  QWAVEdrv - ok
16:41:32.0184 0x133c  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
16:41:32.0184 0x133c  RasAcd - ok
16:41:32.0199 0x133c  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
16:41:32.0199 0x133c  RasAgileVpn - ok
16:41:32.0230 0x133c  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\windows\System32\rasauto.dll
16:41:32.0277 0x133c  RasAuto - ok
16:41:32.0293 0x133c  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
16:41:32.0309 0x133c  Rasl2tp - ok
16:41:32.0324 0x133c  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\windows\System32\rasmans.dll
16:41:32.0324 0x133c  RasMan - ok
16:41:32.0340 0x133c  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
16:41:32.0340 0x133c  RasPppoe - ok
16:41:32.0340 0x133c  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
16:41:32.0340 0x133c  RasSstp - ok
16:41:32.0387 0x133c  [ B72C33DBD5326B3864CF2091AF8B906B, 85A22311FA870CE43CF70F69D7D101D96B9095A992DCF5FA1587886F6D4282DC ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
16:41:32.0387 0x133c  rdbss - ok
16:41:32.0402 0x133c  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
16:41:32.0402 0x133c  rdpbus - ok
16:41:32.0418 0x133c  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
16:41:32.0418 0x133c  RDPDR - ok
16:41:32.0434 0x133c  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
16:41:32.0434 0x133c  RdpVideoMiniport - ok
16:41:32.0465 0x133c  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
16:41:32.0465 0x133c  RDPWD - ok
16:41:32.0480 0x133c  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
16:41:32.0496 0x133c  rdyboost - ok
16:41:32.0527 0x133c  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\windows\System32\mprdim.dll
16:41:32.0543 0x133c  RemoteAccess - ok
16:41:32.0574 0x133c  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\windows\system32\regsvc.dll
16:41:32.0590 0x133c  RemoteRegistry - ok
16:41:32.0621 0x133c  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
16:41:32.0621 0x133c  RpcEptMapper - ok
16:41:32.0652 0x133c  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\windows\system32\locator.exe
16:41:32.0652 0x133c  RpcLocator - ok
16:41:32.0668 0x133c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\windows\system32\rpcss.dll
16:41:32.0684 0x133c  RpcSs - ok
16:41:32.0715 0x133c  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
16:41:32.0715 0x133c  rspndr - ok
16:41:32.0746 0x133c  [ E7B780F2E7A124264AA487C13107BDFF, 2AE4E7227F3E28FCEF685AC54771D949845339D7881A7855810A6C33E9B179D7 ] RSUSBVSTOR      C:\windows\System32\Drivers\RtsUVStor.sys
16:41:32.0746 0x133c  RSUSBVSTOR - ok
16:41:32.0809 0x133c  [ 4359F5FD63E0FB6F24ACD53D2869FFAC, 40141C3DADD0A67F7529766D956DD6FCE2CFD336E752F5A26732AE5692D6E9BF ] RTWlanE         C:\windows\system32\DRIVERS\rtwlane.sys
16:41:32.0855 0x133c  RTWlanE - ok
16:41:32.0871 0x133c  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
16:41:32.0871 0x133c  s3cap - ok
16:41:32.0902 0x133c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs           C:\windows\system32\lsass.exe
16:41:32.0902 0x133c  SamSs - ok
16:41:32.0934 0x133c  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
16:41:32.0965 0x133c  sbp2port - ok
16:41:32.0996 0x133c  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\windows\System32\SCardSvr.dll
16:41:33.0012 0x133c  SCardSvr - ok
16:41:33.0012 0x133c  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
16:41:33.0027 0x133c  scfilter - ok
16:41:33.0074 0x133c  [ EDCDF4DB82EF825B94B190D544C8C58B, 65E316CB66893FBA852D44F6ACE0F1DA415DBADADCA838B31DF3AB6B681E33B6 ] Schedule        C:\windows\system32\schedsvc.dll
16:41:33.0105 0x133c  Schedule - ok
16:41:33.0121 0x133c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\windows\System32\certprop.dll
16:41:33.0137 0x133c  SCPolicySvc - ok
16:41:33.0168 0x133c  [ 047315E75392CEA447ACC86257824C16, 955F065C026DA807BDA241546A619913DA39112BD8CDBDB82562B2883317CE0B ] sdbus           C:\windows\System32\drivers\sdbus.sys
16:41:33.0168 0x133c  sdbus - ok
16:41:33.0215 0x133c  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\windows\System32\SDRSVC.dll
16:41:33.0215 0x133c  SDRSVC - ok
16:41:33.0246 0x133c  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\windows\System32\drivers\sdstor.sys
16:41:33.0246 0x133c  sdstor - ok
16:41:33.0262 0x133c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
16:41:33.0262 0x133c  secdrv - ok
16:41:33.0277 0x133c  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\windows\system32\seclogon.dll
16:41:33.0293 0x133c  seclogon - ok
16:41:33.0293 0x133c  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\windows\System32\sens.dll
16:41:33.0293 0x133c  SENS - ok
16:41:33.0309 0x133c  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\windows\system32\sensrsvc.dll
16:41:33.0309 0x133c  SensrSvc - ok
16:41:33.0324 0x133c  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\windows\system32\drivers\SerCx.sys
16:41:33.0324 0x133c  SerCx - ok
16:41:33.0340 0x133c  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\windows\System32\drivers\serenum.sys
16:41:33.0340 0x133c  Serenum - ok
16:41:33.0356 0x133c  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\windows\System32\drivers\serial.sys
16:41:33.0356 0x133c  Serial - ok
16:41:33.0356 0x133c  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\windows\System32\drivers\sermouse.sys
16:41:33.0356 0x133c  sermouse - ok
16:41:33.0387 0x133c  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\windows\system32\sessenv.dll
16:41:33.0387 0x133c  SessionEnv - ok
16:41:33.0402 0x133c  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
16:41:33.0402 0x133c  sfloppy - ok
16:41:33.0434 0x133c  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\windows\System32\ipnathlp.dll
16:41:33.0449 0x133c  SharedAccess - ok
16:41:33.0481 0x133c  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:41:33.0527 0x133c  ShellHWDetection - ok
16:41:33.0543 0x133c  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
16:41:33.0543 0x133c  SiSRaid2 - ok
16:41:33.0574 0x133c  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
16:41:33.0590 0x133c  SiSRaid4 - ok
16:41:33.0606 0x133c  [ AFB12159FA95A97A3F42559424947993, C6C9F7922DB28D7C7D75ED05F305896AAC4EFCF62C5BDB51DAC340B474F9FB38 ] SmbDrvI         C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
16:41:33.0606 0x133c  SmbDrvI - ok
16:41:33.0637 0x133c  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
16:41:33.0637 0x133c  SNMPTRAP - ok
16:41:33.0668 0x133c  [ 739A739DCC5D02FE30EDEADEBD7B9898, 44033BF1E2EE6BE90FB5532E1E014120FBE92CB1A242F937097B1F9F25CBA4A4 ] spaceport       C:\windows\system32\drivers\spaceport.sys
16:41:33.0668 0x133c  spaceport - ok
16:41:33.0715 0x133c  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
16:41:33.0715 0x133c  SpbCx - ok
16:41:33.0746 0x133c  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\windows\System32\spoolsv.exe
16:41:33.0777 0x133c  Spooler - ok
16:41:33.0934 0x133c  [ EC84D961501054F87A6878EC5D53388F, C69F3542B182BED4260EE1906361B72B9FFDE47FD92A161850E28BC6ED7505CC ] sppsvc          C:\windows\system32\sppsvc.exe
16:41:34.0059 0x133c  sppsvc - ok
16:41:34.0168 0x133c  [ 2FD9346F9D76CB4192D37329CFA47A82, 4CD75B4006147D469116F3CBC10528928A592510DA8037D709CB198D89853CAB ] SRTSP           C:\windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
16:41:34.0184 0x133c  SRTSP - ok
16:41:34.0199 0x133c  [ 0E76CEF892C45734F7AED09FDDF35D4D, C25AF31E411AC3A090859C883132B9AE6A80C8D791168FF219BC0895E35A0359 ] SRTSPX          C:\windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
16:41:34.0199 0x133c  SRTSPX - ok
16:41:34.0246 0x133c  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\windows\system32\DRIVERS\srv.sys
16:41:34.0262 0x133c  srv - ok
16:41:34.0277 0x133c  [ 9912FDF63EC78E1977083E20DEAE4889, F4E8E48CA4A3C90D821040A67BCC02461B285BCC9837A2A3C1899564FE9C2840 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
16:41:34.0293 0x133c  srv2 - ok
16:41:34.0309 0x133c  [ FD8B4F201B681C555A4AF41922C52557, B0672D5E012945D86B26FCE9471D5DFDE99F2EC219A523DEEDCD8AA2D3C2DB84 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
16:41:34.0309 0x133c  srvnet - ok
16:41:34.0340 0x133c  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
16:41:34.0356 0x133c  SSDPSRV - ok
16:41:34.0356 0x133c  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\windows\system32\sstpsvc.dll
16:41:34.0356 0x133c  SstpSvc - ok
16:41:34.0387 0x133c  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\windows\system32\drivers\stexstor.sys
16:41:34.0387 0x133c  stexstor - ok
16:41:34.0418 0x133c  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\windows\System32\wiaservc.dll
16:41:34.0434 0x133c  stisvc - ok
16:41:34.0465 0x133c  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\windows\system32\drivers\storahci.sys
16:41:34.0465 0x133c  storahci - ok
16:41:34.0481 0x133c  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
16:41:34.0496 0x133c  storflt - ok
16:41:34.0527 0x133c  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\windows\system32\storsvc.dll
16:41:34.0527 0x133c  StorSvc - ok
16:41:34.0559 0x133c  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\windows\system32\drivers\storvsc.sys
16:41:34.0574 0x133c  storvsc - ok
16:41:34.0590 0x133c  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\windows\system32\svsvc.dll
16:41:34.0590 0x133c  svsvc - ok
16:41:34.0606 0x133c  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\windows\System32\drivers\swenum.sys
16:41:34.0606 0x133c  swenum - ok
16:41:34.0621 0x133c  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\windows\System32\swprv.dll
16:41:34.0652 0x133c  swprv - ok
16:41:34.0684 0x133c  [ 52DC0048D667757A8A2E4C87182890AC, 7B43DF6DADFDDBBC5402477FE832052ADB6A39B90111CDA89B5E01CE900F55C5 ] SymDS           C:\windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
16:41:34.0715 0x133c  SymDS - ok
16:41:34.0762 0x133c  [ 599872BAD7CFB45C7CE47CDED4B726D8, 5B15B1B22C3ACA1BC56CAFCAFFC2E974C75C77C0AB7355FBA91F2147C0911499 ] SymEFA          C:\windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
16:41:34.0824 0x133c  SymEFA - ok
16:41:34.0856 0x133c  [ 42947647F71E9EF2167B42B372F1DDB7, AE825B7DFFAE8BCF5598C512EFAF5645C5A6C4DC90F8B3073A255223DF3AAA4A ] SymELAM         C:\windows\system32\drivers\NISx64\1404000.028\SymELAM.sys
16:41:34.0856 0x133c  SymELAM - ok
16:41:34.0871 0x133c  [ F19E5E37ED8134B9E5F6287F2D3A75D7, 5804D6DF529213CCF7CD2C345483940554CAA5C6EA065A1B09AA54D114C612F8 ] SymEvent        C:\windows\system32\Drivers\SYMEVENT64x86.SYS
16:41:34.0887 0x133c  SymEvent - ok
16:41:34.0918 0x133c  [ ADF37F1A715D6C56C8E065FD8569A9A4, 33E895CB326F62D4D22E345563B0641EB88D23B2104A07E8CEBE5ED150882767 ] SymIRON         C:\windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
16:41:34.0918 0x133c  SymIRON - ok
16:41:34.0949 0x133c  [ 9CDCA70485BD6B9D230365F67C31F132, 137995F1F0124E3A10AAA25551F811602BB5FE8361AE8CBA899C6B98486F4CF3 ] SymNetS         C:\windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
16:41:34.0965 0x133c  SymNetS - ok
16:41:34.0996 0x133c  [ 1F82AE293AB7485DA2BB539012843CBC, 97EF80D9A134A23527BCB3AD2BE09859373336B0B9140E4E26BA249F5203A1F5 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
16:41:35.0012 0x133c  SynTP - ok
16:41:35.0074 0x133c  [ DC21E1F06343773D7E24362DCEF7944B, E5C13A2D4DEEBEDC6E0E4882FFC56322EA0474A3BD8B1C8A077293F433854F9B ] SysMain         C:\windows\system32\sysmain.dll
16:41:35.0121 0x133c  SysMain - ok
16:41:35.0152 0x133c  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
16:41:35.0152 0x133c  SystemEventsBroker - ok
16:41:35.0168 0x133c  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
16:41:35.0168 0x133c  TabletInputService - ok
16:41:35.0293 0x133c  [ 919D028F9A29CC06A410129AE4D73345, 830846C72350CBADE353ABDBBB912928BA58B5691AADB5008B8D818DA146A3C4 ] taisregispinger C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe
16:41:35.0356 0x133c  taisregispinger - ok
16:41:35.0387 0x133c  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\windows\System32\tapisrv.dll
16:41:35.0387 0x133c  TapiSrv - ok
16:41:35.0465 0x133c  [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
16:41:35.0527 0x133c  Tcpip - ok
16:41:35.0606 0x133c  [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
16:41:35.0652 0x133c  TCPIP6 - ok
16:41:35.0668 0x133c  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
16:41:35.0684 0x133c  tcpipreg - ok
16:41:35.0699 0x133c  [ 58480A57ACF2671C343FD1D4BA990E34, 24AD9C808D06FABFE8E81242CAC8B5A91829F7D951B245865EF77B79BB795E3D ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
16:41:35.0699 0x133c  tdcmdpst - ok
16:41:35.0699 0x133c  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
16:41:35.0715 0x133c  tdx - ok
16:41:35.0731 0x133c  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\windows\System32\drivers\terminpt.sys
16:41:35.0731 0x133c  terminpt - ok
16:41:35.0762 0x133c  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\windows\System32\termsrv.dll
16:41:35.0793 0x133c  TermService - ok
16:41:35.0809 0x133c  [ 4C93181478BCAF11AB9385F91CCF67ED, 9607D9D41B122CAFB2F146A621285BE5FA562ACADB0CD76B268AC97C3657621F ] THAccel         C:\windows\system32\DRIVERS\THAccel.sys
16:41:35.0824 0x133c  THAccel - ok
16:41:35.0903 0x133c  [ F3A76D325BB288551940C0E6B00EC461, A3F995CDF5696ADF392BBB667BCF4DCCA9D5FF2B4A7B7EC5D3EF94FDD03BE82F ] THAccelSvc      C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe
16:41:35.0918 0x133c  THAccelSvc - ok
16:41:35.0934 0x133c  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\windows\system32\themeservice.dll
16:41:35.0934 0x133c  Themes - ok
16:41:35.0965 0x133c  [ 16E745743BABAF480B7718442F38B076, 4FF6C7CFB976BF24F2215DCAE4DCCA546A6758B1DE1F36C78251AFFE4D9CE249 ] Thotkey         C:\windows\System32\drivers\Thotkey.sys
16:41:35.0965 0x133c  Thotkey - ok
16:41:35.0996 0x133c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\windows\system32\mmcss.dll
16:41:35.0996 0x133c  THREADORDER - ok
16:41:36.0012 0x133c  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
16:41:36.0028 0x133c  TimeBroker - ok
16:41:36.0059 0x133c  [ 1154CBCB1DBAB6F9C6990F16F53DA0A1, A9BB995F9305F2F2585FB62B57B23AAFF7C718102F6A28AFE7C28D40A72AD6B0 ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:41:36.0074 0x133c  TMachInfo - ok
16:41:36.0090 0x133c  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
16:41:36.0090 0x133c  TODDSrv - ok
16:41:36.0137 0x133c  [ AD7A7F48EDEF4630B187A3A48B2F250A, 33AA988309DF96DD33D421966D96D7FE960DAC37A7ED43EC3E6FA5883C792024 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
16:41:36.0153 0x133c  TOSHIBA eco Utility Service - ok
16:41:36.0184 0x133c  [ 36391C3953D191A2AF4556D5D706C641, 5191A35C86B6C98F2CBDDC23B5311ED62310345CEDE084A54BBF70CCF0F84C50 ] tos_sps64       C:\windows\system32\drivers\tos_sps64.sys
16:41:36.0199 0x133c  tos_sps64 - ok
16:41:36.0246 0x133c  [ 6F0BFF80EE2A5BC841286A51F893CBAD, 79C58352002D9E3274170B6933FE3600F7C74E9DDB38C74805C42C53ADD35F28 ] TPM             C:\windows\system32\drivers\tpm.sys
16:41:36.0262 0x133c  TPM - ok
16:41:36.0293 0x133c  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\windows\System32\trkwks.dll
16:41:36.0309 0x133c  TrkWks - ok
16:41:36.0356 0x133c  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:41:36.0387 0x133c  TrustedInstaller - ok
16:41:36.0403 0x133c  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
16:41:36.0403 0x133c  TsUsbFlt - ok
16:41:36.0434 0x133c  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
16:41:36.0465 0x133c  TsUsbGD - ok
16:41:36.0496 0x133c  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
16:41:36.0496 0x133c  tunnel - ok
16:41:36.0512 0x133c  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\windows\system32\drivers\TVALZ_O.SYS
16:41:36.0512 0x133c  TVALZ - ok
16:41:36.0512 0x133c  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\windows\system32\drivers\uagp35.sys
16:41:36.0528 0x133c  uagp35 - ok
16:41:36.0528 0x133c  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
16:41:36.0543 0x133c  UASPStor - ok
16:41:36.0559 0x133c  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
16:41:36.0574 0x133c  UCX01000 - ok
16:41:36.0590 0x133c  [ DC5A461591C71AF7F19DC048A81E3F88, C6689C70B6CDE5A5707C06ABDC9CABF87CCE549BD23B96969EF3AA177A889320 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
16:41:36.0606 0x133c  udfs - ok
16:41:36.0621 0x133c  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\windows\system32\UI0Detect.exe
16:41:36.0621 0x133c  UI0Detect - ok
16:41:36.0637 0x133c  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
16:41:36.0637 0x133c  uliagpkx - ok
16:41:36.0653 0x133c  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\windows\System32\drivers\umbus.sys
16:41:36.0653 0x133c  umbus - ok
16:41:36.0653 0x133c  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\windows\System32\drivers\umpass.sys
16:41:36.0668 0x133c  UmPass - ok
16:41:36.0684 0x133c  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\windows\System32\umrdp.dll
16:41:36.0699 0x133c  UmRdpService - ok
16:41:36.0778 0x133c  [ 7F3BFCF30401B787ACF842C5F3F797E1, C5DD9A9ED6DDDC5B46C400C5AD39A9FC7BF15301C976F4A4D329DE55E5D7A492 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:41:36.0793 0x133c  UNS - ok
16:41:36.0824 0x133c  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\windows\System32\upnphost.dll
16:41:36.0856 0x133c  upnphost - ok
16:41:36.0871 0x133c  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
16:41:36.0903 0x133c  usbccgp - ok
16:41:36.0934 0x133c  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\windows\System32\drivers\usbcir.sys
16:41:36.0965 0x133c  usbcir - ok
16:41:36.0981 0x133c  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
16:41:36.0981 0x133c  usbehci - ok
16:41:37.0028 0x133c  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\windows\System32\drivers\usbhub.sys
16:41:37.0043 0x133c  usbhub - ok
16:41:37.0074 0x133c  [ B1E910DDC08A8536116214326124903C, 8A1C69DD8ACC00A42CD86791397093342A86B2428DCBFC2CB21F0232D948B7B5 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
16:41:37.0090 0x133c  USBHUB3 - ok
16:41:37.0121 0x133c  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\windows\System32\drivers\usbohci.sys
16:41:37.0121 0x133c  usbohci - ok
16:41:37.0137 0x133c  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\windows\System32\drivers\usbprint.sys
16:41:37.0168 0x133c  usbprint - ok
16:41:37.0184 0x133c  [ F77177F6C95B2116EE7AD23B5EF57007, 646E345DE5AFF26B338E17BC9D03D0EDA5608DF77D7685DE7AFF6E4113B9EB87 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
16:41:37.0199 0x133c  USBSTOR - ok
16:41:37.0231 0x133c  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
16:41:37.0231 0x133c  usbuhci - ok
16:41:37.0262 0x133c  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
16:41:37.0278 0x133c  usbvideo - ok
16:41:37.0309 0x133c  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
16:41:37.0324 0x133c  USBXHCI - ok
16:41:37.0356 0x133c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc        C:\windows\system32\lsass.exe
16:41:37.0356 0x133c  VaultSvc - ok
16:41:37.0387 0x133c  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
16:41:37.0387 0x133c  vdrvroot - ok
16:41:37.0418 0x133c  [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71, 1B75B3BDA612FE1129B461A11A5C5333593E97CB79C8CBFD81E0E6AAD31ECF8B ] vds             C:\windows\System32\vds.exe
16:41:37.0449 0x133c  vds - ok
16:41:37.0449 0x133c  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
16:41:37.0449 0x133c  VerifierExt - ok
16:41:37.0481 0x133c  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
16:41:37.0512 0x133c  vhdmp - ok
16:41:37.0543 0x133c  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\windows\system32\drivers\viaide.sys
16:41:37.0574 0x133c  viaide - ok
16:41:37.0574 0x133c  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\windows\system32\drivers\vmbus.sys
16:41:37.0590 0x133c  vmbus - ok
16:41:37.0606 0x133c  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
16:41:37.0621 0x133c  VMBusHID - ok
16:41:37.0668 0x133c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\windows\System32\ICSvc.dll
16:41:37.0684 0x133c  vmicheartbeat - ok
16:41:37.0699 0x133c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
16:41:37.0699 0x133c  vmickvpexchange - ok
16:41:37.0715 0x133c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\windows\System32\ICSvc.dll
16:41:37.0731 0x133c  vmicrdv - ok
16:41:37.0731 0x133c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\windows\System32\ICSvc.dll
16:41:37.0746 0x133c  vmicshutdown - ok
16:41:37.0746 0x133c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\windows\System32\ICSvc.dll
16:41:37.0762 0x133c  vmictimesync - ok
16:41:37.0762 0x133c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\windows\System32\ICSvc.dll
16:41:37.0778 0x133c  vmicvss - ok
16:41:37.0824 0x133c  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\windows\system32\drivers\volmgr.sys
16:41:37.0824 0x133c  volmgr - ok
16:41:37.0840 0x133c  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
16:41:37.0856 0x133c  volmgrx - ok
16:41:37.0856 0x133c  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE, 26FD9DBCFAEDE0F945D80B11769741A3A837F84461263217A43C458B674566EE ] volsnap         C:\windows\system32\drivers\volsnap.sys
16:41:37.0871 0x133c  volsnap - ok
16:41:37.0887 0x133c  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\windows\System32\drivers\vpci.sys
16:41:37.0918 0x133c  vpci - ok
16:41:37.0918 0x133c  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
16:41:37.0934 0x133c  vsmraid - ok
16:41:37.0981 0x133c  [ EA658570314042C914964FC72AB50E6B, 0B10E16D5136BF71EAF68F0D9A8B25F92F6D686BF9F80FEEB9F291221C6B8284 ] VSS             C:\windows\system32\vssvc.exe
16:41:38.0043 0x133c  VSS - ok
16:41:38.0059 0x133c  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
16:41:38.0074 0x133c  VSTXRAID - ok
16:41:38.0106 0x133c  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
16:41:38.0106 0x133c  vwifibus - ok
16:41:38.0121 0x133c  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
16:41:38.0121 0x133c  vwififlt - ok
16:41:38.0137 0x133c  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
16:41:38.0137 0x133c  vwifimp - ok
16:41:38.0153 0x133c  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\windows\system32\w32time.dll
16:41:38.0153 0x133c  W32Time - ok
16:41:38.0168 0x133c  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\windows\System32\drivers\wacompen.sys
16:41:38.0168 0x133c  WacomPen - ok
16:41:38.0168 0x133c  [ 6081CEC9EF9EB145D8B46655C7708D51, 34E421501185BDE9049AC68F0604F4AD694AF6DA1D52A7D75C2BD050B5817ADF ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
16:41:38.0168 0x133c  Wanarp - ok
16:41:38.0184 0x133c  [ 6081CEC9EF9EB145D8B46655C7708D51, 34E421501185BDE9049AC68F0604F4AD694AF6DA1D52A7D75C2BD050B5817ADF ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
16:41:38.0184 0x133c  Wanarpv6 - ok
16:41:38.0246 0x133c  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\windows\system32\wbengine.exe
16:41:38.0309 0x133c  wbengine - ok
16:41:38.0309 0x133c  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
16:41:38.0324 0x133c  WbioSrvc - ok
16:41:38.0371 0x133c  [ D9C1E82651BF19C6FF69CEC6FD400124, 93B96481A5B26F5617B16DD775AF0F8CE9001B30251FFF58D6EF9044D5EE91CD ] Wcmsvc          C:\windows\System32\wcmsvc.dll
16:41:38.0371 0x133c  Wcmsvc - ok
16:41:38.0403 0x133c  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\windows\System32\wcncsvc.dll
16:41:38.0418 0x133c  wcncsvc - ok
16:41:38.0418 0x133c  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:41:38.0418 0x133c  WcsPlugInService - ok
16:41:38.0449 0x133c  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\windows\system32\drivers\wd.sys
16:41:38.0449 0x133c  Wd - ok
16:41:38.0465 0x133c  [ 07D19A55CD27B330534D2DDEA60D5FC6, 9C9441EA6943481838F61FD929F88FE25DC60BB8513A2C01CB4712918A883E3F ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
16:41:38.0481 0x133c  WdBoot - ok
16:41:38.0528 0x133c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
16:41:38.0543 0x133c  Wdf01000 - ok
16:41:38.0574 0x133c  [ CEBD9CDAADA11FAECCA82E4C06BCDD8E, 6D6E4BF0EB97004F9C07327923C9BD2B451FDDA567FAF39556595302EE5A1A54 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
16:41:38.0574 0x133c  WdFilter - ok
16:41:38.0606 0x133c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\windows\system32\wdi.dll
16:41:38.0606 0x133c  WdiServiceHost - ok
16:41:38.0606 0x133c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\windows\system32\wdi.dll
16:41:38.0606 0x133c  WdiSystemHost - ok
16:41:38.0637 0x133c  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\windows\System32\webclnt.dll
16:41:38.0637 0x133c  WebClient - ok
16:41:38.0668 0x133c  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\windows\system32\wecsvc.dll
16:41:38.0668 0x133c  Wecsvc - ok
16:41:38.0684 0x133c  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
16:41:38.0699 0x133c  wercplsupport - ok
16:41:38.0699 0x133c  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\windows\System32\WerSvc.dll
16:41:38.0699 0x133c  WerSvc - ok
16:41:38.0731 0x133c  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
16:41:38.0731 0x133c  WFPLWFS - ok
16:41:38.0762 0x133c  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\windows\System32\wiarpc.dll
16:41:38.0762 0x133c  WiaRpc - ok
16:41:38.0778 0x133c  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
16:41:38.0778 0x133c  WIMMount - ok
16:41:38.0809 0x133c  WinDefend - ok
16:41:38.0856 0x133c  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
16:41:38.0887 0x133c  WinHttpAutoProxySvc - ok
16:41:38.0965 0x133c  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
16:41:38.0965 0x133c  Winmgmt - ok
16:41:39.0075 0x133c  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\windows\system32\WsmSvc.dll
16:41:39.0153 0x133c  WinRM - ok
16:41:39.0215 0x133c  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\windows\System32\wlansvc.dll
16:41:39.0262 0x133c  WlanSvc - ok
16:41:39.0325 0x133c  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\windows\system32\wlidsvc.dll
16:41:39.0387 0x133c  wlidsvc - ok
16:41:39.0403 0x133c  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
16:41:39.0403 0x133c  WmiAcpi - ok
16:41:39.0434 0x133c  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
16:41:39.0434 0x133c  wmiApSrv - ok
16:41:39.0465 0x133c  WMPNetworkSvc - ok
16:41:39.0481 0x133c  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
16:41:39.0481 0x133c  wpcfltr - ok
16:41:39.0512 0x133c  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\windows\System32\wpcsvc.dll
16:41:39.0512 0x133c  WPCSvc - ok
16:41:39.0543 0x133c  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
16:41:39.0559 0x133c  WPDBusEnum - ok
16:41:39.0590 0x133c  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
16:41:39.0606 0x133c  WpdUpFltr - ok
16:41:39.0621 0x133c  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
16:41:39.0621 0x133c  ws2ifsl - ok
16:41:39.0637 0x133c  [ FB0C1B7F94FA08E72F19F6F2CE7210E1, DC5475E9172BD732A654838CDB8057FCD83A02060C0C79B141F74A74D4C77555 ] wscsvc          C:\windows\System32\wscsvc.dll
16:41:39.0653 0x133c  wscsvc - ok
16:41:39.0684 0x133c  [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice  C:\windows\System32\drivers\WSDPrint.sys
16:41:39.0684 0x133c  WSDPrintDevice - ok
16:41:39.0700 0x133c  WSearch - ok
16:41:39.0778 0x133c  [ C10BFFEE7E0D7A1366E84F251796C51D, E1FD1DF5F5C5934F9A8584D54F35720655AC4F5D4CFD69CD1E063C0BBEC4D33D ] WSService       C:\windows\System32\WSService.dll
16:41:39.0840 0x133c  WSService - ok
16:41:39.0950 0x133c  [ 79F95469604B77296346DE7DB463EA2A, 291532514D31668B08ED2846571A1C6D5F6FA682CC9B247E7FBBA2753DD47E3D ] wuauserv        C:\windows\system32\wuaueng.dll
16:41:40.0043 0x133c  wuauserv - ok
16:41:40.0059 0x133c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
16:41:40.0059 0x133c  WudfPf - ok
16:41:40.0075 0x133c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
16:41:40.0090 0x133c  WUDFRd - ok
16:41:40.0106 0x133c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
16:41:40.0121 0x133c  wudfsvc - ok
16:41:40.0137 0x133c  [ F9D8D2E6ECE08B278621D5BF3A7240A6, 99EEEE51EA6CE8909713CA81A2AFA5102774AE9C8554F422F4D9A1D8B0ABDB09 ] WwanSvc         C:\windows\System32\wwansvc.dll
16:41:40.0153 0x133c  WwanSvc - ok
16:41:40.0168 0x133c  ================ Scan global ===============================
16:41:40.0200 0x133c  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
16:41:40.0231 0x133c  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
16:41:40.0262 0x133c  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
16:41:40.0293 0x133c  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\windows\system32\services.exe
16:41:40.0309 0x133c  [ Global ] - ok
16:41:40.0309 0x133c  ================ Scan MBR ==================================
16:41:40.0325 0x133c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:41:40.0325 0x133c  \Device\Harddisk0\DR0 - ok
16:41:40.0325 0x133c  [ 5F8B5082F3482CC06B72EC5806598AE9 ] \Device\Harddisk1\DR1
16:41:40.0684 0x133c  \Device\Harddisk1\DR1 - ok
16:41:40.0981 0x133c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
16:41:41.0075 0x133c  \Device\Harddisk2\DR2 - ok
16:41:41.0075 0x133c  ================ Scan VBR ==================================
16:41:41.0121 0x133c  [ 971C408FEB1774B03444AA6D737F5580 ] \Device\Harddisk0\DR0\Partition1
16:41:41.0137 0x133c  \Device\Harddisk0\DR0\Partition1 - ok
16:41:41.0137 0x133c  [ 70A23AC333947C6CF95FFEFBD43CD62E ] \Device\Harddisk0\DR0\Partition2
16:41:41.0153 0x133c  \Device\Harddisk0\DR0\Partition2 - ok
16:41:41.0168 0x133c  [ 6DD0E105B3AE774F8E794121739C2C64 ] \Device\Harddisk0\DR0\Partition3
16:41:41.0184 0x133c  \Device\Harddisk0\DR0\Partition3 - ok
16:41:41.0200 0x133c  [ 48E6B3CB20A545CE1E3972184AC97AD5 ] \Device\Harddisk0\DR0\Partition4
16:41:41.0200 0x133c  \Device\Harddisk0\DR0\Partition4 - ok
16:41:41.0231 0x133c  [ 4BA3CE03DD08B4D554A6334518D8DD76 ] \Device\Harddisk0\DR0\Partition5
16:41:41.0231 0x133c  \Device\Harddisk0\DR0\Partition5 - ok
16:41:41.0231 0x133c  [ EBB02F29FA3B7050750A26483DFA8D11 ] \Device\Harddisk1\DR1\Partition1
16:41:41.0231 0x133c  \Device\Harddisk1\DR1\Partition1 - ok
16:41:41.0246 0x133c  [ 76EE32CB0C2333492DA3AE38FADAC958 ] \Device\Harddisk2\DR2\Partition1
16:41:41.0293 0x133c  \Device\Harddisk2\DR2\Partition1 - ok
16:41:41.0293 0x133c  Waiting for KSN requests completion. In queue: 102
16:41:42.0309 0x133c  Waiting for KSN requests completion. In queue: 102
16:41:43.0325 0x133c  Waiting for KSN requests completion. In queue: 102
16:41:44.0340 0x133c  Waiting for KSN requests completion. In queue: 27
16:41:45.0419 0x133c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
16:41:45.0419 0x133c  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x51000 ( enabled : updated )
16:41:45.0434 0x133c  AV detected via SS2: Advanced SystemCare Ultimate, C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCAntivirusFix.exe ( 7.0.0.5008 ), 0x71000 ( enabled : updated )
16:41:45.0450 0x133c  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x51010 ( enabled )
16:41:48.0075 0x133c  ============================================================
16:41:48.0075 0x133c  Scan finished
16:41:48.0075 0x133c  ============================================================
16:41:48.0075 0x038c  Detected object count: 0
16:41:48.0075 0x038c  Actual detected object count: 0
 



#5 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 14 March 2014 - 09:52 PM

I'm running the ESET program now.



#6 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 15 March 2014 - 01:22 AM

ESET Results

 

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
C:\Windows\System32\Adobe\Shockwave 12\gt.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Windows.old\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7K2IYI4G\FastMediaConverterSetup[1].exe    a variant of MSIL/Adware.StrongVault.A application    cleaned by deleting - quarantined
C:\Windows.old\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7K2IYI4G\OfferBrokerage_14220H[1].exe    a variant of Win32/InstallIQ.A potentially unwanted application    deleted - quarantined
 



#7 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 15 March 2014 - 05:30 PM

I should be getting 5 Mbps, but I'm getting 0.75 instead.  I'm wondering if there isn't a virus stopping it, but I just cleared it out over here:

 

http://www.bleepingcomputer.com/forums/t/527550/sneaking-suspicion-that-i-have-a-keylogger-maybe-more/

 

Any suggestions?  I automatically deleted a registry key installing a piece of software, unfortunately I don't have a copy of it to tell you what it was.


Edited by hamluis, 15 March 2014 - 06:01 PM.
Merged into existing topic in AII - Hamluis.


#8 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 15 March 2014 - 05:37 PM

I installed a registry key (I think it was actually a deletion) for a piece of software, if that matters.



#9 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 15 March 2014 - 08:22 PM

Whoops.  Anything noteworthy on the virus scan?



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 16 March 2014 - 07:43 PM

Nothing really scary showing there.


Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
You do have a lot of errors..
First run this tool.

Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Extract the ZIP archive and double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 17 March 2014 - 12:56 PM

I feel like perhaps I'm worrying about nothing. The stupid Wireless is still down, but everything comes back clean.

 

****************************

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.03.17.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16843
Mark :: DREAMS [administrator]

3/17/2014 10:43:33 AM
mbar-log-2014-03-17 (10-43-33).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 260109
Time elapsed: 9 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

************************

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16843

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 6315855872, free: 4115775488

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16843

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 6315855872, free: 4110491648

Downloaded database version: v2014.03.17.06
Downloaded database version: v2014.02.20.01
=======================================
------------ Kernel report ------------
     03/17/2014 10:43:29
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\THAccel.sys
\SystemRoot\System32\drivers\wd.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\TVALZ_O.SYS
\SystemRoot\System32\drivers\tos_sps64.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C63x64.sys
\SystemRoot\system32\DRIVERS\rtwlane.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\system32\DRIVERS\tdcmdpst.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\FwLnk.sys
\SystemRoot\System32\drivers\Thotkey.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\Drivers\RtsUVStor.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\WSDPrint.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8009ed0740
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000004b\
Lower Device Object: 0xfffffa8009ee4060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8009ee1740
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000004a\
Lower Device Object: 0xfffffa8009ea8060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8006345060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000036\
Lower Device Object: 0xfffffa80062157f0
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8006345060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8006345aa0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8006345060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8006347040, DeviceName: Unknown, DriverName: \Driver\THAccel\
DevicePointer: 0xfffffa80062157f0, DeviceName: \Device\00000036\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2242806849
    GPT Header CurrentLba = 1 BackupLba 1465149167
    GPT Header FirstUsableLba 34  LastUsableLba 1465149134
    GPT Header Guid 1f217076-ad06-11e3-bfd1-da83451ee0a2
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2242806849
    Backup GPT header CurrentLba = 1465149167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1465149134
    Backup GPT header Guid 1f217076-ad06-11e3-bfd1-da83451ee0a2
    Backup GPT header Contains 128 partition entries starting at LBA 1465149135
    Backup GPT header Partition entry size = 128

    Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 1f217077-ad06-11e3-bfd1-da83451ee0a2
    FirstLBA 2048  Last LBA 2099199
    Attributes 1
    Partition Name                 Basic data partition

    Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 1f21707f-ad06-11e3-bfd1-da83451ee0a2
    FirstLBA 2099200  Last LBA 2631679
    Attributes 0
    Partition Name                 Basic data partition

    GPT Partition 1 is bootable
    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 1f217081-ad06-11e3-bfd1-da83451ee0a2
    FirstLBA 2631680  Last LBA 2893823
    Attributes 0
    Partition Name                 Basic data partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 1f217089-ad06-11e3-bfd1-da83451ee0a2
    FirstLBA 2893824  Last LBA 1443149823
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 1f217097-ad06-11e3-bfd1-da83451ee0a2
    FirstLBA 1443149824  Last LBA 1465147391
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 750156374016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8009ee1740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009ee2040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009ee1740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8008c0be10, DeviceName: Unknown, DriverName: \Driver\THAccel\
DevicePointer: 0xfffffa8009ea8060, DeviceName: \Device\0000004a\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A4B57300

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 625137280

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 320072932352 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa8009ed0740, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009ecf040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009ed0740, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8009ee14f0, DeviceName: Unknown, DriverName: \Driver\THAccel\
DevicePointer: 0xfffffa8009ee4060, DeviceName: \Device\0000004b\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F016A08B

Partition information:

    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1263616

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1265664  Numsec = 311310336

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 160041885696 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
 



#12 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 17 March 2014 - 12:58 PM

I did a complete system restore.. if there's anything that might be hanging around after that, then I really have a problem.

 

Is there a Forum that I could direct the wireless problem to, assuming that there's no malware to be found?


Edited by D&S+14, 17 March 2014 - 12:59 PM.


#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 17 March 2014 - 01:03 PM

Ok,, Yes use Networking ..they will help.. Supply Operating System and Router make and Model.. Good luck to you!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 AM

Posted 17 March 2014 - 08:22 PM

Thank you!



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 18 March 2014 - 09:48 AM

You are most welcome!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users