Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware / Malware on Laptop


  • Please log in to reply
5 replies to this topic

#1 Bahawolf

Bahawolf

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 24 March 2014 - 07:52 PM

Hey there!

I'm not sure how / when / why but my wife's PC has gotten infected and I'm hoping to get assistance with cleaning it up. I first noticed ads when going to newegg.com (ads that weren't within the site, and I could tell it was malware). I downloaded Malwarebytes and it found and quarantined 50+ traces, but the issue remains.

 

How shall I begin? I look forward to the assistance and will follow the instructions provided.

 

EDIT: I sincerely apologize! My operating system is Windows 8.

 

Thanks!


Edited by Bahawolf, 24 March 2014 - 07:54 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,070 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:39 AM

Posted 24 March 2014 - 08:08 PM

Hello Bahawolf

I'd like to do all these and see how it is after.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Bahawolf

Bahawolf
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 25 March 2014 - 01:24 PM

Hey there!

Thanks for getting to this so promptly -- my wife and I appreciate it!

 

 

Mini Toolbox Results:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Anastacia (administrator) on 24-03-2014 at 21:24:02
Running from "C:\Users\Anastacia\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Network
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
192.237.214.190 triumphpropertymanagement.com
192.237.214.190 www.triumphpropertymanagement.com
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® Centrino® Wireless-N 2200 = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : anastacia-pc
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 9C-4E-36-64-85-A5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2200
   Physical Address. . . . . . . . . : 9C-4E-36-64-85-A4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d106:4f5f:4cfe:4017%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.68(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, March 24, 2014 9:16:31 PM
   Lease Expires . . . . . . . . . . : Tuesday, March 25, 2014 9:16:31 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 329010742
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-04-F6-2E-B8-88-E3-1A-72-66
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : B8-88-E3-1A-72-66
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.gateway.2wire.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  homeportal
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4002:c07::65
 74.125.196.113
 74.125.196.139
 74.125.196.100
 74.125.196.102
 74.125.196.101
 74.125.196.138
 
 
Pinging google.com [74.125.196.100] with 32 bytes of data:
Reply from 74.125.196.100: bytes=32 time=43ms TTL=41
Reply from 74.125.196.100: bytes=32 time=42ms TTL=41
 
Ping statistics for 74.125.196.100:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 42ms, Maximum = 43ms, Average = 42ms
Server:  homeportal
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=96ms TTL=45
Reply from 98.139.183.24: bytes=32 time=104ms TTL=45
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 96ms, Maximum = 104ms, Average = 100ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...9c 4e 36 64 85 a5 ......Microsoft Wi-Fi Direct Virtual Adapter
 13...9c 4e 36 64 85 a4 ......Intel® Centrino® Wireless-N 2200
 12...b8 88 e3 1a 72 66 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.68     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.68    281
     192.168.1.68  255.255.255.255         On-link      192.168.1.68    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.68    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.68    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.68    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    281 fe80::/64                On-link
 13    281 fe80::d106:4f5f:4cfe:4017/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/24/2014 09:07:51 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-03-25T03:03:51Z. Error Code: 0x80041316.
 
Error: (03/24/2014 09:07:21 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-03-25T03:04:21Z. Error Code: 0x80041316.
 
Error: (03/24/2014 09:06:51 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-03-25T03:03:51Z. Error Code: 0x80041316.
 
Error: (03/24/2014 09:06:21 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-03-25T03:04:21Z. Error Code: 0x80041316.
 
Error: (03/24/2014 09:05:51 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-03-25T03:03:51Z. Error Code: 0x80041316.
 
Error: (03/24/2014 09:05:21 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-03-25T03:04:21Z. Error Code: 0x80041316.
 
Error: (03/24/2014 09:02:44 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-03-25T01:39:44Z. Error Code: 0x80041316.
 
Error: (03/24/2014 09:02:14 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-03-25T01:39:14Z. Error Code: 0x80041316.
 
Error: (03/24/2014 09:01:44 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-03-25T01:39:44Z. Error Code: 0x80041316.
 
Error: (03/24/2014 09:01:14 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-03-25T01:39:14Z. Error Code: 0x80041316.
 
 
System errors:
=============
Error: (03/24/2014 09:23:16 PM) (Source: DCOM) (User: ANASTACIA-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/24/2014 09:16:42 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error: 
%%1058
 
Error: (03/24/2014 09:16:37 PM) (Source: DCOM) (User: ANASTACIA-PC)
Description: 1084dpsUnavailable{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 
Error: (03/24/2014 09:16:37 PM) (Source: DCOM) (User: ANASTACIA-PC)
Description: 1084dpsUnavailable{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 
Error: (03/24/2014 09:16:37 PM) (Source: DCOM) (User: ANASTACIA-PC)
Description: 1084dpsUnavailable{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 
Error: (03/24/2014 09:16:37 PM) (Source: DCOM) (User: ANASTACIA-PC)
Description: 1084dpsUnavailable{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 
Error: (03/24/2014 09:16:37 PM) (Source: DCOM) (User: ANASTACIA-PC)
Description: 1084dpsUnavailable{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 
Error: (03/24/2014 09:16:36 PM) (Source: DCOM) (User: ANASTACIA-PC)
Description: 1084dpsUnavailable{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 
Error: (03/24/2014 09:16:36 PM) (Source: DCOM) (User: ANASTACIA-PC)
Description: 1084dpsUnavailable{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 
Error: (03/24/2014 09:16:36 PM) (Source: DCOM) (User: ANASTACIA-PC)
Description: 1084dpsUnavailable{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 
 
Microsoft Office Sessions:
=========================
Error: (03/24/2014 09:07:51 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800413162014-03-25T03:03:51Z
 
Error: (03/24/2014 09:07:21 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800413162014-03-25T03:04:21Z
 
Error: (03/24/2014 09:06:51 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800413162014-03-25T03:03:51Z
 
Error: (03/24/2014 09:06:21 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800413162014-03-25T03:04:21Z
 
Error: (03/24/2014 09:05:51 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800413162014-03-25T03:03:51Z
 
Error: (03/24/2014 09:05:21 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800413162014-03-25T03:04:21Z
 
Error: (03/24/2014 09:02:44 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800413162014-03-25T01:39:44Z
 
Error: (03/24/2014 09:02:14 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800413162014-03-25T01:39:14Z
 
Error: (03/24/2014 09:01:44 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800413162014-03-25T01:39:44Z
 
Error: (03/24/2014 09:01:14 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800413162014-03-25T01:39:14Z
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-09-09 01:53:19.671
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
010 Editor 3.1
Adobe Acrobat XI Pro (Version: 11.0.00)
Adobe AIR (Version: 3.1.0.4880)
Adobe Creative Suite 6 Master Collection (Version: 6)
Adobe Download Assistant (Version: 1.2.6)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Help Manager (Version: 4.0.244)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 12.0 (Version: 12.0.5.146)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
Apple Application Support (Version: 3.0)
Apple Mobile Device Support (Version: 7.1.0.32)
Apple Software Update (Version: 2.1.3.127)
Asterisk Key 10.0
Big Fish: Game Manager (Version: 3.2.0.7)
bl (Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
Burger Shop 2
CCleaner (Version: 4.11)
ChromecastApp (Version: 1.1.266.0)
Citrix Online Launcher (Version: 1.0.109)
Classic Shell (Version: 4.0.2)
CSVed 2.2.3 (Version: 2.2.3)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
eMagicOne Store Manager for Magento PROFESSIONAL 2.15.0.967 (Version: 2.15.0.967)
f.lux
FileZilla Client 3.7.4.1 (Version: 3.7.4.1)
GCN (Version: 2.9)
Google Chrome (Version: 33.0.1750.154)
Google Talk Plugin (Version: 5.1.7.17873)
Google Update Helper (Version: 1.3.22.5)
GoToMeeting 5.7.0.1172 (Version: 5.7.0.1172)
GSiteCrawler (Version: v1.23)
HitmanPro 3.7 (Version: 3.7.9.212)
IETester v0.5.2 (remove only) (Version: 0.5.2)
Intel PROSet Wireless
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 9.17.10.2828)
Intel® Rapid Storage Technology (Version: 11.5.2.1001)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® WiDi (Version: 3.5.34.0)
Intel® PROSet/Wireless WiFi Software (Version: 15.05.2000.1462)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Interenet Optimizer
iTunes (Version: 11.1.4.62)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Malwarebytes Anti-Malware version 2.00.0.1000 (Version: 2.00.0.1000)
MapTiler version 1.0 beta2
McAfee Security Scan Plus (Version: 3.8.130.10)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
mIRC (Version: 7.32)
Mobile Hotspot Admin (Version: 1.0.0.1)
Movie Maker (Version: 16.4.3503.0728)
Mozilla Firefox 27.0.1 (x86 en-US) (Version: 27.0.1)
Mozilla Maintenance Service (Version: 27.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
Mumble 1.2.3 (Version: 1.2.3)
Norton Identity Safe (Version: 2014.7.0.43)
Notepad++ (Version: 6.5.5)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Opera Stable 18.0.1284.68 (Version: 18.0.1284.68)
Origin (Version: 9.4.1.116)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017)
PC Tools Performance Toolkit 2.1 (Version: 2.1)
PDF Settings CS6 (Version: 11.0)
ph (Version: 1.0.0)
Photo Common (Version: 16.4.3503.0728)
Photo Gallery (Version: 16.4.3503.0728)
Pidgin (Version: 2.10.7)
Plants vs. Zombies
PlayReady PC Runtime amd64 (Version: 1.3.0)
PowerISO (Version: 5.6)
QuickTime (Version: 7.74.80.86)
Realtek Ethernet Controller Driver (Version: 8.3.730.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6687)
Realtek PCIE Card Reader (Version: 6.2.8400.29031)
Revo Uninstaller Pro 3.0.7 (Version: 3.0.7)
Safari (Version: 5.34.57.2)
Skype Click to Call (Version: 6.13.13771)
Skype™ 6.14 (Version: 6.14.104)
SmartFTP Client (Version: 4.1.1333.0)
Sothink SWF Editor (Version: 1.3)
Spotify (Version: 0.9.7.16.g4b197456)
SRS Premium Sound Control Panel (Version: 1.12.5000)
Sublime Text 2.0.2
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.12.3)
TeamViewer 9 (Version: 9.0.26297)
The Sims™ 3 (Version: 1.67.2)
The Sims™ 3 Generations (Version: 8.0.152)
The Sims™ 3 Island Paradise (Version: 19.0.101)
The Sims™ 3 Late Night (Version: 6.0.81)
The Sims™ 3 Master Suite Stuff (Version: 11.0.84)
The Sims™ 3 Town Life Stuff (Version: 9.0.73)
The Sims™ 3 University Life (Version: 18.0.126)
TOSHIBA Application Installer (Version: 9.0.1.4)
Toshiba Book Place (Version: 3.1.9534)
TOSHIBA Desktop Assist (Version: 1.00.0007.00002)
TOSHIBA eco Utility (Version: 2.0.0.6415)
TOSHIBA Flash Cards Support Utility (Version: 1.51.8.1C)
TOSHIBA Function Key (Version: 1.00.6425)
TOSHIBA HDD Protection (Version: 2.5.1.1)
TOSHIBA Password Utility (Version: 1.0.0.5C)
TOSHIBA PC Health Monitor (Version: 1.8.17.640104)
TOSHIBA Quality Application (Version: 1.0.8)
TOSHIBA Recovery Media Creator (Version: 2.2.0.54043005)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.2.2.00)
TOSHIBA Service Station (Version: 2.4.4)
TOSHIBA System Driver (Version: 1.00.0012)
TOSHIBA System Settings (Version: 1.00.0002.32002)
TOSHIBA User's Guide (Version: 1.00.02)
TOSHIBA VIDEO PLAYER (Version: 5.1.0.12-A)
TOSHIBARegistration (Version: 1.1.6)
Trillian
TurboTax 2012
TurboTax 2012 WinPerFedFormset (Version: 012.000.2114)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)
TurboTax 2012 wrapper (Version: 012.000.0127)
UNetbootin
Unity Web Player (Version: 2.6.1f3_31223)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition
Utility Common Driver (Version: 1.0.53.1)
VanDyke Software SecureCRT 7.1 (Version: 7.1.1)
VLC media player 2.0.5 (Version: 2.0.5)
WampServer 2.4
Windows Grep 2.3
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
WinHTTrack Website Copier 3.47-20 (x64) (Version: 3.47.20)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Xilisoft FLV to SWF Converter (Version: 5.1.26.1030)
Zend Studio 10.0.1 (Version: 10.0.1)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 28%
Total physical RAM: 6033.82 MB
Available physical RAM: 4310.55 MB
Total Pagefile: 6993.82 MB
Available Pagefile: 5152.7 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.74 MB
 
========================= Partitions: =====================================
 
1 Drive c: (TI10651700D) (Fixed) (Total:687.77 GB) (Free:515.94 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ANASTACIA-PC
 
Administrator            Anastacia                Guest                    
 
 
**** End of log ****

 

 

 

JRT Results:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8 x64
Ran by Anastacia on Mon 03/24/2014 at 21:33:16.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Failed to delete: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\Anastacia\appdata\local\big fish"
Successfully deleted: [Folder] "C:\bigfishcache"
 
 
 
~~~ FireFox
 
Successfully deleted: [Folder] C:\Users\Anastacia\AppData\Roaming\mozilla\firefox\profiles\ygxso76k.default\extensions\staged
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/24/2014 at 21:37:05.86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 

 

AdwareCleaner Results:

 

# AdwCleaner v3.022 - Report created 24/03/2014 at 21:29:19
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Anastacia - ANASTACIA-PC
# Running from : C:\Users\Anastacia\Downloads\AdwCleaner (2).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Anastacia\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Anastacia\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Anastacia\AppData\LocalLow\AVG SafeGuard toolbar
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\LiveSupport
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16843
 
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages]
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Anastacia\AppData\Roaming\Mozilla\Firefox\Profiles\ygxso76k.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Anastacia\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [6460 octets] - [09/09/2013 01:01:55]
AdwCleaner[R1].txt - [5952 octets] - [09/09/2013 18:50:42]
AdwCleaner[R2].txt - [3829 octets] - [24/03/2014 21:28:07]
AdwCleaner[S0].txt - [6047 octets] - [09/09/2013 18:51:31]
AdwCleaner[S1].txt - [3602 octets] - [24/03/2014 21:29:19]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3662 octets] ##########

 

 

TDSSKiller Results:

 
21:24:51.0862 0x02d4  TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
21:24:51.0862 0x02d4  UEFI system
21:25:02.0498 0x02d4  ============================================================
21:25:02.0498 0x02d4  Current date / time: 2014/03/24 21:25:02.0498
21:25:02.0498 0x02d4  SystemInfo:
21:25:02.0498 0x02d4  
21:25:02.0498 0x02d4  OS Version: 6.2.9200 ServicePack: 0.0
21:25:02.0498 0x02d4  Product type: Workstation
21:25:02.0498 0x02d4  ComputerName: ANASTACIA-PC
21:25:02.0498 0x02d4  UserName: Anastacia
21:25:02.0498 0x02d4  Windows directory: C:\windows
21:25:02.0498 0x02d4  System windows directory: C:\windows
21:25:02.0499 0x02d4  Running under WOW64
21:25:02.0499 0x02d4  Processor architecture: Intel x64
21:25:02.0499 0x02d4  Number of processors: 4
21:25:02.0499 0x02d4  Page size: 0x1000
21:25:02.0499 0x02d4  Boot type: Safe boot with network
21:25:02.0499 0x02d4  ============================================================
21:25:03.0231 0x02d4  KLMD registered as C:\windows\system32\drivers\25420985.sys
21:25:03.0346 0x02d4  System UUID: {277411F5-8C48-1D18-D8BB-4E34DD0F8475}
21:25:03.0797 0x02d4  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:25:03.0800 0x02d4  ============================================================
21:25:03.0800 0x02d4  \Device\Harddisk0\DR0:
21:25:03.0800 0x02d4  GPT partitions:
21:25:03.0800 0x02d4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {22DC9396-FF52-11E1-A1B5-F3F27E95ABA3}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
21:25:03.0800 0x02d4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {22DC939C-FF52-11E1-A1B5-F3F27E95ABA3}, Name: Basic data partition, StartLBA 0xE1800, BlocksNum 0x82000
21:25:03.0800 0x02d4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {22DC939E-FF52-11E1-A1B5-F3F27E95ABA3}, Name: Basic data partition, StartLBA 0x163800, BlocksNum 0x40000
21:25:03.0800 0x02d4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {22DC93A6-FF52-11E1-A1B5-F3F27E95ABA3}, Name: Basic data partition, StartLBA 0x1A3800, BlocksNum 0x55F8B800
21:25:03.0800 0x02d4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {60E1A9B0-57AC-4A73-B8EE-CFA2A3CB1921}, Name: , StartLBA 0x5612F000, BlocksNum 0xE1000
21:25:03.0800 0x02d4  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CFC5A0DB-00F5-4E16-9372-C5D0B14F5C5A}, Name: Basic data partition, StartLBA 0x56210000, BlocksNum 0x1336000
21:25:03.0800 0x02d4  MBR partitions:
21:25:03.0800 0x02d4  ============================================================
21:25:03.0841 0x02d4  C: <-> \Device\Harddisk0\DR0\Partition4
21:25:03.0841 0x02d4  ============================================================
21:25:03.0841 0x02d4  Initialize success
21:25:03.0841 0x02d4  ============================================================
21:25:05.0682 0x06f8  ============================================================
21:25:05.0682 0x06f8  Scan started
21:25:05.0682 0x06f8  Mode: Manual; 
21:25:05.0682 0x06f8  ============================================================
21:25:05.0682 0x06f8  KSN ping started
21:25:08.0169 0x06f8  KSN ping finished: true
21:25:08.0679 0x06f8  ================ Scan system memory ========================
21:25:08.0679 0x06f8  System memory - ok
21:25:08.0679 0x06f8  ================ Scan services =============================
21:25:08.0782 0x06f8  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
21:25:08.0787 0x06f8  1394ohci - ok
21:25:08.0840 0x06f8  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\windows\system32\drivers\3ware.sys
21:25:08.0843 0x06f8  3ware - ok
21:25:08.0889 0x06f8  [ 3A6209AC494296C24C2065CB4392B5F4, 944556A8521D4E59EE35B364C9FB1A3846924D512E73C2CB32DD440022E6B1B5 ] 699fd52f        C:\windows\system32\rundll32.exe
21:25:09.0489 0x06f8  699fd52f - ok
21:25:09.0520 0x06f8  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\windows\system32\drivers\ACPI.sys
21:25:09.0529 0x06f8  ACPI - ok
21:25:09.0546 0x06f8  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\windows\system32\Drivers\acpiex.sys
21:25:09.0548 0x06f8  acpiex - ok
21:25:09.0558 0x06f8  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
21:25:09.0558 0x06f8  acpipagr - ok
21:25:09.0561 0x06f8  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
21:25:09.0562 0x06f8  AcpiPmi - ok
21:25:09.0565 0x06f8  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\windows\System32\drivers\acpitime.sys
21:25:09.0566 0x06f8  acpitime - ok
21:25:09.0648 0x06f8  [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:25:09.0650 0x06f8  AdobeARMservice - ok
21:25:09.0749 0x06f8  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:25:09.0755 0x06f8  AdobeFlashPlayerUpdateSvc - ok
21:25:09.0786 0x06f8  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
21:25:09.0808 0x06f8  adp94xx - ok
21:25:09.0827 0x06f8  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\windows\system32\drivers\adpahci.sys
21:25:09.0834 0x06f8  adpahci - ok
21:25:09.0850 0x06f8  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\windows\system32\drivers\adpu320.sys
21:25:09.0855 0x06f8  adpu320 - ok
21:25:09.0889 0x06f8  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
21:25:09.0893 0x06f8  AeLookupSvc - ok
21:25:09.0923 0x06f8  [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD             C:\windows\system32\drivers\afd.sys
21:25:09.0945 0x06f8  AFD - ok
21:25:09.0973 0x06f8  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\windows\system32\drivers\agp440.sys
21:25:09.0974 0x06f8  agp440 - ok
21:25:10.0004 0x06f8  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\windows\System32\alg.exe
21:25:10.0006 0x06f8  ALG - ok
21:25:10.0020 0x06f8  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
21:25:10.0023 0x06f8  AllUserInstallAgent - ok
21:25:10.0051 0x06f8  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\windows\System32\drivers\amdk8.sys
21:25:10.0054 0x06f8  AmdK8 - ok
21:25:10.0067 0x06f8  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
21:25:10.0069 0x06f8  AmdPPM - ok
21:25:10.0088 0x06f8  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\windows\system32\drivers\amdsata.sys
21:25:10.0090 0x06f8  amdsata - ok
21:25:10.0109 0x06f8  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
21:25:10.0114 0x06f8  amdsbs - ok
21:25:10.0122 0x06f8  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\windows\system32\drivers\amdxata.sys
21:25:10.0123 0x06f8  amdxata - ok
21:25:10.0128 0x06f8  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\windows\system32\drivers\appid.sys
21:25:10.0130 0x06f8  AppID - ok
21:25:10.0150 0x06f8  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\windows\System32\appidsvc.dll
21:25:10.0151 0x06f8  AppIDSvc - ok
21:25:10.0177 0x06f8  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\windows\System32\appinfo.dll
21:25:10.0179 0x06f8  Appinfo - ok
21:25:10.0226 0x06f8  [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:25:10.0228 0x06f8  Apple Mobile Device - ok
21:25:10.0257 0x06f8  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\windows\system32\drivers\arc.sys
21:25:10.0259 0x06f8  arc - ok
21:25:10.0265 0x06f8  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\windows\system32\drivers\arcsas.sys
21:25:10.0267 0x06f8  arcsas - ok
21:25:10.0283 0x06f8  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
21:25:10.0284 0x06f8  AsyncMac - ok
21:25:10.0292 0x06f8  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\windows\system32\drivers\atapi.sys
21:25:10.0293 0x06f8  atapi - ok
21:25:10.0323 0x06f8  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
21:25:10.0327 0x06f8  AudioEndpointBuilder - ok
21:25:10.0367 0x06f8  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\windows\System32\Audiosrv.dll
21:25:10.0413 0x06f8  Audiosrv - ok
21:25:10.0439 0x06f8  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\windows\System32\AxInstSV.dll
21:25:10.0442 0x06f8  AxInstSV - ok
21:25:10.0479 0x06f8  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
21:25:10.0502 0x06f8  b06bdrv - ok
21:25:10.0536 0x06f8  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
21:25:10.0537 0x06f8  BasicDisplay - ok
21:25:10.0545 0x06f8  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
21:25:10.0546 0x06f8  BasicRender - ok
21:25:10.0576 0x06f8  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\windows\System32\bdesvc.dll
21:25:10.0580 0x06f8  BDESVC - ok
21:25:10.0584 0x06f8  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\windows\system32\drivers\Beep.sys
21:25:10.0584 0x06f8  Beep - ok
21:25:10.0629 0x06f8  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\windows\System32\bfe.dll
21:25:10.0652 0x06f8  BFE - ok
21:25:10.0696 0x06f8  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\windows\system32\qmgr.dll
21:25:10.0714 0x06f8  BITS - ok
21:25:10.0773 0x06f8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:25:10.0782 0x06f8  Bonjour Service - ok
21:25:10.0796 0x06f8  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
21:25:10.0798 0x06f8  bowser - ok
21:25:10.0830 0x06f8  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
21:25:10.0835 0x06f8  BrokerInfrastructure - ok
21:25:10.0857 0x06f8  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\windows\System32\browser.dll
21:25:10.0860 0x06f8  Browser - ok
21:25:10.0884 0x06f8  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
21:25:10.0886 0x06f8  BthAvrcpTg - ok
21:25:10.0918 0x06f8  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
21:25:10.0920 0x06f8  BthHFEnum - ok
21:25:10.0937 0x06f8  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
21:25:10.0938 0x06f8  bthhfhid - ok
21:25:10.0951 0x06f8  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
21:25:10.0953 0x06f8  BTHMODEM - ok
21:25:10.0982 0x06f8  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\windows\system32\bthserv.dll
21:25:10.0985 0x06f8  bthserv - ok
21:25:10.0986 0x06f8  catchme - ok
21:25:11.0034 0x06f8  [ 56685951208AC81CF923B9B08BEDF3B7, F5FF438B9A54AD8D54E82DE60E1771C9685A95D5E590D69EB1E4E78D3B9B7769 ] ccSet_NAT       C:\windows\system32\drivers\NATx64\0108000.020\ccSetx64.sys
21:25:11.0039 0x06f8  ccSet_NAT - ok
21:25:11.0106 0x06f8  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NST       C:\windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys
21:25:11.0135 0x06f8  ccSet_NST - ok
21:25:11.0160 0x06f8  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
21:25:11.0163 0x06f8  cdfs - ok
21:25:11.0178 0x06f8  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\windows\System32\drivers\cdrom.sys
21:25:11.0182 0x06f8  cdrom - ok
21:25:11.0205 0x06f8  [ 11F35C8E745ADF8BF595E3EC2B390972, 754ACDF6226A142D753C136D7C0A2461705B05A0C2251287ABC06D89D78F81A8 ] CeKbFilter      C:\windows\system32\DRIVERS\CeKbFilter.sys
21:25:11.0206 0x06f8  CeKbFilter - ok
21:25:11.0235 0x06f8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\windows\System32\certprop.dll
21:25:11.0239 0x06f8  CertPropSvc - ok
21:25:11.0248 0x06f8  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\windows\System32\drivers\circlass.sys
21:25:11.0251 0x06f8  circlass - ok
21:25:11.0280 0x06f8  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\windows\system32\drivers\CLFS.sys
21:25:11.0288 0x06f8  CLFS - ok
21:25:11.0308 0x06f8  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
21:25:11.0309 0x06f8  CmBatt - ok
21:25:11.0347 0x06f8  [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG             C:\windows\system32\Drivers\cng.sys
21:25:11.0369 0x06f8  CNG - ok
21:25:11.0379 0x06f8  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
21:25:11.0380 0x06f8  CompositeBus - ok
21:25:11.0384 0x06f8  COMSysApp - ok
21:25:11.0395 0x06f8  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\windows\system32\drivers\condrv.sys
21:25:11.0396 0x06f8  condrv - ok
21:25:11.0465 0x06f8  [ 9C2838A9F02BE7F3A1493498602448EE, 2A8338C41FDF2C5F2B4271F5B960502731DFECC7D3DE8312BD66CF0D7154BD76 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
21:25:11.0471 0x06f8  cphs - ok
21:25:11.0498 0x06f8  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\windows\system32\cryptsvc.dll
21:25:11.0500 0x06f8  CryptSvc - ok
21:25:11.0521 0x06f8  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\windows\system32\drivers\dam.sys
21:25:11.0523 0x06f8  dam - ok
21:25:11.0558 0x06f8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\windows\system32\rpcss.dll
21:25:11.0581 0x06f8  DcomLaunch - ok
21:25:11.0614 0x06f8  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\windows\System32\defragsvc.dll
21:25:11.0621 0x06f8  defragsvc - ok
21:25:11.0636 0x06f8  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
21:25:11.0644 0x06f8  DeviceAssociationService - ok
21:25:11.0672 0x06f8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
21:25:11.0676 0x06f8  DeviceInstall - ok
21:25:11.0706 0x06f8  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
21:25:11.0732 0x06f8  Dfsc - ok
21:25:11.0761 0x06f8  [ 955FFE2B1D74A9E0E3E0E558E6A17F3B, C046C2EF86ED847954931E714A82A0F65ECB6B64068F4EB6F69C2A26CD5B848B ] dg_ssudbus      C:\windows\system32\DRIVERS\ssudbus.sys
21:25:11.0795 0x06f8  dg_ssudbus - ok
21:25:11.0823 0x06f8  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\windows\system32\dhcpcore.dll
21:25:11.0830 0x06f8  Dhcp - ok
21:25:11.0839 0x06f8  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\windows\system32\drivers\discache.sys
21:25:11.0841 0x06f8  discache - ok
21:25:11.0872 0x06f8  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\windows\system32\drivers\disk.sys
21:25:11.0875 0x06f8  disk - ok
21:25:12.0032 0x06f8  [ 7BA3CCBABD503D3328F13F722D42306F, 584EE21538BAC9125BD8B3378B96D996B0785503FB4A3679CB9DB85328AF5DB4 ] DMDefragService C:\Program Files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
21:25:12.0077 0x06f8  DMDefragService - ok
21:25:12.0152 0x06f8  [ C6649220122BDA89A3707064DCA7FCEE, A0B33BD5F6CE19630E3FB962C46E0C939ED171012C19D50DAD3D5480B072AFDD ] DMRepairService C:\Program Files (x86)\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
21:25:12.0207 0x06f8  DMRepairService - ok
21:25:12.0237 0x06f8  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
21:25:12.0238 0x06f8  dmvsc - ok
21:25:12.0258 0x06f8  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\windows\System32\dnsrslvr.dll
21:25:12.0263 0x06f8  Dnscache - ok
21:25:12.0286 0x06f8  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\windows\System32\dot3svc.dll
21:25:12.0292 0x06f8  dot3svc - ok
21:25:12.0309 0x06f8  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\windows\system32\dps.dll
21:25:12.0314 0x06f8  DPS - ok
21:25:12.0343 0x06f8  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
21:25:12.0343 0x06f8  drmkaud - ok
21:25:12.0372 0x06f8  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
21:25:12.0377 0x06f8  DsmSvc - ok
21:25:12.0429 0x06f8  [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
21:25:12.0474 0x06f8  DXGKrnl - ok
21:25:12.0507 0x06f8  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\windows\System32\eapsvc.dll
21:25:12.0511 0x06f8  Eaphost - ok
21:25:12.0618 0x06f8  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\windows\system32\drivers\evbda.sys
21:25:12.0730 0x06f8  ebdrv - ok
21:25:12.0763 0x06f8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS             C:\windows\System32\lsass.exe
21:25:12.0766 0x06f8  EFS - ok
21:25:12.0792 0x06f8  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
21:25:12.0794 0x06f8  EhStorClass - ok
21:25:12.0814 0x06f8  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
21:25:12.0816 0x06f8  EhStorTcgDrv - ok
21:25:12.0833 0x06f8  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\windows\System32\drivers\errdev.sys
21:25:12.0834 0x06f8  ErrDev - ok
21:25:12.0896 0x06f8  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\windows\system32\es.dll
21:25:12.0919 0x06f8  EventSystem - ok
21:25:13.0021 0x06f8  [ E67E289FA8AA393223AD7F9AFB738FD6, DBAB42EE5C140024CB4FF669664885B5CB404054A430331B5ABF273598A881C0 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:25:13.0043 0x06f8  EvtEng - ok
21:25:13.0072 0x06f8  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\windows\system32\drivers\exfat.sys
21:25:13.0102 0x06f8  exfat - ok
21:25:13.0119 0x06f8  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\windows\system32\drivers\fastfat.sys
21:25:13.0156 0x06f8  fastfat - ok
21:25:13.0201 0x06f8  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\windows\system32\fxssvc.exe
21:25:13.0222 0x06f8  Fax - ok
21:25:13.0230 0x06f8  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\windows\System32\drivers\fdc.sys
21:25:13.0231 0x06f8  fdc - ok
21:25:13.0249 0x06f8  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\windows\system32\fdPHost.dll
21:25:13.0251 0x06f8  fdPHost - ok
21:25:13.0260 0x06f8  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\windows\system32\fdrespub.dll
21:25:13.0261 0x06f8  FDResPub - ok
21:25:13.0292 0x06f8  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\windows\system32\fhsvc.dll
21:25:13.0295 0x06f8  fhsvc - ok
21:25:13.0306 0x06f8  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
21:25:13.0308 0x06f8  FileInfo - ok
21:25:13.0332 0x06f8  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
21:25:13.0334 0x06f8  Filetrace - ok
21:25:13.0343 0x06f8  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
21:25:13.0344 0x06f8  flpydisk - ok
21:25:13.0354 0x06f8  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
21:25:13.0362 0x06f8  FltMgr - ok
21:25:13.0428 0x06f8  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\windows\system32\FntCache.dll
21:25:13.0473 0x06f8  FontCache - ok
21:25:13.0561 0x06f8  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:25:13.0563 0x06f8  FontCache3.0.0.0 - ok
21:25:13.0578 0x06f8  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
21:25:13.0580 0x06f8  FsDepends - ok
21:25:13.0607 0x06f8  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
21:25:13.0608 0x06f8  Fs_Rec - ok
21:25:13.0642 0x06f8  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
21:25:13.0652 0x06f8  fvevol - ok
21:25:13.0669 0x06f8  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
21:25:13.0670 0x06f8  FxPPM - ok
21:25:13.0680 0x06f8  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
21:25:13.0682 0x06f8  gagp30kx - ok
21:25:13.0710 0x06f8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
21:25:13.0711 0x06f8  GEARAspiWDM - ok
21:25:13.0720 0x06f8  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
21:25:13.0721 0x06f8  gencounter - ok
21:25:13.0747 0x06f8  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
21:25:13.0750 0x06f8  GPIOClx0101 - ok
21:25:13.0813 0x06f8  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\windows\System32\gpsvc.dll
21:25:13.0860 0x06f8  gpsvc - ok
21:25:13.0940 0x06f8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:25:13.0942 0x06f8  gupdate - ok
21:25:13.0946 0x06f8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:25:13.0948 0x06f8  gupdatem - ok
21:25:13.0980 0x06f8  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:25:13.0987 0x06f8  HdAudAddService - ok
21:25:14.0013 0x06f8  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
21:25:14.0014 0x06f8  HDAudBus - ok
21:25:14.0036 0x06f8  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
21:25:14.0038 0x06f8  HidBatt - ok
21:25:14.0062 0x06f8  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\windows\System32\drivers\hidbth.sys
21:25:14.0065 0x06f8  HidBth - ok
21:25:14.0087 0x06f8  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
21:25:14.0089 0x06f8  hidi2c - ok
21:25:14.0108 0x06f8  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\windows\System32\drivers\hidir.sys
21:25:14.0110 0x06f8  HidIr - ok
21:25:14.0129 0x06f8  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\windows\System32\hidserv.dll
21:25:14.0131 0x06f8  hidserv - ok
21:25:14.0152 0x06f8  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\windows\System32\drivers\hidusb.sys
21:25:14.0153 0x06f8  HidUsb - ok
21:25:14.0183 0x06f8  [ FCE2251FE4464DCAA2F4684F19A8EE9B, 8062CD636DEFA8E160427BC2C61BC5C0DAA5396E16ABE9353B27C217FDE70B04 ] hitmanpro37     C:\windows\system32\drivers\hitmanpro37.sys
21:25:14.0184 0x06f8  hitmanpro37 - ok
21:25:14.0213 0x06f8  [ 760B03AE5E3244E22FFC3C1AE1F5264A, 1D926E28B95394C211CC29B898ECF3C3E19814EF4D09B04DBF9BDFB2596BD1AB ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
21:25:14.0216 0x06f8  HitmanProScheduler - ok
21:25:14.0245 0x06f8  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\windows\system32\kmsvc.dll
21:25:14.0248 0x06f8  hkmsvc - ok
21:25:14.0267 0x06f8  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:25:14.0273 0x06f8  HomeGroupListener - ok
21:25:14.0306 0x06f8  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:25:14.0315 0x06f8  HomeGroupProvider - ok
21:25:14.0338 0x06f8  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
21:25:14.0340 0x06f8  HpSAMD - ok
21:25:14.0386 0x06f8  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\windows\system32\drivers\HTTP.sys
21:25:14.0408 0x06f8  HTTP - ok
21:25:14.0426 0x06f8  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
21:25:14.0427 0x06f8  hwpolicy - ok
21:25:14.0457 0x06f8  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
21:25:14.0458 0x06f8  hyperkbd - ok
21:25:14.0476 0x06f8  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
21:25:14.0477 0x06f8  HyperVideo - ok
21:25:14.0489 0x06f8  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
21:25:14.0492 0x06f8  i8042prt - ok
21:25:14.0529 0x06f8  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
21:25:14.0540 0x06f8  iaStorA - ok
21:25:14.0599 0x06f8  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
21:25:14.0619 0x06f8  iaStorV - ok
21:25:14.0727 0x06f8  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
21:25:14.0805 0x06f8  IconMan_R - ok
21:25:15.0080 0x06f8  [ 11A31FC2481BFE69B0507ED8C80215F4, 8A1E90611F749E8F04B6D86E835E981CAC16D0841305CADB19E58682DA006698 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
21:25:15.0340 0x06f8  igfx - ok
21:25:15.0365 0x06f8  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
21:25:15.0367 0x06f8  iirsp - ok
21:25:15.0422 0x06f8  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\windows\System32\ikeext.dll
21:25:15.0461 0x06f8  IKEEXT - ok
21:25:15.0484 0x06f8  [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA, 46D1DC6A44E20339AD9195EE7CC719DC9BC99C78F8C74E730B671F0D78B9C683 ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
21:25:15.0485 0x06f8  intaud_WaveExtensible - ok
21:25:15.0644 0x06f8  [ 3E6A9B228D7FC87C3A1C731B79BD0499, F203C3645419095989594313625AF1FB83A5F9B7F8A495A8EBCB63DFBF00D7ED ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
21:25:15.0780 0x06f8  IntcAzAudAddService - ok
21:25:15.0830 0x06f8  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
21:25:15.0839 0x06f8  IntcDAud - ok
21:25:15.0876 0x06f8  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:25:15.0899 0x06f8  Intel® Capability Licensing Service Interface - ok
21:25:15.0945 0x06f8  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
21:25:15.0948 0x06f8  Intel® ME Service - ok
21:25:15.0976 0x06f8  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\windows\system32\drivers\intelide.sys
21:25:15.0977 0x06f8  intelide - ok
21:25:16.0012 0x06f8  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\windows\System32\drivers\intelppm.sys
21:25:16.0015 0x06f8  intelppm - ok
21:25:16.0084 0x06f8  [ D9DA7B3117BF5EFF921C0CDED4D58050, D51A2AFC0E310C5A0EE1540A9E6353F5F7C9E76711187FAD91EEB0B3254EE935 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
21:25:16.0086 0x06f8  IntuitUpdateServiceV4 - ok
21:25:16.0104 0x06f8  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
21:25:16.0106 0x06f8  IpFilterDriver - ok
21:25:16.0148 0x06f8  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
21:25:16.0193 0x06f8  iphlpsvc - ok
21:25:16.0217 0x06f8  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
21:25:16.0219 0x06f8  IPMIDRV - ok
21:25:16.0236 0x06f8  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
21:25:16.0239 0x06f8  IPNAT - ok
21:25:16.0296 0x06f8  [ 7E4F8065367AE5BA387262D57B868DF5, 3D09A778748D30AFD37B23603CCC151B028D505FF3CB7763CE393F6CFAED3A9E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:25:16.0319 0x06f8  iPod Service - ok
21:25:16.0343 0x06f8  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\windows\system32\drivers\irenum.sys
21:25:16.0344 0x06f8  IRENUM - ok
21:25:16.0353 0x06f8  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\windows\system32\drivers\isapnp.sys
21:25:16.0354 0x06f8  isapnp - ok
21:25:16.0395 0x06f8  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
21:25:16.0402 0x06f8  iScsiPrt - ok
21:25:16.0425 0x06f8  [ C59B9CE2855E667809F9E63C20FC44A5, 36C71CDAB84296E408F29588E1993B6E2016841435C6F2CABBB716A2E2947BA8 ] iwdbus          C:\windows\System32\drivers\iwdbus.sys
21:25:16.0426 0x06f8  iwdbus - ok
21:25:16.0464 0x06f8  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
21:25:16.0468 0x06f8  jhi_service - ok
21:25:16.0496 0x06f8  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
21:25:16.0498 0x06f8  kbdclass - ok
21:25:16.0509 0x06f8  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
21:25:16.0510 0x06f8  kbdhid - ok
21:25:16.0524 0x06f8  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
21:25:16.0526 0x06f8  kdnic - ok
21:25:16.0542 0x06f8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso          C:\windows\system32\lsass.exe
21:25:16.0543 0x06f8  KeyIso - ok
21:25:16.0575 0x06f8  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
21:25:16.0578 0x06f8  KSecDD - ok
21:25:16.0605 0x06f8  [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
21:25:16.0609 0x06f8  KSecPkg - ok
21:25:16.0621 0x06f8  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
21:25:16.0622 0x06f8  ksthunk - ok
21:25:16.0656 0x06f8  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\windows\system32\msdtckrm.dll
21:25:16.0664 0x06f8  KtmRm - ok
21:25:16.0704 0x06f8  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\windows\System32\srvsvc.dll
21:25:16.0712 0x06f8  LanmanServer - ok
21:25:16.0733 0x06f8  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:25:16.0756 0x06f8  LanmanWorkstation - ok
21:25:16.0773 0x06f8  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
21:25:16.0775 0x06f8  lltdio - ok
21:25:16.0808 0x06f8  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\windows\System32\lltdsvc.dll
21:25:16.0814 0x06f8  lltdsvc - ok
21:25:16.0824 0x06f8  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\windows\System32\lmhsvc.dll
21:25:16.0825 0x06f8  lmhosts - ok
21:25:16.0849 0x06f8  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:25:16.0855 0x06f8  LMS - ok
21:25:16.0881 0x06f8  [ 36077028C32E25E69645CCA02F55E1DE, 34E23BC6441B46638F9C80331FCCFEF360D520D9B4B4077BE4C1DE7B9BD3EA50 ] LPCFilter       C:\windows\system32\drivers\LPCFilter.sys
21:25:16.0882 0x06f8  LPCFilter - ok
21:25:16.0905 0x06f8  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
21:25:16.0908 0x06f8  LSI_SAS - ok
21:25:16.0929 0x06f8  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
21:25:16.0931 0x06f8  LSI_SAS2 - ok
21:25:16.0946 0x06f8  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
21:25:16.0948 0x06f8  LSI_SCSI - ok
21:25:16.0960 0x06f8  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
21:25:16.0962 0x06f8  LSI_SSS - ok
21:25:16.0988 0x06f8  [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM             C:\windows\System32\lsm.dll
21:25:16.0997 0x06f8  LSM - ok
21:25:17.0003 0x06f8  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\windows\system32\drivers\luafv.sys
21:25:17.0007 0x06f8  luafv - ok
21:25:17.0027 0x06f8  [ 36EFC8C32829A27BAF0E63BFDBD5EE90, 7B8C211FFDFBD5D2D9680FA4633379185740876919709F8B41515BAD95BD215B ] massfilter      C:\windows\system32\drivers\massfilter.sys
21:25:17.0028 0x06f8  massfilter - ok
21:25:17.0078 0x06f8  [ 92008BFC4A409AD92DFBB50AF392AECC, 99B6B005B0DD4307D8A9A3AB08E81778B333AE5279EE5C5C18E9E2FBCBB56370 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
21:25:17.0079 0x06f8  MBAMProtector - ok
21:25:17.0154 0x06f8  [ 47DF4BC3D1561B6DAFA0862735FA1493, 88791A710DD71CCAE9FB772AD85BE94BA21B65D7C85937BE85D5B12885EC4CD3 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
21:25:17.0210 0x06f8  MBAMScheduler - ok
21:25:17.0259 0x06f8  [ 2CFC417EED3BF5DDA255CB7EF7E09D45, C70C3AC5A2D97904F2E27669AFE5F7EED0F25B387BEFD42B68E36D44F9A3D37D ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
21:25:17.0314 0x06f8  MBAMService - ok
21:25:17.0336 0x06f8  [ 43B54D2F6A1EC2028F64CE733204D417, 02790582EB8FBCC71D2818F9A4176F85D530E31E4767A05C05D5697FC560EC97 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
21:25:17.0337 0x06f8  MBAMWebAccessControl - ok
21:25:17.0440 0x06f8  [ 968BFF74AEB683C962960ECE0CAE4135, 3E08B39DE27FE27A27BD3E81486F0FCA1947D4B50BFE0167A0C27CE48DD56793 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
21:25:17.0447 0x06f8  McComponentHostService - ok
21:25:17.0481 0x06f8  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\windows\system32\drivers\megasas.sys
21:25:17.0483 0x06f8  megasas - ok
21:25:17.0511 0x06f8  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
21:25:17.0518 0x06f8  MegaSR - ok
21:25:17.0551 0x06f8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
21:25:17.0553 0x06f8  MEIx64 - ok
21:25:17.0576 0x06f8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\windows\system32\mmcss.dll
21:25:17.0579 0x06f8  MMCSS - ok
21:25:17.0589 0x06f8  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\windows\system32\drivers\modem.sys
21:25:17.0591 0x06f8  Modem - ok
21:25:17.0622 0x06f8  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\windows\System32\drivers\monitor.sys
21:25:17.0622 0x06f8  monitor - ok
21:25:17.0649 0x06f8  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\windows\System32\drivers\mouclass.sys
21:25:17.0650 0x06f8  mouclass - ok
21:25:17.0674 0x06f8  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\windows\System32\drivers\mouhid.sys
21:25:17.0675 0x06f8  mouhid - ok
21:25:17.0696 0x06f8  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
21:25:17.0698 0x06f8  mountmgr - ok
21:25:17.0735 0x06f8  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:25:17.0738 0x06f8  MozillaMaintenance - ok
21:25:17.0771 0x06f8  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
21:25:17.0773 0x06f8  mpsdrv - ok
21:25:17.0820 0x06f8  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\windows\system32\mpssvc.dll
21:25:17.0854 0x06f8  MpsSvc - ok
21:25:17.0896 0x06f8  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
21:25:17.0899 0x06f8  MRxDAV - ok
21:25:17.0927 0x06f8  [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
21:25:17.0934 0x06f8  mrxsmb - ok
21:25:17.0947 0x06f8  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
21:25:17.0954 0x06f8  mrxsmb10 - ok
21:25:17.0977 0x06f8  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
21:25:17.0982 0x06f8  mrxsmb20 - ok
21:25:18.0021 0x06f8  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
21:25:18.0024 0x06f8  MsBridge - ok
21:25:18.0045 0x06f8  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\windows\System32\msdtc.exe
21:25:18.0049 0x06f8  MSDTC - ok
21:25:18.0055 0x06f8  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\windows\system32\drivers\Msfs.sys
21:25:18.0056 0x06f8  Msfs - ok
21:25:18.0079 0x06f8  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
21:25:18.0081 0x06f8  msgpiowin32 - ok
21:25:18.0091 0x06f8  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
21:25:18.0092 0x06f8  mshidkmdf - ok
21:25:18.0101 0x06f8  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
21:25:18.0102 0x06f8  mshidumdf - ok
21:25:18.0114 0x06f8  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
21:25:18.0115 0x06f8  msisadrv - ok
21:25:18.0142 0x06f8  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\windows\system32\iscsiexe.dll
21:25:18.0146 0x06f8  MSiSCSI - ok
21:25:18.0149 0x06f8  msiserver - ok
21:25:18.0172 0x06f8  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
21:25:18.0198 0x06f8  MSKSSRV - ok
21:25:18.0217 0x06f8  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
21:25:18.0219 0x06f8  MsLldp - ok
21:25:18.0229 0x06f8  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
21:25:18.0230 0x06f8  MSPCLOCK - ok
21:25:18.0239 0x06f8  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
21:25:18.0240 0x06f8  MSPQM - ok
21:25:18.0261 0x06f8  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
21:25:18.0269 0x06f8  MsRPC - ok
21:25:18.0279 0x06f8  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
21:25:18.0280 0x06f8  mssmbios - ok
21:25:18.0298 0x06f8  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
21:25:18.0299 0x06f8  MSTEE - ok
21:25:18.0312 0x06f8  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
21:25:18.0312 0x06f8  MTConfig - ok
21:25:18.0330 0x06f8  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\windows\system32\Drivers\mup.sys
21:25:18.0332 0x06f8  Mup - ok
21:25:18.0351 0x06f8  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\windows\system32\drivers\mvumis.sys
21:25:18.0352 0x06f8  mvumis - ok
21:25:18.0384 0x06f8  [ 431F065E2A99FC3C670BD20694117C8B, ADE1D6B5EC0C0F078DB5F24FE4E830AC08FA1EDA1C895E7F4873874BCC1F2154 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:25:18.0390 0x06f8  MyWiFiDHCPDNS - ok
21:25:18.0421 0x06f8  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\windows\system32\qagentRT.dll
21:25:18.0431 0x06f8  napagent - ok
21:25:18.0457 0x06f8  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
21:25:18.0466 0x06f8  NativeWifiP - ok
21:25:18.0493 0x06f8  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\windows\System32\ncasvc.dll
21:25:18.0498 0x06f8  NcaSvc - ok
21:25:18.0507 0x06f8  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
21:25:18.0509 0x06f8  NcdAutoSetup - ok
21:25:18.0622 0x06f8  [ 97C152DE06F2BEF0BB14FDA3F187EFA9, 34FA61FC9A7225312FBEDE6149D7B9A140AC7C61313A1A4BD2EC0DA89BE497E5 ] NCO             C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
21:25:18.0626 0x06f8  NCO - ok
21:25:18.0709 0x06f8  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\windows\system32\drivers\ndis.sys
21:25:18.0743 0x06f8  NDIS - ok
21:25:18.0767 0x06f8  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
21:25:18.0769 0x06f8  NdisCap - ok
21:25:18.0800 0x06f8  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
21:25:18.0803 0x06f8  NdisImPlatform - ok
21:25:18.0822 0x06f8  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
21:25:18.0823 0x06f8  NdisTapi - ok
21:25:18.0836 0x06f8  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
21:25:18.0838 0x06f8  Ndisuio - ok
21:25:18.0845 0x06f8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
21:25:18.0848 0x06f8  NdisWan - ok
21:25:18.0854 0x06f8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
21:25:18.0857 0x06f8  NDISWANLEGACY - ok
21:25:18.0889 0x06f8  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
21:25:18.0891 0x06f8  NDProxy - ok
21:25:18.0908 0x06f8  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\windows\system32\drivers\Ndu.sys
21:25:18.0911 0x06f8  Ndu - ok
21:25:18.0924 0x06f8  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
21:25:18.0925 0x06f8  NetBIOS - ok
21:25:18.0945 0x06f8  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
21:25:18.0952 0x06f8  NetBT - ok
21:25:18.0964 0x06f8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon        C:\windows\system32\lsass.exe
21:25:18.0965 0x06f8  Netlogon - ok
21:25:18.0992 0x06f8  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\windows\System32\netman.dll
21:25:18.0999 0x06f8  Netman - ok
21:25:19.0031 0x06f8  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\windows\System32\netprofmsvc.dll
21:25:19.0042 0x06f8  netprofm - ok
21:25:19.0089 0x06f8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:25:19.0117 0x06f8  NetTcpPortSharing - ok
21:25:19.0259 0x06f8  [ 6C9793D9E1E26E74B6421B0791971F89, 0C5C59B248BC658F5F6FC1B4A58580B77497ED87A9F96697223EB039FA588F5C ] NETwNe64        C:\windows\system32\DRIVERS\NETwew00.sys
21:25:19.0386 0x06f8  NETwNe64 - ok
21:25:19.0415 0x06f8  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
21:25:19.0417 0x06f8  nfrd960 - ok
21:25:19.0449 0x06f8  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\windows\System32\nlasvc.dll
21:25:19.0459 0x06f8  NlaSvc - ok
21:25:19.0469 0x06f8  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\windows\system32\drivers\Npfs.sys
21:25:19.0471 0x06f8  Npfs - ok
21:25:19.0479 0x06f8  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
21:25:19.0481 0x06f8  npsvctrig - ok
21:25:19.0509 0x06f8  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\windows\system32\nsisvc.dll
21:25:19.0511 0x06f8  nsi - ok
21:25:19.0514 0x06f8  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
21:25:19.0515 0x06f8  nsiproxy - ok
21:25:19.0583 0x06f8  [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
21:25:19.0639 0x06f8  Ntfs - ok
21:25:19.0666 0x06f8  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\windows\system32\drivers\Null.sys
21:25:19.0666 0x06f8  Null - ok
21:25:19.0692 0x06f8  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\windows\system32\drivers\nvraid.sys
21:25:19.0695 0x06f8  nvraid - ok
21:25:19.0710 0x06f8  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\windows\system32\drivers\nvstor.sys
21:25:19.0714 0x06f8  nvstor - ok
21:25:19.0720 0x06f8  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
21:25:19.0723 0x06f8  nv_agp - ok
21:25:19.0792 0x06f8  [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:25:19.0796 0x06f8  ose64 - ok
21:25:19.0831 0x06f8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
21:25:19.0839 0x06f8  p2pimsvc - ok
21:25:19.0865 0x06f8  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\windows\system32\p2psvc.dll
21:25:19.0875 0x06f8  p2psvc - ok
21:25:19.0900 0x06f8  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\windows\System32\drivers\parport.sys
21:25:19.0922 0x06f8  Parport - ok
21:25:19.0944 0x06f8  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\windows\system32\drivers\partmgr.sys
21:25:19.0947 0x06f8  partmgr - ok
21:25:19.0982 0x06f8  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\windows\System32\pcasvc.dll
21:25:19.0992 0x06f8  PcaSvc - ok
21:25:20.0000 0x06f8  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\windows\system32\drivers\pci.sys
21:25:20.0005 0x06f8  pci - ok
21:25:20.0017 0x06f8  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\windows\system32\drivers\pciide.sys
21:25:20.0018 0x06f8  pciide - ok
21:25:20.0036 0x06f8  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
21:25:20.0041 0x06f8  pcmcia - ok
21:25:20.0072 0x06f8  [ 2B40E3FF15E41E345AB0BA14993D617D, A9BE4A22FD94024B5F6DB158A56A07FA09D389D714ABE68E8C5DAE5B6B0CED85 ] PCTDMDefrag     C:\windows\system32\drivers\PCTDMDefrag.sys
21:25:20.0076 0x06f8  PCTDMDefrag - ok
21:25:20.0099 0x06f8  [ 1F12ADEF9998C750196CBC891F012A6A, 0D776A754C52D55F8870A5413672A736E87359CD0F833046B22CFE8C6F572ED8 ] PCTDSMon        C:\windows\system32\drivers\PCTDSMon.sys
21:25:20.0104 0x06f8  PCTDSMon - ok
21:25:20.0155 0x06f8  [ A97BBC26E6B73FFA0FC6732476F4E8DA, DE5F8AF06F1A4CA8D3172832DBE7B52FFB87D4341EB31871946AE0DCC58215F7 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
21:25:20.0189 0x06f8  PCToolsSSDMonitorSvc - ok
21:25:20.0214 0x06f8  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\windows\system32\drivers\pcw.sys
21:25:20.0216 0x06f8  pcw - ok
21:25:20.0230 0x06f8  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\windows\system32\drivers\pdc.sys
21:25:20.0232 0x06f8  pdc - ok
21:25:20.0280 0x06f8  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
21:25:20.0325 0x06f8  PEAUTH - ok
21:25:20.0398 0x06f8  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\windows\SysWow64\perfhost.exe
21:25:20.0405 0x06f8  PerfHost - ok
21:25:20.0468 0x06f8  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\windows\system32\pla.dll
21:25:20.0513 0x06f8  pla - ok
21:25:20.0539 0x06f8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
21:25:20.0543 0x06f8  PlugPlay - ok
21:25:20.0548 0x06f8  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
21:25:20.0550 0x06f8  PNRPAutoReg - ok
21:25:20.0564 0x06f8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
21:25:20.0570 0x06f8  PNRPsvc - ok
21:25:20.0614 0x06f8  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
21:25:20.0624 0x06f8  PolicyAgent - ok
21:25:20.0644 0x06f8  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\windows\system32\umpo.dll
21:25:20.0647 0x06f8  Power - ok
21:25:20.0676 0x06f8  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
21:25:20.0678 0x06f8  PptpMiniport - ok
21:25:20.0816 0x06f8  [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
21:25:20.0905 0x06f8  PrintNotify - ok
21:25:20.0936 0x06f8  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\windows\System32\drivers\processr.sys
21:25:20.0938 0x06f8  Processor - ok
21:25:20.0967 0x06f8  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\windows\system32\profsvc.dll
21:25:20.0972 0x06f8  ProfSvc - ok
21:25:20.0985 0x06f8  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
21:25:20.0988 0x06f8  Psched - ok
21:25:21.0005 0x06f8  [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
21:25:21.0007 0x06f8  PxHlpa64 - ok
21:25:21.0022 0x06f8  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\windows\system32\qwave.dll
21:25:21.0029 0x06f8  QWAVE - ok
21:25:21.0045 0x06f8  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
21:25:21.0046 0x06f8  QWAVEdrv - ok
21:25:21.0061 0x06f8  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
21:25:21.0062 0x06f8  RasAcd - ok
21:25:21.0086 0x06f8  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
21:25:21.0087 0x06f8  RasAgileVpn - ok
21:25:21.0114 0x06f8  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\windows\System32\rasauto.dll
21:25:21.0118 0x06f8  RasAuto - ok
21:25:21.0138 0x06f8  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
21:25:21.0141 0x06f8  Rasl2tp - ok
21:25:21.0161 0x06f8  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\windows\System32\rasmans.dll
21:25:21.0170 0x06f8  RasMan - ok
21:25:21.0175 0x06f8  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
21:25:21.0177 0x06f8  RasPppoe - ok
21:25:21.0185 0x06f8  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
21:25:21.0187 0x06f8  RasSstp - ok
21:25:21.0220 0x06f8  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
21:25:21.0229 0x06f8  rdbss - ok
21:25:21.0253 0x06f8  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
21:25:21.0277 0x06f8  rdpbus - ok
21:25:21.0288 0x06f8  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
21:25:21.0292 0x06f8  RDPDR - ok
21:25:21.0308 0x06f8  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
21:25:21.0309 0x06f8  RdpVideoMiniport - ok
21:25:21.0327 0x06f8  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
21:25:21.0332 0x06f8  RDPWD - ok
21:25:21.0354 0x06f8  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
21:25:21.0359 0x06f8  rdyboost - ok
21:25:21.0403 0x06f8  [ D4F8266D63800FF9ACFAC838005A974C, 4FF1053A6B5365867F58AE521FDD32565C144686CB399C2B606005A507EC206E ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:25:21.0407 0x06f8  RegSrvc - ok
21:25:21.0426 0x06f8  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\windows\System32\mprdim.dll
21:25:21.0429 0x06f8  RemoteAccess - ok
21:25:21.0454 0x06f8  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\windows\system32\regsvc.dll
21:25:21.0459 0x06f8  RemoteRegistry - ok
21:25:21.0480 0x06f8  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\windows\system32\DRIVERS\revoflt.sys
21:25:21.0481 0x06f8  Revoflt - ok
21:25:21.0506 0x06f8  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
21:25:21.0509 0x06f8  RpcEptMapper - ok
21:25:21.0534 0x06f8  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\windows\system32\locator.exe
21:25:21.0536 0x06f8  RpcLocator - ok
21:25:21.0570 0x06f8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\windows\system32\rpcss.dll
21:25:21.0585 0x06f8  RpcSs - ok
21:25:21.0643 0x06f8  [ 6737F13C9CDC0C76BBBCD382E5B3B507, 85BA4ED4CED95EB7C4A15135984AF6E395CAF31132EAA4F77706B40C8651451A ] RSP2STOR        C:\windows\system32\DRIVERS\RtsP2Stor.sys
21:25:21.0649 0x06f8  RSP2STOR - ok
21:25:21.0676 0x06f8  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
21:25:21.0678 0x06f8  rspndr - ok
21:25:21.0724 0x06f8  [ 34DA0D14F5C3F1883A331AFB975AB434, BB5D580C1DCAE59CC1DB75C411A5A4DDF435931469E7EBFF5DFDADBFE07ADEBF ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
21:25:21.0746 0x06f8  RTL8168 - ok
21:25:21.0755 0x06f8  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
21:25:21.0756 0x06f8  s3cap - ok
21:25:21.0786 0x06f8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs           C:\windows\system32\lsass.exe
21:25:21.0788 0x06f8  SamSs - ok
21:25:21.0807 0x06f8  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
21:25:21.0810 0x06f8  sbp2port - ok
21:25:21.0848 0x06f8  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\windows\System32\SCardSvr.dll
21:25:21.0853 0x06f8  SCardSvr - ok
21:25:21.0878 0x06f8  [ DD8C29C96307FDBD2DFA6F1730FBCE9A, C0B5DA32EF9913634C0ABFDADA371AC4A909CD83ED174B311EF00AFFA13B3A38 ] SCDEmu          C:\windows\system32\drivers\SCDEmu.sys
21:25:21.0881 0x06f8  SCDEmu - ok
21:25:21.0901 0x06f8  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
21:25:21.0902 0x06f8  scfilter - ok
21:25:21.0964 0x06f8  [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule        C:\windows\system32\schedsvc.dll
21:25:22.0009 0x06f8  Schedule - ok
21:25:22.0035 0x06f8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\windows\System32\certprop.dll
21:25:22.0038 0x06f8  SCPolicySvc - ok
21:25:22.0063 0x06f8  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\windows\System32\drivers\sdbus.sys
21:25:22.0068 0x06f8  sdbus - ok
21:25:22.0101 0x06f8  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\windows\System32\SDRSVC.dll
21:25:22.0105 0x06f8  SDRSVC - ok
21:25:22.0136 0x06f8  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\windows\System32\drivers\sdstor.sys
21:25:22.0138 0x06f8  sdstor - ok
21:25:22.0164 0x06f8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
21:25:22.0165 0x06f8  secdrv - ok
21:25:22.0183 0x06f8  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\windows\system32\seclogon.dll
21:25:22.0185 0x06f8  seclogon - ok
21:25:22.0194 0x06f8  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\windows\system32\sens.dll
21:25:22.0197 0x06f8  SENS - ok
21:25:22.0207 0x06f8  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\windows\system32\sensrsvc.dll
21:25:22.0212 0x06f8  SensrSvc - ok
21:25:22.0225 0x06f8  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\windows\system32\drivers\SerCx.sys
21:25:22.0227 0x06f8  SerCx - ok
21:25:22.0230 0x06f8  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\windows\System32\drivers\serenum.sys
21:25:22.0231 0x06f8  Serenum - ok
21:25:22.0249 0x06f8  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\windows\System32\drivers\serial.sys
21:25:22.0251 0x06f8  Serial - ok
21:25:22.0254 0x06f8  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\windows\System32\drivers\sermouse.sys
21:25:22.0255 0x06f8  sermouse - ok
21:25:22.0297 0x06f8  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\windows\system32\sessenv.dll
21:25:22.0304 0x06f8  SessionEnv - ok
21:25:22.0317 0x06f8  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
21:25:22.0318 0x06f8  sfloppy - ok
21:25:22.0353 0x06f8  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\windows\System32\ipnathlp.dll
21:25:22.0362 0x06f8  SharedAccess - ok
21:25:22.0388 0x06f8  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:25:22.0412 0x06f8  ShellHWDetection - ok
21:25:22.0442 0x06f8  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
21:25:22.0443 0x06f8  SiSRaid2 - ok
21:25:22.0453 0x06f8  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
21:25:22.0455 0x06f8  SiSRaid4 - ok
21:25:22.0619 0x06f8  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:25:22.0754 0x06f8  Skype C2C Service - ok
21:25:22.0899 0x06f8  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:25:22.0903 0x06f8  SkypeUpdate - ok
21:25:22.0929 0x06f8  [ B6B41B70132DFCB257131C21649F8D67, 643001E839B9C478AA71985237C3230A5240F9EB6683B9D2A1B8BD0551FCA539 ] SmbDrvI         C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
21:25:22.0930 0x06f8  SmbDrvI - ok
21:25:22.0966 0x06f8  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
21:25:22.0968 0x06f8  SNMPTRAP - ok
21:25:22.0991 0x06f8  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\windows\system32\drivers\spaceport.sys
21:25:22.0997 0x06f8  spaceport - ok
21:25:23.0037 0x06f8  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
21:25:23.0038 0x06f8  SpbCx - ok
21:25:23.0079 0x06f8  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\windows\System32\spoolsv.exe
21:25:23.0113 0x06f8  Spooler - ok
21:25:23.0278 0x06f8  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\windows\system32\sppsvc.exe
21:25:23.0412 0x06f8  sppsvc - ok
21:25:23.0440 0x06f8  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\windows\system32\DRIVERS\srv.sys
21:25:23.0449 0x06f8  srv - ok
21:25:23.0486 0x06f8  [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
21:25:23.0499 0x06f8  srv2 - ok
21:25:23.0508 0x06f8  [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
21:25:23.0513 0x06f8  srvnet - ok
21:25:23.0542 0x06f8  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
21:25:23.0549 0x06f8  SSDPSRV - ok
21:25:23.0558 0x06f8  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\windows\system32\sstpsvc.dll
21:25:23.0561 0x06f8  SstpSvc - ok
21:25:23.0589 0x06f8  [ BB94A5E2CEE5FD83BA5A72A37AECADDF, 2A94AFAF671F11CD496A41687C48B3FF2870B6CA12184E2E29FDCA73544C2B2A ] ssudmdm         C:\windows\system32\DRIVERS\ssudmdm.sys
21:25:23.0594 0x06f8  ssudmdm - ok
21:25:23.0617 0x06f8  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\windows\system32\drivers\stexstor.sys
21:25:23.0618 0x06f8  stexstor - ok
21:25:23.0652 0x06f8  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\windows\System32\wiaservc.dll
21:25:23.0674 0x06f8  stisvc - ok
21:25:23.0700 0x06f8  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\windows\system32\drivers\storahci.sys
21:25:23.0703 0x06f8  storahci - ok
21:25:23.0712 0x06f8  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
21:25:23.0714 0x06f8  storflt - ok
21:25:23.0732 0x06f8  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\windows\system32\storsvc.dll
21:25:23.0734 0x06f8  StorSvc - ok
21:25:23.0757 0x06f8  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\windows\system32\drivers\storvsc.sys
21:25:23.0759 0x06f8  storvsc - ok
21:25:23.0773 0x06f8  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\windows\system32\svsvc.dll
21:25:23.0775 0x06f8  svsvc - ok
21:25:23.0780 0x06f8  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\windows\System32\drivers\swenum.sys
21:25:23.0781 0x06f8  swenum - ok
21:25:23.0865 0x06f8  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:25:23.0887 0x06f8  SwitchBoard - ok
21:25:23.0927 0x06f8  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\windows\System32\swprv.dll
21:25:23.0950 0x06f8  swprv - ok
21:25:23.0978 0x06f8  [ 2F7F23CE1138C87518FF13D9BEF6192F, 1896D078845DC3C04EFF2CC81D5125E59E11C0197E37B361E5A39B3A2FE73CF5 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
21:25:24.0007 0x06f8  SynTP - ok
21:25:24.0064 0x06f8  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\windows\system32\sysmain.dll
21:25:24.0109 0x06f8  SysMain - ok
21:25:24.0147 0x06f8  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
21:25:24.0170 0x06f8  SystemEventsBroker - ok
21:25:24.0191 0x06f8  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
21:25:24.0194 0x06f8  TabletInputService - ok
21:25:24.0209 0x06f8  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\windows\System32\tapisrv.dll
21:25:24.0217 0x06f8  TapiSrv - ok
21:25:24.0323 0x06f8  [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
21:25:24.0412 0x06f8  Tcpip - ok
21:25:24.0500 0x06f8  [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
21:25:24.0536 0x06f8  TCPIP6 - ok
21:25:24.0571 0x06f8  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
21:25:24.0573 0x06f8  tcpipreg - ok
21:25:24.0595 0x06f8  [ 58480A57ACF2671C343FD1D4BA990E34, 24AD9C808D06FABFE8E81242CAC8B5A91829F7D951B245865EF77B79BB795E3D ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
21:25:24.0596 0x06f8  tdcmdpst - ok
21:25:24.0606 0x06f8  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
21:25:24.0609 0x06f8  tdx - ok
21:25:24.0905 0x06f8  [ 2B29FD3AF7B4FEB272CD1F6EEC8FE4BA, 2E3E775218F1A9DCD977C7D42D0AADDA83A76DCBF65FB25E0F0215ABE3D55C5B ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
21:25:25.0164 0x06f8  TeamViewer9 - ok
21:25:25.0209 0x06f8  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\windows\System32\drivers\terminpt.sys
21:25:25.0211 0x06f8  terminpt - ok
21:25:25.0253 0x06f8  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\windows\System32\termsrv.dll
21:25:25.0275 0x06f8  TermService - ok
21:25:25.0291 0x06f8  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\windows\system32\themeservice.dll
21:25:25.0293 0x06f8  Themes - ok
21:25:25.0316 0x06f8  [ 16E745743BABAF480B7718442F38B076, 4FF6C7CFB976BF24F2215DCAE4DCCA546A6758B1DE1F36C78251AFFE4D9CE249 ] Thotkey         C:\windows\System32\drivers\Thotkey.sys
21:25:25.0317 0x06f8  Thotkey - ok
21:25:25.0337 0x06f8  [ 3114CC538C6130E428A80C5CEA5D76BA, 3AD4218A27B1069A7D579183F45BEE9FEEA4991272965A1D6FD1FDA7B2F55D20 ] Thpdrv          C:\windows\system32\DRIVERS\thpdrv.sys
21:25:25.0339 0x06f8  Thpdrv - ok
21:25:25.0354 0x06f8  [ 981FF023805AF650B8900DAA9C78B929, C78E8CFD20E5C90755DA0E29B222902EC9C2A061006FE1015FC3F64A2DC81CF4 ] Thpevm          C:\windows\system32\drivers\Thpevm.SYS
21:25:25.0355 0x06f8  Thpevm - ok
21:25:25.0381 0x06f8  [ B009D1A269B5C16231BAA724FD091CA3, 7BB32F8F51AA82BFC670B6BC10D55D44A8D73C4AD150FBDDB1E0668C38601219 ] Thpsrv          C:\windows\system32\ThpSrv.exe
21:25:25.0403 0x06f8  Thpsrv - ok
21:25:25.0422 0x06f8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\windows\system32\mmcss.dll
21:25:25.0424 0x06f8  THREADORDER - ok
21:25:25.0459 0x06f8  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
21:25:25.0465 0x06f8  TimeBroker - ok
21:25:25.0568 0x06f8  [ 5201342394DD42848027CE96A37043DB, 7D230994799CC608AA7C116A34508ED6321AEB5DF848EBFE022C38EA33F4166B ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:25:25.0570 0x06f8  TMachInfo - ok
21:25:25.0606 0x06f8  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
21:25:25.0617 0x06f8  TODDSrv - ok
21:25:25.0691 0x06f8  [ 4D7977197C3EC8C65F533E8A84DE229C, 2B91272E015EDB4E489179F791B9B67C9A89CAB2F45030C89FC7F6513F24200F ] TOSHIBA eco Utility Service C:\Program Files\Toshiba\Teco\TecoService.exe
21:25:25.0697 0x06f8  TOSHIBA eco Utility Service - ok
21:25:25.0728 0x06f8  [ 36391C3953D191A2AF4556D5D706C641, 5191A35C86B6C98F2CBDDC23B5311ED62310345CEDE084A54BBF70CCF0F84C50 ] tos_sps64       C:\windows\system32\drivers\tos_sps64.sys
21:25:25.0738 0x06f8  tos_sps64 - ok
21:25:25.0776 0x06f8  [ 8608681DC6E2975815A593209A6432CD, 10DF382AABB97DD70900DD4D6D388A34614A67E762D956861C8D4D036947BFDA ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
21:25:25.0786 0x06f8  TPCHSrv - ok
21:25:25.0829 0x06f8  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\windows\system32\drivers\tpm.sys
21:25:25.0832 0x06f8  TPM - ok
21:25:25.0860 0x06f8  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\windows\System32\trkwks.dll
21:25:25.0864 0x06f8  TrkWks - ok
21:25:25.0915 0x06f8  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:25:25.0917 0x06f8  TrustedInstaller - ok
21:25:25.0938 0x06f8  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
21:25:25.0940 0x06f8  TsUsbFlt - ok
21:25:25.0943 0x06f8  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
21:25:25.0945 0x06f8  TsUsbGD - ok
21:25:25.0966 0x06f8  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
21:25:25.0970 0x06f8  tunnel - ok
21:25:26.0000 0x06f8  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\windows\system32\drivers\TVALZ_O.SYS
21:25:26.0001 0x06f8  TVALZ - ok
21:25:26.0022 0x06f8  [ 55A9A23DD64EB7781FCAB565B028CD0E, 44CE0C8244F9AE6CCCDB49C29F6D35FE4CE8C92DE5B5D44D22DBD088DE83AA10 ] TVALZFL         C:\windows\system32\DRIVERS\TVALZFL.sys
21:25:26.0023 0x06f8  TVALZFL - ok
21:25:26.0038 0x06f8  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\windows\system32\drivers\uagp35.sys
21:25:26.0040 0x06f8  uagp35 - ok
21:25:26.0058 0x06f8  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
21:25:26.0060 0x06f8  UASPStor - ok
21:25:26.0089 0x06f8  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
21:25:26.0094 0x06f8  UCX01000 - ok
21:25:26.0124 0x06f8  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
21:25:26.0131 0x06f8  udfs - ok
21:25:26.0166 0x06f8  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\windows\system32\UI0Detect.exe
21:25:26.0169 0x06f8  UI0Detect - ok
21:25:26.0201 0x06f8  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
21:25:26.0203 0x06f8  uliagpkx - ok
21:25:26.0220 0x06f8  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\windows\System32\drivers\umbus.sys
21:25:26.0222 0x06f8  umbus - ok
21:25:26.0240 0x06f8  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\windows\System32\drivers\umpass.sys
21:25:26.0241 0x06f8  UmPass - ok
21:25:26.0255 0x06f8  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\windows\System32\umrdp.dll
21:25:26.0262 0x06f8  UmRdpService - ok
21:25:26.0348 0x06f8  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:25:26.0356 0x06f8  UNS - ok
21:25:26.0379 0x06f8  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\windows\System32\upnphost.dll
21:25:26.0401 0x06f8  upnphost - ok
21:25:26.0431 0x06f8  [ 30F02F642C2D141CAABD412B48A29D76, E94610E0CB46A9DD811AC03B028310D91E13B63A57A39749EEAC70FB5E729EE3 ] usb3Hub         C:\windows\System32\drivers\usb3Hub.sys
21:25:26.0433 0x06f8  usb3Hub - ok
21:25:26.0462 0x06f8  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\System32\Drivers\usbaapl64.sys
21:25:26.0464 0x06f8  USBAAPL64 - ok
21:25:26.0489 0x06f8  [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
21:25:26.0492 0x06f8  usbaudio - ok
21:25:26.0518 0x06f8  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
21:25:26.0521 0x06f8  usbccgp - ok
21:25:26.0543 0x06f8  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\windows\System32\drivers\usbcir.sys
21:25:26.0545 0x06f8  usbcir - ok
21:25:26.0568 0x06f8  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
21:25:26.0570 0x06f8  usbehci - ok
21:25:26.0610 0x06f8  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\windows\System32\drivers\usbhub.sys
21:25:26.0632 0x06f8  usbhub - ok
21:25:26.0653 0x06f8  [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
21:25:26.0663 0x06f8  USBHUB3 - ok
21:25:26.0686 0x06f8  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\windows\System32\drivers\usbohci.sys
21:25:26.0688 0x06f8  usbohci - ok
21:25:26.0708 0x06f8  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\windows\System32\drivers\usbprint.sys
21:25:26.0732 0x06f8  usbprint - ok
21:25:26.0761 0x06f8  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
21:25:26.0764 0x06f8  USBSTOR - ok
21:25:26.0788 0x06f8  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
21:25:26.0789 0x06f8  usbuhci - ok
21:25:26.0811 0x06f8  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
21:25:26.0816 0x06f8  usbvideo - ok
21:25:26.0844 0x06f8  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
21:25:26.0851 0x06f8  USBXHCI - ok
21:25:26.0864 0x06f8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc        C:\windows\system32\lsass.exe
21:25:26.0865 0x06f8  VaultSvc - ok
21:25:26.0882 0x06f8  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
21:25:26.0883 0x06f8  vdrvroot - ok
21:25:26.0926 0x06f8  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\windows\System32\vds.exe
21:25:26.0948 0x06f8  vds - ok
21:25:26.0956 0x06f8  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
21:25:26.0958 0x06f8  VerifierExt - ok
21:25:26.0994 0x06f8  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
21:25:27.0005 0x06f8  vhdmp - ok
21:25:27.0023 0x06f8  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\windows\system32\drivers\viaide.sys
21:25:27.0024 0x06f8  viaide - ok
21:25:27.0037 0x06f8  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\windows\system32\drivers\vmbus.sys
21:25:27.0040 0x06f8  vmbus - ok
21:25:27.0056 0x06f8  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
21:25:27.0057 0x06f8  VMBusHID - ok
21:25:27.0096 0x06f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\windows\System32\ICSvc.dll
21:25:27.0103 0x06f8  vmicheartbeat - ok
21:25:27.0112 0x06f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
21:25:27.0118 0x06f8  vmickvpexchange - ok
21:25:27.0127 0x06f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\windows\System32\ICSvc.dll
21:25:27.0133 0x06f8  vmicrdv - ok
21:25:27.0142 0x06f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\windows\System32\ICSvc.dll
21:25:27.0149 0x06f8  vmicshutdown - ok
21:25:27.0158 0x06f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\windows\System32\ICSvc.dll
21:25:27.0164 0x06f8  vmictimesync - ok
21:25:27.0173 0x06f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\windows\System32\ICSvc.dll
21:25:27.0179 0x06f8  vmicvss - ok
21:25:27.0195 0x06f8  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\windows\system32\drivers\volmgr.sys
21:25:27.0207 0x06f8  volmgr - ok
21:25:27.0236 0x06f8  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
21:25:27.0259 0x06f8  volmgrx - ok
21:25:27.0296 0x06f8  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\windows\system32\drivers\volsnap.sys
21:25:27.0318 0x06f8  volsnap - ok
21:25:27.0333 0x06f8  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\windows\System32\drivers\vpci.sys
21:25:27.0335 0x06f8  vpci - ok
21:25:27.0354 0x06f8  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
21:25:27.0358 0x06f8  vsmraid - ok
21:25:27.0423 0x06f8  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\windows\system32\vssvc.exe
21:25:27.0479 0x06f8  VSS - ok
21:25:27.0505 0x06f8  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
21:25:27.0511 0x06f8  VSTXRAID - ok
21:25:27.0529 0x06f8  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
21:25:27.0530 0x06f8  vwifibus - ok
21:25:27.0551 0x06f8  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
21:25:27.0553 0x06f8  vwififlt - ok
21:25:27.0559 0x06f8  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
21:25:27.0560 0x06f8  vwifimp - ok
21:25:27.0619 0x06f8  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\windows\system32\w32time.dll
21:25:27.0628 0x06f8  W32Time - ok
21:25:27.0642 0x06f8  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\windows\System32\drivers\wacompen.sys
21:25:27.0643 0x06f8  WacomPen - ok
21:25:27.0748 0x06f8  [ D970AF80B98927A8C63DBA235E69DF7E, CA8A3ADF3A64B63AB88EA07D452FB12D3498B05C4DFF10434FBFE8A3E688C50B ] wampapache      c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
21:25:27.0750 0x06f8  wampapache - ok
21:25:27.0798 0x06f8  wampmysqld - ok
21:25:27.0824 0x06f8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
21:25:27.0826 0x06f8  Wanarp - ok
21:25:27.0830 0x06f8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
21:25:27.0831 0x06f8  Wanarpv6 - ok
21:25:27.0887 0x06f8  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\windows\system32\wbengine.exe
21:25:27.0932 0x06f8  wbengine - ok
21:25:27.0951 0x06f8  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
21:25:27.0960 0x06f8  WbioSrvc - ok
21:25:27.0984 0x06f8  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
21:25:27.0991 0x06f8  Wcmsvc - ok
21:25:28.0024 0x06f8  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\windows\System32\wcncsvc.dll
21:25:28.0035 0x06f8  wcncsvc - ok
21:25:28.0065 0x06f8  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:25:28.0088 0x06f8  WcsPlugInService - ok
21:25:28.0111 0x06f8  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\windows\system32\drivers\wd.sys
21:25:28.0112 0x06f8  Wd - ok
21:25:28.0143 0x06f8  [ 07D19A55CD27B330534D2DDEA60D5FC6, 9C9441EA6943481838F61FD929F88FE25DC60BB8513A2C01CB4712918A883E3F ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
21:25:28.0145 0x06f8  WdBoot - ok
21:25:28.0187 0x06f8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
21:25:28.0210 0x06f8  Wdf01000 - ok
21:25:28.0257 0x06f8  [ CEBD9CDAADA11FAECCA82E4C06BCDD8E, 6D6E4BF0EB97004F9C07327923C9BD2B451FDDA567FAF39556595302EE5A1A54 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
21:25:28.0263 0x06f8  WdFilter - ok
21:25:28.0283 0x06f8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\windows\system32\wdi.dll
21:25:28.0287 0x06f8  WdiServiceHost - ok
21:25:28.0291 0x06f8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\windows\system32\wdi.dll
21:25:28.0294 0x06f8  WdiSystemHost - ok
21:25:28.0319 0x06f8  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\windows\System32\webclnt.dll
21:25:28.0325 0x06f8  WebClient - ok
21:25:28.0340 0x06f8  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\windows\system32\wecsvc.dll
21:25:28.0346 0x06f8  Wecsvc - ok
21:25:28.0362 0x06f8  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
21:25:28.0365 0x06f8  wercplsupport - ok
21:25:28.0400 0x06f8  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\windows\System32\WerSvc.dll
21:25:28.0404 0x06f8  WerSvc - ok
21:25:28.0422 0x06f8  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
21:25:28.0425 0x06f8  WFPLWFS - ok
21:25:28.0434 0x06f8  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\windows\System32\wiarpc.dll
21:25:28.0437 0x06f8  WiaRpc - ok
21:25:28.0464 0x06f8  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
21:25:28.0465 0x06f8  WIMMount - ok
21:25:28.0492 0x06f8  WinDefend - ok
21:25:28.0539 0x06f8  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
21:25:28.0572 0x06f8  WinHttpAutoProxySvc - ok
21:25:28.0681 0x06f8  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
21:25:28.0686 0x06f8  Winmgmt - ok
21:25:28.0787 0x06f8  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\windows\system32\WsmSvc.dll
21:25:28.0876 0x06f8  WinRM - ok
21:25:28.0896 0x06f8  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
21:25:28.0898 0x06f8  WinUsb - ok
21:25:28.0953 0x06f8  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\windows\System32\wlansvc.dll
21:25:28.0998 0x06f8  WlanSvc - ok
21:25:29.0066 0x06f8  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\windows\system32\wlidsvc.dll
21:25:29.0133 0x06f8  wlidsvc - ok
21:25:29.0153 0x06f8  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
21:25:29.0154 0x06f8  WmiAcpi - ok
21:25:29.0186 0x06f8  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
21:25:29.0190 0x06f8  wmiApSrv - ok
21:25:29.0210 0x06f8  WMPNetworkSvc - ok
21:25:29.0215 0x06f8  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
21:25:29.0216 0x06f8  wpcfltr - ok
21:25:29.0245 0x06f8  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\windows\System32\wpcsvc.dll
21:25:29.0247 0x06f8  WPCSvc - ok
21:25:29.0274 0x06f8  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
21:25:29.0307 0x06f8  WPDBusEnum - ok
21:25:29.0318 0x06f8  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
21:25:29.0319 0x06f8  WpdUpFltr - ok
21:25:29.0348 0x06f8  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
21:25:29.0349 0x06f8  ws2ifsl - ok
21:25:29.0368 0x06f8  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\windows\system32\wscsvc.dll
21:25:29.0372 0x06f8  wscsvc - ok
21:25:29.0375 0x06f8  WSearch - ok
21:25:29.0480 0x06f8  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\windows\System32\WSService.dll
21:25:29.0572 0x06f8  WSService - ok
21:25:29.0679 0x06f8  [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv        C:\windows\system32\wuaueng.dll
21:25:29.0780 0x06f8  wuauserv - ok
21:25:29.0807 0x06f8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
21:25:29.0809 0x06f8  WudfPf - ok
21:25:29.0829 0x06f8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
21:25:29.0834 0x06f8  WUDFSensorLP - ok
21:25:29.0857 0x06f8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
21:25:29.0861 0x06f8  wudfsvc - ok
21:25:29.0867 0x06f8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
21:25:29.0871 0x06f8  WUDFWpdFs - ok
21:25:29.0877 0x06f8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
21:25:29.0881 0x06f8  WUDFWpdMtp - ok
21:25:29.0916 0x06f8  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\windows\System32\wwansvc.dll
21:25:29.0927 0x06f8  WwanSvc - ok
21:25:29.0958 0x06f8  [ 6FDEE5E0741A3FFA5E5772C6C94E3F64, 859EBC7F8FF3CE9F3301B5BF93CF0C84C2A4271F205B67D9B8DC463DC67DE661 ] XHCIPort        C:\windows\System32\drivers\XHCIPort.sys
21:25:29.0963 0x06f8  XHCIPort - ok
21:25:30.0073 0x06f8  [ 97D3DCBBF3915782644DB56F5C191B9F, 3207D951F8042ADA9256283E9D64C3427D145DB98172A87733F868215FF62EF4 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:25:30.0151 0x06f8  ZeroConfigService - ok
21:25:30.0182 0x06f8  [ 3762B4C538B9D710F85042849C20319F, 5476B4FE932E8C4322A556DE372D9B776E2A45F8A303EFB865FBAC313599863C ] ZTEusbMB        C:\windows\system32\DRIVERS\ZTEusbnmeaext2.sys
21:25:30.0185 0x06f8  ZTEusbMB - ok
21:25:30.0203 0x06f8  [ 7CC1BB2CA5A01D3AD844E6476B026733, E1A2DA735BC3F73E3EFF467E6123180C3BF968560DE960DA36F39E14ADDE849D ] ZTEusbnet       C:\windows\system32\DRIVERS\ZTEusbnet.sys
21:25:30.0206 0x06f8  ZTEusbnet - ok
21:25:30.0219 0x06f8  [ 3762B4C538B9D710F85042849C20319F, 5476B4FE932E8C4322A556DE372D9B776E2A45F8A303EFB865FBAC313599863C ] ZTEusbnmea      C:\windows\system32\DRIVERS\ZTEusbnmea.sys
21:25:30.0222 0x06f8  ZTEusbnmea - ok
21:25:30.0235 0x06f8  [ 3762B4C538B9D710F85042849C20319F, 5476B4FE932E8C4322A556DE372D9B776E2A45F8A303EFB865FBAC313599863C ] ZTEusbser6k     C:\windows\system32\DRIVERS\ZTEusbser6k.sys
21:25:30.0238 0x06f8  ZTEusbser6k - ok
21:25:30.0269 0x06f8  [ 74AF09219578490C1491DBB7CF7A0ADE, 8D1452B867BF30E6B925DA020F3F7578E6DC8E07CE1D2117D26FEFC8B24066B6 ] ZTEusbwwan      C:\windows\system32\DRIVERS\ZTEusbwwan.sys
21:25:30.0275 0x06f8  ZTEusbwwan - ok
21:25:30.0281 0x06f8  ================ Scan global ===============================
21:25:30.0317 0x06f8  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
21:25:30.0350 0x06f8  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
21:25:30.0382 0x06f8  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
21:25:30.0412 0x06f8  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\windows\system32\services.exe
21:25:30.0421 0x06f8  [ Global ] - ok
21:25:30.0421 0x06f8  ================ Scan MBR ==================================
21:25:30.0433 0x06f8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:25:30.0437 0x06f8  \Device\Harddisk0\DR0 - ok
21:25:30.0437 0x06f8  ================ Scan VBR ==================================
21:25:30.0442 0x06f8  [ 54FE18C7EAB173F14411F60C00FF66F0 ] \Device\Harddisk0\DR0\Partition1
21:25:30.0454 0x06f8  \Device\Harddisk0\DR0\Partition1 - ok
21:25:30.0463 0x06f8  [ 3C6CA945EA14594211E4975E44E9F185 ] \Device\Harddisk0\DR0\Partition2
21:25:30.0477 0x06f8  \Device\Harddisk0\DR0\Partition2 - ok
21:25:30.0491 0x06f8  [ 2697A4A8E0358866AA5EC7D89AEF771A ] \Device\Harddisk0\DR0\Partition3
21:25:30.0504 0x06f8  \Device\Harddisk0\DR0\Partition3 - ok
21:25:30.0520 0x06f8  [ FE37510F910E5831CA23FB5727BF0C5C ] \Device\Harddisk0\DR0\Partition4
21:25:30.0527 0x06f8  \Device\Harddisk0\DR0\Partition4 - ok
21:25:30.0559 0x06f8  [ 6A029893A5698B78B8FFDAABCB1C6C23 ] \Device\Harddisk0\DR0\Partition5
21:25:30.0560 0x06f8  \Device\Harddisk0\DR0\Partition5 - ok
21:25:30.0567 0x06f8  [ 526459C481B44F30FCF7A6CE87F5A013 ] \Device\Harddisk0\DR0\Partition6
21:25:30.0568 0x06f8  \Device\Harddisk0\DR0\Partition6 - ok
21:25:30.0569 0x06f8  Waiting for KSN requests completion. In queue: 97
21:25:31.0570 0x06f8  Waiting for KSN requests completion. In queue: 97
21:25:32.0570 0x06f8  Waiting for KSN requests completion. In queue: 97
21:25:33.0632 0x06f8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
21:25:33.0654 0x06f8  Win FW state via NFP2: enabled
21:25:36.0190 0x06f8  ============================================================
21:25:36.0190 0x06f8  Scan finished
21:25:36.0190 0x06f8  ============================================================
21:25:36.0195 0x0a4c  Detected object count: 0
21:25:36.0195 0x0a4c  Actual detected object count: 0
 

 

 

ESET Results:

 

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d028b29420d6f7458aa843ecbaddcdcc
# engine=17594
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-03-25 05:41:59
# local_time=2014-03-25 01:41:59 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=5893 16776574 100 94 43984 55145830 0 0
# scanned=569941
# found=38
# cleaned=37
# scan_time=14517
sh=4DCF9F1F030CBFE793BA9762A475ED6DF2A3D0B6 ft=1 fh=c71c00117a0acf69 vn="a variant of Win64/SProtector.A potentially unwanted application" ac=I fn="C:\Users\All Users\Assistant\Assistant_x64.dll"
sh=4DCF9F1F030CBFE793BA9762A475ED6DF2A3D0B6 ft=1 fh=c71c00117a0acf69 vn="a variant of Win64/SProtector.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\ProgramData\Assistant\Assistant_x64.dll"
sh=6F4F0D1B3F93670F01B46A05A558AAE39D8498C1 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Qoobox\Quarantine\C\Users\Anastacia\AppData\Roaming\Mozilla\Firefox\Profiles\ygxso76k.default\extensions\staged\7iwueyyuieo@y-stad.co.uk\content\bg.js.vir"
sh=6F60E10F246615388EEBE0F9F5E97180AC97CBE2 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Qoobox\Quarantine\C\Users\Anastacia\AppData\Roaming\Mozilla\Firefox\Profiles\ygxso76k.default\extensions\staged\auo.9@nhdqvqa.com\content\bg.js.vir"
sh=0642D8ABBDEC35D3B1607B3D922AD5CE461353BA ft=1 fh=c3a461d00c5cfb32 vn="a variant of Win32/DomaIQ.BB potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000000"
sh=4C09E47FB12FEBFC24804FBCBBDC92B6EC0121DF ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cajgeocibfnfildjainikamcofdekfbj\5.10\kqcB6iJuPhX.js"
sh=15660DEDB574CE75327CA61D5CFEFBAB691B07C0 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eoghglflmknonfkabnaahgjafgmdjbam\5.10\mK7crW3wxi.js"
sh=02FC117F8F111320FD4D40E3136B8126E3F411CA ft=1 fh=9e787432fb9e2e09 vn="a variant of MSIL/DomaIQ.X potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\AppData\Local\temp\jki3A24.tmp"
sh=BCFA3720D4D7603BD19E3FA895C1C19A183FA5FC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\inc\activation.php"
sh=DDA4E50B284481FDAD8E928D92F840D685E7DC0E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\inc\ar_submit.php"
sh=501C77E10A552F6DFF27C797115827026E3A0FBE ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\inc\callback.php"
sh=AD87CE63B68BBB426CBE2741102A47BD17DFF314 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\inc\csv.php"
sh=0C1AF9843E973FE12A45A9F5E8A4B0A0CA4B3BC8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\inc\delete_campaign.php"
sh=DD478D40C954263641E36B7D665A5D23DD9BFFB9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\inc\menu.php"
sh=7F81FEEA1BD09D466C5DE5D0D7C5651A99319C90 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\inc\page_link.php"
sh=B0AD099779288A804FD00304A276F2B56A80E369 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\inc\save_lead.php"
sh=10D0AAAB4BB4BCBCADF4186D8C72451899BD0E5D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\lp\index.php"
sh=0FCB7EBE35F1A5096E523C46FB17E9AB24C6FEC8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\UI\ar.php"
sh=BE5815D158C98DF54C6968520551132B22C87159 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\UI\copy.php"
sh=9BB076C7C419B649E535D08220483FC7CEECCC1E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\UI\create.php"
sh=2E35388540DA3D30E00F3D426DCD2A92E52C0A00 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\UI\css.php"
sh=94BFB8A5DA44598B4A2A961DAB510FFDBBA37362 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\UI\dash.php"
sh=A4A78E6D640AC05BE456BBF290F50F0023214AC5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\UI\design.php"
sh=764980F2AC95FEF08E28E8A34483CCF6FE98C3BB ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\UI\editdep.php"
sh=3747DB6E85B7474D45805ADE396A8A581F11D5DA ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\UI\index.php"
sh=0D2D3CFD8A195E9D19B7CF8378BC7FD3EEA6FFE8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\backup\Development Projects\Greg Agustin\plugins\wp-ezsqueezey\UI\lead.php"
sh=4BBF0DFCF39D7B50B7547582792C1929DFEA1F08 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\Development Projects\Toodol\kodok.php"
sh=4BBF0DFCF39D7B50B7547582792C1929DFEA1F08 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Documents\Development Projects\Toodol2\kodok.php"
sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Downloads\ccsetup411 (1).exe"
sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Downloads\ccsetup411.exe"
sh=9271AC56219EAA6E7C3BEB56DCF85B4B0C94BCBD ft=1 fh=01ecc5747fa432f4 vn="Win32/ELEX.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Downloads\isafedl.exe"
sh=436DF1A7CC95CDA6FFF4C968EA5CB2E5DF416D7A ft=1 fh=ff7d7449d9b9c6aa vn="Win32/Toolbar.Montiera.I potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Downloads\Software_Update__CD5MTCD4349_0beaec9c-9198-45eb-9efe-008507fa0964_v2CF49N5MU0AD1GAGF7SRDPIIS_0_0_0.exe"
sh=35A23E01305106412DB3F72ED63C5504BC469D4D ft=0 fh=0000000000000000 vn="Win32/Somoto.E potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Downloads\backup\hvsetup.zip"
sh=C51F88E088986633000211397F4410E52A1BF744 ft=0 fh=0000000000000000 vn="a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Downloads\backup\ofiz 2013 Activator.rar"
sh=F4E673305ADDC80B0AACFDE2C1D8D39DD00E448C ft=0 fh=0000000000000000 vn="a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Downloads\backup\ofiz 2013 Activator\ofiz 2013 Activator\KMSNano v16.1 Offline Office and Windows KMS Activator.rar"
sh=2BB079F858F87DC150FC59C2DAE2ADDB65F73FC2 ft=0 fh=0000000000000000 vn="a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Downloads\backup\ofiz 2013 Activator\ofiz 2013 Activator\KMSNano v16.1 Offline Office and Windows KMS Activator\KMSNano v16.1 Offline Office and Windows KMS Activator\LaNanov16.1.zip"
sh=90B7593C6FAA0662899E228EB24C1BA63B03C02E ft=1 fh=f33187267161422b vn="a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Downloads\backup\ofiz 2013 Activator\ofiz 2013 Activator\KMSNano v16.1 Offline Office and Windows KMS Activator\KMSNano v16.1 Offline Office and Windows KMS Activator\LaNanov16.1\KMSnano.exe"
sh=F084036D7DA41A7A75F05058F70A3580FF305338 ft=0 fh=0000000000000000 vn="probably a variant of Perl/RemoteAdmin.Cgi-telnet.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Anastacia\Downloads\images\stories\virtuemart\typeless\att.cgi"
ESETSmartInstaller@High as downloader log:
all ok


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,070 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:39 AM

Posted 25 March 2014 - 07:50 PM

Hello and you're welcome. Sorry I could not be back as fast.

Does this mean anything to you >> triumph property management


I did not notice an installed antivirus? If you need a free one I can recommend some.

How is it running?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Bahawolf

Bahawolf
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 25 March 2014 - 07:57 PM

Hey there!

No problem at all! - I'd love to get your recommendations on an AV (free or paid), and it's been running great but I admittedly did one thing outside of your suggestions. After I rebooted, I noticed the ads were still coming up but I happened to catch a very small string of text on one of them saying "Ads by Happy2Save" -- looking into it, I found it in my browser extensions & programs. I removed it from both areas, rebooted, and voila! It's incredible that it was that easy after the scans.

 

Is there any housecleaning I should do as well?

 

Edit: Triumph was a former client of mine so I'll remove their host file edit, but they're harmless. :-)


Edited by Bahawolf, 25 March 2014 - 07:58 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,070 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:39 AM

Posted 25 March 2014 - 08:21 PM

Checking the add ons was the next step. Glad you did it.


EDIT>>> I see you have 2.0
Update MBAM and rerun it. It is now a new version 2.0
See... http://www.bleepingcomputer.com/forums/t/528647/malwarebytes-version-2-released-with-new-features-lifetime-support-for-xp/

If you are using MS Word see.. http://www.bleepingcomputer.com/forums/t/528746/microsoft-announces-vulnerability-when-viewing-rtf-documents-in-word/

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
>>>>
I personally like for free...
◾Avira Antivir then
Avast Free


Paid tools .. ESET/NOD32 or Kaspersky are the best.

Edited by boopme, 25 March 2014 - 08:23 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users