Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Gorilla price removal


  • This topic is locked This topic is locked
4 replies to this topic

#1 snowmoney

snowmoney

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 04 April 2014 - 06:26 AM

I need some help in removing gorilla price. I'm not exactly too sure how I got it but I can't remove it from my programs list. I probably made a mistake but I tried following a guide online in removing it that had a contact tee support if I needed more help. I got to the end of the steps but some of it I wasn't too sure if I did it right because it still shows in the programs list. I'm pretty sure I did it wrong cuz now my Firefox says the proxy server is refusing connection. I think I can fix that part by looking online but would like to get advice so I don't mess my comp up anymore then I already did. Also I have been looking at the other posts regarding this issue and I'm not sure how they got those logs so if I need to post those, I would appreciate it if a guide to getting those logs could be posted as well. I have windows 8.1 if that makes a difference.

Thanks.

BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 04 April 2014 - 06:28 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please attach this file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 snowmoney

snowmoney
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 05 April 2014 - 12:19 AM

frst scan

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by kelsey (administrator) on KELSEY on 04-04-2014 19:07:27
Running from C:\Users\kelsey\Downloads
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\Windows 8 Start Screen Customizer\ModernUIStartScreen.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [4384928 2012-07-12] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-26] (NVIDIA Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2013-02-28] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Aeria Ignite] - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1917464 2013-04-08] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [NCUpdateHelper] - C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-12-24] (NCSOFT Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1329325572-3524238773-3434370530-1002\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-17] ()
HKU\S-1-5-21-1329325572-3524238773-3434370530-1002\...\Run: [Win8StartScreen] - C:\Program Files (x86)\Windows 8 Start Screen Customizer\ModernUIStartScreen.exe [2877440 2013-10-11] ()
HKU\S-1-5-21-1329325572-3524238773-3434370530-1002\...\Run: [Akamai NetSession Interface] - C:\Users\kelsey\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll => C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll [653600 2013-07-26] (NVIDIA Corporation)
Startup: C:\Users\kelsey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.6.lnk
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {7F30F7AD-10D8-4AA5-BD78-15D5CA58C254} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM - {7F30F7AD-10D8-4AA5-BD78-15D5CA58C254} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - DefaultScope {7F30F7AD-10D8-4AA5-BD78-15D5CA58C254} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {7F30F7AD-10D8-4AA5-BD78-15D5CA58C254} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKCU - DefaultScope {7F30F7AD-10D8-4AA5-BD78-15D5CA58C254} URL =
SearchScopes: HKCU - {7F30F7AD-10D8-4AA5-BD78-15D5CA58C254} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\kelsey\AppData\Roaming\Mozilla\Firefox\Profiles\9ic8t1qm.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @thrixxx.com/WebLaunch - C:\Program Files (x86)\thriXXX\WebLaunch\Binaries\npWebLaunch.dll No File
FF Plugin HKCU: @thrixxx.com/WebLaunch - C:\Program Files (x86)\thriXXX\WebLaunch\Binaries\npWebLaunch.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Yahoo! Toolbar - C:\Users\kelsey\AppData\Roaming\Mozilla\Firefox\Profiles\9ic8t1qm.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-03-27]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-02-28]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-02-28]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-02-28]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-02-28]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-02-28]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files\McAfee\MSK [2012-12-13]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-12] (Kaspersky Lab ZAO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-26] (NVIDIA Corporation)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S4 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-11-25] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
S2 GorillaPrice; C:\Program Files (x86)\GorillaPrice\gorillaprice.exe -service [X]
S4 WatGorp; C:\ProgramData\gorillaprice\WatGorp.exe -service [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-04] (OSR Open Systems Resources, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-12] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2013-10-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-12-12] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-10-12] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-04-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-04-25] (Kaspersky Lab ZAO)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows ® Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-04 19:07 - 2014-04-04 19:07 - 00016828 _____ () C:\Users\kelsey\Downloads\FRST.txt
2014-04-04 19:07 - 2014-04-04 19:07 - 00000000 ____D () C:\FRST
2014-04-04 19:06 - 2014-04-04 19:06 - 02157056 _____ (Farbar) C:\Users\kelsey\Downloads\FRST64.exe
2014-04-03 20:10 - 2014-04-03 22:17 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-03 20:09 - 2014-04-03 20:28 - 00000000 ____D () C:\Program Files (x86)\OpenDownloaderManager
2014-03-30 12:45 - 2014-04-03 17:34 - 00000000 ____D () C:\Users\kelsey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX
2014-03-30 12:45 - 2014-04-03 17:34 - 00000000 ____D () C:\Program Files (x86)\thriXXX
2014-03-30 12:45 - 2014-04-03 17:11 - 00000000 ____D () C:\Users\kelsey\AppData\Roaming\thriXXX
2014-03-30 11:47 - 2014-03-30 11:53 - 402998600 _____ () C:\Users\kelsey\Downloads\3DSexVilla2-Everlust-153.001-EN-Setup.exe
2014-03-29 22:28 - 2014-03-29 22:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 19:10 - 2014-01-07 15:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-18 19:10 - 2014-01-07 15:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-18 19:10 - 2014-01-07 15:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-18 19:10 - 2014-01-04 05:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-18 19:10 - 2014-01-04 05:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-18 19:10 - 2014-01-04 04:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-18 19:10 - 2014-01-04 03:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-18 19:10 - 2014-01-02 13:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-18 19:10 - 2014-01-02 13:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-18 19:10 - 2013-12-31 15:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-18 19:10 - 2013-12-31 15:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-18 19:10 - 2013-12-31 14:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-18 19:10 - 2013-12-31 14:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-18 19:10 - 2013-12-31 13:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-18 19:10 - 2013-12-31 13:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-18 19:10 - 2013-12-31 13:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-18 19:10 - 2013-12-30 13:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-18 19:10 - 2013-12-30 13:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-18 19:10 - 2013-12-30 13:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-18 19:10 - 2013-12-30 13:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-18 19:10 - 2013-12-30 13:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-18 19:10 - 2013-12-27 05:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-18 19:10 - 2013-12-26 22:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-18 19:10 - 2013-12-26 22:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-18 19:10 - 2013-12-26 22:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-18 19:10 - 2013-12-26 21:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-18 19:10 - 2013-12-26 21:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-18 19:10 - 2013-12-26 20:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-18 19:10 - 2013-12-20 21:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-18 19:10 - 2013-12-16 21:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-18 19:10 - 2013-12-13 20:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-18 19:10 - 2013-12-13 20:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-18 19:10 - 2013-12-13 00:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-18 19:10 - 2013-12-12 20:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-18 19:10 - 2013-12-12 19:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-18 19:10 - 2013-12-08 22:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-18 19:10 - 2013-12-08 18:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-16 11:10 - 2014-02-22 02:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-16 11:10 - 2014-02-22 01:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-12 19:01 - 2014-02-28 20:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-12 19:01 - 2014-02-28 18:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-12 19:01 - 2014-02-28 18:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-12 19:01 - 2014-02-28 18:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-12 19:01 - 2014-02-28 17:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-12 19:01 - 2014-02-28 17:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-12 19:01 - 2014-02-28 17:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-12 19:01 - 2014-02-28 17:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-12 19:01 - 2014-02-28 17:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-12 19:01 - 2014-02-28 17:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-12 19:01 - 2014-02-28 17:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-12 19:01 - 2014-02-28 16:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-12 19:01 - 2014-02-28 16:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-12 19:01 - 2014-02-28 16:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-12 19:01 - 2014-02-28 16:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-12 19:01 - 2014-02-28 16:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-12 19:01 - 2014-02-28 16:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-12 19:01 - 2014-02-10 17:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-12 19:01 - 2014-02-10 16:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-12 19:01 - 2014-02-10 16:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-12 19:01 - 2014-01-31 06:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-12 19:01 - 2014-01-31 06:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-12 19:01 - 2014-01-31 06:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-12 19:01 - 2014-01-31 03:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-12 19:01 - 2014-01-30 23:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-12 19:01 - 2014-01-28 23:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-12 19:01 - 2014-01-28 22:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-12 19:01 - 2014-01-28 22:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-12 19:01 - 2014-01-28 22:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-12 19:01 - 2014-01-28 22:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-12 19:01 - 2014-01-28 21:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-12 19:01 - 2014-01-28 21:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-12 19:01 - 2014-01-28 21:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-12 19:01 - 2014-01-28 20:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-12 19:01 - 2014-01-28 14:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-12 19:01 - 2014-01-27 09:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-12 19:01 - 2014-01-27 09:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-12 19:01 - 2014-01-27 09:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-12 19:01 - 2014-01-27 08:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-12 19:01 - 2014-01-27 08:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-12 19:01 - 2014-01-27 08:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-12 19:01 - 2014-01-27 08:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-12 19:01 - 2014-01-27 08:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-12 19:01 - 2014-01-27 07:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-12 19:01 - 2014-01-27 07:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-12 19:01 - 2014-01-27 07:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-12 19:01 - 2014-01-27 05:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-12 19:01 - 2014-01-27 05:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-12 19:01 - 2014-01-27 01:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-12 19:01 - 2014-01-17 13:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-12 19:01 - 2014-01-17 11:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-12 19:01 - 2013-12-21 04:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-12 19:01 - 2013-12-20 22:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-12 19:01 - 2013-12-20 00:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-12 19:01 - 2013-12-20 00:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-12 19:01 - 2013-10-30 14:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-12 19:01 - 2013-10-30 14:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-12 19:01 - 2013-10-30 14:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys

==================== One Month Modified Files and Folders =======

2014-04-04 19:07 - 2014-04-04 19:07 - 00016828 _____ () C:\Users\kelsey\Downloads\FRST.txt
2014-04-04 19:07 - 2014-04-04 19:07 - 00000000 ____D () C:\FRST
2014-04-04 19:06 - 2014-04-04 19:06 - 02157056 _____ (Farbar) C:\Users\kelsey\Downloads\FRST64.exe
2014-04-04 19:05 - 2014-01-11 11:50 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C31F9136-B369-44D1-B2E4-6A1B027F0FC6}
2014-04-04 19:04 - 2013-11-11 12:08 - 01823335 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-04 19:03 - 2013-02-28 17:08 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-03 23:02 - 2013-08-22 05:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-03 22:44 - 2013-11-11 12:28 - 00000000 __RDO () C:\Users\kelsey\SkyDrive
2014-04-03 22:44 - 2013-08-22 04:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-03 22:20 - 2013-01-17 16:09 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-03 22:17 - 2014-04-03 20:10 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-03 22:16 - 2013-08-22 03:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-03 20:39 - 2012-12-13 04:46 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-04-03 20:35 - 2013-09-29 18:04 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-03 20:28 - 2014-04-03 20:09 - 00000000 ____D () C:\Program Files (x86)\OpenDownloaderManager
2014-04-03 20:28 - 2013-09-29 17:55 - 00028686 _____ () C:\WINDOWS\PFRO.log
2014-04-03 20:28 - 2013-01-16 21:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 20:27 - 2013-01-31 12:22 - 00000382 _____ () C:\WINDOWS\SysWOW64\SystemPreferences.xml
2014-04-03 20:01 - 2013-01-17 16:21 - 00000000 ____D () C:\Users\kelsey\AppData\Local\PMB Files
2014-04-03 20:01 - 2013-01-17 16:21 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-03 19:39 - 2013-01-16 21:07 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1329325572-3524238773-3434370530-1002
2014-04-03 18:55 - 2013-08-22 05:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-03 17:34 - 2014-03-30 12:45 - 00000000 ____D () C:\Users\kelsey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX
2014-04-03 17:34 - 2014-03-30 12:45 - 00000000 ____D () C:\Program Files (x86)\thriXXX
2014-04-03 17:11 - 2014-03-30 12:45 - 00000000 ____D () C:\Users\kelsey\AppData\Roaming\thriXXX
2014-04-03 13:52 - 2013-08-29 14:24 - 00000000 ____D () C:\Users\kelsey\AppData\Local\Windows Live
2014-03-30 11:53 - 2014-03-30 11:47 - 402998600 _____ () C:\Users\kelsey\Downloads\3DSexVilla2-Everlust-153.001-EN-Setup.exe
2014-03-29 22:28 - 2014-03-29 22:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-22 20:00 - 2013-08-22 05:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-22 17:59 - 2013-08-14 12:43 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-22 17:58 - 2013-08-22 03:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-22 17:58 - 2013-01-17 21:31 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-19 19:03 - 2013-01-16 20:59 - 00000000 ___RD () C:\Users\kelsey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-19 19:03 - 2013-01-16 20:59 - 00000000 ___RD () C:\Users\kelsey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-18 21:46 - 2013-08-22 05:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-13 23:17 - 2013-08-22 04:44 - 00344624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-12 22:45 - 2013-08-22 05:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 22:45 - 2013-08-22 05:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 22:45 - 2013-08-22 05:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-12 22:45 - 2013-08-22 05:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-11 20:20 - 2013-01-17 16:09 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

Some content of TEMP:
====================
C:\Users\kelsey\AppData\Local\Temp\nsd7E64.exe
C:\Users\kelsey\AppData\Local\Temp\nsh54BF.exe
C:\Users\kelsey\AppData\Local\Temp\nsn7BE3.exe
C:\Users\kelsey\AppData\Local\Temp\nss5721.exe
C:\Users\kelsey\AppData\Local\Temp\nsx4FBF.exe
C:\Users\kelsey\AppData\Local\Temp\riftuninstall.exe
C:\Users\kelsey\AppData\Local\Temp\WebLaunchInstaller.exe
C:\Users\kelsey\AppData\Local\Temp\WebLaunchUninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-12 19:01] - [2014-01-31 06:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-04-02 19:21

==================== End Of Log ============================

 

addition text

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by kelsey at 2014-04-04 19:08:05
Running from C:\Users\kelsey\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.12.2553) (Version: 1.12.2553 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.12.2553 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.12.2553 - Aeria Games & Entertainment) Hidden
Aion (HKLM-x32\...\{B9291CA2-6FA5-44EA-8EE0-923EB32ADAAB}) (Version: 4.0.0.3 - NC Interactive, LLC)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC Universe Online (HKLM-x32\...\Steam App 24200) (Version:  - Sony Online Entertainment)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.5 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.5 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.209 - ALPS ELECTRIC CO., LTD.)
gorillaprice (HKLM-x32\...\gorillaprice) (Version:  - )
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Intel® WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA Control Panel 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 7.2.17 (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 7.2.17 (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.1 - NVIDIA Corporation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.27 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Scarlet Blade (HKLM-x32\...\Scarlet Blade) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.05.19 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
thriXXX 3DSexVilla2-153.001 (HKLM-x32\...\3DSexVilla2-153.001) (Version:  - thriXXX Software GmbH)
thriXXX WebLaunch (HKLM-x32\...\thriXXX WebLaunch) (Version: 1.0 - thriXXX)
Windows 8 Start Screen Customizer version 1.4.09 (HKLM-x32\...\{C949C178-9F63-458F-A76C-C0AA14B92C5F}_is1) (Version: 1.4.09 - Codigobit.info)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

19-03-2014 05:22:19 Windows Update
23-03-2014 03:57:40 Windows Update
03-04-2014 05:23:11 Scheduled Checkpoint
04-04-2014 06:12:21 Removed SavetheChildren Reminder by We-Care.com v4.1.26.4

==================== Hosts content: ==========================

2013-08-22 03:25 - 2013-08-22 03:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {44BFB070-A0B6-46FA-903A-4D2818554283} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B3C4CCD-DFAE-4137-8186-85EC3DF2E0EE} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {6DDF2F92-7F05-48EC-82A2-2D900D84B2F4} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7C454576-1A81-43BF-A616-2CB15EE901A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AA5F5E82-7408-4717-9CED-49D1B90046F7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-22] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-08-01 18:22 - 2013-07-26 22:48 - 00267040 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libzmq.dll
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-16 17:07 - 2013-10-11 15:05 - 02877440 _____ () C:\Program Files (x86)\Windows 8 Start Screen Customizer\ModernUIStartScreen.exe
2012-08-17 21:39 - 2013-02-28 17:11 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2014-02-16 20:03 - 2014-02-16 20:03 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\1df9802ff26ff010ffa8c9346f4974df\PSIClient.ni.dll
2012-12-13 04:31 - 2012-06-25 06:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\kelsey\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: GorillaPrice => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: WatGorp => 2

==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2014 10:44:23 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (04/03/2014 10:44:22 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (04/03/2014 10:17:18 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (04/03/2014 10:17:18 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (04/03/2014 09:03:28 PM) (Source: Application Hang) (User: )
Description: The program wwahost.exe version 6.3.9600.16431 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b58

Start Time: 01cf4fd344a30da2

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 38246821-bbc7-11e3-be9c-6036dd0bb138

Faulting package full name: Microsoft.SkypeApp_2.6.0.1000_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (04/03/2014 08:48:49 PM) (Source: Application Hang) (User: )
Description: The program wwahost.exe version 6.3.9600.16431 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ae8

Start Time: 01cf4fd12c322c88

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 22b80b32-bbc5-11e3-be9c-6036dd0bb138

Faulting package full name: Microsoft.SkypeApp_2.6.0.1000_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (04/03/2014 08:28:36 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (04/03/2014 08:28:34 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (04/03/2014 05:36:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 28.0.0.5186, time stamp: 0x53240e5d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xf46c0000
Faulting process id: 0x202c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (04/03/2014 05:30:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 28.0.0.5186, time stamp: 0x53240e5d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xf46c0000
Faulting process id: 0x202c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5


System errors:
=============
Error: (04/04/2014 07:04:50 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/04/2014 07:01:49 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (04/03/2014 10:44:22 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (04/03/2014 10:44:22 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (04/03/2014 10:44:21 PM) (Source: Service Control Manager) (User: )
Description: The GorillaPrice service failed to start due to the following error:
%%2

Error: (04/03/2014 10:34:39 PM) (Source: Service Control Manager) (User: )
Description: The GorillaPrice service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/03/2014 10:17:17 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (04/03/2014 10:17:17 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (04/03/2014 08:34:58 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/03/2014 08:28:34 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069


Microsoft Office Sessions:
=========================
Error: (04/03/2014 10:44:23 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (04/03/2014 10:44:22 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (04/03/2014 10:17:18 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (04/03/2014 10:17:18 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (04/03/2014 09:03:28 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.16431b5801cf4fd344a30da24294967295C:\WINDOWS\syswow64\wwahost.exe38246821-bbc7-11e3-be9c-6036dd0bb138Microsoft.SkypeApp_2.6.0.1000_x86__kzf8qxf38zg5cApp

Error: (04/03/2014 08:48:49 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.16431ae801cf4fd12c322c884294967295C:\WINDOWS\syswow64\wwahost.exe22b80b32-bbc5-11e3-be9c-6036dd0bb138Microsoft.SkypeApp_2.6.0.1000_x86__kzf8qxf38zg5cApp

Error: (04/03/2014 08:28:36 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (04/03/2014 08:28:34 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (04/03/2014 05:36:38 PM) (Source: Application Error)(User: )
Description: plugin-container.exe28.0.0.518653240e5dunknown0.0.0.000000000c0000005f46c0000202c01cf4fb236c8bd50C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeunknown538d1b05-bbaa-11e3-be9b-6036dd0bb138

Error: (04/03/2014 05:30:14 PM) (Source: Application Error)(User: )
Description: plugin-container.exe28.0.0.518653240e5dunknown0.0.0.000000000c0000005f46c0000202c01cf4fb236c8bd50C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeunknown6f0d471d-bba9-11e3-be9b-6036dd0bb138


CodeIntegrity Errors:
===================================
  Date: 2014-04-04 19:07:12.518
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-04 19:07:12.506
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-04 19:07:12.391
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-04 19:07:12.382
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-03 22:41:34.880
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-03 22:41:34.864
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-03 22:41:34.739
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-03 22:41:34.723
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-03 22:39:29.065
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-03 22:39:29.050
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 19%
Total physical RAM: 8048.93 MB
Available physical RAM: 6443.25 MB
Total Pagefile: 9328.93 MB
Available Pagefile: 7570.69 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:922.72 GB) (Free:765.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: DEA80ECC)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

TDSSKILLER

 

19:14:54.0655 0x1594  TDSS rootkit removing tool 3.0.0.28 Apr  4 2014 12:43:10
19:14:54.0655 0x1594  UEFI system
19:16:10.0943 0x1594  ============================================================
19:16:10.0943 0x1594  Current date / time: 2014/04/04 19:16:10.0943
19:16:10.0943 0x1594  SystemInfo:
19:16:10.0943 0x1594  
19:16:10.0943 0x1594  OS Version: 6.3.9600 ServicePack: 0.0
19:16:10.0943 0x1594  Product type: Workstation
19:16:10.0943 0x1594  ComputerName: KELSEY
19:16:10.0943 0x1594  UserName: kelsey
19:16:10.0943 0x1594  Windows directory: C:\WINDOWS
19:16:10.0943 0x1594  System windows directory: C:\WINDOWS
19:16:10.0943 0x1594  Running under WOW64
19:16:10.0943 0x1594  Processor architecture: Intel x64
19:16:10.0943 0x1594  Number of processors: 8
19:16:10.0943 0x1594  Page size: 0x1000
19:16:10.0943 0x1594  Boot type: Normal boot
19:16:10.0943 0x1594  ============================================================
19:16:11.0412 0x1594  KLMD registered as C:\WINDOWS\system32\drivers\73602350.sys
19:16:11.0818 0x1594  System UUID: {3587C190-E42D-84C2-3BCA-537C50553E49}
19:16:12.0334 0x1594  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:16:12.0349 0x1594  ============================================================
19:16:12.0349 0x1594  \Device\Harddisk0\DR0:
19:16:12.0349 0x1594  GPT partitions:
19:16:12.0349 0x1594  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {665AE03D-51A8-4851-A1F6-428E23A9D9E5}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
19:16:12.0349 0x1594  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {80F783D5-D524-4C73-8DCB-5C2881CDC6DE}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
19:16:12.0349 0x1594  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {123C2686-B684-42A9-9373-B77CFEEF9032}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
19:16:12.0349 0x1594  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {65F4CF0D-632C-491E-871B-E0FA7FA5F17D}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xFA000
19:16:12.0349 0x1594  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BAE00DB3-B0A7-4D01-BB47-D5EAA58790F2}, Name: Basic data partition, StartLBA 0x248800, BlocksNum 0x7356E800
19:16:12.0349 0x1594  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F3B5AF3B-D3F3-4380-9F9B-B0C3F270E5D1}, Name: , StartLBA 0x737B7000, BlocksNum 0xAF000
19:16:12.0349 0x1594  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {675782F4-4546-48FB-8862-997B6D3D4584}, Name: Microsoft recovery partition, StartLBA 0x73866000, BlocksNum 0xEA05B0
19:16:12.0349 0x1594  MBR partitions:
19:16:12.0349 0x1594  ============================================================
19:16:12.0365 0x1594  C: <-> \Device\Harddisk0\DR0\Partition5
19:16:12.0365 0x1594  ============================================================
19:16:12.0365 0x1594  Initialize success
19:16:12.0365 0x1594  ============================================================
19:16:22.0272 0x11f8  ============================================================
19:16:22.0272 0x11f8  Scan started
19:16:22.0272 0x11f8  Mode: Manual;
19:16:22.0272 0x11f8  ============================================================
19:16:22.0272 0x11f8  KSN ping started
19:16:25.0601 0x11f8  KSN ping finished: false
19:16:25.0976 0x11f8  ================ Scan system memory ========================
19:16:25.0976 0x11f8  System memory - ok
19:16:25.0976 0x11f8  ================ Scan services =============================
19:16:26.0226 0x11f8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
19:16:26.0226 0x11f8  1394ohci - ok
19:16:26.0257 0x11f8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
19:16:26.0257 0x11f8  3ware - ok
19:16:26.0288 0x11f8  [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
19:16:26.0319 0x11f8  ACPI - ok
19:16:26.0319 0x11f8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
19:16:26.0319 0x11f8  acpiex - ok
19:16:26.0351 0x11f8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
19:16:26.0351 0x11f8  acpipagr - ok
19:16:26.0382 0x11f8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
19:16:26.0382 0x11f8  AcpiPmi - ok
19:16:26.0382 0x11f8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
19:16:26.0382 0x11f8  acpitime - ok
19:16:26.0522 0x11f8  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:16:26.0522 0x11f8  AdobeFlashPlayerUpdateSvc - ok
19:16:26.0569 0x11f8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:16:26.0585 0x11f8  ADP80XX - ok
19:16:26.0632 0x11f8  [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
19:16:26.0632 0x11f8  AeLookupSvc - ok
19:16:26.0648 0x11f8  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
19:16:26.0663 0x11f8  AFD - ok
19:16:26.0694 0x11f8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
19:16:26.0694 0x11f8  agp440 - ok
19:16:26.0694 0x11f8  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:16:26.0694 0x11f8  ahcache - ok
19:16:26.0726 0x11f8  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
19:16:26.0726 0x11f8  ALG - ok
19:16:26.0741 0x11f8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
19:16:26.0741 0x11f8  AmdK8 - ok
19:16:26.0773 0x11f8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
19:16:26.0773 0x11f8  AmdPPM - ok
19:16:26.0804 0x11f8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
19:16:26.0804 0x11f8  amdsata - ok
19:16:26.0819 0x11f8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
19:16:26.0819 0x11f8  amdsbs - ok
19:16:26.0835 0x11f8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
19:16:26.0835 0x11f8  amdxata - ok
19:16:26.0866 0x11f8  [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
19:16:26.0866 0x11f8  AMPPAL - ok
19:16:26.0976 0x11f8  [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
19:16:26.0991 0x11f8  AMPPALR3 - ok
19:16:27.0038 0x11f8  [ 91C148FEFDF53E8B0A58CDF2466DCDC1, 02A867A89142FFEFCFB81CC7AC528F4AA737FFA80DDD681693BB9861BF2EB428 ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
19:16:27.0038 0x11f8  ApfiltrService - ok
19:16:27.0070 0x11f8  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
19:16:27.0070 0x11f8  AppID - ok
19:16:27.0101 0x11f8  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
19:16:27.0101 0x11f8  AppIDSvc - ok
19:16:27.0116 0x11f8  [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo         C:\WINDOWS\System32\appinfo.dll
19:16:27.0132 0x11f8  Appinfo - ok
19:16:27.0148 0x11f8  [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
19:16:27.0163 0x11f8  AppReadiness - ok
19:16:27.0210 0x11f8  [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
19:16:27.0257 0x11f8  AppXSvc - ok
19:16:27.0273 0x11f8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
19:16:27.0273 0x11f8  arcsas - ok
19:16:27.0304 0x11f8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
19:16:27.0304 0x11f8  atapi - ok
19:16:27.0335 0x11f8  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:16:27.0351 0x11f8  AudioEndpointBuilder - ok
19:16:27.0382 0x11f8  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
19:16:27.0413 0x11f8  Audiosrv - ok
19:16:27.0523 0x11f8  [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
19:16:27.0538 0x11f8  AVP - ok
19:16:27.0570 0x11f8  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
19:16:27.0570 0x11f8  AxInstSV - ok
19:16:27.0616 0x11f8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
19:16:27.0648 0x11f8  b06bdrv - ok
19:16:27.0663 0x11f8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:16:27.0663 0x11f8  BasicDisplay - ok
19:16:27.0679 0x11f8  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
19:16:27.0679 0x11f8  BasicRender - ok
19:16:27.0710 0x11f8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
19:16:27.0710 0x11f8  bcmfn2 - ok
19:16:27.0726 0x11f8  [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
19:16:27.0726 0x11f8  BDESVC - ok
19:16:27.0757 0x11f8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:16:27.0757 0x11f8  Beep - ok
19:16:27.0820 0x11f8  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE             C:\WINDOWS\System32\bfe.dll
19:16:27.0851 0x11f8  BFE - ok
19:16:27.0898 0x11f8  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
19:16:27.0913 0x11f8  BITS - ok
19:16:28.0023 0x11f8  [ 4AF14827F1584D084BC136A51FAA8397, B6202545E2459D648BF668F7025A139F64DB6F28F88773FD997DFF10003D9B7C ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
19:16:28.0054 0x11f8  Bluetooth Device Monitor - ok
19:16:28.0132 0x11f8  [ BC89A4C6A2A9C65E8E88AD0B3BF180FD, 06ECD1BF3F3526A77E389413D060BAB6BD50E5DC4C926C8EFCE2B04D56EE16E4 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
19:16:28.0148 0x11f8  Bluetooth OBEX Service - ok
19:16:28.0163 0x11f8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
19:16:28.0163 0x11f8  bowser - ok
19:16:28.0195 0x11f8  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:16:28.0195 0x11f8  BrokerInfrastructure - ok
19:16:28.0226 0x11f8  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
19:16:28.0226 0x11f8  Browser - ok
19:16:28.0257 0x11f8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:16:28.0257 0x11f8  BthAvrcpTg - ok
19:16:28.0273 0x11f8  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
19:16:28.0273 0x11f8  BthEnum - ok
19:16:28.0288 0x11f8  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
19:16:28.0288 0x11f8  BthHFEnum - ok
19:16:28.0304 0x11f8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
19:16:28.0304 0x11f8  bthhfhid - ok
19:16:28.0320 0x11f8  [ FCD8BD17B7193CFFF18C332D1A381D7F, CD8A03086695F8FF2566697164D1FD1B60210C017220EFBD78CB12C38CD12BE1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
19:16:28.0320 0x11f8  BthLEEnum - ok
19:16:28.0335 0x11f8  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
19:16:28.0335 0x11f8  BTHMODEM - ok
19:16:28.0351 0x11f8  [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:16:28.0351 0x11f8  BthPan - ok
19:16:28.0398 0x11f8  [ 8458ECAB701EE385851C2559B71D1209, 0680031AFB5501C6D16F404CAA43C00C44C3213A790BB5570C9309BB9197C257 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
19:16:28.0429 0x11f8  BTHPORT - ok
19:16:28.0460 0x11f8  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
19:16:28.0460 0x11f8  bthserv - ok
19:16:28.0460 0x11f8  [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
19:16:28.0476 0x11f8  BTHSSecurityMgr - ok
19:16:28.0507 0x11f8  [ 2C0B77176CD68F1F60510CDF36ADC401, 77990114F9D7B60F5D62122F4634DF89BE69EC56507DAD8C84417B9EC6B21E8D ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
19:16:28.0507 0x11f8  BTHUSB - ok
19:16:28.0570 0x11f8  [ 1134650C2F97611ACCDB02BC904AD35D, 59590C7C7D79105C4ED3F610861D58F55C3D7DDA6A13BBC9145AE23A3723B482 ] btmhsf          C:\WINDOWS\system32\DRIVERS\btmhsf.sys
19:16:28.0601 0x11f8  btmhsf - ok
19:16:28.0601 0x11f8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:16:28.0601 0x11f8  cdfs - ok
19:16:28.0632 0x11f8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
19:16:28.0648 0x11f8  cdrom - ok
19:16:28.0663 0x11f8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
19:16:28.0679 0x11f8  CertPropSvc - ok
19:16:28.0679 0x11f8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
19:16:28.0679 0x11f8  circlass - ok
19:16:28.0695 0x11f8  [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
19:16:28.0710 0x11f8  CLFS - ok
19:16:28.0742 0x11f8  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
19:16:28.0742 0x11f8  CLVirtualDrive - ok
19:16:28.0757 0x11f8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
19:16:28.0757 0x11f8  CmBatt - ok
19:16:28.0773 0x11f8  [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
19:16:28.0773 0x11f8  CNG - ok
19:16:28.0788 0x11f8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
19:16:28.0788 0x11f8  CompositeBus - ok
19:16:28.0804 0x11f8  COMSysApp - ok
19:16:28.0804 0x11f8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
19:16:28.0820 0x11f8  condrv - ok
19:16:28.0913 0x11f8  [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:16:28.0929 0x11f8  cphs - ok
19:16:28.0960 0x11f8  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
19:16:28.0976 0x11f8  CryptSvc - ok
19:16:29.0007 0x11f8  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
19:16:29.0007 0x11f8  dam - ok
19:16:29.0054 0x11f8  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:16:29.0070 0x11f8  DcomLaunch - ok
19:16:29.0085 0x11f8  [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
19:16:29.0085 0x11f8  defragsvc - ok
19:16:29.0101 0x11f8  [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn        C:\WINDOWS\System32\drivers\DellRbtn.sys
19:16:29.0101 0x11f8  DellRbtn - ok
19:16:29.0148 0x11f8  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:16:29.0148 0x11f8  DeviceAssociationService - ok
19:16:29.0163 0x11f8  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
19:16:29.0179 0x11f8  DeviceInstall - ok
19:16:29.0195 0x11f8  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
19:16:29.0210 0x11f8  Dfsc - ok
19:16:29.0242 0x11f8  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
19:16:29.0257 0x11f8  Dhcp - ok
19:16:29.0288 0x11f8  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
19:16:29.0288 0x11f8  disk - ok
19:16:29.0304 0x11f8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
19:16:29.0304 0x11f8  dmvsc - ok
19:16:29.0351 0x11f8  [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:16:29.0351 0x11f8  Dnscache - ok
19:16:29.0398 0x11f8  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:16:29.0413 0x11f8  dot3svc - ok
19:16:29.0429 0x11f8  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
19:16:29.0445 0x11f8  DPS - ok
19:16:29.0476 0x11f8  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:16:29.0476 0x11f8  drmkaud - ok
19:16:29.0507 0x11f8  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
19:16:29.0523 0x11f8  DsmSvc - ok
19:16:29.0617 0x11f8  [ 13B160C1913F012BD1615EB1398D3779, 2B5786AAEC845156D28ABDAA77347844D39F33DF53F2C96ACEF38A668ADFF422 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:16:29.0648 0x11f8  DXGKrnl - ok
19:16:29.0679 0x11f8  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
19:16:29.0679 0x11f8  Eaphost - ok
19:16:29.0789 0x11f8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
19:16:29.0882 0x11f8  ebdrv - ok
19:16:29.0929 0x11f8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
19:16:29.0929 0x11f8  EFS - ok
19:16:29.0960 0x11f8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
19:16:29.0960 0x11f8  EhStorClass - ok
19:16:29.0992 0x11f8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:16:29.0992 0x11f8  EhStorTcgDrv - ok
19:16:30.0007 0x11f8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
19:16:30.0007 0x11f8  ErrDev - ok
19:16:30.0054 0x11f8  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
19:16:30.0054 0x11f8  EventSystem - ok
19:16:30.0132 0x11f8  [ E67E289FA8AA393223AD7F9AFB738FD6, DBAB42EE5C140024CB4FF669664885B5CB404054A430331B5ABF273598A881C0 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:16:30.0164 0x11f8  EvtEng - ok
19:16:30.0195 0x11f8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
19:16:30.0210 0x11f8  exfat - ok
19:16:30.0226 0x11f8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
19:16:30.0226 0x11f8  fastfat - ok
19:16:30.0257 0x11f8  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:16:30.0273 0x11f8  Fax - ok
19:16:30.0289 0x11f8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
19:16:30.0289 0x11f8  fdc - ok
19:16:30.0320 0x11f8  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
19:16:30.0320 0x11f8  fdPHost - ok
19:16:30.0335 0x11f8  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
19:16:30.0335 0x11f8  FDResPub - ok
19:16:30.0335 0x11f8  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
19:16:30.0351 0x11f8  fhsvc - ok
19:16:30.0351 0x11f8  [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
19:16:30.0351 0x11f8  FileInfo - ok
19:16:30.0367 0x11f8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
19:16:30.0367 0x11f8  Filetrace - ok
19:16:30.0382 0x11f8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
19:16:30.0382 0x11f8  flpydisk - ok
19:16:30.0382 0x11f8  [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:16:30.0398 0x11f8  FltMgr - ok
19:16:30.0429 0x11f8  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\WINDOWS\system32\FntCache.dll
19:16:30.0460 0x11f8  FontCache - ok
19:16:30.0554 0x11f8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:16:30.0570 0x11f8  FontCache3.0.0.0 - ok
19:16:30.0585 0x11f8  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
19:16:30.0585 0x11f8  FsDepends - ok
19:16:30.0617 0x11f8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:16:30.0617 0x11f8  Fs_Rec - ok
19:16:30.0664 0x11f8  [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:16:30.0664 0x11f8  fvevol - ok
19:16:30.0679 0x11f8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
19:16:30.0679 0x11f8  FxPPM - ok
19:16:30.0695 0x11f8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
19:16:30.0695 0x11f8  gagp30kx - ok
19:16:30.0710 0x11f8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
19:16:30.0710 0x11f8  gencounter - ok
19:16:30.0742 0x11f8  GorillaPrice - ok
19:16:30.0742 0x11f8  [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:16:30.0742 0x11f8  GPIOClx0101 - ok
19:16:30.0820 0x11f8  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
19:16:30.0851 0x11f8  gpsvc - ok
19:16:30.0882 0x11f8  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
19:16:30.0882 0x11f8  HDAudBus - ok
19:16:30.0898 0x11f8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
19:16:30.0898 0x11f8  HidBatt - ok
19:16:30.0914 0x11f8  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
19:16:30.0914 0x11f8  HidBth - ok
19:16:30.0929 0x11f8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
19:16:30.0929 0x11f8  hidi2c - ok
19:16:30.0961 0x11f8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
19:16:30.0961 0x11f8  HidIr - ok
19:16:30.0992 0x11f8  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
19:16:30.0992 0x11f8  hidserv - ok
19:16:30.0992 0x11f8  [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
19:16:30.0992 0x11f8  HidUsb - ok
19:16:31.0039 0x11f8  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
19:16:31.0039 0x11f8  hkmsvc - ok
19:16:31.0054 0x11f8  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:16:31.0054 0x11f8  HomeGroupListener - ok
19:16:31.0085 0x11f8  [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:16:31.0101 0x11f8  HomeGroupProvider - ok
19:16:31.0117 0x11f8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
19:16:31.0117 0x11f8  HpSAMD - ok
19:16:31.0148 0x11f8  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
19:16:31.0164 0x11f8  HTTP - ok
19:16:31.0179 0x11f8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
19:16:31.0179 0x11f8  hwpolicy - ok
19:16:31.0210 0x11f8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
19:16:31.0210 0x11f8  hyperkbd - ok
19:16:31.0226 0x11f8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
19:16:31.0226 0x11f8  HyperVideo - ok
19:16:31.0257 0x11f8  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
19:16:31.0257 0x11f8  i8042prt - ok
19:16:31.0273 0x11f8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:16:31.0273 0x11f8  iaLPSSi_GPIO - ok
19:16:31.0273 0x11f8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:16:31.0273 0x11f8  iaLPSSi_I2C - ok
19:16:31.0320 0x11f8  [ 459016E8A4FA6426EDB5A9456A6E5E58, 92B73EE5559ABD8783EC5AF8A2B6EBDE0D937745B4BEDBEA6DF06DD8606AE56C ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
19:16:31.0336 0x11f8  iaStorA - ok
19:16:31.0351 0x11f8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
19:16:31.0351 0x11f8  iaStorAV - ok
19:16:31.0445 0x11f8  [ 584068E03829BC5C63F54B05E6244E97, C075E8A4853C0DE09A9BF846338F9C8997FE7ACD604B4EC02AA89F0DAA1D985B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:16:31.0445 0x11f8  IAStorDataMgrSvc - ok
19:16:31.0492 0x11f8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
19:16:31.0507 0x11f8  iaStorV - ok
19:16:31.0539 0x11f8  [ 43E864824FCEBEE7119E1572B2703EB9, 8D90899F2279947AFD887567C7F60DC3264D56231F5403A64D722B3E25103202 ] iBtFltCoex      C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
19:16:31.0539 0x11f8  iBtFltCoex - ok
19:16:31.0539 0x11f8  IEEtwCollectorService - ok
19:16:31.0679 0x11f8  [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:16:31.0773 0x11f8  igfx - ok
19:16:31.0914 0x11f8  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
19:16:31.0992 0x11f8  IKEEXT - ok
19:16:32.0023 0x11f8  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
19:16:32.0023 0x11f8  intaud_WaveExtensible - ok
19:16:32.0070 0x11f8  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:16:32.0086 0x11f8  IntcDAud - ok
19:16:32.0148 0x11f8  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:16:32.0164 0x11f8  Intel® Capability Licensing Service Interface - ok
19:16:32.0164 0x11f8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
19:16:32.0164 0x11f8  intelide - ok
19:16:32.0195 0x11f8  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
19:16:32.0195 0x11f8  intelpep - ok
19:16:32.0211 0x11f8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
19:16:32.0211 0x11f8  intelppm - ok
19:16:32.0242 0x11f8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:16:32.0242 0x11f8  IpFilterDriver - ok
19:16:32.0289 0x11f8  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
19:16:32.0336 0x11f8  iphlpsvc - ok
19:16:32.0351 0x11f8  [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:16:32.0351 0x11f8  IPMIDRV - ok
19:16:32.0382 0x11f8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
19:16:32.0398 0x11f8  IPNAT - ok
19:16:32.0398 0x11f8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
19:16:32.0398 0x11f8  IRENUM - ok
19:16:32.0414 0x11f8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
19:16:32.0414 0x11f8  isapnp - ok
19:16:32.0445 0x11f8  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
19:16:32.0445 0x11f8  iScsiPrt - ok
19:16:32.0492 0x11f8  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
19:16:32.0492 0x11f8  iwdbus - ok
19:16:32.0554 0x11f8  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
19:16:32.0570 0x11f8  jhi_service - ok
19:16:32.0601 0x11f8  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
19:16:32.0601 0x11f8  kbdclass - ok
19:16:32.0617 0x11f8  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
19:16:32.0617 0x11f8  kbdhid - ok
19:16:32.0648 0x11f8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
19:16:32.0648 0x11f8  kdnic - ok
19:16:32.0664 0x11f8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
19:16:32.0664 0x11f8  KeyIso - ok
19:16:32.0695 0x11f8  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
19:16:32.0726 0x11f8  kl1 - ok
19:16:32.0758 0x11f8  [ F2EB9202FCCC81E0902D3C5A70037A44, 9554851BB68228500E69536B0C484B32FC92B85A76A7F1F268549212D0D5CFCA ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
19:16:32.0758 0x11f8  klelam - ok
19:16:32.0789 0x11f8  [ 5F247D87B44E26AED440A063A7A4FDB7, BC2BAD216A9262105CAF0F20BF539B92CB66FD0EB67AB8FAE45B0249E9F59C57 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
19:16:32.0804 0x11f8  KLIF - ok
19:16:32.0804 0x11f8  [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
19:16:32.0804 0x11f8  KLIM6 - ok
19:16:32.0836 0x11f8  [ AEEC4E904850525C4D4552AF4A971BA3, C8E5267A5CE244096162118DFE72D2EA494DD34ECAEC74B7EB0DF770761E06C0 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
19:16:32.0836 0x11f8  klkbdflt - ok
19:16:32.0851 0x11f8  [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
19:16:32.0851 0x11f8  klmouflt - ok
19:16:32.0883 0x11f8  [ 781EFBB7BDE229C1615892E2A2D98721, 82D017AE1ADE75075F83B62256A9DC14F6D764ADF6E79CF2717854BCA5F5F1C5 ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
19:16:32.0883 0x11f8  klwfp - ok
19:16:32.0898 0x11f8  [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
19:16:32.0898 0x11f8  kneps - ok
19:16:32.0929 0x11f8  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
19:16:32.0945 0x11f8  KSecDD - ok
19:16:32.0961 0x11f8  [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:16:32.0961 0x11f8  KSecPkg - ok
19:16:32.0976 0x11f8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
19:16:32.0976 0x11f8  ksthunk - ok
19:16:33.0008 0x11f8  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
19:16:33.0008 0x11f8  KtmRm - ok
19:16:33.0039 0x11f8  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
19:16:33.0054 0x11f8  LanmanServer - ok
19:16:33.0101 0x11f8  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:16:33.0117 0x11f8  LanmanWorkstation - ok
19:16:33.0179 0x11f8  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
19:16:33.0195 0x11f8  lfsvc - ok
19:16:33.0195 0x11f8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
19:16:33.0195 0x11f8  lltdio - ok
19:16:33.0242 0x11f8  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
19:16:33.0242 0x11f8  lltdsvc - ok
19:16:33.0273 0x11f8  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
19:16:33.0273 0x11f8  lmhosts - ok
19:16:33.0305 0x11f8  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:16:33.0305 0x11f8  LMS - ok
19:16:33.0351 0x11f8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
19:16:33.0351 0x11f8  LSI_SAS - ok
19:16:33.0367 0x11f8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
19:16:33.0367 0x11f8  LSI_SAS2 - ok
19:16:33.0367 0x11f8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
19:16:33.0367 0x11f8  LSI_SAS3 - ok
19:16:33.0383 0x11f8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
19:16:33.0383 0x11f8  LSI_SSS - ok
19:16:33.0398 0x11f8  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM             C:\WINDOWS\System32\lsm.dll
19:16:33.0414 0x11f8  LSM - ok
19:16:33.0445 0x11f8  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
19:16:33.0445 0x11f8  luafv - ok
19:16:33.0461 0x11f8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
19:16:33.0461 0x11f8  megasas - ok
19:16:33.0492 0x11f8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
19:16:33.0492 0x11f8  megasr - ok
19:16:33.0523 0x11f8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
19:16:33.0523 0x11f8  MEIx64 - ok
19:16:33.0555 0x11f8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
19:16:33.0555 0x11f8  MMCSS - ok
19:16:33.0555 0x11f8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
19:16:33.0555 0x11f8  Modem - ok
19:16:33.0586 0x11f8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
19:16:33.0586 0x11f8  monitor - ok
19:16:33.0601 0x11f8  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
19:16:33.0601 0x11f8  mouclass - ok
19:16:33.0617 0x11f8  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
19:16:33.0617 0x11f8  mouhid - ok
19:16:33.0648 0x11f8  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
19:16:33.0648 0x11f8  mountmgr - ok
19:16:33.0680 0x11f8  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:16:33.0680 0x11f8  MozillaMaintenance - ok
19:16:33.0695 0x11f8  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
19:16:33.0695 0x11f8  mpsdrv - ok
19:16:33.0758 0x11f8  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
19:16:33.0805 0x11f8  MpsSvc - ok
19:16:33.0820 0x11f8  [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
19:16:33.0820 0x11f8  MRxDAV - ok
19:16:33.0851 0x11f8  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:16:33.0851 0x11f8  mrxsmb - ok
19:16:33.0867 0x11f8  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:16:33.0883 0x11f8  mrxsmb10 - ok
19:16:33.0898 0x11f8  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:16:33.0914 0x11f8  mrxsmb20 - ok
19:16:33.0945 0x11f8  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
19:16:33.0945 0x11f8  MsBridge - ok
19:16:33.0976 0x11f8  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:16:33.0976 0x11f8  MSDTC - ok
19:16:33.0992 0x11f8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:16:33.0992 0x11f8  Msfs - ok
19:16:34.0008 0x11f8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:16:34.0008 0x11f8  msgpiowin32 - ok
19:16:34.0008 0x11f8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:16:34.0008 0x11f8  mshidkmdf - ok
19:16:34.0023 0x11f8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
19:16:34.0023 0x11f8  mshidumdf - ok
19:16:34.0039 0x11f8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
19:16:34.0039 0x11f8  msisadrv - ok
19:16:34.0055 0x11f8  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
19:16:34.0055 0x11f8  MSiSCSI - ok
19:16:34.0070 0x11f8  msiserver - ok
19:16:34.0070 0x11f8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:16:34.0070 0x11f8  MSKSSRV - ok
19:16:34.0086 0x11f8  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
19:16:34.0086 0x11f8  MsLldp - ok
19:16:34.0117 0x11f8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:16:34.0117 0x11f8  MSPCLOCK - ok
19:16:34.0133 0x11f8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:16:34.0133 0x11f8  MSPQM - ok
19:16:34.0148 0x11f8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
19:16:34.0164 0x11f8  MsRPC - ok
19:16:34.0164 0x11f8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
19:16:34.0180 0x11f8  mssmbios - ok
19:16:34.0195 0x11f8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:16:34.0195 0x11f8  MSTEE - ok
19:16:34.0211 0x11f8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
19:16:34.0211 0x11f8  MTConfig - ok
19:16:34.0211 0x11f8  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
19:16:34.0211 0x11f8  Mup - ok
19:16:34.0226 0x11f8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
19:16:34.0226 0x11f8  mvumis - ok
19:16:34.0273 0x11f8  [ 431F065E2A99FC3C670BD20694117C8B, ADE1D6B5EC0C0F078DB5F24FE4E830AC08FA1EDA1C895E7F4873874BCC1F2154 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:16:34.0273 0x11f8  MyWiFiDHCPDNS - ok
19:16:34.0305 0x11f8  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
19:16:34.0320 0x11f8  napagent - ok
19:16:34.0351 0x11f8  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:16:34.0367 0x11f8  NativeWifiP - ok
19:16:34.0398 0x11f8  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
19:16:34.0398 0x11f8  NcaSvc - ok
19:16:34.0414 0x11f8  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
19:16:34.0430 0x11f8  NcbService - ok
19:16:34.0430 0x11f8  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
19:16:34.0430 0x11f8  NcdAutoSetup - ok
19:16:34.0508 0x11f8  [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
19:16:34.0539 0x11f8  NDIS - ok
19:16:34.0570 0x11f8  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
19:16:34.0570 0x11f8  NdisCap - ok
19:16:34.0586 0x11f8  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
19:16:34.0586 0x11f8  NdisImPlatform - ok
19:16:34.0601 0x11f8  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:16:34.0601 0x11f8  NdisTapi - ok
19:16:34.0617 0x11f8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:16:34.0617 0x11f8  Ndisuio - ok
19:16:34.0633 0x11f8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:16:34.0633 0x11f8  NdisVirtualBus - ok
19:16:34.0648 0x11f8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:16:34.0648 0x11f8  NdisWan - ok
19:16:34.0648 0x11f8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:16:34.0664 0x11f8  NdisWanLegacy - ok
19:16:34.0664 0x11f8  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:16:34.0680 0x11f8  NDProxy - ok
19:16:34.0680 0x11f8  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
19:16:34.0680 0x11f8  Ndu - ok
19:16:34.0695 0x11f8  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:16:34.0695 0x11f8  NetBIOS - ok
19:16:34.0695 0x11f8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:16:34.0711 0x11f8  NetBT - ok
19:16:34.0726 0x11f8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:16:34.0726 0x11f8  Netlogon - ok
19:16:34.0742 0x11f8  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
19:16:34.0742 0x11f8  Netman - ok
19:16:34.0805 0x11f8  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
19:16:34.0851 0x11f8  netprofm - ok
19:16:34.0883 0x11f8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:16:34.0883 0x11f8  NetTcpPortSharing - ok
19:16:34.0914 0x11f8  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
19:16:34.0914 0x11f8  netvsc - ok
19:16:35.0039 0x11f8  [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64        C:\WINDOWS\system32\DRIVERS\NETwew00.sys
19:16:35.0133 0x11f8  NETwNe64 - ok
19:16:35.0180 0x11f8  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
19:16:35.0180 0x11f8  NlaSvc - ok
19:16:35.0195 0x11f8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:16:35.0195 0x11f8  Npfs - ok
19:16:35.0211 0x11f8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
19:16:35.0211 0x11f8  npsvctrig - ok
19:16:35.0211 0x11f8  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
19:16:35.0211 0x11f8  nsi - ok
19:16:35.0226 0x11f8  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
19:16:35.0226 0x11f8  nsiproxy - ok
19:16:35.0289 0x11f8  [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:16:35.0336 0x11f8  Ntfs - ok
19:16:35.0351 0x11f8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:16:35.0351 0x11f8  Null - ok
19:16:35.0648 0x11f8  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
19:16:35.0914 0x11f8  nvlddmkm - ok
19:16:35.0930 0x11f8  [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
19:16:35.0945 0x11f8  nvpciflt - ok
19:16:35.0961 0x11f8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
19:16:35.0961 0x11f8  nvraid - ok
19:16:35.0976 0x11f8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
19:16:35.0976 0x11f8  nvstor - ok
19:16:36.0367 0x11f8  [ 912602BB857F31BAAD644C993D0E5F8D, C4F8C4C72052DCFDA8C2065E22B624DE1AA4CF8AF7DC5B2C9E69CEBA3FD80D55 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
19:16:36.0711 0x11f8  NvStreamSvc - ok
19:16:36.0742 0x11f8  [ 17DE7BC5906A7D80A4F86EF67F21F8DB, 9A653FE56A474C51477A6D5E6F69AB81EB7B9EE52EA09A02B24738B0542F2F1B ] NvStUSB         C:\WINDOWS\System32\drivers\nvstusb.sys
19:16:36.0758 0x11f8  NvStUSB - ok
19:16:36.0805 0x11f8  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
19:16:36.0820 0x11f8  nvsvc - ok
19:16:36.0914 0x11f8  [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:16:36.0945 0x11f8  nvUpdatusService - ok
19:16:36.0977 0x11f8  [ 92E4BEE1A9EC0572F794B5BAECC0B599, C9A0C55E071AF92C490CF8FA85A96120C8C290E61D55BCD3679843348E3470D7 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
19:16:36.0977 0x11f8  nvvad_WaveExtensible - ok
19:16:37.0008 0x11f8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
19:16:37.0008 0x11f8  nv_agp - ok
19:16:37.0055 0x11f8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
19:16:37.0070 0x11f8  p2pimsvc - ok
19:16:37.0102 0x11f8  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
19:16:37.0117 0x11f8  p2psvc - ok
19:16:37.0117 0x11f8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
19:16:37.0117 0x11f8  Parport - ok
19:16:37.0133 0x11f8  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
19:16:37.0133 0x11f8  partmgr - ok
19:16:37.0148 0x11f8  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
19:16:37.0164 0x11f8  PcaSvc - ok
19:16:37.0195 0x11f8  [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci             C:\WINDOWS\system32\drivers\pci.sys
19:16:37.0195 0x11f8  pci - ok
19:16:37.0211 0x11f8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
19:16:37.0211 0x11f8  pciide - ok
19:16:37.0227 0x11f8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
19:16:37.0227 0x11f8  pcmcia - ok
19:16:37.0242 0x11f8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
19:16:37.0242 0x11f8  pcw - ok
19:16:37.0258 0x11f8  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
19:16:37.0258 0x11f8  pdc - ok
19:16:37.0320 0x11f8  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
19:16:37.0336 0x11f8  PEAUTH - ok
19:16:37.0430 0x11f8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
19:16:37.0430 0x11f8  PerfHost - ok
19:16:37.0508 0x11f8  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
19:16:37.0539 0x11f8  pla - ok
19:16:37.0570 0x11f8  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
19:16:37.0586 0x11f8  PlugPlay - ok
19:16:37.0602 0x11f8  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
19:16:37.0602 0x11f8  PNRPAutoReg - ok
19:16:37.0633 0x11f8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
19:16:37.0633 0x11f8  PNRPsvc - ok
19:16:37.0664 0x11f8  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
19:16:37.0680 0x11f8  PolicyAgent - ok
19:16:37.0680 0x11f8  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
19:16:37.0680 0x11f8  Power - ok
19:16:37.0820 0x11f8  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
19:16:37.0867 0x11f8  PrintNotify - ok
19:16:37.0898 0x11f8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
19:16:37.0898 0x11f8  Processor - ok
19:16:37.0930 0x11f8  [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
19:16:37.0930 0x11f8  ProfSvc - ok
19:16:37.0961 0x11f8  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
19:16:37.0961 0x11f8  Psched - ok
19:16:37.0992 0x11f8  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
19:16:37.0992 0x11f8  QWAVE - ok
19:16:38.0008 0x11f8  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
19:16:38.0008 0x11f8  QWAVEdrv - ok
19:16:38.0023 0x11f8  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:16:38.0023 0x11f8  RasAcd - ok
19:16:38.0039 0x11f8  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:16:38.0039 0x11f8  RasAuto - ok
19:16:38.0055 0x11f8  [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:16:38.0070 0x11f8  RasMan - ok
19:16:38.0086 0x11f8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:16:38.0086 0x11f8  RasPppoe - ok
19:16:38.0133 0x11f8  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:16:38.0133 0x11f8  rdbss - ok
19:16:38.0148 0x11f8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
19:16:38.0148 0x11f8  rdpbus - ok
19:16:38.0164 0x11f8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
19:16:38.0164 0x11f8  RDPDR - ok
19:16:38.0180 0x11f8  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:16:38.0180 0x11f8  RdpVideoMiniport - ok
19:16:38.0195 0x11f8  [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
19:16:38.0195 0x11f8  rdyboost - ok
19:16:38.0242 0x11f8  [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
19:16:38.0289 0x11f8  ReFS - ok
19:16:38.0383 0x11f8  [ D4F8266D63800FF9ACFAC838005A974C, 4FF1053A6B5365867F58AE521FDD32565C144686CB399C2B606005A507EC206E ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:16:38.0383 0x11f8  RegSrvc - ok
19:16:38.0430 0x11f8  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:16:38.0430 0x11f8  RemoteAccess - ok
19:16:38.0477 0x11f8  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:16:38.0477 0x11f8  RemoteRegistry - ok
19:16:38.0523 0x11f8  [ 02307C86CB24769306B0DFA0C751952E, 637D90161C477995925936E4807B57EA80BE11761B26F5FC1B4B0F3EB52FBA87 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:16:38.0523 0x11f8  RFCOMM - ok
19:16:38.0617 0x11f8  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:16:38.0633 0x11f8  RichVideo - ok
19:16:38.0680 0x11f8  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
19:16:38.0680 0x11f8  RpcEptMapper - ok
19:16:38.0711 0x11f8  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:16:38.0711 0x11f8  RpcLocator - ok
19:16:38.0758 0x11f8  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:16:38.0774 0x11f8  RpcSs - ok
19:16:38.0805 0x11f8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
19:16:38.0805 0x11f8  rspndr - ok
19:16:38.0836 0x11f8  [ 28B356BAB74470786867BF4DC261E17C, 92030573D97224FF9BE6CCEBFFDE71EC3F845A1A4D19DA599A6E93CC215FBB0E ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys
19:16:38.0836 0x11f8  RSUSBVSTOR - ok
19:16:38.0867 0x11f8  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
19:16:38.0883 0x11f8  RTL8168 - ok
19:16:38.0899 0x11f8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
19:16:38.0899 0x11f8  s3cap - ok
19:16:38.0930 0x11f8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:16:38.0930 0x11f8  SamSs - ok
19:16:38.0945 0x11f8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
19:16:38.0945 0x11f8  sbp2port - ok
19:16:38.0977 0x11f8  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
19:16:38.0992 0x11f8  SCardSvr - ok
19:16:39.0008 0x11f8  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
19:16:39.0008 0x11f8  ScDeviceEnum - ok
19:16:39.0024 0x11f8  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:16:39.0024 0x11f8  scfilter - ok
19:16:39.0102 0x11f8  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:16:39.0133 0x11f8  Schedule - ok
19:16:39.0164 0x11f8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
19:16:39.0164 0x11f8  SCPolicySvc - ok
19:16:39.0180 0x11f8  [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
19:16:39.0195 0x11f8  sdbus - ok
19:16:39.0211 0x11f8  [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
19:16:39.0211 0x11f8  sdstor - ok
19:16:39.0227 0x11f8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
19:16:39.0227 0x11f8  secdrv - ok
19:16:39.0258 0x11f8  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
19:16:39.0258 0x11f8  seclogon - ok
19:16:39.0274 0x11f8  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
19:16:39.0274 0x11f8  SENS - ok
19:16:39.0289 0x11f8  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
19:16:39.0289 0x11f8  SensrSvc - ok
19:16:39.0305 0x11f8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
19:16:39.0305 0x11f8  SerCx - ok
19:16:39.0336 0x11f8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
19:16:39.0336 0x11f8  SerCx2 - ok
19:16:39.0367 0x11f8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
19:16:39.0367 0x11f8  Serenum - ok
19:16:39.0383 0x11f8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
19:16:39.0383 0x11f8  Serial - ok
19:16:39.0399 0x11f8  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
19:16:39.0399 0x11f8  sermouse - ok
19:16:39.0461 0x11f8  [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
19:16:39.0477 0x11f8  SessionEnv - ok
19:16:39.0492 0x11f8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
19:16:39.0492 0x11f8  sfloppy - ok
19:16:39.0586 0x11f8  [ 820368BFF0E36FF72A7DE2C20833FFEE, B574BC04CBFF31EFAA6D8AEA735AB6039A1DEBE1F6E5A0007FBFDD9D4AD527F2 ] SftService      C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
19:16:39.0633 0x11f8  SftService - ok
19:16:39.0649 0x11f8  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:16:39.0664 0x11f8  SharedAccess - ok
19:16:39.0742 0x11f8  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:16:39.0758 0x11f8  ShellHWDetection - ok
19:16:39.0789 0x11f8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:16:39.0789 0x11f8  SiSRaid2 - ok
19:16:39.0820 0x11f8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
19:16:39.0820 0x11f8  SiSRaid4 - ok
19:16:39.0852 0x11f8  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
19:16:39.0852 0x11f8  smphost - ok
19:16:39.0883 0x11f8  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
19:16:39.0899 0x11f8  SNMPTRAP - ok
19:16:39.0945 0x11f8  [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
19:16:39.0977 0x11f8  spaceport - ok
19:16:40.0008 0x11f8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
19:16:40.0008 0x11f8  SpbCx - ok
19:16:40.0039 0x11f8  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
19:16:40.0055 0x11f8  Spooler - ok
19:16:40.0242 0x11f8  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
19:16:40.0320 0x11f8  sppsvc - ok
19:16:40.0336 0x11f8  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:16:40.0352 0x11f8  srv - ok
19:16:40.0414 0x11f8  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
19:16:40.0430 0x11f8  srv2 - ok
19:16:40.0445 0x11f8  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:16:40.0461 0x11f8  srvnet - ok
19:16:40.0492 0x11f8  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:16:40.0492 0x11f8  SSDPSRV - ok
19:16:40.0524 0x11f8  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
19:16:40.0539 0x11f8  SstpSvc - ok
19:16:40.0586 0x11f8  [ 97F839E8AEC48EE271509BF4BC764C24, 7B9B791E987ADC8991C128CD52CB253F295E41DF502BF8933DF388994E84560D ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
19:16:40.0586 0x11f8  STacSV - ok
19:16:40.0664 0x11f8  [ A87A39F9B42D82F5D60D36BB1D3CC9D3, F609CC721B898B5053FE34B24C94970453BD57441F9A2C93D4F77CB297D56169 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:16:40.0680 0x11f8  Steam Client Service - ok
19:16:40.0711 0x11f8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
19:16:40.0711 0x11f8  stexstor - ok
19:16:40.0774 0x11f8  [ 7E89F65EB250463EE8665CFE19566FC3, 45849BAFA62E72A97103C5F02962D346D3F79DE9DB07297D1073FF355A506D9C ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
19:16:40.0789 0x11f8  STHDA - ok
19:16:40.0836 0x11f8  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
19:16:40.0867 0x11f8  stisvc - ok
19:16:40.0883 0x11f8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
19:16:40.0883 0x11f8  storahci - ok
19:16:40.0899 0x11f8  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
19:16:40.0899 0x11f8  storflt - ok
19:16:40.0914 0x11f8  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
19:16:40.0930 0x11f8  stornvme - ok
19:16:40.0945 0x11f8  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
19:16:40.0961 0x11f8  StorSvc - ok
19:16:40.0961 0x11f8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
19:16:40.0961 0x11f8  storvsc - ok
19:16:40.0992 0x11f8  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
19:16:40.0992 0x11f8  svsvc - ok
19:16:41.0008 0x11f8  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
19:16:41.0008 0x11f8  swenum - ok
19:16:41.0039 0x11f8  [ 99453C649DC4B0BE6D062B701CD2917F, 6E136BBF46E2E07635BEDC307A7F2E7C653DB45C055419DAB4878BF657B82058 ] swprv           C:\WINDOWS\System32\swprv.dll
19:16:41.0055 0x11f8  swprv - ok
19:16:41.0086 0x11f8  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain         C:\WINDOWS\system32\sysmain.dll
19:16:41.0117 0x11f8  SysMain - ok
19:16:41.0149 0x11f8  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:16:41.0149 0x11f8  SystemEventsBroker - ok
19:16:41.0180 0x11f8  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:16:41.0180 0x11f8  TabletInputService - ok
19:16:41.0195 0x11f8  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:16:41.0211 0x11f8  TapiSrv - ok
19:16:41.0305 0x11f8  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
19:16:41.0414 0x11f8  Tcpip - ok
19:16:41.0477 0x11f8  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:16:41.0508 0x11f8  TCPIP6 - ok
19:16:41.0539 0x11f8  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
19:16:41.0539 0x11f8  tcpipreg - ok
19:16:41.0571 0x11f8  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
19:16:41.0571 0x11f8  tdx - ok
19:16:41.0586 0x11f8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
19:16:41.0586 0x11f8  terminpt - ok
19:16:41.0649 0x11f8  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\WINDOWS\System32\termsrv.dll
19:16:41.0680 0x11f8  TermService - ok
19:16:41.0696 0x11f8  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
19:16:41.0696 0x11f8  Themes - ok
19:16:41.0711 0x11f8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
19:16:41.0727 0x11f8  THREADORDER - ok
19:16:41.0742 0x11f8  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
19:16:41.0742 0x11f8  TimeBroker - ok
19:16:41.0789 0x11f8  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
19:16:41.0789 0x11f8  TPM - ok
19:16:41.0805 0x11f8  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
19:16:41.0805 0x11f8  TrkWks - ok
19:16:41.0852 0x11f8  [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:16:41.0852 0x11f8  TrustedInstaller - ok
19:16:41.0867 0x11f8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
19:16:41.0867 0x11f8  TsUsbFlt - ok
19:16:41.0899 0x11f8  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:16:41.0899 0x11f8  TsUsbGD - ok
19:16:41.0930 0x11f8  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
19:16:41.0930 0x11f8  tunnel - ok
19:16:41.0961 0x11f8  [ 42350E49DA754D2D77362FDAE3491651, F29E8BA444ECB0484066B02C0A3DCE09B8417159EE37D7A2E05D4C06A98449C4 ] TurboB          C:\WINDOWS\system32\DRIVERS\TurboB.sys
19:16:41.0961 0x11f8  TurboB - ok
19:16:42.0039 0x11f8  [ 4F4B0AB2FB69C414CCBCEF7CF2E1C8D8, E1F197554369C97DBF61389346B4CB0233F40AAA2575F5D2FEC809AC9123FC69 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:16:42.0039 0x11f8  TurboBoost - ok
19:16:42.0055 0x11f8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
19:16:42.0071 0x11f8  uagp35 - ok
19:16:42.0086 0x11f8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
19:16:42.0102 0x11f8  UASPStor - ok
19:16:42.0180 0x11f8  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
19:16:42.0180 0x11f8  UCX01000 - ok
19:16:42.0211 0x11f8  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
19:16:42.0211 0x11f8  udfs - ok
19:16:42.0227 0x11f8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
19:16:42.0227 0x11f8  UEFI - ok
19:16:42.0274 0x11f8  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
19:16:42.0274 0x11f8  UI0Detect - ok
19:16:42.0289 0x11f8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
19:16:42.0289 0x11f8  uliagpkx - ok
19:16:42.0321 0x11f8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
19:16:42.0321 0x11f8  umbus - ok
19:16:42.0336 0x11f8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
19:16:42.0336 0x11f8  UmPass - ok
19:16:42.0383 0x11f8  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
19:16:42.0383 0x11f8  UmRdpService - ok
19:16:42.0492 0x11f8  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:16:42.0508 0x11f8  UNS - ok
19:16:42.0539 0x11f8  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:16:42.0555 0x11f8  upnphost - ok
19:16:42.0586 0x11f8  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
19:16:42.0586 0x11f8  usbccgp - ok
19:16:42.0617 0x11f8  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
19:16:42.0617 0x11f8  usbcir - ok
19:16:42.0649 0x11f8  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
19:16:42.0664 0x11f8  usbehci - ok
19:16:42.0696 0x11f8  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
19:16:42.0711 0x11f8  usbhub - ok
19:16:42.0727 0x11f8  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
19:16:42.0742 0x11f8  USBHUB3 - ok
19:16:42.0758 0x11f8  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
19:16:42.0758 0x11f8  usbohci - ok
19:16:42.0774 0x11f8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
19:16:42.0774 0x11f8  usbprint - ok
19:16:42.0805 0x11f8  [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:16:42.0805 0x11f8  USBSTOR - ok
19:16:42.0836 0x11f8  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
19:16:42.0836 0x11f8  usbuhci - ok
19:16:42.0852 0x11f8  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
19:16:42.0867 0x11f8  usbvideo - ok
19:16:42.0914 0x11f8  [ D22EB844EB57D016CC34178AC86456DF, C83440A44EA9CC3D1041AB966FFC423DD17FB25B42BA41BB36C109D16723BD5E ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:16:42.0930 0x11f8  USBXHCI - ok
19:16:42.0946 0x11f8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
19:16:42.0946 0x11f8  VaultSvc - ok
19:16:42.0961 0x11f8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
19:16:42.0961 0x11f8  vdrvroot - ok
19:16:43.0008 0x11f8  [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds             C:\WINDOWS\System32\vds.exe
19:16:43.0071 0x11f8  vds - ok
19:16:43.0086 0x11f8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
19:16:43.0086 0x11f8  VerifierExt - ok
19:16:43.0102 0x11f8  [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
19:16:43.0117 0x11f8  vhdmp - ok
19:16:43.0117 0x11f8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
19:16:43.0117 0x11f8  viaide - ok
19:16:43.0149 0x11f8  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
19:16:43.0149 0x11f8  vmbus - ok
19:16:43.0164 0x11f8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
19:16:43.0164 0x11f8  VMBusHID - ok
19:16:43.0211 0x11f8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:16:43.0211 0x11f8  vmicguestinterface - ok
19:16:43.0227 0x11f8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
19:16:43.0227 0x11f8  vmicheartbeat - ok
19:16:43.0242 0x11f8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:16:43.0258 0x11f8  vmickvpexchange - ok
19:16:43.0258 0x11f8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
19:16:43.0274 0x11f8  vmicrdv - ok
19:16:43.0274 0x11f8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
19:16:43.0289 0x11f8  vmicshutdown - ok
19:16:43.0305 0x11f8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
19:16:43.0305 0x11f8  vmictimesync - ok
19:16:43.0321 0x11f8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
19:16:43.0321 0x11f8  vmicvss - ok
19:16:43.0336 0x11f8  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
19:16:43.0336 0x11f8  volmgr - ok
19:16:43.0352 0x11f8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
19:16:43.0367 0x11f8  volmgrx - ok
19:16:43.0399 0x11f8  [ C85C075DE5B6D0FE116043054DE8EE02, 8BB01DA3D63562F51BCCB5CC996F99A5CB0A8F89900045BBCF4115FD521A9706 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
19:16:43.0399 0x11f8  volsnap - ok
19:16:43.0446 0x11f8  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
19:16:43.0446 0x11f8  vpci - ok
19:16:43.0477 0x11f8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
19:16:43.0477 0x11f8  vsmraid - ok
19:16:43.0539 0x11f8  [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS             C:\WINDOWS\system32\vssvc.exe
19:16:43.0571 0x11f8  VSS - ok
19:16:43.0586 0x11f8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
19:16:43.0602 0x11f8  VSTXRAID - ok
19:16:43.0618 0x11f8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
19:16:43.0618 0x11f8  vwifibus - ok
19:16:43.0633 0x11f8  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
19:16:43.0633 0x11f8  vwififlt - ok
19:16:43.0649 0x11f8  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
19:16:43.0649 0x11f8  vwifimp - ok
19:16:43.0680 0x11f8  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
19:16:43.0680 0x11f8  W32Time - ok
19:16:43.0696 0x11f8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
19:16:43.0696 0x11f8  WacomPen - ok
19:16:43.0743 0x11f8  WatGorp - ok
19:16:43.0821 0x11f8  [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine        C:\WINDOWS\system32\wbengine.exe
19:16:43.0852 0x11f8  wbengine - ok
19:16:43.0915 0x11f8  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
19:16:43.0946 0x11f8  WbioSrvc - ok
19:16:43.0946 0x11f8  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
19:16:43.0961 0x11f8  Wcmsvc - ok
19:16:43.0977 0x11f8  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
19:16:43.0993 0x11f8  wcncsvc - ok
19:16:43.0993 0x11f8  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:16:44.0008 0x11f8  WcsPlugInService - ok
19:16:44.0024 0x11f8  [ 241895E8A9C158DF86E12FDD21033A32, 46D4BF6319271AC33EC1C7283053B91D38A3D5443F3F749E640253FDC2819679 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
19:16:44.0024 0x11f8  WdBoot - ok
19:16:44.0071 0x11f8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
19:16:44.0102 0x11f8  Wdf01000 - ok
19:16:44.0118 0x11f8  [ C52148456E0F6EAD9E903020A79207FC, 7DEB2D7D09FB005A79E88FA8766B7EBE0396F0CA084D72269156874C727FBFF4 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
19:16:44.0133 0x11f8  WdFilter - ok
19:16:44.0133 0x11f8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
19:16:44.0133 0x11f8  WdiServiceHost - ok
19:16:44.0133 0x11f8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
19:16:44.0149 0x11f8  WdiSystemHost - ok
19:16:44.0180 0x11f8  [ 57F22324FAAF92ADF957B281E88F1743, 46CFBA6529E28756D73A00A211C3D72E9854E035EE6F2520066E074697A9745E ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:16:44.0180 0x11f8  WdNisDrv - ok
19:16:44.0211 0x11f8  WdNisSvc - ok
19:16:44.0227 0x11f8  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:16:44.0243 0x11f8  WebClient - ok
19:16:44.0258 0x11f8  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
19:16:44.0258 0x11f8  Wecsvc - ok
19:16:44.0274 0x11f8  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
19:16:44.0274 0x11f8  WEPHOSTSVC - ok
19:16:44.0290 0x11f8  [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
19:16:44.0305 0x11f8  wercplsupport - ok
19:16:44.0305 0x11f8  [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
19:16:44.0321 0x11f8  WerSvc - ok
19:16:44.0352 0x11f8  [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
19:16:44.0352 0x11f8  WFPLWFS - ok
19:16:44.0368 0x11f8  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
19:16:44.0368 0x11f8  WiaRpc - ok
19:16:44.0383 0x11f8  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
19:16:44.0383 0x11f8  WIMMount - ok
19:16:44.0383 0x11f8  WinDefend - ok
19:16:44.0430 0x11f8  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:16:44.0461 0x11f8  WinHttpAutoProxySvc - ok
19:16:44.0540 0x11f8  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:16:44.0555 0x11f8  Winmgmt - ok
19:16:44.0649 0x11f8  [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:16:44.0711 0x11f8  WinRM - ok
19:16:44.0805 0x11f8  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
19:16:44.0836 0x11f8  WlanSvc - ok
19:16:44.0899 0x11f8  [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
19:16:44.0930 0x11f8  wlidsvc - ok
19:16:44.0961 0x11f8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
19:16:44.0961 0x11f8  WmiAcpi - ok
19:16:44.0993 0x11f8  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:16:44.0993 0x11f8  wmiApSrv - ok
19:16:45.0024 0x11f8  WMPNetworkSvc - ok
19:16:45.0102 0x11f8  [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
19:16:45.0133 0x11f8  workfolderssvc - ok
19:16:45.0165 0x11f8  [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:16:45.0165 0x11f8  wpcfltr - ok
19:16:45.0211 0x11f8  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
19:16:45.0211 0x11f8  WPCSvc - ok
19:16:45.0227 0x11f8  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
19:16:45.0227 0x11f8  WPDBusEnum - ok
19:16:45.0243 0x11f8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:16:45.0243 0x11f8  WpdUpFltr - ok
19:16:45.0274 0x11f8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:16:45.0274 0x11f8  ws2ifsl - ok
19:16:45.0274 0x11f8  [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
19:16:45.0290 0x11f8  wscsvc - ok
19:16:45.0290 0x11f8  WSearch - ok
19:16:45.0430 0x11f8  [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService       C:\WINDOWS\System32\WSService.dll
19:16:45.0508 0x11f8  WSService - ok
19:16:45.0602 0x11f8  [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
19:16:45.0712 0x11f8  wuauserv - ok
19:16:45.0743 0x11f8  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
19:16:45.0743 0x11f8  WudfPf - ok
19:16:45.0774 0x11f8  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
19:16:45.0774 0x11f8  WUDFRd - ok
19:16:45.0774 0x11f8  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
19:16:45.0774 0x11f8  WUDFSensorLP - ok
19:16:45.0805 0x11f8  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
19:16:45.0821 0x11f8  wudfsvc - ok
19:16:45.0821 0x11f8  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
19:16:45.0837 0x11f8  WwanSvc - ok
19:16:45.0868 0x11f8  [ 6FDEE5E0741A3FFA5E5772C6C94E3F64, 859EBC7F8FF3CE9F3301B5BF93CF0C84C2A4271F205B67D9B8DC463DC67DE661 ] XHCIPort        C:\WINDOWS\System32\drivers\XHCIPort.sys
19:16:45.0868 0x11f8  XHCIPort - ok
19:16:46.0008 0x11f8  [ 97D3DCBBF3915782644DB56F5C191B9F, 3207D951F8042ADA9256283E9D64C3427D145DB98172A87733F868215FF62EF4 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:16:46.0071 0x11f8  ZeroConfigService - ok
19:16:46.0087 0x11f8  ================ Scan global ===============================
19:16:46.0133 0x11f8  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
19:16:46.0180 0x11f8  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\WINDOWS\system32\winsrv.dll
19:16:46.0212 0x11f8  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
19:16:46.0243 0x11f8  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
19:16:46.0243 0x11f8  [ Global ] - ok
19:16:46.0243 0x11f8  ================ Scan MBR ==================================
19:16:46.0259 0x11f8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:16:46.0259 0x11f8  \Device\Harddisk0\DR0 - ok
19:16:46.0259 0x11f8  ================ Scan VBR ==================================
19:16:46.0259 0x11f8  [ 69489F97EDD6F9EF2C4BDA1E29A9FE67 ] \Device\Harddisk0\DR0\Partition1
19:16:46.0321 0x11f8  \Device\Harddisk0\DR0\Partition1 - ok
19:16:46.0321 0x11f8  [ 25FB97E37A111A5BB092C1F31A14C736 ] \Device\Harddisk0\DR0\Partition2
19:16:46.0384 0x11f8  \Device\Harddisk0\DR0\Partition2 - ok
19:16:46.0399 0x11f8  [ 2DACFD70E3905B251FFAB1A6A25F06E3 ] \Device\Harddisk0\DR0\Partition3
19:16:46.0399 0x11f8  \Device\Harddisk0\DR0\Partition3 - ok
19:16:46.0415 0x11f8  [ 120555FF72D14F92FB8FADBAB36726B1 ] \Device\Harddisk0\DR0\Partition4
19:16:46.0477 0x11f8  \Device\Harddisk0\DR0\Partition4 - ok
19:16:46.0493 0x11f8  [ 05C5C8CB76A864B04ECC050DBAF9C6EF ] \Device\Harddisk0\DR0\Partition5
19:16:46.0555 0x11f8  \Device\Harddisk0\DR0\Partition5 - ok
19:16:46.0602 0x11f8  [ 85040BED8192CDC30BF7EFDE9C091791 ] \Device\Harddisk0\DR0\Partition6
19:16:46.0602 0x11f8  \Device\Harddisk0\DR0\Partition6 - ok
19:16:46.0602 0x11f8  [ 66A340E92812B7676674BDEF2697F4C2 ] \Device\Harddisk0\DR0\Partition7
19:16:46.0618 0x11f8  \Device\Harddisk0\DR0\Partition7 - ok
19:16:46.0649 0x11f8  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmiav.exe ( 13.0.1.4190 ), 0x41000 ( enabled : updated )
19:16:46.0680 0x11f8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
19:16:46.0680 0x11f8  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmifw.exe ( 13.0.1.4190 ), 0x41010 ( enabled )
19:16:46.0680 0x11f8  ============================================================
19:16:46.0680 0x11f8  Scan finished
19:16:46.0680 0x11f8  ============================================================
19:16:46.0696 0x1060  Detected object count: 0
19:16:46.0696 0x1060  Actual detected object count: 0
 



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 07 April 2014 - 02:52 AM

Fix with FRST (normal mode)

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

 

  • Please download the attached fixlist.txt and save it to the same location where FRST is.
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

===================================================

Malwarebytes Anti-Malware Free and Malwarebytes Chameleon

----------

  • Download Malwarebytes Anti-Malware Free and save it to your desktop
  • Double click the desktop icon, click Run, then OK
  • Click Next
  • Select I accept the agreement then continue to click Next then finally click Install
  • Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
  • If you are notified the Database is out of date click Update Now
  • Click Scan Now >>

----------

  • Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
  • Click Start (Start, Search, All files and folders for Windows XP) then type mbam
  • Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com

----------

  • When completed click the down arrow on Export Log and select Text file (*.txt)
  • Save the file to your desktop as MBAM
  • Click Apply Actions then restart your computer if requested
  • Copy and past the contents of MBAM.txt in your reply

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 16 April 2014 - 04:48 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users