Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help Reading a Rogue Killer Report


  • Please log in to reply
11 replies to this topic

#1 rgould73

rgould73

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 19 May 2014 - 07:34 PM

Mod Edit: Moved from Win 7 to Am I infected ~~boopme

Hello, I changed the host file results. those are good. Any help reading this would be great. Thanks
 
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : admin [Admin rights]
Mode : Scan -- Date : 05/19/2014 20:17:46
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 13 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{992E8918-22C8-41A6-85D0-F38DD217C4C8} : NameServer (192.168.1.6,151.202.0.85,151.198.0.38 [(Private Address) (XX) - UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CCSet\[...]\{DEDD1CBD-A28F-44EA-BA68-5FA58767FE5B} : NameServer (151.202.0.85,151.198.0.38 [UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS001\[...]\{992E8918-22C8-41A6-85D0-F38DD217C4C8} : NameServer (192.168.1.6,151.202.0.85,151.198.0.38 [(Private Address) (XX) - UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS001\[...]\{DEDD1CBD-A28F-44EA-BA68-5FA58767FE5B} : NameServer (151.202.0.85,151.198.0.38 [UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS002\[...]\{992E8918-22C8-41A6-85D0-F38DD217C4C8} : NameServer (192.168.1.6,151.202.0.85,151.198.0.38 [(Private Address) (XX) - UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS002\[...]\{DEDD1CBD-A28F-44EA-BA68-5FA58767FE5B} : NameServer (151.202.0.85,151.198.0.38 [UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x72972888)
[Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x76E846E9)
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
192.168.1.4 www.ICHANGEDTHIS.net
192.168.1.4 ICHANGEDTHIS.net
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ATA WDC WD10EZEX-08M SCSI Disk Device +++++
--- User ---
[MBR] 86446fadbdeb45002223322b285feb30
[BSP] d75029f16af32b6bda956af082b35ada : Lenovo MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 939007 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1926160384 | Size: 13360 MB
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) BUFFALO HD-WLU3/R1     1 USB Device (TurboPC EX) +++++
--- User ---
[MBR] 60bf36c0d6a9b3bd7ab116aea36c33bb
[BSP] 8aff24da77dba3e0ff112a53b599c683 : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 64 | Size: 1907342 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )
 
Finished : << RKreport[0]_S_05192014_201746.txt >>

Edited by boopme, 19 May 2014 - 07:40 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:53 AM

Posted 19 May 2014 - 07:43 PM

Hello
  • Close all programs and disconnect any USB or external drives before running the tool.
  • Double-click RogueKiller.exe to run the tool again (Vista or 7 users: Right-click and select Run As Administrator).
  • Once the Prescan has finished, click Scan.
  • Once the Status box shows "Scan Finished", this time click the Delete button.
  • Copy and paste the report that opens into your next reply.
    • The log can also be found on your desktop labeled (RKreport[X]_D_xxdatexx_xtimex)
    • The highest number of [X], is the most recent Delete
I would like to do these also....

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 rgould73

rgould73
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 19 May 2014 - 07:58 PM

Ok Off to do the rest
 
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : admin [Admin rights]
Mode : Remove -- Date : 05/19/2014 20:55:18
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 7 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
192.168.1.4 www.ICHANGEDTHIS.net
192.168.1.4 ICHANGEDTHIS.net
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ATA WDC WD10EZEX-08M SCSI Disk Device +++++
--- User ---
[MBR] 86446fadbdeb45002223322b285feb30
[BSP] d75029f16af32b6bda956af082b35ada : Lenovo MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 939007 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1926160384 | Size: 13360 MB
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) BUFFALO HD-WLU3/R1     1 USB Device (TurboPC EX) +++++
--- User ---
[MBR] 60bf36c0d6a9b3bd7ab116aea36c33bb
[BSP] 8aff24da77dba3e0ff112a53b599c683 : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 64 | Size: 1907342 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )
 
Finished : << RKreport[0]_D_05192014_205518.txt >>
RKreport[0]_S_05192014_201746.txt;RKreport[0]_S_05192014_205447.txt


#4 rgould73

rgould73
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 19 May 2014 - 08:07 PM

Minitoolbox Results:

MiniToolBox by Farbar  Version: 23-01-2014
Ran by admin (administrator) on 19-05-2014 at 21:02:34
Running from "C:\Users\admin\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
192.168.1.4 www.ICHANGEDTHIS.net
192.168.1.4 ICHANGEDTHIS.net
 
 
127.0.0.1       localhost
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® Ethernet Connection I217-LM = Office NIC (Connected)
Intel® Gigabit CT Desktop Adapter = Web NIC (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Office NIC" nexthop=192.168.1.1 publish=Yes
add route prefix=0.0.0.0/0 interface="Web NIC" nexthop=192.168.1.1 publish=Yes
add address name="Office NIC" address=192.168.1.162 mask=255.255.255.0
add address name="Web NIC" address=192.168.1.4 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DPServer2
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Web NIC:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Gigabit CT Desktop Adapter
   Physical Address. . . . . . . . . : 68-05-CA-20-06-AD
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 151.202.0.85
                                       151.198.0.38
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Ethernet adapter Office NIC:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Ethernet Connection I217-LM
   Physical Address. . . . . . . . . : FC-4D-D4-F1-3E-57
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.162(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.6
                                       151.202.0.85
                                       151.198.0.38
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  nyc2-qwest.bellatlantic.net
Address:  151.202.0.85
 
Name:    google.com
Addresses:  2607:f8b0:4006:807::1007
 74.125.226.39
 74.125.226.37
 74.125.226.41
 74.125.226.46
 74.125.226.34
 74.125.226.36
 74.125.226.35
 74.125.226.33
 74.125.226.38
 74.125.226.40
 74.125.226.32
 
 
Pinging google.com [74.125.226.37] with 32 bytes of data:
Reply from 74.125.226.37: bytes=32 time=6ms TTL=57
Reply from 74.125.226.37: bytes=32 time=7ms TTL=57
 
Ping statistics for 74.125.226.37:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 6ms, Maximum = 7ms, Average = 6ms
Server:  nyc2-qwest.bellatlantic.net
Address:  151.202.0.85
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=45ms TTL=53
Reply from 98.138.253.109: bytes=32 time=47ms TTL=53
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 45ms, Maximum = 47ms, Average = 46ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...68 05 ca 20 06 ad ......Intel® Gigabit CT Desktop Adapter
 11...fc 4d d4 f1 3e 57 ......Intel® Ethernet Connection I217-LM
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.162    276
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.162    276
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    276
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    276
    192.168.1.162  255.255.255.255         On-link     192.168.1.162    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.162    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.162    276
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.162    276
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      192.168.1.1  Default 
          0.0.0.0          0.0.0.0      192.168.1.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
Catalog9 02 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
Catalog9 03 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
Catalog9 04 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\PCProtect64.dll [330624] (Objectify Media Inc)
x64-Catalog9 02 C:\Windows\System32\PCProtect64.dll [330624] (Objectify Media Inc)
x64-Catalog9 03 C:\Windows\System32\PCProtect64.dll [330624] (Objectify Media Inc)
x64-Catalog9 04 C:\Windows\System32\PCProtect64.dll [330624] (Objectify Media Inc)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\PCProtect64.dll [330624] (Objectify Media Inc)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/19/2014 03:50:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/19/2014 03:50:15 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> DocumentRoot must be a directory     .
 
Error: (05/19/2014 03:50:15 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> AH00526: Syntax error on line 240 of C:/wamp/bin/apache/Apache2.4.4/conf/httpd.conf:     .
 
Error: (05/19/2014 03:41:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/19/2014 03:41:04 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> DocumentRoot must be a directory     .
 
Error: (05/19/2014 03:41:04 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> AH00526: Syntax error on line 240 of C:/wamp/bin/apache/Apache2.4.4/conf/httpd.conf:     .
 
Error: (05/18/2014 09:32:05 PM) (Source: Application Hang) (User: )
Description: The program PhpStorm.exe version 8.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1410
 
Start Time: 01cf7300d6d8d1a9
 
Termination Time: 4
 
Application Path: C:\Program Files (x86)\JetBrains\PhpStorm 138.184\bin\PhpStorm.exe
 
Report Id:
 
Error: (05/18/2014 03:34:36 PM) (Source: Software Protection Platform Service) (User: )
Description: Acquisition of genuine ticket failed (hr=0xC004C4A8) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f
 
Error: (05/18/2014 03:34:36 PM) (Source: Software Protection Platform Service) (User: )
Description: Genuine state set to non-genuine (0x00000000) for application Id 55c92734-d682-4d71-983e-d6ec3f16059f
 
Error: (05/18/2014 03:32:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (05/19/2014 04:09:12 PM) (Source: Service Control Manager) (User: )
Description: The Lenovo Camera Mute service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/19/2014 03:50:15 PM) (Source: Service Control Manager) (User: )
Description: The wampapache service terminated with service-specific error %%1.
 
Error: (05/19/2014 03:41:04 PM) (Source: Service Control Manager) (User: )
Description: The wampapache service terminated with service-specific error %%1.
 
Error: (05/19/2014 03:16:52 PM) (Source: UmrdpService) (User: )
Description: Driver Microsoft Office Document Image Writer Driver required for printer Microsoft Office Document Image Writer is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/19/2014 02:25:54 PM) (Source: UmrdpService) (User: )
Description: Driver Microsoft XPS Document Writer v4 required for printer Microsoft XPS Document Writer is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/19/2014 02:25:54 PM) (Source: UmrdpService) (User: )
Description: Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/19/2014 02:25:54 PM) (Source: UmrdpService) (User: )
Description: Driver HP Officejet 4620 series Class Driver required for printer HP Officejet 4620 series is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/19/2014 02:00:55 PM) (Source: UmrdpService) (User: )
Description: Driver Microsoft XPS Document Writer v4 required for printer Microsoft XPS Document Writer is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/19/2014 02:00:54 PM) (Source: UmrdpService) (User: )
Description: Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/19/2014 02:00:54 PM) (Source: UmrdpService) (User: )
Description: Driver HP Officejet 4620 series Class Driver required for printer HP Officejet 4620 series is unknown. Contact the administrator to install the driver before you log in again.
 
 
Microsoft Office Sessions:
=========================
Error: (05/19/2014 03:50:18 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/19/2014 03:50:15 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>DocumentRoot must be a directory
 
Error: (05/19/2014 03:50:15 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>AH00526: Syntax error on line 240 of C:/wamp/bin/apache/Apache2.4.4/conf/httpd.conf:
 
Error: (05/19/2014 03:41:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/19/2014 03:41:04 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>DocumentRoot must be a directory
 
Error: (05/19/2014 03:41:04 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>AH00526: Syntax error on line 240 of C:/wamp/bin/apache/Apache2.4.4/conf/httpd.conf:
 
Error: (05/18/2014 09:32:05 PM) (Source: Application Hang)(User: )
Description: PhpStorm.exe8.0.0.0141001cf7300d6d8d1a94C:\Program Files (x86)\JetBrains\PhpStorm 138.184\bin\PhpStorm.exe
 
Error: (05/18/2014 03:34:36 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C4A866c92734-d682-4d71-983e-d6ec3f16059f
 
Error: (05/18/2014 03:34:36 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f
 
Error: (05/18/2014 03:32:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-05-19 20:53:19.383
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-19 20:36:00.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-19 20:02:45.254
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-19 17:47:17.891
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-19 17:15:22.246
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-19 17:15:22.186
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-19 17:15:22.126
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-19 17:11:29.414
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-19 16:06:20.849
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-19 15:59:08.405
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
Adobe AIR (Version: 3.4.0.2710)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
BestSync (Version: 7.2.17)
BUFFALO RAID Utility
BUFFALO TurboPC EX Series
CCleaner (Version: 4.13)
Create Recovery Media (Version: 1.20.0.00)
DMUninstaller
Intel® Control Center (Version: 1.2.1.1011)
Intel® Management Engine Components (Version: 9.0.0.1323)
Intel® Network Connections Drivers (Version: 18.1)
Intel® Processor Graphics (Version: 10.18.10.3412)
Intel® PROSet/Wireless WiFi Software Driver (Version: 15.06.1000.0167)
Intel® Rapid Storage Technology (Version: 12.5.0.1066)
Intel® Update Manager (Version: 1.0.0.36888)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 2.5.0.19)
Intel® PROSet/Wireless Software (Version: 15.6.1)
Intel® PROSet/Wireless WiFi Software (Version: 15.06.1000.0142)
Intel® Trusted Connect Service Client (Version: 1.27.798.1)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
JetBrains PhpStorm 138.184 (Version: 138.184)
LBAI (Version: 1.0.0.8)
Lenovo Patch Utility 64 bit (Version: 1.3.1.1)
Lenovo Registration (Version: 1.0.3)
Lenovo Solution Center (Version: 2.1.003.00)
Lenovo Solutions for Small Business (Version: 2.0.32.7350)
Lenovo Solutions for Small Business Customizations (Version: 2.0.0004.00)
Lenovo System Update (Version: 5.02.0007)
Lenovo User Guide (Version: 1.0.0008.00)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Message Center Plus (Version: 3.1.0004.00)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Office (Version: 15.0.4454.1510)
Microsoft Security Client (Version: 4.5.0216.0)
Microsoft Security Essentials (Version: 4.5.216.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MySQL Connector/ODBC 5.1 (Version: 5.1.13)
Nitro Pro 8 (Version: 8.5.2.10)
Notepad++ (Version: 6.5.5)
Power Manager (Version: 3.01.0004)
RapidBoot HDD Accelerator (Version: 1.1.1.1)
Realtek High Definition Audio Driver (Version: 6.0.1.6844)
ThinkVantage Communications Utility (Version: 3.0.42.0)
View Management Utility (Version: 3.0.1.20120921)
WampServer 2.4
Windows Driver Package - Intel (e1dexpress) Net  (02/26/2013 12.6.47.0) (Version: 02/26/2013 12.6.47.0)
Windows Driver Package - Intel System  (02/25/2013 9.4.0.1017) (Version: 02/25/2013 9.4.0.1017)
Windows Driver Package - Intel USB  (02/25/2013 9.4.0.1017) (Version: 02/25/2013 9.4.0.1017)
Windows Driver Package - NVIDIA (nvlddmkm) Display  (01/18/2013 9.18.13.1106) (Version: 01/18/2013 9.18.13.1106)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA  (07/03/2012 1.3.18.0) (Version: 07/03/2012 1.3.18.0)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (02/19/2013 6.0.1.6844) (Version: 02/19/2013 6.0.1.6844)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 65%
Total physical RAM: 7986.55 MB
Available physical RAM: 2788.41 MB
Total Pagefile: 15971.27 MB
Available Pagefile: 12346.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.16 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows7_OS) (Fixed) (Total:917 GB) (Free:858.86 GB) NTFS
2 Drive d: (HD-WLU3) (Fixed) (Total:1862.64 GB) (Free:1627 GB) NTFS
4 Drive q: (Lenovo_Recovery) (Fixed) (Total:13.05 GB) (Free:0.46 GB) NTFS
5 Drive z: (share) (Network) (Total:696.47 GB) (Free:386.53 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DPSERVER2
 
admin                    Administrator            Development              
Guest                    
 
 
**** End of log ****


#5 rgould73

rgould73
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 19 May 2014 - 08:09 PM

TDSSkiller:

 

21:07:53.0279 0x0ddc  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
21:07:59.0086 0x0ddc  ============================================================
21:07:59.0086 0x0ddc  Current date / time: 2014/05/19 21:07:59.0086
21:07:59.0086 0x0ddc  SystemInfo:
21:07:59.0086 0x0ddc  
21:07:59.0086 0x0ddc  OS Version: 6.1.7601 ServicePack: 1.0
21:07:59.0086 0x0ddc  Product type: Workstation
21:07:59.0086 0x0ddc  ComputerName: DPSERVER2
21:07:59.0086 0x0ddc  UserName: admin
21:07:59.0087 0x0ddc  Windows directory: C:\Windows
21:07:59.0087 0x0ddc  System windows directory: C:\Windows
21:07:59.0087 0x0ddc  Running under WOW64
21:07:59.0087 0x0ddc  Processor architecture: Intel x64
21:07:59.0087 0x0ddc  Number of processors: 8
21:07:59.0087 0x0ddc  Page size: 0x1000
21:07:59.0087 0x0ddc  Boot type: Normal boot
21:07:59.0087 0x0ddc  ============================================================
21:08:00.0618 0x0ddc  KLMD registered as C:\Windows\system32\drivers\41402018.sys
21:08:01.0879 0x0ddc  System UUID: {E0A5C369-B364-27BB-F401-2B8FC21AF00D}
21:08:02.0346 0x0ddc  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:08:02.0349 0x0ddc  Drive \Device\Harddisk1\DR1 - Size: 0x1D1A951E000 (1862.65 Gb), SectorSize: 0x200, Cylinders: 0x3B5D0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:08:02.0350 0x0ddc  ============================================================
21:08:02.0350 0x0ddc  \Device\Harddisk0\DR0:
21:08:02.0351 0x0ddc  MBR partitions:
21:08:02.0351 0x0ddc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
21:08:02.0351 0x0ddc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x729FF800
21:08:02.0351 0x0ddc  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72CEE000, BlocksNum 0x1A18000
21:08:02.0351 0x0ddc  \Device\Harddisk1\DR1:
21:08:02.0351 0x0ddc  MBR partitions:
21:08:02.0351 0x0ddc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0xE8D47190
21:08:02.0351 0x0ddc  ============================================================
21:08:02.0361 0x0ddc  C: <-> \Device\Harddisk0\DR0\Partition2
21:08:02.0397 0x0ddc  Q: <-> \Device\Harddisk0\DR0\Partition3
21:08:02.0979 0x0ddc  D: <-> \Device\Harddisk1\DR1\Partition1
21:08:02.0979 0x0ddc  ============================================================
21:08:02.0979 0x0ddc  Initialize success
21:08:02.0979 0x0ddc  ============================================================
21:08:07.0268 0x136c  ============================================================
21:08:07.0268 0x136c  Scan started
21:08:07.0268 0x136c  Mode: Manual; 
21:08:07.0268 0x136c  ============================================================
21:08:07.0268 0x136c  KSN ping started
21:08:10.0008 0x136c  KSN ping finished: true
21:08:10.0850 0x136c  ================ Scan system memory ========================
21:08:10.0850 0x136c  System memory - ok
21:08:10.0850 0x136c  ================ Scan services =============================
21:08:10.0961 0x136c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:08:10.0973 0x136c  1394ohci - ok
21:08:11.0013 0x136c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:08:11.0024 0x136c  ACPI - ok
21:08:11.0040 0x136c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:08:11.0041 0x136c  AcpiPmi - ok
21:08:11.0086 0x136c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:08:11.0089 0x136c  AdobeARMservice - ok
21:08:11.0124 0x136c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:08:11.0137 0x136c  adp94xx - ok
21:08:11.0155 0x136c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:08:11.0160 0x136c  adpahci - ok
21:08:11.0173 0x136c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:08:11.0176 0x136c  adpu320 - ok
21:08:11.0206 0x136c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:08:11.0207 0x136c  AeLookupSvc - ok
21:08:11.0255 0x136c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
21:08:11.0267 0x136c  AFD - ok
21:08:11.0280 0x136c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:08:11.0282 0x136c  agp440 - ok
21:08:11.0293 0x136c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:08:11.0295 0x136c  ALG - ok
21:08:11.0315 0x136c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:08:11.0315 0x136c  aliide - ok
21:08:11.0319 0x136c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:08:11.0319 0x136c  amdide - ok
21:08:11.0327 0x136c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:08:11.0328 0x136c  AmdK8 - ok
21:08:11.0344 0x136c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:08:11.0346 0x136c  AmdPPM - ok
21:08:11.0356 0x136c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:08:11.0358 0x136c  amdsata - ok
21:08:11.0374 0x136c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:08:11.0377 0x136c  amdsbs - ok
21:08:11.0384 0x136c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:08:11.0385 0x136c  amdxata - ok
21:08:11.0389 0x136c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
21:08:11.0390 0x136c  AppID - ok
21:08:11.0400 0x136c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:08:11.0401 0x136c  AppIDSvc - ok
21:08:11.0416 0x136c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:08:11.0417 0x136c  Appinfo - ok
21:08:11.0444 0x136c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:08:11.0451 0x136c  AppMgmt - ok
21:08:11.0472 0x136c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:08:11.0475 0x136c  arc - ok
21:08:11.0490 0x136c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:08:11.0494 0x136c  arcsas - ok
21:08:11.0567 0x136c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:08:11.0570 0x136c  aspnet_state - ok
21:08:11.0594 0x136c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:08:11.0595 0x136c  AsyncMac - ok
21:08:11.0621 0x136c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
21:08:11.0622 0x136c  atapi - ok
21:08:11.0659 0x136c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:08:11.0679 0x136c  AudioEndpointBuilder - ok
21:08:11.0694 0x136c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:08:11.0704 0x136c  AudioSrv - ok
21:08:11.0733 0x136c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:08:11.0739 0x136c  AxInstSV - ok
21:08:11.0772 0x136c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:08:11.0783 0x136c  b06bdrv - ok
21:08:11.0816 0x136c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:08:11.0820 0x136c  b57nd60a - ok
21:08:11.0831 0x136c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:08:11.0834 0x136c  BDESVC - ok
21:08:11.0841 0x136c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:08:11.0841 0x136c  Beep - ok
21:08:11.0948 0x136c  [ CCB002B84DF97C59DBB411B439983BFF, 417B03BC355C439DBBFE0712A9B99AF61E11958188DE70B47B03D5ED69EC8D08 ] BestSyncSvc     C:\Program Files (x86)\RiseFly\BestSync\BestSyncSvc.exe
21:08:11.0978 0x136c  BestSyncSvc - ok
21:08:12.0006 0x136c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:08:12.0016 0x136c  BFE - ok
21:08:12.0035 0x136c  [ 97F0BCC26F5364326F6410E88BF20142, 419826F63D002A468776E61FD24F9C4CF2F8833C537535804DC5C230B4197EE6 ] bftpdskc        C:\Windows\system32\drivers\bftpdskc64.sys
21:08:12.0036 0x136c  bftpdskc - ok
21:08:12.0049 0x136c  [ C064BD64CE639A657DF1CAAD9376E011, 19494CE2CFE111DCD4B7C48C4889DF95C74556DCD49F6F17B8AD2AB16F559854 ] bftpusbx        C:\Windows\system32\drivers\bftpusbx64.sys
21:08:12.0049 0x136c  bftpusbx - ok
21:08:12.0085 0x136c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:08:12.0102 0x136c  BITS - ok
21:08:12.0115 0x136c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:08:12.0116 0x136c  blbdrive - ok
21:08:12.0136 0x136c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:08:12.0137 0x136c  bowser - ok
21:08:12.0150 0x136c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:08:12.0150 0x136c  BrFiltLo - ok
21:08:12.0162 0x136c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:08:12.0163 0x136c  BrFiltUp - ok
21:08:12.0177 0x136c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:08:12.0180 0x136c  Browser - ok
21:08:12.0186 0x136c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:08:12.0189 0x136c  Brserid - ok
21:08:12.0203 0x136c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:08:12.0204 0x136c  BrSerWdm - ok
21:08:12.0218 0x136c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:08:12.0219 0x136c  BrUsbMdm - ok
21:08:12.0231 0x136c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:08:12.0231 0x136c  BrUsbSer - ok
21:08:12.0238 0x136c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:08:12.0239 0x136c  BTHMODEM - ok
21:08:12.0252 0x136c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:08:12.0254 0x136c  bthserv - ok
21:08:12.0264 0x136c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:08:12.0266 0x136c  cdfs - ok
21:08:12.0278 0x136c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:08:12.0280 0x136c  cdrom - ok
21:08:12.0308 0x136c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:08:12.0312 0x136c  CertPropSvc - ok
21:08:12.0320 0x136c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:08:12.0321 0x136c  circlass - ok
21:08:12.0349 0x136c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:08:12.0364 0x136c  CLFS - ok
21:08:12.0405 0x136c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:08:12.0408 0x136c  clr_optimization_v2.0.50727_32 - ok
21:08:12.0436 0x136c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:08:12.0440 0x136c  clr_optimization_v2.0.50727_64 - ok
21:08:12.0487 0x136c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:08:12.0493 0x136c  clr_optimization_v4.0.30319_32 - ok
21:08:12.0513 0x136c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:08:12.0520 0x136c  clr_optimization_v4.0.30319_64 - ok
21:08:12.0536 0x136c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:08:12.0538 0x136c  CmBatt - ok
21:08:12.0556 0x136c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:08:12.0557 0x136c  cmdide - ok
21:08:12.0587 0x136c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
21:08:12.0598 0x136c  CNG - ok
21:08:12.0613 0x136c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:08:12.0613 0x136c  Compbatt - ok
21:08:12.0623 0x136c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:08:12.0624 0x136c  CompositeBus - ok
21:08:12.0627 0x136c  COMSysApp - ok
21:08:12.0693 0x136c  [ 6DB7264A95FE984FFA072BA79FA087C8, CF180663B24B1660CD04CB26D8663FB7F357C9CF5731B315635D63B7DB76BCEC ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:08:12.0701 0x136c  cphs - ok
21:08:12.0708 0x136c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:08:12.0709 0x136c  crcdisk - ok
21:08:12.0727 0x136c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:08:12.0730 0x136c  CryptSvc - ok
21:08:12.0747 0x136c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:08:12.0754 0x136c  CSC - ok
21:08:12.0776 0x136c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:08:12.0789 0x136c  CscService - ok
21:08:12.0819 0x136c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:08:12.0825 0x136c  DcomLaunch - ok
21:08:12.0850 0x136c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:08:12.0854 0x136c  defragsvc - ok
21:08:12.0869 0x136c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:08:12.0870 0x136c  DfsC - ok
21:08:12.0892 0x136c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:08:12.0897 0x136c  Dhcp - ok
21:08:12.0908 0x136c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:08:12.0908 0x136c  discache - ok
21:08:12.0917 0x136c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
21:08:12.0918 0x136c  Disk - ok
21:08:12.0930 0x136c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:08:12.0931 0x136c  dmvsc - ok
21:08:12.0942 0x136c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:08:12.0945 0x136c  Dnscache - ok
21:08:12.0959 0x136c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:08:12.0963 0x136c  dot3svc - ok
21:08:12.0968 0x136c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:08:12.0971 0x136c  DPS - ok
21:08:12.0996 0x136c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:08:12.0996 0x136c  drmkaud - ok
21:08:13.0055 0x136c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:08:13.0071 0x136c  DXGKrnl - ok
21:08:13.0099 0x136c  [ 8020B5D39DDFF589200EBD5592314F83, 23B5D36AE4EFC799E966168F030FB76226CD6365C8F00B5E51EFC44CAF0A0CB2 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
21:08:13.0104 0x136c  e1dexpress - ok
21:08:13.0128 0x136c  [ 3C018F93EF8B90DD76489C22FB913993, D0B1A2B3452C7232D827B7462865C89B2AA69250BFBA26F78F132C32B9CD6319 ] e1qexpress      C:\Windows\system32\DRIVERS\e1q62x64.sys
21:08:13.0133 0x136c  e1qexpress - ok
21:08:13.0142 0x136c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:08:13.0144 0x136c  EapHost - ok
21:08:13.0203 0x136c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:08:13.0237 0x136c  ebdrv - ok
21:08:13.0261 0x136c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
21:08:13.0262 0x136c  EFS - ok
21:08:13.0327 0x136c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:08:13.0343 0x136c  ehRecvr - ok
21:08:13.0359 0x136c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:08:13.0361 0x136c  ehSched - ok
21:08:13.0380 0x136c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:08:13.0387 0x136c  elxstor - ok
21:08:13.0396 0x136c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:08:13.0396 0x136c  ErrDev - ok
21:08:13.0422 0x136c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:08:13.0428 0x136c  EventSystem - ok
21:08:13.0505 0x136c  [ 00B132F23AA25DEF2060D490B0AB70EF, AAE3BA09C2201EA27D3DB761B3D3E8A3EE80A14B451B743F4DF1281D87166857 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:08:13.0518 0x136c  EvtEng - ok
21:08:13.0535 0x136c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:08:13.0538 0x136c  exfat - ok
21:08:13.0559 0x136c  [ B76B2CB4BD5B38397D4CE3FC50C8A3AB, 4C956085080AA9BCB4A314850936CDA5DC972D2A3ACDB4486E25A7574F7FF93C ] Fastboot        C:\Windows\system32\DRIVERS\fastboot.sys
21:08:13.0560 0x136c  Fastboot - ok
21:08:13.0606 0x136c  [ F59B90E3EC939910D3E67DF29A4CB397, 852D17F4F0E7BD77129328989F2CF67E744DFCB65016319DF7AE5738A061043F ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
21:08:13.0614 0x136c  FastbootService - ok
21:08:13.0635 0x136c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:08:13.0644 0x136c  fastfat - ok
21:08:13.0697 0x136c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:08:13.0722 0x136c  Fax - ok
21:08:13.0736 0x136c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:08:13.0736 0x136c  fdc - ok
21:08:13.0751 0x136c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:08:13.0752 0x136c  fdPHost - ok
21:08:13.0763 0x136c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:08:13.0764 0x136c  FDResPub - ok
21:08:13.0774 0x136c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:08:13.0775 0x136c  FileInfo - ok
21:08:13.0789 0x136c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:08:13.0790 0x136c  Filetrace - ok
21:08:13.0801 0x136c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:08:13.0802 0x136c  flpydisk - ok
21:08:13.0825 0x136c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:08:13.0830 0x136c  FltMgr - ok
21:08:13.0902 0x136c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:08:13.0930 0x136c  FontCache - ok
21:08:13.0963 0x136c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:08:13.0964 0x136c  FontCache3.0.0.0 - ok
21:08:13.0967 0x136c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:08:13.0968 0x136c  FsDepends - ok
21:08:13.0970 0x136c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:08:13.0970 0x136c  Fs_Rec - ok
21:08:14.0001 0x136c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:08:14.0003 0x136c  fvevol - ok
21:08:14.0015 0x136c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:08:14.0016 0x136c  gagp30kx - ok
21:08:14.0036 0x136c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:08:14.0049 0x136c  gpsvc - ok
21:08:14.0061 0x136c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:08:14.0062 0x136c  hcw85cir - ok
21:08:14.0078 0x136c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:08:14.0082 0x136c  HdAudAddService - ok
21:08:14.0089 0x136c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:08:14.0091 0x136c  HDAudBus - ok
21:08:14.0111 0x136c  HD_xLU3_RaidUtility - ok
21:08:14.0124 0x136c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:08:14.0125 0x136c  HidBatt - ok
21:08:14.0128 0x136c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:08:14.0130 0x136c  HidBth - ok
21:08:14.0132 0x136c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:08:14.0133 0x136c  HidIr - ok
21:08:14.0140 0x136c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:08:14.0141 0x136c  hidserv - ok
21:08:14.0162 0x136c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:08:14.0162 0x136c  HidUsb - ok
21:08:14.0185 0x136c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:08:14.0187 0x136c  hkmsvc - ok
21:08:14.0200 0x136c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:08:14.0209 0x136c  HomeGroupListener - ok
21:08:14.0225 0x136c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:08:14.0229 0x136c  HomeGroupProvider - ok
21:08:14.0241 0x136c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:08:14.0242 0x136c  HpSAMD - ok
21:08:14.0272 0x136c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:08:14.0284 0x136c  HTTP - ok
21:08:14.0294 0x136c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:08:14.0295 0x136c  hwpolicy - ok
21:08:14.0306 0x136c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:08:14.0307 0x136c  i8042prt - ok
21:08:14.0328 0x136c  [ B9E489CC1EA3284FEED33799DC70612D, 0DD714A3A37C391B38F4EEEB3F85C3C3C056F4AAB4A5EFA63835AD967BC25B51 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
21:08:14.0335 0x136c  iaStorA - ok
21:08:14.0385 0x136c  [ 3AEE4C821114AC707699A28988F27ABB, 033A25A19E2A649DA059AE3BCACB8605C00D4F10D356C5E3167B84C01B9359A9 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:08:14.0387 0x136c  IAStorDataMgrSvc - ok
21:08:14.0405 0x136c  [ CC096E5C9BAABEB8EF12CDFAFFD888CF, 9D61736CB83DE04FC44FB25122AB6D09951C915E577E1A18188D4D5F35EACD76 ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
21:08:14.0408 0x136c  iaStorF - ok
21:08:14.0447 0x136c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:08:14.0463 0x136c  iaStorV - ok
21:08:14.0500 0x136c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:08:14.0514 0x136c  idsvc - ok
21:08:14.0517 0x136c  IEEtwCollectorService - ok
21:08:14.0632 0x136c  [ 0AECABC08F9AB4E504935B7662123B6E, 79D1C801A8FB0920469D6088158C518481485A065E8AF2E580FE4FCC1DE8F39B ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:08:14.0676 0x136c  igfx - ok
21:08:14.0683 0x136c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:08:14.0684 0x136c  iirsp - ok
21:08:14.0707 0x136c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:08:14.0723 0x136c  IKEEXT - ok
21:08:14.0833 0x136c  [ E2E6FB83D55DF0BDA9D453EABA3F893B, 259EF8543385C90E4B0D8741C97FD426A86CC32A466A3028440988A1623564F3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:08:14.0868 0x136c  IntcAzAudAddService - ok
21:08:14.0912 0x136c  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:08:14.0920 0x136c  Intel® Capability Licensing Service Interface - ok
21:08:14.0948 0x136c  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:08:14.0956 0x136c  Intel® Capability Licensing Service TCP IP Interface - ok
21:08:14.0968 0x136c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:08:14.0968 0x136c  intelide - ok
21:08:14.0986 0x136c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:08:14.0987 0x136c  intelppm - ok
21:08:15.0025 0x136c  [ 6F45718F2DFF8A8CCE360DFEED39C0DE, 96D6546AF39E5749C65538D76324E44E21E7756E2DEBDB379F3B30995516EC9E ] intelsba        C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
21:08:15.0026 0x136c  intelsba - ok
21:08:15.0038 0x136c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:08:15.0042 0x136c  IPBusEnum - ok
21:08:15.0049 0x136c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:08:15.0052 0x136c  IpFilterDriver - ok
21:08:15.0083 0x136c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:08:15.0110 0x136c  iphlpsvc - ok
21:08:15.0117 0x136c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:08:15.0120 0x136c  IPMIDRV - ok
21:08:15.0126 0x136c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:08:15.0127 0x136c  IPNAT - ok
21:08:15.0176 0x136c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:08:15.0178 0x136c  IRENUM - ok
21:08:15.0185 0x136c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:08:15.0186 0x136c  isapnp - ok
21:08:15.0210 0x136c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:08:15.0217 0x136c  iScsiPrt - ok
21:08:15.0240 0x136c  [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:08:15.0241 0x136c  iusb3hcs - ok
21:08:15.0263 0x136c  [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:08:15.0273 0x136c  iusb3hub - ok
21:08:15.0307 0x136c  [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:08:15.0319 0x136c  iusb3xhc - ok
21:08:15.0361 0x136c  [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
21:08:15.0364 0x136c  jhi_service - ok
21:08:15.0378 0x136c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:08:15.0381 0x136c  kbdclass - ok
21:08:15.0391 0x136c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:08:15.0393 0x136c  kbdhid - ok
21:08:15.0403 0x136c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
21:08:15.0405 0x136c  KeyIso - ok
21:08:15.0433 0x136c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:08:15.0436 0x136c  KSecDD - ok
21:08:15.0453 0x136c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:08:15.0457 0x136c  KSecPkg - ok
21:08:15.0473 0x136c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:08:15.0474 0x136c  ksthunk - ok
21:08:15.0502 0x136c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:08:15.0512 0x136c  KtmRm - ok
21:08:15.0537 0x136c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:08:15.0544 0x136c  LanmanServer - ok
21:08:15.0569 0x136c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:08:15.0573 0x136c  LanmanWorkstation - ok
21:08:15.0602 0x136c  [ 658D579581D1D541E33020789D920381, 510395E78ED6FB6A12242C4987B106D46A614470C4F3B472ECF67E582E802800 ] LBAEvent        C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe
21:08:15.0602 0x136c  LBAEvent - ok
21:08:15.0615 0x136c  [ F980BC9EDC3BB844C6144351B8053581, C42CA2076A4B83B675BE3FCD5D95F9428073A3F6F5204CBA34A6D3E23C198B00 ] LBAI            C:\Windows\system32\Drivers\LBAI.sys
21:08:15.0616 0x136c  LBAI - ok
21:08:15.0663 0x136c  [ C859A03AC00B8BEF2F0075EA59F5E5B9, 9C2B4938BEF4757B635EBAAAFB530429EB8496AAF07FE5CCEACB6761E6B04656 ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
21:08:15.0666 0x136c  LENOVO.CAMMUTE - ok
21:08:15.0683 0x136c  [ 2890A29E8EEC3AAD6B56581E790B3DBB, FCEDA5A191FC2E15E75C2FABEB5C5CC0007459005EAFBC6D7CFE4BD799A12A49 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
21:08:15.0686 0x136c  LENOVO.TPKNRSVC - ok
21:08:15.0704 0x136c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:08:15.0706 0x136c  lltdio - ok
21:08:15.0732 0x136c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:08:15.0743 0x136c  lltdsvc - ok
21:08:15.0755 0x136c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:08:15.0756 0x136c  lmhosts - ok
21:08:15.0794 0x136c  [ 02A9CBACE666877BBBA4FD66B22F6D4A, 0E783BA7A8F00CEC8F03CFEE03999CA5DB9E4DB7CCE62D9171CFCF36AFBE4BB1 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:08:15.0800 0x136c  LMS - ok
21:08:15.0822 0x136c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:08:15.0824 0x136c  LSI_FC - ok
21:08:15.0849 0x136c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:08:15.0853 0x136c  LSI_SAS - ok
21:08:15.0874 0x136c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:08:15.0876 0x136c  LSI_SAS2 - ok
21:08:15.0885 0x136c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:08:15.0888 0x136c  LSI_SCSI - ok
21:08:15.0903 0x136c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:08:15.0907 0x136c  luafv - ok
21:08:15.0927 0x136c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:08:15.0932 0x136c  Mcx2Svc - ok
21:08:15.0942 0x136c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:08:15.0944 0x136c  megasas - ok
21:08:15.0964 0x136c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:08:15.0972 0x136c  MegaSR - ok
21:08:15.0988 0x136c  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:08:15.0990 0x136c  MEIx64 - ok
21:08:16.0027 0x136c  MFE_RR - ok
21:08:16.0039 0x136c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:08:16.0043 0x136c  MMCSS - ok
21:08:16.0055 0x136c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:08:16.0057 0x136c  Modem - ok
21:08:16.0081 0x136c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:08:16.0083 0x136c  monitor - ok
21:08:16.0101 0x136c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:08:16.0103 0x136c  mouclass - ok
21:08:16.0111 0x136c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:08:16.0112 0x136c  mouhid - ok
21:08:16.0122 0x136c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:08:16.0125 0x136c  mountmgr - ok
21:08:16.0157 0x136c  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
21:08:16.0165 0x136c  MpFilter - ok
21:08:16.0187 0x136c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:08:16.0191 0x136c  mpio - ok
21:08:16.0212 0x136c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:08:16.0214 0x136c  mpsdrv - ok
21:08:16.0251 0x136c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:08:16.0276 0x136c  MpsSvc - ok
21:08:16.0298 0x136c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:08:16.0300 0x136c  MRxDAV - ok
21:08:16.0320 0x136c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:08:16.0323 0x136c  mrxsmb - ok
21:08:16.0332 0x136c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:08:16.0336 0x136c  mrxsmb10 - ok
21:08:16.0351 0x136c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:08:16.0353 0x136c  mrxsmb20 - ok
21:08:16.0364 0x136c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:08:16.0365 0x136c  msahci - ok
21:08:16.0390 0x136c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:08:16.0393 0x136c  msdsm - ok
21:08:16.0404 0x136c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:08:16.0407 0x136c  MSDTC - ok
21:08:16.0421 0x136c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:08:16.0421 0x136c  Msfs - ok
21:08:16.0429 0x136c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:08:16.0430 0x136c  mshidkmdf - ok
21:08:16.0440 0x136c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:08:16.0440 0x136c  msisadrv - ok
21:08:16.0467 0x136c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:08:16.0471 0x136c  MSiSCSI - ok
21:08:16.0474 0x136c  msiserver - ok
21:08:16.0487 0x136c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:08:16.0487 0x136c  MSKSSRV - ok
21:08:16.0533 0x136c  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:08:16.0534 0x136c  MsMpSvc - ok
21:08:16.0549 0x136c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:08:16.0550 0x136c  MSPCLOCK - ok
21:08:16.0559 0x136c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:08:16.0560 0x136c  MSPQM - ok
21:08:16.0580 0x136c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:08:16.0585 0x136c  MsRPC - ok
21:08:16.0599 0x136c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:08:16.0600 0x136c  mssmbios - ok
21:08:16.0607 0x136c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:08:16.0607 0x136c  MSTEE - ok
21:08:16.0610 0x136c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:08:16.0610 0x136c  MTConfig - ok
21:08:16.0618 0x136c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:08:16.0619 0x136c  Mup - ok
21:08:16.0642 0x136c  [ 74E1E62819D33F176821ADC9AFF8A3E7, 99E5C85E8A49ECBBBB5D9ABCA43BC7C756126F29A3B73E74D61F9644EF19FC8B ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:08:16.0645 0x136c  MyWiFiDHCPDNS - ok
21:08:16.0663 0x136c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:08:16.0671 0x136c  napagent - ok
21:08:16.0696 0x136c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:08:16.0700 0x136c  NativeWifiP - ok
21:08:16.0729 0x136c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:08:16.0741 0x136c  NDIS - ok
21:08:16.0752 0x136c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:08:16.0753 0x136c  NdisCap - ok
21:08:16.0772 0x136c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:08:16.0772 0x136c  NdisTapi - ok
21:08:16.0787 0x136c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:08:16.0788 0x136c  Ndisuio - ok
21:08:16.0796 0x136c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:08:16.0798 0x136c  NdisWan - ok
21:08:16.0816 0x136c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:08:16.0817 0x136c  NDProxy - ok
21:08:16.0827 0x136c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:08:16.0827 0x136c  NetBIOS - ok
21:08:16.0841 0x136c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:08:16.0844 0x136c  NetBT - ok
21:08:16.0853 0x136c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
21:08:16.0854 0x136c  Netlogon - ok
21:08:16.0873 0x136c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:08:16.0879 0x136c  Netman - ok
21:08:16.0916 0x136c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:08:16.0918 0x136c  NetMsmqActivator - ok
21:08:16.0921 0x136c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:08:16.0923 0x136c  NetPipeActivator - ok
21:08:16.0932 0x136c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:08:16.0938 0x136c  netprofm - ok
21:08:16.0949 0x136c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:08:16.0951 0x136c  NetTcpActivator - ok
21:08:16.0955 0x136c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:08:16.0956 0x136c  NetTcpPortSharing - ok
21:08:17.0194 0x136c  [ D39BFDCB570E9019831901AB1B8B4443, 6A8E3761F211AE3C36F8BFE8247AE068B039B2CF5AE36607E6629873B0E4FFE3 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
21:08:17.0315 0x136c  NETwNs64 - ok
21:08:17.0348 0x136c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:08:17.0349 0x136c  nfrd960 - ok
21:08:17.0363 0x136c  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:08:17.0365 0x136c  NisDrv - ok
21:08:17.0386 0x136c  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
21:08:17.0390 0x136c  NisSrv - ok
21:08:17.0430 0x136c  [ 78E0E8CA104C6A55BD0E94286EADC3E0, 421BF710AF84E64905013609DDE588433EAFF7721C1E1C5EFC94621AB87E9F58 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
21:08:17.0433 0x136c  NitroDriverReadSpool8 - ok
21:08:17.0445 0x136c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:08:17.0449 0x136c  NlaSvc - ok
21:08:17.0491 0x136c  [ 14EE8947D94ADD6B1A66B4FC33E06A2A, 5521D8C4738A7C67885864206A9594374133119011BD709C12A75B7AAC25B2B6 ] nlsX86cc        C:\Windows\SysWOW64\NLSSRV32.EXE
21:08:17.0493 0x136c  nlsX86cc - ok
21:08:17.0509 0x136c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:08:17.0512 0x136c  Npfs - ok
21:08:17.0528 0x136c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:08:17.0530 0x136c  nsi - ok
21:08:17.0543 0x136c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:08:17.0544 0x136c  nsiproxy - ok
21:08:17.0606 0x136c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:08:17.0626 0x136c  Ntfs - ok
21:08:17.0635 0x136c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:08:17.0635 0x136c  Null - ok
21:08:17.0637 0x136c  NVHDA - ok
21:08:17.0640 0x136c  nvlddmkm - ok
21:08:17.0662 0x136c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:08:17.0664 0x136c  nvraid - ok
21:08:17.0668 0x136c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:08:17.0670 0x136c  nvstor - ok
21:08:17.0677 0x136c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:08:17.0679 0x136c  nv_agp - ok
21:08:17.0691 0x136c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:08:17.0692 0x136c  ohci1394 - ok
21:08:17.0705 0x136c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:08:17.0710 0x136c  p2pimsvc - ok
21:08:17.0729 0x136c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:08:17.0736 0x136c  p2psvc - ok
21:08:17.0755 0x136c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:08:17.0757 0x136c  Parport - ok
21:08:17.0766 0x136c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:08:17.0767 0x136c  partmgr - ok
21:08:17.0775 0x136c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:08:17.0778 0x136c  PcaSvc - ok
21:08:17.0785 0x136c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:08:17.0787 0x136c  pci - ok
21:08:17.0803 0x136c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
21:08:17.0803 0x136c  pciide - ok
21:08:17.0820 0x136c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:08:17.0822 0x136c  pcmcia - ok
21:08:17.0825 0x136c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:08:17.0826 0x136c  pcw - ok
21:08:17.0842 0x136c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:08:17.0849 0x136c  PEAUTH - ok
21:08:17.0885 0x136c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:08:17.0910 0x136c  PeerDistSvc - ok
21:08:17.0933 0x136c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:08:17.0934 0x136c  PerfHost - ok
21:08:17.0966 0x136c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:08:17.0992 0x136c  pla - ok
21:08:18.0009 0x136c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:08:18.0015 0x136c  PlugPlay - ok
21:08:18.0025 0x136c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:08:18.0026 0x136c  PNRPAutoReg - ok
21:08:18.0033 0x136c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:08:18.0037 0x136c  PNRPsvc - ok
21:08:18.0064 0x136c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:08:18.0072 0x136c  PolicyAgent - ok
21:08:18.0081 0x136c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:08:18.0084 0x136c  Power - ok
21:08:18.0117 0x136c  [ 919410C50163BFF128B9F6E33E058476, F6854DDE9128470215DAA148A8176221CB81297FBA30C33FEE814C85F1BB8BF7 ] Power Manager DBC Service C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE
21:08:18.0118 0x136c  Power Manager DBC Service - ok
21:08:18.0133 0x136c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:08:18.0134 0x136c  PptpMiniport - ok
21:08:18.0138 0x136c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:08:18.0138 0x136c  Processor - ok
21:08:18.0150 0x136c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:08:18.0153 0x136c  ProfSvc - ok
21:08:18.0161 0x136c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:08:18.0162 0x136c  ProtectedStorage - ok
21:08:18.0182 0x136c  [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
21:08:18.0183 0x136c  psadd - ok
21:08:18.0194 0x136c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:08:18.0196 0x136c  Psched - ok
21:08:18.0210 0x136c  [ 649373D3B2DDAA5D25410E5EFB893621, 7B4B331A01C602A560853E20991265DB7B0FA79E50421267BC248D345850506E ] PwmEWSvc        C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE
21:08:18.0212 0x136c  PwmEWSvc - ok
21:08:18.0249 0x136c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:08:18.0265 0x136c  ql2300 - ok
21:08:18.0270 0x136c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:08:18.0272 0x136c  ql40xx - ok
21:08:18.0281 0x136c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:08:18.0285 0x136c  QWAVE - ok
21:08:18.0295 0x136c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:08:18.0296 0x136c  QWAVEdrv - ok
21:08:18.0329 0x136c  [ 525BCE27F030D43DE01AC7154DCE24E0, AB9805EBDDC6FB7C5DCCCE99216AD51EFA2C6BCA3CE4C0408ADA24E1BC6C36B4 ] raidfilt        C:\Windows\system32\drivers\raidfilt.sys
21:08:18.0330 0x136c  raidfilt - ok
21:08:18.0332 0x136c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:08:18.0332 0x136c  RasAcd - ok
21:08:18.0343 0x136c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:08:18.0343 0x136c  RasAgileVpn - ok
21:08:18.0356 0x136c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:08:18.0359 0x136c  RasAuto - ok
21:08:18.0369 0x136c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:08:18.0371 0x136c  Rasl2tp - ok
21:08:18.0382 0x136c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:08:18.0388 0x136c  RasMan - ok
21:08:18.0399 0x136c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:08:18.0400 0x136c  RasPppoe - ok
21:08:18.0414 0x136c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:08:18.0415 0x136c  RasSstp - ok
21:08:18.0427 0x136c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:08:18.0430 0x136c  rdbss - ok
21:08:18.0438 0x136c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:08:18.0439 0x136c  rdpbus - ok
21:08:18.0444 0x136c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:08:18.0444 0x136c  RDPCDD - ok
21:08:18.0468 0x136c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:08:18.0469 0x136c  RDPDR - ok
21:08:18.0472 0x136c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:08:18.0472 0x136c  RDPENCDD - ok
21:08:18.0486 0x136c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:08:18.0486 0x136c  RDPREFMP - ok
21:08:18.0492 0x136c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:08:18.0494 0x136c  RDPWD - ok
21:08:18.0504 0x136c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:08:18.0506 0x136c  rdyboost - ok
21:08:18.0533 0x136c  [ 5A118234A2251D6CFB8A11DFE7AC4B4A, C79AEAA4D35C10F3C0F5F75E525FE8FB839F43C5EA0D83AE2D5FAB8FEB8F6ECF ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:08:18.0535 0x136c  RegSrvc - ok
21:08:18.0539 0x136c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:08:18.0541 0x136c  RemoteAccess - ok
21:08:18.0550 0x136c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:08:18.0553 0x136c  RemoteRegistry - ok
21:08:18.0566 0x136c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:08:18.0567 0x136c  RpcEptMapper - ok
21:08:18.0578 0x136c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:08:18.0579 0x136c  RpcLocator - ok
21:08:18.0595 0x136c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:08:18.0601 0x136c  RpcSs - ok
21:08:18.0625 0x136c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:08:18.0626 0x136c  rspndr - ok
21:08:18.0637 0x136c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:08:18.0639 0x136c  s3cap - ok
21:08:18.0649 0x136c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
21:08:18.0653 0x136c  SamSs - ok
21:08:18.0670 0x136c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:08:18.0672 0x136c  sbp2port - ok
21:08:18.0690 0x136c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:08:18.0695 0x136c  SCardSvr - ok
21:08:18.0705 0x136c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:08:18.0706 0x136c  scfilter - ok
21:08:18.0755 0x136c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:08:18.0781 0x136c  Schedule - ok
21:08:18.0799 0x136c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:08:18.0800 0x136c  SCPolicySvc - ok
21:08:18.0810 0x136c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:08:18.0813 0x136c  SDRSVC - ok
21:08:18.0822 0x136c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:08:18.0823 0x136c  secdrv - ok
21:08:18.0834 0x136c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:08:18.0836 0x136c  seclogon - ok
21:08:18.0839 0x136c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:08:18.0841 0x136c  SENS - ok
21:08:18.0850 0x136c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:08:18.0851 0x136c  SensrSvc - ok
21:08:18.0861 0x136c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:08:18.0861 0x136c  Serenum - ok
21:08:18.0883 0x136c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:08:18.0884 0x136c  Serial - ok
21:08:18.0895 0x136c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:08:18.0896 0x136c  sermouse - ok
21:08:18.0911 0x136c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:08:18.0914 0x136c  SessionEnv - ok
21:08:18.0917 0x136c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:08:18.0917 0x136c  sffdisk - ok
21:08:18.0919 0x136c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:08:18.0920 0x136c  sffp_mmc - ok
21:08:18.0922 0x136c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:08:18.0922 0x136c  sffp_sd - ok
21:08:18.0925 0x136c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:08:18.0925 0x136c  sfloppy - ok
21:08:18.0956 0x136c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:08:18.0962 0x136c  SharedAccess - ok
21:08:18.0979 0x136c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:08:18.0985 0x136c  ShellHWDetection - ok
21:08:18.0988 0x136c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:08:18.0989 0x136c  SiSRaid2 - ok
21:08:18.0992 0x136c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:08:18.0993 0x136c  SiSRaid4 - ok
21:08:18.0999 0x136c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:08:19.0000 0x136c  Smb - ok
21:08:19.0010 0x136c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:08:19.0011 0x136c  SNMPTRAP - ok
21:08:19.0018 0x136c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:08:19.0018 0x136c  spldr - ok
21:08:19.0039 0x136c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:08:19.0047 0x136c  Spooler - ok
21:08:19.0146 0x136c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:08:19.0227 0x136c  sppsvc - ok
21:08:19.0238 0x136c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:08:19.0240 0x136c  sppuinotify - ok
21:08:19.0260 0x136c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:08:19.0265 0x136c  srv - ok
21:08:19.0276 0x136c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:08:19.0280 0x136c  srv2 - ok
21:08:19.0287 0x136c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:08:19.0289 0x136c  srvnet - ok
21:08:19.0300 0x136c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:08:19.0303 0x136c  SSDPSRV - ok
21:08:19.0312 0x136c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:08:19.0314 0x136c  SstpSvc - ok
21:08:19.0321 0x136c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:08:19.0322 0x136c  stexstor - ok
21:08:19.0344 0x136c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:08:19.0353 0x136c  stisvc - ok
21:08:19.0370 0x136c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:08:19.0371 0x136c  storflt - ok
21:08:19.0390 0x136c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:08:19.0393 0x136c  StorSvc - ok
21:08:19.0411 0x136c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:08:19.0413 0x136c  storvsc - ok
21:08:19.0461 0x136c  [ 5D8B9129DA2EB060BC9346FD9724632E, 3145C3769666A87D41E064DFC3AF6B271CBD2763A7BA233BDD93BB93508377D2 ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:08:19.0463 0x136c  SUService - ok
21:08:19.0484 0x136c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:08:19.0485 0x136c  swenum - ok
21:08:19.0510 0x136c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:08:19.0534 0x136c  swprv - ok
21:08:19.0577 0x136c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:08:19.0619 0x136c  SysMain - ok
21:08:19.0629 0x136c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:08:19.0632 0x136c  TabletInputService - ok
21:08:19.0646 0x136c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:08:19.0651 0x136c  TapiSrv - ok
21:08:19.0662 0x136c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:08:19.0664 0x136c  TBS - ok
21:08:19.0667 0x136c  TC2Service - ok
21:08:19.0715 0x136c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:08:19.0735 0x136c  Tcpip - ok
21:08:19.0774 0x136c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:08:19.0794 0x136c  TCPIP6 - ok
21:08:19.0806 0x136c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:08:19.0807 0x136c  tcpipreg - ok
21:08:19.0821 0x136c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:08:19.0821 0x136c  TDPIPE - ok
21:08:19.0840 0x136c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:08:19.0841 0x136c  TDTCP - ok
21:08:19.0853 0x136c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:08:19.0854 0x136c  tdx - ok
21:08:19.0862 0x136c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:08:19.0863 0x136c  TermDD - ok
21:08:19.0886 0x136c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
21:08:19.0900 0x136c  TermService - ok
21:08:19.0907 0x136c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:08:19.0908 0x136c  Themes - ok
21:08:19.0914 0x136c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:08:19.0915 0x136c  THREADORDER - ok
21:08:19.0940 0x136c  [ A21BAB5353A6C8DE1FA271DBBE01EC9D, 5148FC980019C60415E4368E5CAE213D810081BF89BCC3208EC907F010BD5EAD ] tpcexdccs       C:\Program Files (x86)\BUFFALO\TurboPC_EX\DiskCache\tpcexService.exe
21:08:19.0942 0x136c  tpcexdccs - ok
21:08:19.0956 0x136c  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
21:08:19.0958 0x136c  TPM - ok
21:08:19.0978 0x136c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:08:19.0984 0x136c  TrkWks - ok
21:08:20.0020 0x136c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:08:20.0023 0x136c  TrustedInstaller - ok
21:08:20.0040 0x136c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:08:20.0041 0x136c  tssecsrv - ok
21:08:20.0055 0x136c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:08:20.0057 0x136c  TsUsbFlt - ok
21:08:20.0061 0x136c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:08:20.0062 0x136c  TsUsbGD - ok
21:08:20.0077 0x136c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:08:20.0080 0x136c  tunnel - ok
21:08:20.0096 0x136c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:08:20.0097 0x136c  uagp35 - ok
21:08:20.0118 0x136c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:08:20.0124 0x136c  udfs - ok
21:08:20.0143 0x136c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:08:20.0146 0x136c  UI0Detect - ok
21:08:20.0157 0x136c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:08:20.0159 0x136c  uliagpkx - ok
21:08:20.0164 0x136c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:08:20.0165 0x136c  umbus - ok
21:08:20.0176 0x136c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:08:20.0177 0x136c  UmPass - ok
21:08:20.0205 0x136c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:08:20.0211 0x136c  UmRdpService - ok
21:08:20.0228 0x136c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:08:20.0237 0x136c  upnphost - ok
21:08:20.0269 0x136c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
21:08:20.0271 0x136c  usbccgp - ok
21:08:20.0283 0x136c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:08:20.0285 0x136c  usbcir - ok
21:08:20.0304 0x136c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:08:20.0305 0x136c  usbehci - ok
21:08:20.0325 0x136c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:08:20.0332 0x136c  usbhub - ok
21:08:20.0342 0x136c  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:08:20.0343 0x136c  usbohci - ok
21:08:20.0351 0x136c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:08:20.0352 0x136c  usbprint - ok
21:08:20.0366 0x136c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:08:20.0368 0x136c  USBSTOR - ok
21:08:20.0373 0x136c  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:08:20.0373 0x136c  usbuhci - ok
21:08:20.0402 0x136c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:08:20.0406 0x136c  usbvideo - ok
21:08:20.0421 0x136c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:08:20.0424 0x136c  UxSms - ok
21:08:20.0437 0x136c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
21:08:20.0439 0x136c  VaultSvc - ok
21:08:20.0452 0x136c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:08:20.0453 0x136c  vdrvroot - ok
21:08:20.0474 0x136c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:08:20.0489 0x136c  vds - ok
21:08:20.0502 0x136c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:08:20.0503 0x136c  vga - ok
21:08:20.0510 0x136c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:08:20.0511 0x136c  VgaSave - ok
21:08:20.0525 0x136c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:08:20.0527 0x136c  vhdmp - ok
21:08:20.0543 0x136c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:08:20.0544 0x136c  viaide - ok
21:08:20.0557 0x136c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:08:20.0559 0x136c  vmbus - ok
21:08:20.0563 0x136c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:08:20.0563 0x136c  VMBusHID - ok
21:08:20.0573 0x136c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:08:20.0574 0x136c  volmgr - ok
21:08:20.0591 0x136c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:08:20.0595 0x136c  volmgrx - ok
21:08:20.0609 0x136c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:08:20.0612 0x136c  volsnap - ok
21:08:20.0625 0x136c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:08:20.0627 0x136c  vsmraid - ok
21:08:20.0665 0x136c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:08:20.0697 0x136c  VSS - ok
21:08:20.0706 0x136c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:08:20.0706 0x136c  vwifibus - ok
21:08:20.0719 0x136c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:08:20.0720 0x136c  vwififlt - ok
21:08:20.0729 0x136c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:08:20.0729 0x136c  vwifimp - ok
21:08:20.0759 0x136c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:08:20.0770 0x136c  W32Time - ok
21:08:20.0775 0x136c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:08:20.0776 0x136c  WacomPen - ok
21:08:20.0835 0x136c  [ D970AF80B98927A8C63DBA235E69DF7E, CA8A3ADF3A64B63AB88EA07D452FB12D3498B05C4DFF10434FBFE8A3E688C50B ] wampapache      c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
21:08:20.0836 0x136c  wampapache - ok
21:08:20.0865 0x136c  wampmysqld - ok
21:08:20.0879 0x136c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:08:20.0884 0x136c  WANARP - ok
21:08:20.0896 0x136c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:08:20.0901 0x136c  Wanarpv6 - ok
21:08:20.0979 0x136c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:08:21.0009 0x136c  WatAdminSvc - ok
21:08:21.0041 0x136c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:08:21.0076 0x136c  wbengine - ok
21:08:21.0099 0x136c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:08:21.0103 0x136c  WbioSrvc - ok
21:08:21.0120 0x136c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:08:21.0127 0x136c  wcncsvc - ok
21:08:21.0154 0x136c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:08:21.0156 0x136c  WcsPlugInService - ok
21:08:21.0161 0x136c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:08:21.0162 0x136c  Wd - ok
21:08:21.0198 0x136c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:08:21.0215 0x136c  Wdf01000 - ok
21:08:21.0253 0x136c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:08:21.0260 0x136c  WdiServiceHost - ok
21:08:21.0270 0x136c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:08:21.0275 0x136c  WdiSystemHost - ok
21:08:21.0297 0x136c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:08:21.0304 0x136c  WebClient - ok
21:08:21.0322 0x136c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:08:21.0329 0x136c  Wecsvc - ok
21:08:21.0340 0x136c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:08:21.0343 0x136c  wercplsupport - ok
21:08:21.0359 0x136c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:08:21.0362 0x136c  WerSvc - ok
21:08:21.0375 0x136c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:08:21.0376 0x136c  WfpLwf - ok
21:08:21.0380 0x136c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:08:21.0380 0x136c  WIMMount - ok
21:08:21.0392 0x136c  WinDefend - ok
21:08:21.0400 0x136c  WinHttpAutoProxySvc - ok
21:08:21.0451 0x136c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:08:21.0458 0x136c  Winmgmt - ok
21:08:21.0518 0x136c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:08:21.0555 0x136c  WinRM - ok
21:08:21.0579 0x136c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:08:21.0602 0x136c  Wlansvc - ok
21:08:21.0615 0x136c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:08:21.0616 0x136c  WmiAcpi - ok
21:08:21.0632 0x136c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:08:21.0635 0x136c  wmiApSrv - ok
21:08:21.0647 0x136c  WMPNetworkSvc - ok
21:08:21.0652 0x136c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:08:21.0653 0x136c  WPCSvc - ok
21:08:21.0660 0x136c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:08:21.0663 0x136c  WPDBusEnum - ok
21:08:21.0673 0x136c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:08:21.0673 0x136c  ws2ifsl - ok
21:08:21.0685 0x136c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:08:21.0687 0x136c  wscsvc - ok
21:08:21.0690 0x136c  WSearch - ok
21:08:21.0714 0x136c  [ 9119E153CB40416D630A904804E05EDC, A973FF6E4A2AD9EA9920396F0810E0F590CAE09099885F866B993815A22F5309 ] wStLibG64       C:\Windows\system32\drivers\wStLibG64.sys
21:08:21.0715 0x136c  wStLibG64 - ok
21:08:21.0771 0x136c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:08:21.0813 0x136c  wuauserv - ok
21:08:21.0841 0x136c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:08:21.0842 0x136c  WudfPf - ok
21:08:21.0854 0x136c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:08:21.0856 0x136c  WUDFRd - ok
21:08:21.0872 0x136c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:08:21.0875 0x136c  wudfsvc - ok
21:08:21.0900 0x136c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:08:21.0904 0x136c  WwanSvc - ok
21:08:22.0036 0x136c  [ A923222A8437E6C419AFC1A3BE32FF47, ED1132AE3548AC54D838F93B36A591F3EDB34A980409ED220077871DA5630E9A ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:08:22.0072 0x136c  ZeroConfigService - ok
21:08:22.0087 0x136c  ================ Scan global ===============================
21:08:22.0097 0x136c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:08:22.0113 0x136c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:08:22.0121 0x136c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:08:22.0140 0x136c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:08:22.0152 0x136c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:08:22.0156 0x136c  [ Global ] - ok
21:08:22.0157 0x136c  ================ Scan MBR ==================================
21:08:22.0187 0x136c  [ F99616F9E0FDB5856D942A5C61444C03 ] \Device\Harddisk0\DR0
21:08:22.0412 0x136c  \Device\Harddisk0\DR0 - ok
21:08:22.0998 0x136c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:08:23.0009 0x136c  \Device\Harddisk1\DR1 - ok
21:08:23.0009 0x136c  ================ Scan VBR ==================================
21:08:23.0016 0x136c  [ 38737D0B89432F48D3115A50A8DCE339 ] \Device\Harddisk0\DR0\Partition1
21:08:23.0081 0x136c  \Device\Harddisk0\DR0\Partition1 - ok
21:08:23.0089 0x136c  [ BE090591364E5C4C0807BB8F1DB0A8FE ] \Device\Harddisk0\DR0\Partition2
21:08:23.0153 0x136c  \Device\Harddisk0\DR0\Partition2 - ok
21:08:23.0160 0x136c  [ 91CEB94935B330F7B9243E25E246D06C ] \Device\Harddisk0\DR0\Partition3
21:08:23.0163 0x136c  \Device\Harddisk0\DR0\Partition3 - ok
21:08:23.0173 0x136c  [ 434A6305D92B6ED8BEDF968A5B341C8D ] \Device\Harddisk1\DR1\Partition1
21:08:23.0225 0x136c  \Device\Harddisk1\DR1\Partition1 - ok
21:08:23.0226 0x136c  Waiting for KSN requests completion. In queue: 315
21:08:24.0226 0x136c  Waiting for KSN requests completion. In queue: 315
21:08:25.0226 0x136c  Waiting for KSN requests completion. In queue: 9
21:08:26.0247 0x136c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
21:08:26.0267 0x136c  Win FW state via NFP2: enabled
21:08:29.0006 0x136c  ============================================================
21:08:29.0006 0x136c  Scan finished
21:08:29.0006 0x136c  ============================================================
21:08:32.0571 0x0ab8  Detected object count: 0
21:08:32.0571 0x0ab8  Actual detected object count: 0


#6 rgould73

rgould73
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 19 May 2014 - 08:15 PM

# AdwCleaner v3.210 - Report created 19/05/2014 at 21:12:30
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : admin - DPSERVER2
# Running from : C:\Users\admin\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : wStLibG64
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Uninstaller
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASMANCS
Key Deleted : HKCU\Software\23556fb1360f366337f97c924e76ead3
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\WebProtect
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\WebProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
*************************
 
AdwCleaner[R0].txt - [2650 octets] - [19/05/2014 21:10:45]
AdwCleaner[S0].txt - [2573 octets] - [19/05/2014 21:12:30]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2633 octets] ##########


#7 rgould73

rgould73
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 19 May 2014 - 08:20 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by admin on Mon 05/19/2014 at 21:16:48.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 05/19/2014 at 21:19:39.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#8 rgould73

rgould73
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 19 May 2014 - 08:26 PM

running eset now



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:53 AM

Posted 19 May 2014 - 08:31 PM

Looking good, let me know how it's running after ESET.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 rgould73

rgould73
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 19 May 2014 - 08:36 PM

Will do. so far MSIL/DomalQ.A potentially unwanted. but it has a ways to go. thank you for all of the help. much appreciated.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:53 AM

Posted 19 May 2014 - 08:51 PM

No problem.. It may need a couple hours .. let if run and finish..


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 rgould73

rgould73
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 19 May 2014 - 10:28 PM

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uninstaller\Uninstall.exe.vir a variant of MSIL/DomaIQ.A potentially unwanted application
C:\Users\admin\Downloads\ccsetup413.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\admin\Downloads\FirefoxSetup.exe a variant of Win32/InstallCore.JW potentially unwanted application





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users