Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 8.1 Laptop infected need help please


  • This topic is locked This topic is locked
4 replies to this topic

#1 bruno116

bruno116

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 28 May 2014 - 06:20 AM

Hello,

 

I have a Windows 8.1 Laptop that is infected with all sorts of Malware etc

I have tried following the instructions as stated here

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

I cannot run a DSS log as it wont run in windows 8.1

 

what do I need to run to get a log?

All desktop icons have disappeared.

 

Please help,

 

Many thanks in advance

 

 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 28 May 2014 - 07:32 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please attach this file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 bruno116

bruno116
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 28 May 2014 - 12:37 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by lee (administrator) on PIPPA-PC on 28-05-2014 17:38:33
Running from C:\Users\lee\Downloads
Platform: Windows 8.1 (X64) OS Language: English(UK)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-10-28] (IDT, Inc.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-28] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-08] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1699547177-743084043-3656509255-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1711680 2013-01-27] (CyberLink Corp.)
HKU\S-1-5-21-1699547177-743084043-3656509255-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-1699547177-743084043-3656509255-1001\...\Run: [GoogleChromeAutoLaunch_3E1EC7EAD0295B039D981EB280A2541F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.)
Startup: C:\Users\lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPNOT13/2
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home3933.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home3933\ff
FF HKCU\...\Firefox\Extensions: [{0789D446-664F-12A9-533A-B1BC2F9C0C17}] - C:\Program Files (x86)\Re-Markable-soft\170.xpi
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-28] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-12-03] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-28] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-12-03] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-05-28] ()
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S2 SAWFP; \??\C:\WINDOWS\system32\Drivers\SAWFP64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-28 17:38 - 2014-05-28 17:38 - 00014385 _____ () C:\Users\lee\Downloads\FRST.txt
2014-05-28 17:38 - 2014-05-28 17:38 - 00000000 ____D () C:\FRST
2014-05-28 17:37 - 2014-05-28 17:37 - 02066944 _____ (Farbar) C:\Users\lee\Downloads\FRST64.exe
2014-05-28 16:02 - 2014-05-28 16:02 - 00529790 _____ () C:\WINDOWS\PFRO.log
2014-05-28 15:46 - 2014-05-28 17:35 - 00003152 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForlee
2014-05-28 15:46 - 2014-05-28 17:35 - 00000342 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForlee.job
2014-05-28 15:46 - 2014-05-28 16:13 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1699547177-743084043-3656509255-1001
2014-05-28 14:53 - 2014-05-28 14:53 - 00000000 ____D () C:\ProgramData\Auslogics
2014-05-28 13:11 - 2014-05-28 13:11 - 00000000 ____D () C:\Users\lee\AppData\Roaming\AVAST Software
2014-05-28 13:09 - 2014-05-28 13:09 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-28 13:09 - 2014-05-28 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-28 13:08 - 2014-05-28 13:12 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-05-28 13:08 - 2014-05-28 13:12 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-05-28 13:08 - 2014-05-28 13:12 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1401279126031
2014-05-28 13:08 - 2014-05-28 13:08 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1401279126031
2014-05-28 13:08 - 2014-05-28 13:08 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-05-28 13:08 - 2014-05-28 13:08 - 00208416 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-05-28 13:08 - 2014-05-28 13:08 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-05-28 13:08 - 2014-05-28 13:08 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-28 13:06 - 2014-05-28 13:06 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-28 11:57 - 2014-05-28 11:57 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 11:42 - 2014-05-28 11:42 - 00000000 ____D () C:\Users\lee\AppData\Roaming\SUPERAntiSpyware.com
2014-05-28 11:41 - 2014-05-28 11:42 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-28 11:41 - 2014-05-28 11:41 - 00001820 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-05-28 11:41 - 2014-05-28 11:41 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-28 11:41 - 2014-05-28 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-28 11:40 - 2014-05-28 11:40 - 00001074 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-28 11:40 - 2014-05-28 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-28 11:40 - 2014-05-28 11:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 11:40 - 2014-05-28 11:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-28 11:40 - 2014-05-28 11:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-28 11:40 - 2014-05-12 07:35 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-28 11:40 - 2014-05-12 07:35 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-05-28 11:40 - 2014-05-12 07:35 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-05-28 11:00 - 2014-05-28 11:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-28 10:53 - 2014-05-28 11:29 - 00000000 ____D () C:\AdwCleaner
2014-05-28 09:05 - 2014-05-28 13:50 - 00000000 ____D () C:\Users\lee\Desktop\Download
2014-05-28 08:58 - 2014-05-28 08:58 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-05-15 20:47 - 2014-05-28 12:00 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
2014-05-02 18:28 - 2014-05-02 18:28 - 00000000 ____D () C:\Users\lee\Documents\OneNote Notebooks
 
==================== One Month Modified Files and Folders =======
 
2014-05-28 17:38 - 2014-05-28 17:38 - 00014385 _____ () C:\Users\lee\Downloads\FRST.txt
2014-05-28 17:38 - 2014-05-28 17:38 - 00000000 ____D () C:\FRST
2014-05-28 17:37 - 2014-05-28 17:37 - 02066944 _____ (Farbar) C:\Users\lee\Downloads\FRST64.exe
2014-05-28 17:35 - 2014-05-28 15:46 - 00003152 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForlee
2014-05-28 17:35 - 2014-05-28 15:46 - 00000342 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForlee.job
2014-05-28 17:35 - 2014-02-05 22:57 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-28 17:35 - 2014-02-05 22:56 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-28 17:35 - 2014-01-22 19:47 - 00004966 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for PIPPA-PC-lee PIPPA-PC
2014-05-28 17:35 - 2013-12-03 19:14 - 00000000 __RDO () C:\Users\lee\SkyDrive
2014-05-28 17:35 - 2013-12-03 18:53 - 00000000 ____D () C:\Users\lee
2014-05-28 17:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-28 16:13 - 2014-05-28 15:46 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1699547177-743084043-3656509255-1001
2014-05-28 16:08 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-28 16:02 - 2014-05-28 16:02 - 00529790 _____ () C:\WINDOWS\PFRO.log
2014-05-28 16:02 - 2013-05-28 07:11 - 00000000 ____D () C:\ProgramData\Norton
2014-05-28 16:00 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-28 16:00 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-05-28 15:19 - 2014-02-05 22:56 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 14:53 - 2014-05-28 14:53 - 00000000 ____D () C:\ProgramData\Auslogics
2014-05-28 14:52 - 2014-02-08 16:58 - 00045056 ___SH () C:\Users\lee\Desktop\Thumbs.db
2014-05-28 14:47 - 2014-02-28 19:15 - 00000000 ____D () C:\Users\lee\AppData\Local\CrashDumps
2014-05-28 14:47 - 2013-12-03 18:46 - 00000000 ___DC () C:\WINDOWS\Panther
2014-05-28 13:50 - 2014-05-28 09:05 - 00000000 ____D () C:\Users\lee\Desktop\Download
2014-05-28 13:13 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-28 13:12 - 2014-05-28 13:08 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-05-28 13:12 - 2014-05-28 13:08 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-05-28 13:12 - 2014-05-28 13:08 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-05-28 13:11 - 2014-05-28 13:11 - 00000000 ____D () C:\Users\lee\AppData\Roaming\AVAST Software
2014-05-28 13:09 - 2014-05-28 13:09 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-28 13:09 - 2014-05-28 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-28 13:08 - 2014-05-28 13:08 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1401279126031
2014-05-28 13:08 - 2014-05-28 13:08 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1401279126031
2014-05-28 13:08 - 2014-05-28 13:08 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-05-28 13:08 - 2014-05-28 13:08 - 00208416 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-05-28 13:08 - 2014-05-28 13:08 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-05-28 13:08 - 2014-05-28 13:08 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-05-28 13:08 - 2014-05-28 13:08 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-28 13:06 - 2014-05-28 13:06 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-28 12:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-28 12:00 - 2014-05-15 20:47 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
2014-05-28 12:00 - 2013-11-25 22:36 - 00000000 ____D () C:\Users\lee\AppData\Roaming\Real
2014-05-28 12:00 - 2013-11-25 22:36 - 00000000 ____D () C:\Program Files (x86)\Real
2014-05-28 12:00 - 2013-11-25 22:34 - 00000000 ____D () C:\ProgramData\Real
2014-05-28 12:00 - 2013-10-18 21:37 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{31B00FA8-38CC-46A8-B448-67ADBCC4E41D}
2014-05-28 11:57 - 2014-05-28 11:57 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 11:42 - 2014-05-28 11:42 - 00000000 ____D () C:\Users\lee\AppData\Roaming\SUPERAntiSpyware.com
2014-05-28 11:42 - 2014-05-28 11:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-28 11:41 - 2014-05-28 11:41 - 00001820 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-05-28 11:41 - 2014-05-28 11:41 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-28 11:41 - 2014-05-28 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-28 11:40 - 2014-05-28 11:40 - 00001074 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-28 11:40 - 2014-05-28 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-28 11:40 - 2014-05-28 11:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 11:40 - 2014-05-28 11:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-28 11:40 - 2014-05-28 11:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-28 11:29 - 2014-05-28 10:53 - 00000000 ____D () C:\AdwCleaner
2014-05-28 11:05 - 2013-09-30 05:11 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-28 11:00 - 2014-05-28 11:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-28 10:47 - 2014-01-22 19:34 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-28 10:23 - 2013-11-25 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
2014-05-28 09:04 - 2013-10-05 13:31 - 00000000 ___RD () C:\Users\lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 08:58 - 2014-05-28 08:58 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-05-28 08:21 - 2014-01-22 20:00 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-05-23 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-05-15 21:14 - 2014-02-05 22:56 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-15 21:14 - 2014-02-05 22:56 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-15 20:48 - 2014-01-29 21:32 - 00000638 _____ () C:\extensions.ini
2014-05-15 20:47 - 2014-02-14 19:56 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-05-12 07:35 - 2014-05-28 11:40 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-12 07:35 - 2014-05-28 11:40 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-05-12 07:35 - 2014-05-28 11:40 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-05-02 18:28 - 2014-05-02 18:28 - 00000000 ____D () C:\Users\lee\Documents\OneNote Notebooks
 
Some content of TEMP:
====================
C:\Users\lee\AppData\Local\Temp\ntdll_dump.dll
C:\Users\lee\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-28 15:56
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by lee at 2014-05-28 17:39:15
Running from C:\Users\lee\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.4.6515 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.4.2928 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.3.2527 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.5.3304 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Extended Update (HKCU\...\AffiliatedUpdate) (Version:  - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4615.1002 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
28-05-2014 12:07:06 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
2013-08-22 14:25 - 2014-05-28 12:59 - 00000741 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0AC3CB6C-253F-473F-B87F-4B880D0C5BB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {233FB563-70E8-4B5B-A3D6-DA5E2021135A} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {24807294-1955-413F-B9D5-890629A76E99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {27F1BC5E-3685-48BE-9A16-ED0249C98622} - \ceb2f472-5110-437a-94e5-78c13a2b8fac-2 No Task File <==== ATTENTION
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {351A5F7B-4A35-42D1-A16D-C2BA0F728EB7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E381794-6B09-48F2-9608-CB72D5C6EC3B} - \LaunchApp No Task File <==== ATTENTION
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {49D15AAD-838C-45AE-BF76-A9BA4D007681} - \Re-Markable_wd No Task File <==== ATTENTION
Task: {5401AE5C-DEB2-44B2-AEFA-A9F64098FC0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-05] (Google Inc.)
Task: {62DEDD7A-00DA-431F-9388-1C983E54FB93} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {676C675B-A4BB-437D-8357-B89B7D5C1F71} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-28] (AVAST Software)
Task: {67B1116B-2229-4341-AB4B-9B37F5742388} - System32\Tasks\HPCeeScheduleForlee => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {74F44A3C-860F-4358-A572-AA642A437E02} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-05-23] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {89220144-8FE5-4483-9381-C8B965A5253E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {93F96C95-932E-4A98-AA47-A8DD49C26329} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {9D6BBC5A-994E-4707-8392-6C6911A5DA91} - \ceb2f472-5110-437a-94e5-78c13a2b8fac-1 No Task File <==== ATTENTION
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AC9AE69D-9B9B-42F1-98AE-08BA967F004B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PIPPA-PC-lee PIPPA-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-05-23] (Microsoft Corporation)
Task: {BA81B4CA-B6FC-4E24-8B20-BA8825794CE5} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {C7FF2267-9663-4CD3-BE8C-5FA53B093933} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-11] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD6FC0A8-4BBF-4A8C-90B5-1F4272737041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EC87A6FC-25DA-4FD2-A6E0-C0F29EF27115} - \AmiUpdXp No Task File <==== ATTENTION
Task: {EEE390D3-B223-466D-BDFE-66F16583CD7A} - \ceb2f472-5110-437a-94e5-78c13a2b8fac-3 No Task File <==== ATTENTION
Task: {FD5D3325-2859-412C-96E7-F1EC2680C3BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-05] (Google Inc.)
Task: {FFB05085-C7E3-4C6D-8015-100D492239F0} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForlee.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-16 16:21 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-22 19:34 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-05-23 18:50 - 2014-05-23 18:50 - 08889512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-28 13:11 - 2014-05-28 13:11 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14052800\algo.dll
2013-05-28 06:43 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-05-28 13:08 - 2014-05-28 13:08 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-11-03 18:44 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-04-11 20:26 - 2014-04-11 20:26 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-04-11 20:24 - 2014-04-11 20:24 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-05-21 17:43 - 2014-05-08 00:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
2014-05-21 17:43 - 2014-05-08 00:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
2014-05-21 17:43 - 2014-05-08 00:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll
2014-05-21 17:43 - 2014-05-08 00:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
2014-05-21 17:43 - 2014-05-08 00:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
2014-05-21 17:43 - 2014-05-08 00:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\lee\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/28/2014 01:07:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary tiyylzjb.
 
System Error:
The system cannot find the file specified.
.
 
 
System errors:
=============
Error: (05/28/2014 05:34:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (05/28/2014 05:34:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (05/28/2014 05:34:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (05/28/2014 05:34:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (05/28/2014 05:34:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (05/28/2014 04:15:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (05/28/2014 04:14:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (05/28/2014 04:14:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (05/28/2014 04:14:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (05/28/2014 04:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
 
Microsoft Office Sessions:
=========================
Error: (05/28/2014 01:07:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary tiyylzjb.
 
System Error:
The system cannot find the file specified.
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-05-28 10:46:36.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-05-28 10:46:36.845
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-04-28 17:23:17.534
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-04-28 17:23:17.502
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-04-18 21:16:19.871
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-04-18 21:16:19.837
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-04-18 21:01:34.374
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-04-18 21:01:34.327
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-04-18 20:31:10.977
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-04-18 20:31:10.915
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 18%
Total physical RAM: 8084.27 MB
Available physical RAM: 6615.71 MB
Total Pagefile: 12665.27 MB
Available Pagefile: 10961.38 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:908.54 GB) (Free:865.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:21.86 GB) (Free:2.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: F5E1212F)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
18:35:18.0483 0x0e14  TDSS rootkit removing tool 3.0.0.35 May 23 2014 07:32:03
18:35:18.0483 0x0e14  UEFI system
18:35:23.0732 0x0e14  ============================================================
18:35:23.0732 0x0e14  Current date / time: 2014/05/28 18:35:23.0732
18:35:23.0732 0x0e14  SystemInfo:
18:35:23.0732 0x0e14  
18:35:23.0732 0x0e14  OS Version: 6.3.9600 ServicePack: 0.0
18:35:23.0732 0x0e14  Product type: Workstation
18:35:23.0732 0x0e14  ComputerName: PIPPA-PC
18:35:23.0732 0x0e14  UserName: lee
18:35:23.0732 0x0e14  Windows directory: C:\WINDOWS
18:35:23.0732 0x0e14  System windows directory: C:\WINDOWS
18:35:23.0732 0x0e14  Running under WOW64
18:35:23.0732 0x0e14  Processor architecture: Intel x64
18:35:23.0732 0x0e14  Number of processors: 4
18:35:23.0732 0x0e14  Page size: 0x1000
18:35:23.0732 0x0e14  Boot type: Normal boot
18:35:23.0732 0x0e14  ============================================================
18:35:23.0944 0x0e14  KLMD registered as C:\WINDOWS\system32\drivers\96906314.sys
18:35:24.0110 0x0e14  System UUID: {C82B84D9-8667-E1C7-5EA1-8CA9DAFBFE18}
18:35:24.0501 0x0e14  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:35:24.0504 0x0e14  ============================================================
18:35:24.0504 0x0e14  \Device\Harddisk0\DR0:
18:35:24.0505 0x0e14  GPT partitions:
18:35:24.0505 0x0e14  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C28A4A55-A7E9-4539-B51D-8AEB3A0BE19B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
18:35:24.0505 0x0e14  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {91D51BF9-384C-4DE9-8A47-8D236BCF820F}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
18:35:24.0505 0x0e14  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9BEEC52F-5C21-4C94-A3DB-BCAE3461DBB9}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
18:35:24.0505 0x0e14  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {08D2E432-E3B6-4108-A138-C598F42F0BF3}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x71912800
18:35:24.0505 0x0e14  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3F7BB3E2-7806-4AA5-BEDA-ECDE50FF36F2}, Name: , StartLBA 0x71A9D000, BlocksNum 0xAF000
18:35:24.0505 0x0e14  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0E838257-E84D-44B4-B46E-C98CC665ACDE}, Name: Basic data partition, StartLBA 0x71B4C000, BlocksNum 0x2BBA800
18:35:24.0505 0x0e14  MBR partitions:
18:35:24.0505 0x0e14  ============================================================
18:35:24.0524 0x0e14  C: <-> \Device\Harddisk0\DR0\Partition4
18:35:24.0571 0x0e14  D: <-> \Device\Harddisk0\DR0\Partition6
18:35:24.0571 0x0e14  ============================================================
18:35:24.0571 0x0e14  Initialize success
18:35:24.0571 0x0e14  ============================================================
18:35:26.0327 0x0a30  ============================================================
18:35:26.0327 0x0a30  Scan started
18:35:26.0327 0x0a30  Mode: Manual; 
18:35:26.0327 0x0a30  ============================================================
18:35:26.0327 0x0a30  KSN ping started
18:35:29.0440 0x0a30  KSN ping finished: true
18:35:29.0851 0x0a30  ================ Scan system memory ========================
18:35:29.0851 0x0a30  System memory - ok
18:35:29.0852 0x0a30  ================ Scan services =============================
18:35:29.0922 0x0a30  [ 620C92D6EEFA9853A3EAD41B5EB9B5FD, 72DD7297179AC6629B816DD9656D5EC3F02BE677EA01A05A5EB808180F0D775F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:35:29.0929 0x0a30  !SASCORE - ok
18:35:30.0153 0x0a30  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
18:35:30.0164 0x0a30  1394ohci - ok
18:35:30.0179 0x0a30  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
18:35:30.0184 0x0a30  3ware - ok
18:35:30.0205 0x0a30  [ 899B7E724BF19F17978B6A37B864A277, F7D166DC5F7642D4B834B1E0D956929BA94F3E4D402989FC1A681A08FA1F86B6 ] Accelerometer   C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
18:35:30.0208 0x0a30  Accelerometer - ok
18:35:30.0259 0x0a30  [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
18:35:30.0277 0x0a30  ACPI - ok
18:35:30.0308 0x0a30  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
18:35:30.0310 0x0a30  acpiex - ok
18:35:30.0327 0x0a30  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
18:35:30.0328 0x0a30  acpipagr - ok
18:35:30.0357 0x0a30  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
18:35:30.0358 0x0a30  AcpiPmi - ok
18:35:30.0362 0x0a30  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
18:35:30.0363 0x0a30  acpitime - ok
18:35:30.0394 0x0a30  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:35:30.0416 0x0a30  ADP80XX - ok
18:35:30.0453 0x0a30  [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
18:35:30.0457 0x0a30  AeLookupSvc - ok
18:35:30.0487 0x0a30  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
18:35:30.0499 0x0a30  AFD - ok
18:35:30.0508 0x0a30  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
18:35:30.0510 0x0a30  agp440 - ok
18:35:30.0530 0x0a30  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:35:30.0532 0x0a30  ahcache - ok
18:35:30.0560 0x0a30  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
18:35:30.0562 0x0a30  ALG - ok
18:35:30.0575 0x0a30  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
18:35:30.0578 0x0a30  AmdK8 - ok
18:35:30.0594 0x0a30  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
18:35:30.0596 0x0a30  AmdPPM - ok
18:35:30.0611 0x0a30  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
18:35:30.0613 0x0a30  amdsata - ok
18:35:30.0637 0x0a30  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
18:35:30.0642 0x0a30  amdsbs - ok
18:35:30.0659 0x0a30  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
18:35:30.0660 0x0a30  amdxata - ok
18:35:30.0702 0x0a30  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
18:35:30.0704 0x0a30  AppHostSvc - ok
18:35:30.0712 0x0a30  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
18:35:30.0714 0x0a30  AppID - ok
18:35:30.0735 0x0a30  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
18:35:30.0737 0x0a30  AppIDSvc - ok
18:35:30.0751 0x0a30  [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo         C:\WINDOWS\System32\appinfo.dll
18:35:30.0754 0x0a30  Appinfo - ok
18:35:30.0789 0x0a30  [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
18:35:30.0801 0x0a30  AppReadiness - ok
18:35:30.0862 0x0a30  [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
18:35:30.0895 0x0a30  AppXSvc - ok
18:35:30.0924 0x0a30  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
18:35:30.0927 0x0a30  arcsas - ok
18:35:31.0005 0x0a30  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:35:31.0008 0x0a30  aspnet_state - ok
18:35:31.0046 0x0a30  [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
18:35:31.0048 0x0a30  aswHwid - ok
18:35:31.0073 0x0a30  [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
18:35:31.0077 0x0a30  aswMonFlt - ok
18:35:31.0106 0x0a30  [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
18:35:31.0110 0x0a30  aswRdr - ok
18:35:31.0141 0x0a30  [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
18:35:31.0145 0x0a30  aswRvrt - ok
18:35:31.0208 0x0a30  [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
18:35:31.0226 0x0a30  aswSnx - ok
18:35:31.0265 0x0a30  [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
18:35:31.0273 0x0a30  aswSP - ok
18:35:31.0301 0x0a30  [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
18:35:31.0303 0x0a30  aswStm - ok
18:35:31.0346 0x0a30  [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
18:35:31.0351 0x0a30  aswVmm - ok
18:35:31.0366 0x0a30  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:35:31.0367 0x0a30  AsyncMac - ok
18:35:31.0385 0x0a30  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
18:35:31.0387 0x0a30  atapi - ok
18:35:31.0430 0x0a30  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:35:31.0435 0x0a30  AudioEndpointBuilder - ok
18:35:31.0471 0x0a30  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
18:35:31.0508 0x0a30  Audiosrv - ok
18:35:31.0553 0x0a30  [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:35:31.0554 0x0a30  avast! Antivirus - ok
18:35:31.0584 0x0a30  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
18:35:31.0591 0x0a30  AxInstSV - ok
18:35:31.0636 0x0a30  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
18:35:31.0670 0x0a30  b06bdrv - ok
18:35:31.0691 0x0a30  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:35:31.0695 0x0a30  BasicDisplay - ok
18:35:31.0709 0x0a30  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
18:35:31.0712 0x0a30  BasicRender - ok
18:35:31.0726 0x0a30  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
18:35:31.0728 0x0a30  bcmfn2 - ok
18:35:31.0768 0x0a30  [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
18:35:31.0776 0x0a30  BDESVC - ok
18:35:31.0808 0x0a30  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:35:31.0809 0x0a30  Beep - ok
18:35:31.0859 0x0a30  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE             C:\WINDOWS\System32\bfe.dll
18:35:31.0888 0x0a30  BFE - ok
18:35:31.0940 0x0a30  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
18:35:31.0962 0x0a30  BITS - ok
18:35:31.0970 0x0a30  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
18:35:31.0973 0x0a30  bowser - ok
18:35:32.0006 0x0a30  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:35:32.0012 0x0a30  BrokerInfrastructure - ok
18:35:32.0042 0x0a30  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
18:35:32.0046 0x0a30  Browser - ok
18:35:32.0067 0x0a30  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:35:32.0068 0x0a30  BthAvrcpTg - ok
18:35:32.0077 0x0a30  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
18:35:32.0079 0x0a30  BthHFEnum - ok
18:35:32.0095 0x0a30  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
18:35:32.0097 0x0a30  bthhfhid - ok
18:35:32.0105 0x0a30  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
18:35:32.0107 0x0a30  BTHMODEM - ok
18:35:32.0120 0x0a30  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
18:35:32.0123 0x0a30  bthserv - ok
18:35:32.0147 0x0a30  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:35:32.0149 0x0a30  cdfs - ok
18:35:32.0210 0x0a30  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
18:35:32.0218 0x0a30  cdrom - ok
18:35:32.0241 0x0a30  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
18:35:32.0247 0x0a30  CertPropSvc - ok
18:35:32.0270 0x0a30  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
18:35:32.0272 0x0a30  circlass - ok
18:35:32.0302 0x0a30  [ B8B663BE41827211737F627473D6D192, E01FB67229FF962231637A4C07E19A29D1CD8ADEF6E5E177F136EC6572729EFF ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
18:35:32.0312 0x0a30  CLFS - ok
18:35:32.0431 0x0a30  [ 3982DB7C5C4D72EFCFCAE268FD592790, 844B2F9A3FCB30A3FC46C8B303C87A6D053E6AF4CE18A00188D6FFC9442A8C34 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:35:32.0470 0x0a30  ClickToRunSvc - ok
18:35:32.0504 0x0a30  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
18:35:32.0506 0x0a30  CLVirtualDrive - ok
18:35:32.0534 0x0a30  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
18:35:32.0536 0x0a30  CmBatt - ok
18:35:32.0579 0x0a30  [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
18:35:32.0603 0x0a30  CNG - ok
18:35:32.0633 0x0a30  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
18:35:32.0634 0x0a30  CompositeBus - ok
18:35:32.0637 0x0a30  COMSysApp - ok
18:35:32.0644 0x0a30  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
18:35:32.0646 0x0a30  condrv - ok
18:35:32.0730 0x0a30  [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
18:35:32.0745 0x0a30  cphs - ok
18:35:32.0774 0x0a30  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
18:35:32.0778 0x0a30  CryptSvc - ok
18:35:32.0792 0x0a30  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
18:35:32.0793 0x0a30  dam - ok
18:35:32.0841 0x0a30  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:35:32.0858 0x0a30  DcomLaunch - ok
18:35:32.0876 0x0a30  [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
18:35:32.0888 0x0a30  defragsvc - ok
18:35:32.0915 0x0a30  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:35:32.0924 0x0a30  DeviceAssociationService - ok
18:35:32.0937 0x0a30  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
18:35:32.0944 0x0a30  DeviceInstall - ok
18:35:32.0975 0x0a30  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
18:35:32.0978 0x0a30  Dfsc - ok
18:35:32.0995 0x0a30  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
18:35:33.0002 0x0a30  Dhcp - ok
18:35:33.0016 0x0a30  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
18:35:33.0019 0x0a30  disk - ok
18:35:33.0042 0x0a30  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
18:35:33.0043 0x0a30  dmvsc - ok
18:35:33.0079 0x0a30  [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:35:33.0084 0x0a30  Dnscache - ok
18:35:33.0113 0x0a30  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:35:33.0119 0x0a30  dot3svc - ok
18:35:33.0140 0x0a30  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
18:35:33.0146 0x0a30  DPS - ok
18:35:33.0161 0x0a30  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:35:33.0162 0x0a30  drmkaud - ok
18:35:33.0192 0x0a30  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
18:35:33.0204 0x0a30  DsmSvc - ok
18:35:33.0265 0x0a30  [ 13B160C1913F012BD1615EB1398D3779, 2B5786AAEC845156D28ABDAA77347844D39F33DF53F2C96ACEF38A668ADFF422 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:35:33.0310 0x0a30  DXGKrnl - ok
18:35:33.0346 0x0a30  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
18:35:33.0350 0x0a30  Eaphost - ok
18:35:33.0463 0x0a30  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
18:35:33.0553 0x0a30  ebdrv - ok
18:35:33.0584 0x0a30  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
18:35:33.0588 0x0a30  EFS - ok
18:35:33.0617 0x0a30  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
18:35:33.0619 0x0a30  EhStorClass - ok
18:35:33.0634 0x0a30  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:35:33.0636 0x0a30  EhStorTcgDrv - ok
18:35:33.0653 0x0a30  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
18:35:33.0654 0x0a30  ErrDev - ok
18:35:33.0704 0x0a30  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
18:35:33.0714 0x0a30  EventSystem - ok
18:35:33.0732 0x0a30  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
18:35:33.0736 0x0a30  exfat - ok
18:35:33.0766 0x0a30  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
18:35:33.0770 0x0a30  fastfat - ok
18:35:33.0810 0x0a30  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:35:33.0832 0x0a30  Fax - ok
18:35:33.0848 0x0a30  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
18:35:33.0849 0x0a30  fdc - ok
18:35:33.0867 0x0a30  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
18:35:33.0870 0x0a30  fdPHost - ok
18:35:33.0886 0x0a30  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
18:35:33.0889 0x0a30  FDResPub - ok
18:35:33.0902 0x0a30  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
18:35:33.0907 0x0a30  fhsvc - ok
18:35:33.0938 0x0a30  [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
18:35:33.0940 0x0a30  FileInfo - ok
18:35:33.0956 0x0a30  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
18:35:33.0958 0x0a30  Filetrace - ok
18:35:33.0969 0x0a30  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
18:35:33.0971 0x0a30  flpydisk - ok
18:35:33.0995 0x0a30  [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:35:34.0001 0x0a30  FltMgr - ok
18:35:34.0072 0x0a30  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\WINDOWS\system32\FntCache.dll
18:35:34.0109 0x0a30  FontCache - ok
18:35:34.0189 0x0a30  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:35:34.0192 0x0a30  FontCache3.0.0.0 - ok
18:35:34.0220 0x0a30  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
18:35:34.0224 0x0a30  FsDepends - ok
18:35:34.0242 0x0a30  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:35:34.0244 0x0a30  Fs_Rec - ok
18:35:34.0300 0x0a30  [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:35:34.0330 0x0a30  fvevol - ok
18:35:34.0350 0x0a30  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
18:35:34.0351 0x0a30  FxPPM - ok
18:35:34.0363 0x0a30  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
18:35:34.0366 0x0a30  gagp30kx - ok
18:35:34.0384 0x0a30  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
18:35:34.0385 0x0a30  gencounter - ok
18:35:34.0402 0x0a30  [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:35:34.0406 0x0a30  GPIOClx0101 - ok
18:35:34.0463 0x0a30  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
18:35:34.0505 0x0a30  gpsvc - ok
18:35:34.0568 0x0a30  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:35:34.0574 0x0a30  gupdate - ok
18:35:34.0583 0x0a30  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:35:34.0588 0x0a30  gupdatem - ok
18:35:34.0628 0x0a30  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
18:35:34.0631 0x0a30  HDAudBus - ok
18:35:34.0648 0x0a30  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
18:35:34.0649 0x0a30  HidBatt - ok
18:35:34.0669 0x0a30  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
18:35:34.0672 0x0a30  HidBth - ok
18:35:34.0682 0x0a30  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
18:35:34.0684 0x0a30  hidi2c - ok
18:35:34.0703 0x0a30  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
18:35:34.0705 0x0a30  HidIr - ok
18:35:34.0730 0x0a30  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
18:35:34.0733 0x0a30  hidserv - ok
18:35:34.0749 0x0a30  [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
18:35:34.0752 0x0a30  HidUsb - ok
18:35:34.0781 0x0a30  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
18:35:34.0790 0x0a30  hkmsvc - ok
18:35:34.0821 0x0a30  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:35:34.0840 0x0a30  HomeGroupListener - ok
18:35:34.0867 0x0a30  [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:35:34.0880 0x0a30  HomeGroupProvider - ok
18:35:34.0945 0x0a30  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:35:34.0949 0x0a30  HP Support Assistant Service - ok
18:35:34.0981 0x0a30  [ D104FF402FC3DDB686E6DEF00334DB26, 6CCE56587C02ECE474C6BF959C4A6F752A1FF0B718FBE8EE4FD9755313A207C1 ] hpdskflt        C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
18:35:34.0984 0x0a30  hpdskflt - ok
18:35:35.0076 0x0a30  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:35:35.0096 0x0a30  hpqwmiex - ok
18:35:35.0121 0x0a30  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
18:35:35.0122 0x0a30  HpSAMD - ok
18:35:35.0129 0x0a30  [ 55FFCBB036D7BE4BCA6FA1421203A27F, 5BB865FC631390F59AF5F2452D4D2DA47E34A49E194C8010E942F5A2013F3895 ] hpsrv           C:\WINDOWS\system32\Hpservice.exe
18:35:35.0132 0x0a30  hpsrv - ok
18:35:35.0156 0x0a30  [ 3C5B2067338E4EFDADE94E4A72728F23, 72E21FA1E660F9405A5E39B0F89AB21C60F20BAC13247567EF7139AC130F1897 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
18:35:35.0158 0x0a30  HPWMISVC - ok
18:35:35.0219 0x0a30  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
18:35:35.0247 0x0a30  HTTP - ok
18:35:35.0275 0x0a30  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
18:35:35.0276 0x0a30  hwpolicy - ok
18:35:35.0290 0x0a30  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
18:35:35.0291 0x0a30  hyperkbd - ok
18:35:35.0322 0x0a30  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
18:35:35.0323 0x0a30  HyperVideo - ok
18:35:35.0338 0x0a30  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
18:35:35.0341 0x0a30  i8042prt - ok
18:35:35.0346 0x0a30  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:35:35.0348 0x0a30  iaLPSSi_GPIO - ok
18:35:35.0360 0x0a30  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:35:35.0363 0x0a30  iaLPSSi_I2C - ok
18:35:35.0399 0x0a30  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
18:35:35.0411 0x0a30  iaStorA - ok
18:35:35.0453 0x0a30  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
18:35:35.0473 0x0a30  iaStorAV - ok
18:35:35.0510 0x0a30  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
18:35:35.0519 0x0a30  iaStorV - ok
18:35:35.0627 0x0a30  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
18:35:35.0669 0x0a30  IconMan_R - ok
18:35:35.0674 0x0a30  IEEtwCollectorService - ok
18:35:35.0813 0x0a30  [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
18:35:35.0937 0x0a30  igfx - ok
18:35:35.0975 0x0a30  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
18:35:36.0014 0x0a30  IKEEXT - ok
18:35:36.0034 0x0a30  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
18:35:36.0035 0x0a30  intaud_WaveExtensible - ok
18:35:36.0074 0x0a30  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
18:35:36.0082 0x0a30  IntcDAud - ok
18:35:36.0176 0x0a30  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:35:36.0190 0x0a30  Intel® Capability Licensing Service Interface - ok
18:35:36.0234 0x0a30  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
18:35:36.0236 0x0a30  Intel® ME Service - ok
18:35:36.0260 0x0a30  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
18:35:36.0262 0x0a30  intelide - ok
18:35:36.0289 0x0a30  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
18:35:36.0291 0x0a30  intelpep - ok
18:35:36.0311 0x0a30  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
18:35:36.0315 0x0a30  intelppm - ok
18:35:36.0332 0x0a30  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:35:36.0334 0x0a30  IpFilterDriver - ok
18:35:36.0375 0x0a30  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
18:35:36.0407 0x0a30  iphlpsvc - ok
18:35:36.0424 0x0a30  [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:35:36.0426 0x0a30  IPMIDRV - ok
18:35:36.0442 0x0a30  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
18:35:36.0446 0x0a30  IPNAT - ok
18:35:36.0469 0x0a30  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
18:35:36.0470 0x0a30  IRENUM - ok
18:35:36.0489 0x0a30  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
18:35:36.0490 0x0a30  isapnp - ok
18:35:36.0510 0x0a30  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
18:35:36.0517 0x0a30  iScsiPrt - ok
18:35:36.0548 0x0a30  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
18:35:36.0549 0x0a30  iwdbus - ok
18:35:36.0580 0x0a30  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
18:35:36.0584 0x0a30  jhi_service - ok
18:35:36.0610 0x0a30  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
18:35:36.0612 0x0a30  kbdclass - ok
18:35:36.0627 0x0a30  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
18:35:36.0629 0x0a30  kbdhid - ok
18:35:36.0643 0x0a30  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
18:35:36.0644 0x0a30  kdnic - ok
18:35:36.0661 0x0a30  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
18:35:36.0665 0x0a30  KeyIso - ok
18:35:36.0687 0x0a30  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
18:35:36.0690 0x0a30  KSecDD - ok
18:35:36.0721 0x0a30  [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:35:36.0725 0x0a30  KSecPkg - ok
18:35:36.0738 0x0a30  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
18:35:36.0739 0x0a30  ksthunk - ok
18:35:36.0771 0x0a30  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
18:35:36.0782 0x0a30  KtmRm - ok
18:35:36.0829 0x0a30  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
18:35:36.0857 0x0a30  LanmanServer - ok
18:35:36.0891 0x0a30  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:35:36.0920 0x0a30  LanmanWorkstation - ok
18:35:36.0956 0x0a30  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
18:35:36.0968 0x0a30  lfsvc - ok
18:35:36.0988 0x0a30  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
18:35:36.0990 0x0a30  lltdio - ok
18:35:37.0025 0x0a30  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
18:35:37.0034 0x0a30  lltdsvc - ok
18:35:37.0064 0x0a30  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
18:35:37.0068 0x0a30  lmhosts - ok
18:35:37.0094 0x0a30  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:35:37.0100 0x0a30  LMS - ok
18:35:37.0125 0x0a30  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
18:35:37.0128 0x0a30  LSI_SAS - ok
18:35:37.0146 0x0a30  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
18:35:37.0149 0x0a30  LSI_SAS2 - ok
18:35:37.0156 0x0a30  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
18:35:37.0159 0x0a30  LSI_SAS3 - ok
18:35:37.0164 0x0a30  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
18:35:37.0167 0x0a30  LSI_SSS - ok
18:35:37.0277 0x0a30  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM             C:\WINDOWS\System32\lsm.dll
18:35:37.0299 0x0a30  LSM - ok
18:35:37.0326 0x0a30  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
18:35:37.0330 0x0a30  luafv - ok
18:35:37.0346 0x0a30  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
18:35:37.0349 0x0a30  megasas - ok
18:35:37.0385 0x0a30  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
18:35:37.0406 0x0a30  megasr - ok
18:35:37.0427 0x0a30  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
18:35:37.0429 0x0a30  MEIx64 - ok
18:35:37.0461 0x0a30  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
18:35:37.0465 0x0a30  MMCSS - ok
18:35:37.0475 0x0a30  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
18:35:37.0477 0x0a30  Modem - ok
18:35:37.0497 0x0a30  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
18:35:37.0499 0x0a30  monitor - ok
18:35:37.0521 0x0a30  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
18:35:37.0523 0x0a30  mouclass - ok
18:35:37.0535 0x0a30  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
18:35:37.0537 0x0a30  mouhid - ok
18:35:37.0561 0x0a30  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
18:35:37.0564 0x0a30  mountmgr - ok
18:35:37.0577 0x0a30  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
18:35:37.0579 0x0a30  mpsdrv - ok
18:35:37.0636 0x0a30  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
18:35:37.0668 0x0a30  MpsSvc - ok
18:35:37.0678 0x0a30  [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
18:35:37.0681 0x0a30  MRxDAV - ok
18:35:37.0711 0x0a30  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:35:37.0719 0x0a30  mrxsmb - ok
18:35:37.0737 0x0a30  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:35:37.0744 0x0a30  mrxsmb10 - ok
18:35:37.0773 0x0a30  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:35:37.0778 0x0a30  mrxsmb20 - ok
18:35:37.0804 0x0a30  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
18:35:37.0807 0x0a30  MsBridge - ok
18:35:37.0837 0x0a30  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:35:37.0843 0x0a30  MSDTC - ok
18:35:37.0854 0x0a30  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:35:37.0855 0x0a30  Msfs - ok
18:35:37.0871 0x0a30  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:35:37.0872 0x0a30  msgpiowin32 - ok
18:35:37.0879 0x0a30  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:35:37.0880 0x0a30  mshidkmdf - ok
18:35:37.0891 0x0a30  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
18:35:37.0892 0x0a30  mshidumdf - ok
18:35:37.0908 0x0a30  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
18:35:37.0909 0x0a30  msisadrv - ok
18:35:37.0934 0x0a30  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
18:35:37.0939 0x0a30  MSiSCSI - ok
18:35:37.0945 0x0a30  msiserver - ok
18:35:37.0978 0x0a30  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:35:37.0979 0x0a30  MSKSSRV - ok
18:35:37.0993 0x0a30  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
18:35:37.0995 0x0a30  MsLldp - ok
18:35:38.0011 0x0a30  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:35:38.0012 0x0a30  MSPCLOCK - ok
18:35:38.0015 0x0a30  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:35:38.0016 0x0a30  MSPQM - ok
18:35:38.0042 0x0a30  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
18:35:38.0051 0x0a30  MsRPC - ok
18:35:38.0077 0x0a30  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
18:35:38.0078 0x0a30  mssmbios - ok
18:35:38.0082 0x0a30  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:35:38.0083 0x0a30  MSTEE - ok
18:35:38.0092 0x0a30  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
18:35:38.0093 0x0a30  MTConfig - ok
18:35:38.0109 0x0a30  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
18:35:38.0111 0x0a30  Mup - ok
18:35:38.0121 0x0a30  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
18:35:38.0123 0x0a30  mvumis - ok
18:35:38.0161 0x0a30  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
18:35:38.0174 0x0a30  napagent - ok
18:35:38.0205 0x0a30  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:35:38.0214 0x0a30  NativeWifiP - ok
18:35:38.0238 0x0a30  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
18:35:38.0245 0x0a30  NcaSvc - ok
18:35:38.0260 0x0a30  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
18:35:38.0266 0x0a30  NcbService - ok
18:35:38.0275 0x0a30  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
18:35:38.0280 0x0a30  NcdAutoSetup - ok
18:35:38.0328 0x0a30  [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
18:35:38.0362 0x0a30  NDIS - ok
18:35:38.0379 0x0a30  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
18:35:38.0381 0x0a30  NdisCap - ok
18:35:38.0401 0x0a30  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
18:35:38.0403 0x0a30  NdisImPlatform - ok
18:35:38.0424 0x0a30  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:35:38.0425 0x0a30  NdisTapi - ok
18:35:38.0454 0x0a30  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:35:38.0455 0x0a30  Ndisuio - ok
18:35:38.0469 0x0a30  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:35:38.0470 0x0a30  NdisVirtualBus - ok
18:35:38.0494 0x0a30  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:35:38.0498 0x0a30  NdisWan - ok
18:35:38.0505 0x0a30  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:35:38.0510 0x0a30  NdisWanLegacy - ok
18:35:38.0529 0x0a30  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:35:38.0531 0x0a30  NDProxy - ok
18:35:38.0543 0x0a30  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
18:35:38.0546 0x0a30  Ndu - ok
18:35:38.0577 0x0a30  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:35:38.0579 0x0a30  NetBIOS - ok
18:35:38.0608 0x0a30  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:35:38.0614 0x0a30  NetBT - ok
18:35:38.0631 0x0a30  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:35:38.0635 0x0a30  Netlogon - ok
18:35:38.0668 0x0a30  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
18:35:38.0677 0x0a30  Netman - ok
18:35:38.0707 0x0a30  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
18:35:38.0729 0x0a30  netprofm - ok
18:35:38.0807 0x0a30  [ 76E90502D9001077DA92F81126D06C9B, 9E5B6DD3F1DAF49D303A7B3F6763A25C5F55F1E67A33AA8572204E9105B092EF ] netr28x         C:\WINDOWS\system32\DRIVERS\netr28x.sys
18:35:38.0875 0x0a30  netr28x - ok
18:35:38.0904 0x0a30  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:35:38.0907 0x0a30  NetTcpPortSharing - ok
18:35:38.0934 0x0a30  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
18:35:38.0936 0x0a30  netvsc - ok
18:35:38.0966 0x0a30  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
18:35:38.0977 0x0a30  NlaSvc - ok
18:35:38.0987 0x0a30  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:35:38.0988 0x0a30  Npfs - ok
18:35:39.0002 0x0a30  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
18:35:39.0004 0x0a30  npsvctrig - ok
18:35:39.0016 0x0a30  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
18:35:39.0021 0x0a30  nsi - ok
18:35:39.0028 0x0a30  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
18:35:39.0030 0x0a30  nsiproxy - ok
18:35:39.0099 0x0a30  [ 725EF69B2DBEB7B33280019A556201BC, 210E816AA07AB4C294410B829A7165EEE056C72B4D846F11F18A9E80C4772BE5 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:35:39.0155 0x0a30  Ntfs - ok
18:35:39.0177 0x0a30  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:35:39.0179 0x0a30  Null - ok
18:35:39.0197 0x0a30  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
18:35:39.0201 0x0a30  nvraid - ok
18:35:39.0214 0x0a30  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
18:35:39.0218 0x0a30  nvstor - ok
18:35:39.0236 0x0a30  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
18:35:39.0238 0x0a30  nv_agp - ok
18:35:39.0279 0x0a30  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:35:39.0287 0x0a30  ose - ok
18:35:39.0331 0x0a30  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
18:35:39.0348 0x0a30  p2pimsvc - ok
18:35:39.0389 0x0a30  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
18:35:39.0416 0x0a30  p2psvc - ok
18:35:39.0442 0x0a30  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
18:35:39.0444 0x0a30  Parport - ok
18:35:39.0459 0x0a30  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
18:35:39.0462 0x0a30  partmgr - ok
18:35:39.0484 0x0a30  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
18:35:39.0506 0x0a30  PcaSvc - ok
18:35:39.0540 0x0a30  [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:35:39.0548 0x0a30  pci - ok
18:35:39.0563 0x0a30  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
18:35:39.0564 0x0a30  pciide - ok
18:35:39.0583 0x0a30  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
18:35:39.0587 0x0a30  pcmcia - ok
18:35:39.0602 0x0a30  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
18:35:39.0604 0x0a30  pcw - ok
18:35:39.0634 0x0a30  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
18:35:39.0637 0x0a30  pdc - ok
18:35:39.0681 0x0a30  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
18:35:39.0703 0x0a30  PEAUTH - ok
18:35:39.0766 0x0a30  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
18:35:39.0769 0x0a30  PerfHost - ok
18:35:39.0848 0x0a30  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
18:35:39.0898 0x0a30  pla - ok
18:35:39.0922 0x0a30  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
18:35:39.0929 0x0a30  PlugPlay - ok
18:35:39.0944 0x0a30  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
18:35:39.0949 0x0a30  PNRPAutoReg - ok
18:35:39.0966 0x0a30  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
18:35:39.0976 0x0a30  PNRPsvc - ok
18:35:40.0014 0x0a30  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
18:35:40.0024 0x0a30  PolicyAgent - ok
18:35:40.0033 0x0a30  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
18:35:40.0040 0x0a30  Power - ok
18:35:40.0064 0x0a30  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:35:40.0067 0x0a30  PptpMiniport - ok
18:35:40.0199 0x0a30  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
18:35:40.0293 0x0a30  PrintNotify - ok
18:35:40.0335 0x0a30  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
18:35:40.0338 0x0a30  Processor - ok
18:35:40.0367 0x0a30  [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
18:35:40.0375 0x0a30  ProfSvc - ok
18:35:40.0399 0x0a30  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
18:35:40.0403 0x0a30  Psched - ok
18:35:40.0434 0x0a30  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
18:35:40.0445 0x0a30  QWAVE - ok
18:35:40.0462 0x0a30  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
18:35:40.0464 0x0a30  QWAVEdrv - ok
18:35:40.0485 0x0a30  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:35:40.0486 0x0a30  RasAcd - ok
18:35:40.0512 0x0a30  [ 55FE43112F61836D0581D615C72AA113, 35665E09BD74BD078A0BC49BF98102B5F3679A3FA2AC25FB629D448652D9938F ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
18:35:40.0514 0x0a30  RasAgileVpn - ok
18:35:40.0542 0x0a30  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:35:40.0548 0x0a30  RasAuto - ok
18:35:40.0565 0x0a30  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:35:40.0567 0x0a30  Rasl2tp - ok
18:35:40.0589 0x0a30  [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:35:40.0611 0x0a30  RasMan - ok
18:35:40.0620 0x0a30  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:35:40.0623 0x0a30  RasPppoe - ok
18:35:40.0633 0x0a30  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
18:35:40.0636 0x0a30  RasSstp - ok
18:35:40.0671 0x0a30  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:35:40.0680 0x0a30  rdbss - ok
18:35:40.0693 0x0a30  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
18:35:40.0695 0x0a30  rdpbus - ok
18:35:40.0713 0x0a30  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
18:35:40.0717 0x0a30  RDPDR - ok
18:35:40.0741 0x0a30  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:35:40.0743 0x0a30  RdpVideoMiniport - ok
18:35:40.0772 0x0a30  [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
18:35:40.0778 0x0a30  rdyboost - ok
18:35:40.0832 0x0a30  [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
18:35:40.0874 0x0a30  ReFS - ok
18:35:40.0919 0x0a30  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:35:40.0926 0x0a30  RemoteAccess - ok
18:35:40.0969 0x0a30  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:35:40.0976 0x0a30  RemoteRegistry - ok
18:35:41.0009 0x0a30  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
18:35:41.0015 0x0a30  RpcEptMapper - ok
18:35:41.0044 0x0a30  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:35:41.0048 0x0a30  RpcLocator - ok
18:35:41.0079 0x0a30  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:35:41.0096 0x0a30  RpcSs - ok
18:35:41.0130 0x0a30  [ D38250F459BF60D6F4B69B79DCD948CC, E68C864C1A4C9352EA939062F28789ADE9F0672E8CB3F3909D2891786C76F06F ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
18:35:41.0136 0x0a30  RSP2STOR - ok
18:35:41.0160 0x0a30  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
18:35:41.0163 0x0a30  rspndr - ok
18:35:41.0210 0x0a30  [ 34DA0D14F5C3F1883A331AFB975AB434, BB5D580C1DCAE59CC1DB75C411A5A4DDF435931469E7EBFF5DFDADBFE07ADEBF ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
18:35:41.0233 0x0a30  RTL8168 - ok
18:35:41.0238 0x0a30  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
18:35:41.0240 0x0a30  s3cap - ok
18:35:41.0266 0x0a30  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:35:41.0270 0x0a30  SamSs - ok
18:35:41.0317 0x0a30  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:35:41.0319 0x0a30  SASDIFSV - ok
18:35:41.0350 0x0a30  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:35:41.0352 0x0a30  SASKUTIL - ok
18:35:41.0358 0x0a30  SAWFP - ok
18:35:41.0395 0x0a30  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
18:35:41.0400 0x0a30  sbp2port - ok
18:35:41.0436 0x0a30  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
18:35:41.0458 0x0a30  SCardSvr - ok
18:35:41.0473 0x0a30  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
18:35:41.0481 0x0a30  ScDeviceEnum - ok
18:35:41.0500 0x0a30  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:35:41.0502 0x0a30  scfilter - ok
18:35:41.0567 0x0a30  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:35:41.0620 0x0a30  Schedule - ok
18:35:41.0664 0x0a30  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
18:35:41.0671 0x0a30  SCPolicySvc - ok
18:35:41.0696 0x0a30  [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
18:35:41.0704 0x0a30  sdbus - ok
18:35:41.0719 0x0a30  [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
18:35:41.0722 0x0a30  sdstor - ok
18:35:41.0750 0x0a30  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
18:35:41.0752 0x0a30  secdrv - ok
18:35:41.0772 0x0a30  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
18:35:41.0777 0x0a30  seclogon - ok
18:35:41.0795 0x0a30  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
18:35:41.0801 0x0a30  SENS - ok
18:35:41.0834 0x0a30  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
18:35:41.0843 0x0a30  SensrSvc - ok
18:35:41.0877 0x0a30  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
18:35:41.0879 0x0a30  SerCx - ok
18:35:41.0899 0x0a30  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
18:35:41.0903 0x0a30  SerCx2 - ok
18:35:41.0910 0x0a30  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
18:35:41.0912 0x0a30  Serenum - ok
18:35:41.0925 0x0a30  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
18:35:41.0928 0x0a30  Serial - ok
18:35:41.0943 0x0a30  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
18:35:41.0944 0x0a30  sermouse - ok
18:35:41.0976 0x0a30  [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
18:35:41.0987 0x0a30  SessionEnv - ok
18:35:41.0995 0x0a30  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
18:35:41.0996 0x0a30  sfloppy - ok
18:35:42.0028 0x0a30  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:35:42.0039 0x0a30  SharedAccess - ok
18:35:42.0069 0x0a30  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:35:42.0092 0x0a30  ShellHWDetection - ok
18:35:42.0117 0x0a30  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:35:42.0119 0x0a30  SiSRaid2 - ok
18:35:42.0131 0x0a30  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
18:35:42.0133 0x0a30  SiSRaid4 - ok
18:35:42.0157 0x0a30  [ AF5CC3F9B88F140D78FC967ABF0F4EC7, 7CE3AB7B0A36635CF00E35E84C14B8661FAF794ABCFA61AE45A0E5E8EA996A3B ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
18:35:42.0159 0x0a30  SmbDrv - ok
18:35:42.0185 0x0a30  [ 19555D03CB179BED8B8AAA239A36BDA4, 7B975821D52ABE077496B3CFC010B33D478CD2C36E6A74D8F72D2BF582B8C84A ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
18:35:42.0187 0x0a30  SmbDrvI - ok
18:35:42.0212 0x0a30  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
18:35:42.0217 0x0a30  smphost - ok
18:35:42.0253 0x0a30  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:35:42.0258 0x0a30  SNMPTRAP - ok
18:35:42.0303 0x0a30  [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:35:42.0312 0x0a30  spaceport - ok
18:35:42.0342 0x0a30  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
18:35:42.0345 0x0a30  SpbCx - ok
18:35:42.0380 0x0a30  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
18:35:42.0397 0x0a30  Spooler - ok
18:35:42.0569 0x0a30  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
18:35:42.0746 0x0a30  sppsvc - ok
18:35:42.0783 0x0a30  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:35:42.0793 0x0a30  srv - ok
18:35:42.0841 0x0a30  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
18:35:42.0873 0x0a30  srv2 - ok
18:35:42.0894 0x0a30  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:35:42.0900 0x0a30  srvnet - ok
18:35:42.0940 0x0a30  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:35:42.0959 0x0a30  SSDPSRV - ok
18:35:42.0993 0x0a30  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
18:35:43.0000 0x0a30  SstpSvc - ok
18:35:43.0072 0x0a30  [ 098185E9B7C417CF7480BB9F839DB652, 5573CB98057DC2F01E8958780165A32AFD08E4C768F5625250628CB8A4C509D3 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
18:35:43.0081 0x0a30  STacSV - ok
18:35:43.0111 0x0a30  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
18:35:43.0112 0x0a30  stexstor - ok
18:35:43.0149 0x0a30  [ 32BE0B7CCA47A5BE30E7E43DC54B54F3, D4667E88E14393311F93D787C902B993B9451A94D332A65B0E22A8C40C3DFF44 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
18:35:43.0180 0x0a30  STHDA - ok
18:35:43.0249 0x0a30  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
18:35:43.0268 0x0a30  stisvc - ok
18:35:43.0285 0x0a30  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:35:43.0288 0x0a30  storahci - ok
18:35:43.0296 0x0a30  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
18:35:43.0298 0x0a30  storflt - ok
18:35:43.0321 0x0a30  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
18:35:43.0323 0x0a30  stornvme - ok
18:35:43.0350 0x0a30  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
18:35:43.0356 0x0a30  StorSvc - ok
18:35:43.0369 0x0a30  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
18:35:43.0371 0x0a30  storvsc - ok
18:35:43.0397 0x0a30  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
18:35:43.0402 0x0a30  svsvc - ok
18:35:43.0425 0x0a30  [ 04CF5027B31AF88D2714B0DC6A524EC8, 2DF10EFA88167749AA8384A8F41564208624D33719E755BAFB83411F5BC6BE95 ] SWDUMon         C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
18:35:43.0426 0x0a30  SWDUMon - ok
18:35:43.0440 0x0a30  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
18:35:43.0441 0x0a30  swenum - ok
18:35:43.0483 0x0a30  [ 99453C649DC4B0BE6D062B701CD2917F, 6E136BBF46E2E07635BEDC307A7F2E7C653DB45C055419DAB4878BF657B82058 ] swprv           C:\WINDOWS\System32\swprv.dll
18:35:43.0528 0x0a30  swprv - ok
18:35:43.0582 0x0a30  [ 3F45C3FE208CA5E68832B65C597A35A6, EACE9AAFC01C2BA52F4DA129AEF7BFA3CF7F10146E4F4330CD344BFC39DC959C ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:35:43.0593 0x0a30  SynTP - ok
18:35:43.0645 0x0a30  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain         C:\WINDOWS\system32\sysmain.dll
18:35:43.0690 0x0a30  SysMain - ok
18:35:43.0720 0x0a30  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:35:43.0730 0x0a30  SystemEventsBroker - ok
18:35:43.0768 0x0a30  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:35:43.0775 0x0a30  TabletInputService - ok
18:35:43.0789 0x0a30  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:35:43.0799 0x0a30  TapiSrv - ok
18:35:43.0889 0x0a30  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
18:35:43.0956 0x0a30  Tcpip - ok
18:35:44.0038 0x0a30  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:35:44.0082 0x0a30  TCPIP6 - ok
18:35:44.0118 0x0a30  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
18:35:44.0120 0x0a30  tcpipreg - ok
18:35:44.0147 0x0a30  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
18:35:44.0150 0x0a30  tdx - ok
18:35:44.0166 0x0a30  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
18:35:44.0167 0x0a30  terminpt - ok
18:35:44.0236 0x0a30  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\WINDOWS\System32\termsrv.dll
18:35:44.0319 0x0a30  TermService - ok
18:35:44.0336 0x0a30  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
18:35:44.0342 0x0a30  Themes - ok
18:35:44.0369 0x0a30  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
18:35:44.0373 0x0a30  THREADORDER - ok
18:35:44.0395 0x0a30  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
18:35:44.0404 0x0a30  TimeBroker - ok
18:35:44.0419 0x0a30  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
18:35:44.0423 0x0a30  TPM - ok
18:35:44.0436 0x0a30  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
18:35:44.0443 0x0a30  TrkWks - ok
18:35:44.0496 0x0a30  [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:35:44.0499 0x0a30  TrustedInstaller - ok
18:35:44.0514 0x0a30  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
18:35:44.0516 0x0a30  TsUsbFlt - ok
18:35:44.0534 0x0a30  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:35:44.0535 0x0a30  TsUsbGD - ok
18:35:44.0556 0x0a30  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
18:35:44.0560 0x0a30  tunnel - ok
18:35:44.0583 0x0a30  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
18:35:44.0585 0x0a30  uagp35 - ok
18:35:44.0601 0x0a30  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
18:35:44.0603 0x0a30  UASPStor - ok
18:35:44.0629 0x0a30  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
18:35:44.0634 0x0a30  UCX01000 - ok
18:35:44.0649 0x0a30  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
18:35:44.0656 0x0a30  udfs - ok
18:35:44.0671 0x0a30  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
18:35:44.0673 0x0a30  UEFI - ok
18:35:44.0700 0x0a30  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
18:35:44.0706 0x0a30  UI0Detect - ok
18:35:44.0712 0x0a30  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
18:35:44.0714 0x0a30  uliagpkx - ok
18:35:44.0726 0x0a30  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
18:35:44.0728 0x0a30  umbus - ok
18:35:44.0737 0x0a30  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
18:35:44.0738 0x0a30  UmPass - ok
18:35:44.0781 0x0a30  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
18:35:44.0791 0x0a30  UmRdpService - ok
18:35:44.0898 0x0a30  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:35:44.0912 0x0a30  UNS - ok
18:35:44.0943 0x0a30  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:35:44.0955 0x0a30  upnphost - ok
18:35:44.0993 0x0a30  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
18:35:44.0997 0x0a30  usbccgp - ok
18:35:45.0036 0x0a30  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
18:35:45.0039 0x0a30  usbcir - ok
18:35:45.0048 0x0a30  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
18:35:45.0051 0x0a30  usbehci - ok
18:35:45.0087 0x0a30  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
18:35:45.0098 0x0a30  usbhub - ok
18:35:45.0126 0x0a30  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
18:35:45.0138 0x0a30  USBHUB3 - ok
18:35:45.0149 0x0a30  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
18:35:45.0151 0x0a30  usbohci - ok
18:35:45.0163 0x0a30  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
18:35:45.0165 0x0a30  usbprint - ok
18:35:45.0195 0x0a30  [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:35:45.0198 0x0a30  USBSTOR - ok
18:35:45.0230 0x0a30  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
18:35:45.0232 0x0a30  usbuhci - ok
18:35:45.0264 0x0a30  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
18:35:45.0270 0x0a30  usbvideo - ok
18:35:45.0301 0x0a30  [ D22EB844EB57D016CC34178AC86456DF, C83440A44EA9CC3D1041AB966FFC423DD17FB25B42BA41BB36C109D16723BD5E ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:35:45.0312 0x0a30  USBXHCI - ok
18:35:45.0329 0x0a30  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
18:35:45.0333 0x0a30  VaultSvc - ok
18:35:45.0341 0x0a30  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
18:35:45.0342 0x0a30  vdrvroot - ok
18:35:45.0403 0x0a30  [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds             C:\WINDOWS\System32\vds.exe
18:35:45.0448 0x0a30  vds - ok
18:35:45.0464 0x0a30  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
18:35:45.0469 0x0a30  VerifierExt - ok
18:35:45.0492 0x0a30  [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
18:35:45.0507 0x0a30  vhdmp - ok
18:35:45.0534 0x0a30  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
18:35:45.0535 0x0a30  viaide - ok
18:35:45.0553 0x0a30  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
18:35:45.0558 0x0a30  vmbus - ok
18:35:45.0572 0x0a30  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
18:35:45.0574 0x0a30  VMBusHID - ok
18:35:45.0628 0x0a30  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
18:35:45.0665 0x0a30  vmicguestinterface - ok
18:35:45.0685 0x0a30  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
18:35:45.0696 0x0a30  vmicheartbeat - ok
18:35:45.0711 0x0a30  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:35:45.0722 0x0a30  vmickvpexchange - ok
18:35:45.0735 0x0a30  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
18:35:45.0746 0x0a30  vmicrdv - ok
18:35:45.0760 0x0a30  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
18:35:45.0771 0x0a30  vmicshutdown - ok
18:35:45.0784 0x0a30  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
18:35:45.0795 0x0a30  vmictimesync - ok
18:35:45.0809 0x0a30  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
18:35:45.0820 0x0a30  vmicvss - ok
18:35:45.0853 0x0a30  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
18:35:45.0855 0x0a30  volmgr - ok
18:35:45.0880 0x0a30  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
18:35:45.0887 0x0a30  volmgrx - ok
18:35:45.0914 0x0a30  [ C85C075DE5B6D0FE116043054DE8EE02, 8BB01DA3D63562F51BCCB5CC996F99A5CB0A8F89900045BBCF4115FD521A9706 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
18:35:45.0920 0x0a30  volsnap - ok
18:35:45.0947 0x0a30  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:35:45.0949 0x0a30  vpci - ok
18:35:45.0970 0x0a30  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
18:35:45.0974 0x0a30  vsmraid - ok
18:35:46.0044 0x0a30  [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS             C:\WINDOWS\system32\vssvc.exe
18:35:46.0114 0x0a30  VSS - ok
18:35:46.0135 0x0a30  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
18:35:46.0142 0x0a30  VSTXRAID - ok
18:35:46.0155 0x0a30  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
18:35:46.0157 0x0a30  vwifibus - ok
18:35:46.0172 0x0a30  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
18:35:46.0174 0x0a30  vwififlt - ok
18:35:46.0186 0x0a30  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
18:35:46.0187 0x0a30  vwifimp - ok
18:35:46.0217 0x0a30  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
18:35:46.0236 0x0a30  W32Time - ok
18:35:46.0283 0x0a30  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
18:35:46.0285 0x0a30  w3logsvc - ok
18:35:46.0298 0x0a30  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
18:35:46.0300 0x0a30  WacomPen - ok
18:35:46.0329 0x0a30  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:35:46.0331 0x0a30  Wanarp - ok
18:35:46.0335 0x0a30  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:35:46.0337 0x0a30  Wanarpv6 - ok
18:35:46.0383 0x0a30  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:35:46.0395 0x0a30  WAS - ok
18:35:46.0482 0x0a30  [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine        C:\WINDOWS\system32\wbengine.exe
18:35:46.0535 0x0a30  wbengine - ok
18:35:46.0559 0x0a30  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
18:35:46.0572 0x0a30  WbioSrvc - ok
18:35:46.0590 0x0a30  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
18:35:46.0602 0x0a30  Wcmsvc - ok
18:35:46.0620 0x0a30  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
18:35:46.0633 0x0a30  wcncsvc - ok
18:35:46.0648 0x0a30  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:35:46.0654 0x0a30  WcsPlugInService - ok
18:35:46.0673 0x0a30  [ 241895E8A9C158DF86E12FDD21033A32, 46D4BF6319271AC33EC1C7283053B91D38A3D5443F3F749E640253FDC2819679 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
18:35:46.0675 0x0a30  WdBoot - ok
18:35:46.0718 0x0a30  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
18:35:46.0753 0x0a30  Wdf01000 - ok
18:35:46.0777 0x0a30  [ C52148456E0F6EAD9E903020A79207FC, 7DEB2D7D09FB005A79E88FA8766B7EBE0396F0CA084D72269156874C727FBFF4 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
18:35:46.0783 0x0a30  WdFilter - ok
18:35:46.0801 0x0a30  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
18:35:46.0809 0x0a30  WdiServiceHost - ok
18:35:46.0815 0x0a30  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
18:35:46.0821 0x0a30  WdiSystemHost - ok
18:35:46.0849 0x0a30  [ 57F22324FAAF92ADF957B281E88F1743, 46CFBA6529E28756D73A00A211C3D72E9854E035EE6F2520066E074697A9745E ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:35:46.0852 0x0a30  WdNisDrv - ok
18:35:46.0870 0x0a30  WdNisSvc - ok
18:35:46.0896 0x0a30  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:35:46.0906 0x0a30  WebClient - ok
18:35:46.0925 0x0a30  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
18:35:46.0934 0x0a30  Wecsvc - ok
18:35:46.0948 0x0a30  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
18:35:46.0953 0x0a30  WEPHOSTSVC - ok
18:35:46.0969 0x0a30  [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
18:35:46.0975 0x0a30  wercplsupport - ok
18:35:46.0985 0x0a30  [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
18:35:46.0992 0x0a30  WerSvc - ok
18:35:47.0013 0x0a30  [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
18:35:47.0016 0x0a30  WFPLWFS - ok
18:35:47.0034 0x0a30  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
18:35:47.0040 0x0a30  WiaRpc - ok
18:35:47.0064 0x0a30  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
18:35:47.0066 0x0a30  WIMMount - ok
18:35:47.0068 0x0a30  WinDefend - ok
18:35:47.0118 0x0a30  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:35:47.0137 0x0a30  WinHttpAutoProxySvc - ok
18:35:47.0174 0x0a30  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:35:47.0180 0x0a30  Winmgmt - ok
18:35:47.0276 0x0a30  [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:35:47.0370 0x0a30  WinRM - ok
18:35:47.0419 0x0a30  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
18:35:47.0424 0x0a30  WinUsb - ok
18:35:47.0476 0x0a30  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
18:35:47.0478 0x0a30  WirelessButtonDriver - ok
18:35:47.0593 0x0a30  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
18:35:47.0656 0x0a30  WlanSvc - ok
18:35:47.0728 0x0a30  [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
18:35:47.0772 0x0a30  wlidsvc - ok
18:35:47.0790 0x0a30  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
18:35:47.0794 0x0a30  WmiAcpi - ok
18:35:47.0846 0x0a30  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:35:47.0850 0x0a30  wmiApSrv - ok
18:35:47.0867 0x0a30  WMPNetworkSvc - ok
18:35:47.0946 0x0a30  [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
18:35:47.0998 0x0a30  workfolderssvc - ok
18:35:48.0029 0x0a30  [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:35:48.0031 0x0a30  wpcfltr - ok
18:35:48.0062 0x0a30  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
18:35:48.0068 0x0a30  WPCSvc - ok
18:35:48.0076 0x0a30  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
18:35:48.0084 0x0a30  WPDBusEnum - ok
18:35:48.0097 0x0a30  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:35:48.0099 0x0a30  WpdUpFltr - ok
18:35:48.0111 0x0a30  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:35:48.0112 0x0a30  ws2ifsl - ok
18:35:48.0139 0x0a30  [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
18:35:48.0147 0x0a30  wscsvc - ok
18:35:48.0151 0x0a30  WSearch - ok
18:35:48.0283 0x0a30  [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService       C:\WINDOWS\System32\WSService.dll
18:35:48.0371 0x0a30  WSService - ok
18:35:48.0494 0x0a30  [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
18:35:48.0582 0x0a30  wuauserv - ok
18:35:48.0612 0x0a30  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
18:35:48.0615 0x0a30  WudfPf - ok
18:35:48.0633 0x0a30  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
18:35:48.0640 0x0a30  WUDFRd - ok
18:35:48.0655 0x0a30  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
18:35:48.0660 0x0a30  WUDFSensorLP - ok
18:35:48.0678 0x0a30  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
18:35:48.0686 0x0a30  wudfsvc - ok
18:35:48.0695 0x0a30  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:35:48.0699 0x0a30  WUDFWpdFs - ok
18:35:48.0707 0x0a30  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:35:48.0712 0x0a30  WUDFWpdMtp - ok
18:35:48.0736 0x0a30  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
18:35:48.0770 0x0a30  WwanSvc - ok
18:35:48.0779 0x0a30  ================ Scan global ===============================
18:35:48.0817 0x0a30  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
18:35:48.0851 0x0a30  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\WINDOWS\system32\winsrv.dll
18:35:48.0893 0x0a30  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
18:35:48.0921 0x0a30  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
18:35:48.0932 0x0a30  [ Global ] - ok
18:35:48.0933 0x0a30  ================ Scan MBR ==================================
18:35:48.0943 0x0a30  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:35:48.0948 0x0a30  \Device\Harddisk0\DR0 - ok
18:35:48.0949 0x0a30  ================ Scan VBR ==================================
18:35:48.0951 0x0a30  [ A4EE0652C7D1DB38C0F9471F02D034D8 ] \Device\Harddisk0\DR0\Partition1
18:35:49.0021 0x0a30  \Device\Harddisk0\DR0\Partition1 - ok
18:35:49.0039 0x0a30  [ 35DB5C7B7E81A35B512A61394608A7E2 ] \Device\Harddisk0\DR0\Partition2
18:35:49.0105 0x0a30  \Device\Harddisk0\DR0\Partition2 - ok
18:35:49.0121 0x0a30  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
18:35:49.0122 0x0a30  \Device\Harddisk0\DR0\Partition3 - ok
18:35:49.0132 0x0a30  [ 713C33BC2BB6CF0851E77CECD943B185 ] \Device\Harddisk0\DR0\Partition4
18:35:49.0199 0x0a30  \Device\Harddisk0\DR0\Partition4 - ok
18:35:49.0210 0x0a30  [ C551532EDABF5DD848F70B89D9CF309C ] \Device\Harddisk0\DR0\Partition5
18:35:49.0225 0x0a30  \Device\Harddisk0\DR0\Partition5 - ok
18:35:49.0236 0x0a30  [ 6BD9CC608859D8D8E812E7A67315A526 ] \Device\Harddisk0\DR0\Partition6
18:35:49.0252 0x0a30  \Device\Harddisk0\DR0\Partition6 - ok
18:35:49.0253 0x0a30  Waiting for KSN requests completion. In queue: 75
18:35:50.0254 0x0a30  Waiting for KSN requests completion. In queue: 75
18:35:51.0254 0x0a30  Waiting for KSN requests completion. In queue: 75
18:35:52.0302 0x0a30  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
18:35:52.0308 0x0a30  Win FW state via NFP2: enabled
18:35:54.0718 0x0a30  ============================================================
18:35:54.0718 0x0a30  Scan finished
18:35:54.0718 0x0a30  ============================================================
18:35:54.0735 0x1134  Detected object count: 0
18:35:54.0735 0x1134  Actual detected object count: 0
 


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 31 May 2014 - 01:25 PM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 10 June 2014 - 09:02 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users