Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think my sister's pc got an adware, and none of the tools we tried helped


  • Please log in to reply
11 replies to this topic

#1 kikiblumen

kikiblumen

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Italy
  • Local time:02:41 AM

Posted 22 June 2014 - 02:17 PM

Hi,
I'm new to the forum so please forgive me if I fail to respect any of your rules. Last night somehow my sister caught something while trying to download VideoLAN. I don't really know where she tried to get it from, but she was not paying attention and maybe she missed to refuse some malicious offering from the downloader. After that, her browser (she uses Chrome on a pc that runs Win 8) started to act strangely: the homepage was targeted to istart.websearches.com and several ads started to open up randomly while browsing. After a quick research on the net, we tried to get rid of websearches, checking the control panel and uninstalling suspicious apps. We checked Chrome extensions, but there was nothing strange. We tried also to remove the hypothetical adware by running several tools: spybot search & destroy, adwcleaner, malwarebytes, hitman pro, YAC cleaner. They actually fixed something (basically almost everyone of them found something), so we hoped to have got rid of the problem. But those irritating ads about "bleepbook" and ferry travelling kept on popping up after a short while. Eventually we discovered that an application called "pgcchelper" was also running in the background, and a research suggested it could have been linked to Cyclon Gems, so we uninstalled it too. Unfortunately, ads still keeps on appearing every now and then. We definitively needs help to fix this annoying problem, we would really really appreciate if you'd assist us with a bit of your expertise :)
 
Kiki
 
P.S. She uninstalled every tool after using it except for YAC.

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)

 


#2 wpgwpg

wpgwpg

  • Members
  • 1,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US of A
  • Local time:08:41 PM

Posted 22 June 2014 - 03:45 PM

 Can you use System Restore to go back to a date prior to the problem?  It won't alter any of your data.

 

Good luck.


Everyone with a computer should back his system up to an external hard drive regularly.  :thumbsup:

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:41 PM

Posted 23 June 2014 - 10:30 AM

Hello ,please run these also..

Disable you Plugins in Chrome and see

Disabling Plugins in Google Chrome
 
Next,,,,
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
[list]
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
    .
     
    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
     
     
    ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 23 June 2014 - 10:30 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 kikiblumen

kikiblumen
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Italy
  • Local time:02:41 AM

Posted 24 June 2014 - 06:46 AM

Thanks for helping :) By now, we restored the system to a prior date as wpgwpg suggested. No ads popped up after that, no trouble using the pc. Should I run the procedures explained above anyway?



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:41 PM

Posted 24 June 2014 - 08:54 AM

You're welcome. While the restore may have alleviated the symptom, it may not have removed the malware and it may be waiting to get triggered.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 kikiblumen

kikiblumen
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Italy
  • Local time:02:41 AM

Posted 28 June 2014 - 09:30 AM

Thank you, we'll try to run the procedures as described as soon as we can, please don't close the thread :)



#7 kikiblumen

kikiblumen
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Italy
  • Local time:02:41 AM

Posted 30 June 2014 - 10:27 AM

Here we go:

 

Result MiniToolBox:

 

MiniToolBox by Farbar  Version: 25-06-2014
Ran by elyma_000 (administrator) on 30-06-2014 at 15:33:04
Running from "C:\Users\elyma_000\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Configurazione IP di Windows
 
Cache del resolver DNS svuotata.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Broadcom NetLink ™ Gigabit Ethernet = Ethernet (Disconnected)
Qualcomm Atheros AR956x Wireless Network Adapter = Wi-Fi (Media disconnected)
 
 
# ----------------------------------
# Configurazione IPv4
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Connessione alla rete locale (LAN)* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Connessione alla rete locale (LAN)* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Connessione di rete Bluetooth" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Mobile Broadband" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Connessione alla rete locale (LAN)* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Mobile Broadband 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Mobile Broadband 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Mobile Broadband 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# Fine configurazione IPv4
 
 
 
Configurazione IP di Windows
 
   Nome host . . . . . . . . . . . . . . : pc-ely
   Suffisso DNS primario . . . . . . . . : 
   Tipo nodo . . . . . . . . . . . . . . : Ibrido
   Routing IP abilitato. . . . . . . . . : No
   Proxy WINS abilitato . . . . . . . .  : No
 
Scheda LAN wireless Connessione alla rete locale (LAN)* 2:
 
   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione: 
   Descrizione . . . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Indirizzo fisico. . . . . . . . . . . : 1A-D2-24-37-84-96
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�
 
Scheda LAN wireless Wi-Fi:
 
   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione: 
   Descrizione . . . . . . . . . . . . . : Qualcomm Atheros AR956x Wireless Network Adapter
   Indirizzo fisico. . . . . . . . . . . : 48-D2-24-37-84-96
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�
 
Scheda Ethernet Ethernet:
 
   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione: WDS001
   Descrizione . . . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Indirizzo fisico. . . . . . . . . . . : 20-1A-06-0F-E5-E1
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�
 
Scheda Tunnel Teredo Tunneling Pseudo-Interface:
 
   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione: 
   Descrizione . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP abilitato. . . . . . . . . . . . : No
   Configurazione automatica abilitata   : S�
Server:  UnKnown
Address:  127.0.0.1
 
Impossibile trovare l'host google.com. Verificare che il nome sia corretto e riprovare.
Server:  UnKnown
Address:  127.0.0.1
 
Impossibile trovare l'host yahoo.com. Verificare che il nome sia corretto e riprovare.
 
Esecuzione di Ping 127.0.0.1 con 32 byte di dati:
Risposta da 127.0.0.1: byte=32 durata<1ms TTL=128
Risposta da 127.0.0.1: byte=32 durata<1ms TTL=128
 
Statistiche Ping per 127.0.0.1:
    Pacchetti: Trasmessi = 2, Ricevuti = 2, 
    Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
    Minimo = 0ms, Massimo =  0ms, Medio =  0ms
===========================================================================
Elenco interfacce
 16...1a d2 24 37 84 96 ......Microsoft Wi-Fi Direct Virtual Adapter
 15...48 d2 24 37 84 96 ......Qualcomm Atheros AR956x Wireless Network Adapter
 12...20 1a 06 0f e5 e1 ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Tabella route
===========================================================================
Route attive:
     Indirizzo rete             Mask          Gateway     Interfaccia Metrica
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Route permanenti:
  Nessuna
 
IPv6 Tabella route
===========================================================================
Route attive:
 Interf Metrica Rete Destinazione      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Route permanenti:
  Nessuna
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/30/2014 03:30:30 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (06/30/2014 03:30:18 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (06/30/2014 03:29:48 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (06/25/2014 06:40:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PC-ELY)
Description: L'app Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader non è stata avviata nell'intervallo di tempo consentito.
 
Error: (06/23/2014 03:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1440) SRUJet: Errore -1811 (0xfffff8ed) durante l'apertura del file di registro C:\Windows\system32\SRU\SRU00127.log.
 
Error: (06/23/2014 02:59:36 PM) (Source: Application Error) (User: )
Description: Nome dell'applicazione che ha generato l'errore: Service_KMS.exe, versione: 11.0.0.0, timestamp: 0x52a8d15d
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0x00000000
Offset errore 0x000007fe971e0560
ID processo che ha generato l'errore: 0x518
Ora di avvio dell'applicazione che ha generato l'errore: 0xService_KMS.exe0
Percorso dell'applicazione che ha generato l'errore: Service_KMS.exe1
Percorso del modulo che ha generato l'errore: Service_KMS.exe2
ID segnalazione: Service_KMS.exe3
Nome completo pacchetto che ha generato l'errore: Service_KMS.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: Service_KMS.exe5
 
Error: (06/23/2014 02:57:45 PM) (Source: AVLogEvent) (User: NT AUTHORITY)
Description: a7f42014
 
Error: (06/23/2014 02:25:53 PM) (Source: Application Error) (User: )
Description: Nome dell'applicazione che ha generato l'errore: Service_KMS.exe, versione: 11.0.0.0, timestamp: 0x52a8d15d
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0x00000000
Offset errore 0x000007feda5c0560
ID processo che ha generato l'errore: 0x894
Ora di avvio dell'applicazione che ha generato l'errore: 0xService_KMS.exe0
Percorso dell'applicazione che ha generato l'errore: Service_KMS.exe1
Percorso del modulo che ha generato l'errore: Service_KMS.exe2
ID segnalazione: Service_KMS.exe3
Nome completo pacchetto che ha generato l'errore: Service_KMS.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: Service_KMS.exe5
 
Error: (06/23/2014 02:23:30 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Servizi di crittografia: impossibile inizializzare il database del catalogo. Errore ESENT: -528.
 
Error: (06/23/2014 02:23:30 PM) (Source: ESENT) (User: )
Description: Catalog Database (1344) Catalog Database: Errore -1811 (0xfffff8ed) durante l'apertura del file di registro C:\Windows\system32\CatRoot2\edb0017E.log.
 
 
System errors:
=============
Error: (06/29/2014 11:24:30 PM) (Source: Service Control Manager) (User: )
Description: Il servizio avast! HardwareID non è stato avviato per il seguente errore: 
%%127
 
Error: (06/29/2014 04:39:19 PM) (Source: Service Control Manager) (User: )
Description: Il servizio avast! HardwareID non è stato avviato per il seguente errore: 
%%127
 
Error: (06/29/2014 04:09:49 PM) (Source: Service Control Manager) (User: )
Description: Il servizio avast! HardwareID non è stato avviato per il seguente errore: 
%%127
 
Error: (06/29/2014 04:03:52 PM) (Source: Service Control Manager) (User: )
Description: Il servizio avast! HardwareID non è stato avviato per il seguente errore: 
%%127
 
Error: (06/27/2014 01:29:46 PM) (Source: Service Control Manager) (User: )
Description: Il servizio avast! HardwareID non è stato avviato per il seguente errore: 
%%127
 
Error: (06/26/2014 08:11:54 PM) (Source: Service Control Manager) (User: )
Description: Il servizio avast! HardwareID non è stato avviato per il seguente errore: 
%%127
 
Error: (06/26/2014 06:33:45 PM) (Source: Service Control Manager) (User: )
Description: Il servizio avast! HardwareID non è stato avviato per il seguente errore: 
%%127
 
Error: (06/26/2014 06:33:35 PM) (Source: Service Control Manager) (User: )
Description: Il servizio avast! HardwareID non è stato avviato per il seguente errore: 
%%127
 
Error: (06/26/2014 06:33:25 PM) (Source: Service Control Manager) (User: )
Description: Il servizio avast! HardwareID non è stato avviato per il seguente errore: 
%%127
 
Error: (06/26/2014 06:33:15 PM) (Source: Service Control Manager) (User: )
Description: Il servizio avast! HardwareID non è stato avviato per il seguente errore: 
%%127
 
 
Microsoft Office Sessions:
=========================
Error: (06/30/2014 03:30:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\elyma_000\Downloads\esetsmartinstaller_enu.exe
 
Error: (06/30/2014 03:30:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\elyma_000\Desktop\esetsmartinstaller_enu.exe
 
Error: (06/30/2014 03:29:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestG:\esetsmartinstaller_enu.exe
 
Error: (06/25/2014 06:40:46 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PC-ELY)
Description: Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader
 
Error: (06/23/2014 03:00:00 PM) (Source: ESENT)(User: )
Description: svchost1440SRUJet: C:\Windows\system32\SRU\SRU00127.log-1811 (0xfffff8ed)
 
Error: (06/23/2014 02:59:36 PM) (Source: Application Error)(User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.00000000000000000000007fe971e056051801cf8ee2eec4d9bdC:\Program Files\KMSpico\Service_KMS.exeunknown3a4620d7-fad6-11e3-be76-48d224378496
 
Error: (06/23/2014 02:57:45 PM) (Source: AVLogEvent)(User: NT AUTHORITY)
Description: a7f42014
 
Error: (06/23/2014 02:25:53 PM) (Source: Application Error)(User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.00000000000000000000007feda5c056089401cf8eddf01c7af4C:\Program Files\KMSpico\Service_KMS.exeunknown840a177a-fad1-11e3-be75-48d224378496
 
Error: (06/23/2014 02:23:30 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -528
 
Error: (06/23/2014 02:23:30 PM) (Source: ESENT)(User: )
Description: Catalog Database1344Catalog Database: C:\Windows\system32\CatRoot2\edb0017E.log-1811 (0xfffff8ed)
 
 
 
 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
=========================== Installed Programs ============================
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Games (HKCU\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Alice MOBILE E1692 (HKLM-x32\...\Alice MOBILE E1692) (Version: 11.002.03.49.192 - Huawei Technologies Co.,Ltd)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-3 - Wacom Technology Corp.)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 3.9 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.6 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.0.2.4 - Broadcom Corporation)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Default (x32 Version: 1.0.0.1 - Default Company Name) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.23.203_WHQL (HKLM\...\Elantech) (Version: 11.6.23.203 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Access MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Italian) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Word MUI (Italian) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.003.25.06.51 - Huawei Technologies Co.,Ltd)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
NVIDIA Control Panel 311.59 (Version: 311.59 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.59 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Onda Connection Manager (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki (HKCU\...\Pokki) (Version: 0.266.1.172 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.228 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.57 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6927 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 28%
Total physical RAM: 3911.27 MB
Available physical RAM: 2807.16 MB
Total Pagefile: 4615.27 MB
Available Pagefile: 3409.58 MB
Total Virtual: 4095.88 MB
Available Virtual: 3975.32 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Acer) (Fixed) (Total:447.19 GB) (Free:395.87 GB) NTFS
3 Drive g: (FLASH DRIVE) (Removable) (Total:7.2 GB) (Free:5.86 GB) FAT32
 
========================= Users: ========================================
 
Account utente per \\PC-ELY
 
Administrator            elyma_000                Guest                    
UpdatusUser              
Esecuzione comando riuscita.
 
 
**** End of log ****
 
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
 
 
 
ResultTDSSKiller:
 
 
15:36:23.0279 0x08a0  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
15:36:23.0279 0x08a0  UEFI system
15:36:33.0842 0x08a0  ============================================================
15:36:33.0842 0x08a0  Current date / time: 2014/06/30 15:36:33.0842
15:36:33.0842 0x08a0  SystemInfo:
15:36:33.0842 0x08a0  
15:36:33.0842 0x08a0  OS Version: 6.2.9200 ServicePack: 0.0
15:36:33.0842 0x08a0  Product type: Workstation
15:36:33.0842 0x08a0  ComputerName: PC-ELY
15:36:33.0842 0x08a0  UserName: elyma_000
15:36:33.0842 0x08a0  Windows directory: C:\Windows
15:36:33.0842 0x08a0  System windows directory: C:\Windows
15:36:33.0842 0x08a0  Running under WOW64
15:36:33.0842 0x08a0  Processor architecture: Intel x64
15:36:33.0842 0x08a0  Number of processors: 4
15:36:33.0842 0x08a0  Page size: 0x1000
15:36:33.0842 0x08a0  Boot type: Normal boot
15:36:33.0842 0x08a0  ============================================================
15:36:34.0686 0x08a0  KLMD registered as C:\Windows\system32\drivers\74587308.sys
15:36:35.0108 0x08a0  System UUID: {68FFFEA2-7230-58D6-2A19-99094695AE64}
15:36:35.0764 0x08a0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:36:35.0780 0x08a0  Drive \Device\Harddisk1\DR11 - Size: 0x1CD000000 ( 7.20 Gb ), SectorSize: 0x200, Cylinders: 0x3AC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:36:35.0780 0x08a0  ============================================================
15:36:35.0780 0x08a0  \Device\Harddisk0\DR0:
15:36:35.0780 0x08a0  GPT partitions:
15:36:35.0780 0x08a0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E58A91EC-ADB2-478E-B8BB-CD700B5FD8B3}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
15:36:35.0780 0x08a0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D078607E-2F24-4906-B805-38B6C791D4E8}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
15:36:35.0780 0x08a0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {82B17CA0-94F7-4057-8877-F306DF08F4B4}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
15:36:35.0780 0x08a0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {550A690A-CCEC-4220-9F0F-F0C7CC5B3EBE}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x37E62000
15:36:35.0780 0x08a0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5E174022-AECB-45D5-8AC2-DAA2E5A8DC93}, Name: Basic data partition, StartLBA 0x38000800, BlocksNum 0x2385800
15:36:35.0780 0x08a0  MBR partitions:
15:36:35.0780 0x08a0  \Device\Harddisk1\DR11:
15:36:35.0780 0x08a0  MBR partitions:
15:36:35.0780 0x08a0  \Device\Harddisk1\DR11\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xE66080
15:36:35.0780 0x08a0  ============================================================
15:36:35.0796 0x08a0  C: <-> \Device\Harddisk0\DR0\Partition4
15:36:35.0796 0x08a0  ============================================================
15:36:35.0796 0x08a0  Initialize success
15:36:35.0796 0x08a0  ============================================================
15:36:39.0343 0x14b8  ============================================================
15:36:39.0343 0x14b8  Scan started
15:36:39.0343 0x14b8  Mode: Manual; 
15:36:39.0343 0x14b8  ============================================================
15:36:39.0343 0x14b8  KSN ping started
15:36:39.0390 0x14b8  KSN ping finished: false
15:36:40.0172 0x14b8  ================ Scan system memory ========================
15:36:40.0172 0x14b8  System memory - ok
15:36:40.0172 0x14b8  ================ Scan services =============================
15:36:40.0359 0x14b8  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
15:36:40.0391 0x14b8  1394ohci - ok
15:36:40.0422 0x14b8  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
15:36:40.0422 0x14b8  3ware - ok
15:36:40.0469 0x14b8  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:36:40.0484 0x14b8  ACPI - ok
15:36:40.0500 0x14b8  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
15:36:40.0500 0x14b8  acpiex - ok
15:36:40.0515 0x14b8  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
15:36:40.0515 0x14b8  acpipagr - ok
15:36:40.0515 0x14b8  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
15:36:40.0515 0x14b8  AcpiPmi - ok
15:36:40.0531 0x14b8  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
15:36:40.0531 0x14b8  acpitime - ok
15:36:40.0562 0x14b8  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:36:40.0594 0x14b8  adp94xx - ok
15:36:40.0594 0x14b8  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:36:40.0609 0x14b8  adpahci - ok
15:36:40.0609 0x14b8  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:36:40.0625 0x14b8  adpu320 - ok
15:36:40.0656 0x14b8  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:36:40.0672 0x14b8  AeLookupSvc - ok
15:36:40.0719 0x14b8  [ 36D6A3201721558A8AFBCC09C2DA4C2C, 66BBD6F2267A6418625D54F114B87248590E48C182085B3F43AEF585554F4A17 ] AFD             C:\Windows\system32\drivers\afd.sys
15:36:40.0750 0x14b8  AFD - ok
15:36:40.0766 0x14b8  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:36:40.0781 0x14b8  agp440 - ok
15:36:40.0797 0x14b8  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
15:36:40.0812 0x14b8  ALG - ok
15:36:40.0828 0x14b8  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
15:36:40.0844 0x14b8  AllUserInstallAgent - ok
15:36:40.0875 0x14b8  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
15:36:40.0875 0x14b8  AmdK8 - ok
15:36:40.0891 0x14b8  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
15:36:40.0891 0x14b8  AmdPPM - ok
15:36:40.0906 0x14b8  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:36:40.0906 0x14b8  amdsata - ok
15:36:40.0937 0x14b8  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:36:40.0953 0x14b8  amdsbs - ok
15:36:40.0953 0x14b8  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:36:40.0953 0x14b8  amdxata - ok
15:36:40.0969 0x14b8  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
15:36:40.0984 0x14b8  AppID - ok
15:36:41.0000 0x14b8  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:36:41.0000 0x14b8  AppIDSvc - ok
15:36:41.0031 0x14b8  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll
15:36:41.0031 0x14b8  Appinfo - ok
15:36:41.0062 0x14b8  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
15:36:41.0078 0x14b8  arc - ok
15:36:41.0078 0x14b8  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:36:41.0094 0x14b8  arcsas - ok
15:36:41.0125 0x14b8  [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
15:36:41.0141 0x14b8  aswHwid - ok
15:36:41.0156 0x14b8  [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:36:41.0156 0x14b8  aswMonFlt - ok
15:36:41.0203 0x14b8  [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
15:36:41.0203 0x14b8  aswRdr - ok
15:36:41.0234 0x14b8  [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:36:41.0234 0x14b8  aswRvrt - ok
15:36:41.0344 0x14b8  [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:36:41.0359 0x14b8  aswSnx - ok
15:36:41.0391 0x14b8  [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:36:41.0391 0x14b8  aswSP - ok
15:36:41.0406 0x14b8  [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
15:36:41.0406 0x14b8  aswStm - ok
15:36:41.0437 0x14b8  [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:36:41.0453 0x14b8  aswVmm - ok
15:36:41.0500 0x14b8  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:36:41.0500 0x14b8  AsyncMac - ok
15:36:41.0516 0x14b8  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:36:41.0516 0x14b8  atapi - ok
15:36:41.0562 0x14b8  [ 65DD42A358451920A703EEEC1AB4995B, 7690EFB12E928ECF3D3D3155F7D1F7A8FEEE742212ABE5319166EA8DB5601884 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
15:36:41.0578 0x14b8  AthBTPort - ok
15:36:41.0687 0x14b8  [ 2DC097FE207EC7576B8C8BC357558BA0, FDD51224716DC7E5859A82B751DB75E88026F371B19785A57E4426556C9E11F8 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
15:36:41.0703 0x14b8  AtherosSvc - ok
15:36:41.0828 0x14b8  [ 1BBC9DC016F64B5031A35BBD0C037761, BAFD26CC089FF51E98143E4D42A54740058CD102245C79D104EF9FFE3F9F1B61 ] athr            C:\Windows\system32\DRIVERS\athw8x.sys
15:36:41.0969 0x14b8  athr - ok
15:36:42.0000 0x14b8  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
15:36:42.0016 0x14b8  AudioEndpointBuilder - ok
15:36:42.0078 0x14b8  [ 810F30FF8490ED5ED510621DF10DE320, DC75EB2A98642AC97F6C16810CCF4C71BDECFB2E0B962DA859ABD7182CE59970 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:36:42.0125 0x14b8  Audiosrv - ok
15:36:42.0187 0x14b8  [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:36:42.0203 0x14b8  avast! Antivirus - ok
15:36:42.0234 0x14b8  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:36:42.0234 0x14b8  AxInstSV - ok
15:36:42.0297 0x14b8  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:36:42.0344 0x14b8  b06bdrv - ok
15:36:42.0359 0x14b8  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
15:36:42.0359 0x14b8  BasicDisplay - ok
15:36:42.0375 0x14b8  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
15:36:42.0375 0x14b8  BasicRender - ok
15:36:42.0391 0x14b8  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
15:36:42.0406 0x14b8  BDESVC - ok
15:36:42.0422 0x14b8  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
15:36:42.0422 0x14b8  Beep - ok
15:36:42.0469 0x14b8  [ 9E6A544F465C582AB42444A217CF04DC, E436BA0C423C66740965DA5CB03C39C0EE31A6C0CE5D1D20C7D609E5B0AD27A4 ] BFE             C:\Windows\System32\bfe.dll
15:36:42.0500 0x14b8  BFE - ok
15:36:42.0609 0x14b8  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
15:36:42.0734 0x14b8  BITS - ok
15:36:42.0750 0x14b8  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:36:42.0766 0x14b8  bowser - ok
15:36:42.0797 0x14b8  [ 975398A3D2C1FEA73FC93931978DF354, 623E66E79BF16AC82E5DD579B1D50AA1A884FAFC042C3C8A1B503C97A84098DF ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
15:36:42.0812 0x14b8  BrokerInfrastructure - ok
15:36:42.0859 0x14b8  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
15:36:42.0875 0x14b8  Browser - ok
15:36:42.0891 0x14b8  [ 59CA958CBB12C3344A22D33D3582F4C0, 29F06D9B507703D6F4DA28230E067340FC11B63DDEB5C113E6F991C4EC87FB7A ] bScsiSDa        C:\Windows\System32\drivers\bScsiSDa.sys
15:36:42.0906 0x14b8  bScsiSDa - ok
15:36:42.0953 0x14b8  [ BCDB654338FA6C4BEE20A8EA47092171, CE0408F126F23E8C51CE59F3A56B41C78AB8918512FB9866F055077E5428EA37 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
15:36:42.0984 0x14b8  BTATH_A2DP - ok
15:36:43.0016 0x14b8  [ A71E33AEF3289BE2BA6CAD032BF9BFBA, A390F0BAC83143489F7191E4595973D8E1EA6CDF0937B4A441848CF7345C8808 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
15:36:43.0016 0x14b8  btath_avdt - ok
15:36:43.0078 0x14b8  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\Windows\System32\drivers\btath_bus.sys
15:36:43.0078 0x14b8  BTATH_BUS - ok
15:36:43.0109 0x14b8  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\Windows\System32\drivers\btath_hcrp.sys
15:36:43.0109 0x14b8  BTATH_HCRP - ok
15:36:43.0141 0x14b8  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
15:36:43.0156 0x14b8  BTATH_LWFLT - ok
15:36:43.0187 0x14b8  [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
15:36:43.0187 0x14b8  BTATH_RCP - ok
15:36:43.0250 0x14b8  [ B22C4DC8E240811B3D13DE638F06F371, 474EDE678442F1BACDF5D27619EB955C8E2D88DE1A062F4D5115AE36E1746D28 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
15:36:43.0297 0x14b8  BtFilter - ok
15:36:43.0328 0x14b8  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D, 2EA75F8D7D3BDDDE19B48D71D09C797BBACD40800BF557F6FD9047CA62FF2B9F ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
15:36:43.0344 0x14b8  BthAvrcpTg - ok
15:36:43.0359 0x14b8  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
15:36:43.0359 0x14b8  BthEnum - ok
15:36:43.0375 0x14b8  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
15:36:43.0375 0x14b8  BthHFEnum - ok
15:36:43.0391 0x14b8  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
15:36:43.0391 0x14b8  bthhfhid - ok
15:36:43.0422 0x14b8  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
15:36:43.0438 0x14b8  BthLEEnum - ok
15:36:43.0500 0x14b8  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
15:36:43.0500 0x14b8  BTHMODEM - ok
15:36:43.0547 0x14b8  [ AD6FBCFB955D92C7274FEF2A79B99E60, 73253D4DEE9CA64AF82195E9C472BBA64A13423CD77EC74CA4C9F77D934258AF ] BthMtpEnum      C:\Windows\system32\DRIVERS\BthMtpEnum.sys
15:36:43.0547 0x14b8  BthMtpEnum - ok
15:36:43.0563 0x14b8  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:36:43.0563 0x14b8  BthPan - ok
15:36:43.0656 0x14b8  [ B2FD839F9AF51B8580C02B89AC6C6C89, 011D352D8EE649754516D3DA152025E34BB5C642FC84FE346D90086579B365DF ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:36:43.0719 0x14b8  BTHPORT - ok
15:36:43.0750 0x14b8  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
15:36:43.0750 0x14b8  bthserv - ok
15:36:43.0750 0x14b8  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:36:43.0766 0x14b8  BTHUSB - ok
15:36:43.0922 0x14b8  [ D2B943C3B41A96A4E093DAB46E69E69F, 799BFAE6D8B600F6CD47D81E8C2F5995DA71914E6B5193F5E97E1CCB6997EBC4 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
15:36:44.0031 0x14b8  CCDMonitorService - ok
15:36:44.0078 0x14b8  [ E41F70406C34F1CB667B4B27D81AD162, 8869C7EB9CBF68B90640765D15DB5B8DACEF45025C1E580AA94D96E32560274B ] ccSet_NARA      C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys
15:36:44.0094 0x14b8  ccSet_NARA - ok
15:36:44.0125 0x14b8  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:36:44.0125 0x14b8  cdfs - ok
15:36:44.0156 0x14b8  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
15:36:44.0172 0x14b8  cdrom - ok
15:36:44.0219 0x14b8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:36:44.0234 0x14b8  CertPropSvc - ok
15:36:44.0266 0x14b8  [ 7975EABC23768C92B18ED2744A8FD2BE, C81E92B10E2A5F533DC3D2A554F469915DEF8C4F9D9C24D62ACBA8D1A86285AE ] cfwids          C:\Windows\system32\drivers\cfwids.sys
15:36:44.0281 0x14b8  cfwids - ok
15:36:44.0297 0x14b8  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
15:36:44.0297 0x14b8  circlass - ok
15:36:44.0344 0x14b8  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
15:36:44.0391 0x14b8  CLFS - ok
15:36:44.0438 0x14b8  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
15:36:44.0438 0x14b8  CmBatt - ok
15:36:44.0484 0x14b8  [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:36:44.0547 0x14b8  CNG - ok
15:36:44.0563 0x14b8  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
15:36:44.0563 0x14b8  CompositeBus - ok
15:36:44.0578 0x14b8  COMSysApp - ok
15:36:44.0594 0x14b8  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
15:36:44.0594 0x14b8  condrv - ok
15:36:44.0750 0x14b8  [ 3AB8D5A07C09FFBCAB55F2482434A2E0, 7E8EDD8FF76FFD52F614889750DE99DB34215480764BFF1C018126A253221D50 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:36:44.0781 0x14b8  cphs - ok
15:36:44.0828 0x14b8  [ F0E78B119D12BA81F163D48C0FF30B9A, 9622A2F36F03A33E7D145C439BD62D5AEFD53064D60BCC787555D1AF8CB936A9 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:36:44.0828 0x14b8  CryptSvc - ok
15:36:44.0859 0x14b8  [ C4D01BD86D6B207275FC143EEA951D75, D36F7BBE0DB3EAD0C74DE5E6622C89D4568760D8735B6E191AD30990EA8018DC ] dam             C:\Windows\system32\drivers\dam.sys
15:36:44.0859 0x14b8  dam - ok
15:36:44.0938 0x14b8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:36:45.0000 0x14b8  DcomLaunch - ok
15:36:45.0031 0x14b8  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll
15:36:45.0047 0x14b8  defragsvc - ok
15:36:45.0078 0x14b8  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
15:36:45.0094 0x14b8  DeviceAssociationService - ok
15:36:45.0156 0x14b8  [ B9A27D354D7DBEBC973B2A9A13E7BED0, 244ECE3DD7B00502FAE5699A4EF7E2B3B3101CBF8B283ACA707153BED6F33CE1 ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
15:36:45.0188 0x14b8  DeviceFastLaneService - ok
15:36:45.0219 0x14b8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
15:36:45.0234 0x14b8  DeviceInstall - ok
15:36:45.0281 0x14b8  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
15:36:45.0281 0x14b8  Dfsc - ok
15:36:45.0328 0x14b8  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:36:45.0359 0x14b8  Dhcp - ok
15:36:45.0391 0x14b8  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
15:36:45.0391 0x14b8  discache - ok
15:36:45.0422 0x14b8  [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6 ] disk            C:\Windows\system32\drivers\disk.sys
15:36:45.0438 0x14b8  disk - ok
15:36:45.0453 0x14b8  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
15:36:45.0453 0x14b8  dmvsc - ok
15:36:45.0485 0x14b8  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:36:45.0500 0x14b8  Dnscache - ok
15:36:45.0531 0x14b8  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
15:36:45.0563 0x14b8  dot3svc - ok
15:36:45.0594 0x14b8  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
15:36:45.0625 0x14b8  DPS - ok
15:36:45.0656 0x14b8  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:36:45.0656 0x14b8  drmkaud - ok
15:36:45.0703 0x14b8  [ BF48F32EE248C3D371DA5DC93BBEADA7, C8E9B685A8F2F99140382557F11E362D899E7EC6693ADEFE762F0A3850585C63 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
15:36:45.0735 0x14b8  DsmSvc - ok
15:36:45.0828 0x14b8  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9, 3D348D3EFCA9C2AC25C3D0722FB8F64820936DEFD3926888740442972A0A8189 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:36:45.0922 0x14b8  DXGKrnl - ok
15:36:45.0953 0x14b8  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
15:36:45.0969 0x14b8  Eaphost - ok
15:36:46.0110 0x14b8  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:36:46.0235 0x14b8  ebdrv - ok
15:36:46.0250 0x14b8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS             C:\Windows\System32\lsass.exe
15:36:46.0266 0x14b8  EFS - ok
15:36:46.0266 0x14b8  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
15:36:46.0281 0x14b8  EhStorClass - ok
15:36:46.0297 0x14b8  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
15:36:46.0297 0x14b8  EhStorTcgDrv - ok
15:36:46.0375 0x14b8  [ 616E1B9130314EB0E331197940AA625B, A4736A31EFF6D35A27B0EC14A7C855B7577301500E20CE936B0F1C0013F0FDF0 ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
15:36:46.0422 0x14b8  ePowerSvc - ok
15:36:46.0438 0x14b8  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
15:36:46.0438 0x14b8  ErrDev - ok
15:36:46.0500 0x14b8  [ 0A5D29DC99D39E828C9A6A18E441572C, AAD498403D34AE232EA2E14705ECB6882ECBE35D5F9AEBF8BC3D35A75BEA7244 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
15:36:46.0531 0x14b8  ETD - ok
15:36:46.0563 0x14b8  [ 6E58CB683B2255787ECD568628C3C9E0, DC09B76BF00D9E449A809921AF80BFC78A20BA112E6CB5F1FDA51A628CE03EFA ] ETDService      C:\Program Files\Elantech\ETDService.exe
15:36:46.0578 0x14b8  ETDService - ok
15:36:46.0656 0x14b8  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
15:36:46.0703 0x14b8  EventSystem - ok
15:36:46.0750 0x14b8  [ 334C907536E815E56CD13108A6D5FB9D, 0CEA0A330607B44A4CF0F0D5C92E91C7E2157404410F651CC4F8BA14A74523AE ] ewusbmbb        C:\Windows\system32\DRIVERS\ewusbwwan.sys
15:36:46.0766 0x14b8  ewusbmbb - ok
15:36:46.0781 0x14b8  ewusbnet - ok
15:36:46.0797 0x14b8  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
15:36:46.0797 0x14b8  ew_hwusbdev - ok
15:36:46.0828 0x14b8  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
15:36:46.0828 0x14b8  exfat - ok
15:36:46.0860 0x14b8  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:36:46.0860 0x14b8  fastfat - ok
15:36:46.0891 0x14b8  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
15:36:46.0922 0x14b8  Fax - ok
15:36:46.0938 0x14b8  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
15:36:46.0938 0x14b8  fdc - ok
15:36:46.0969 0x14b8  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:36:46.0969 0x14b8  fdPHost - ok
15:36:46.0985 0x14b8  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:36:47.0000 0x14b8  FDResPub - ok
15:36:47.0031 0x14b8  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
15:36:47.0031 0x14b8  fhsvc - ok
15:36:47.0063 0x14b8  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:36:47.0063 0x14b8  FileInfo - ok
15:36:47.0078 0x14b8  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:36:47.0094 0x14b8  Filetrace - ok
15:36:47.0110 0x14b8  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
15:36:47.0110 0x14b8  flpydisk - ok
15:36:47.0156 0x14b8  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:36:47.0203 0x14b8  FltMgr - ok
15:36:47.0313 0x14b8  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll
15:36:47.0360 0x14b8  FontCache - ok
15:36:47.0422 0x14b8  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:36:47.0438 0x14b8  FontCache3.0.0.0 - ok
15:36:47.0453 0x14b8  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:36:47.0453 0x14b8  FsDepends - ok
15:36:47.0500 0x14b8  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:36:47.0500 0x14b8  Fs_Rec - ok
15:36:47.0547 0x14b8  [ FA228F4BB10DC7ED7E7D131C034E2331, 0463B1DB8BB2B5AF95EAD988EA9DEB5483D9E78C07E07BAC1E3CC46C086B3BB0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:36:47.0578 0x14b8  fvevol - ok
15:36:47.0610 0x14b8  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
15:36:47.0610 0x14b8  FxPPM - ok
15:36:47.0625 0x14b8  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:36:47.0641 0x14b8  gagp30kx - ok
15:36:47.0703 0x14b8  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:36:47.0719 0x14b8  GamesAppService - ok
15:36:47.0750 0x14b8  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
15:36:47.0750 0x14b8  gencounter - ok
15:36:47.0797 0x14b8  [ CA18ECFCFFDD638ECE80799A9056B238, FEA6778443253CBAA9FF43A980D576A3F449B036151F91495F04CE0C54F02254 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
15:36:47.0797 0x14b8  GPIOClx0101 - ok
15:36:47.0906 0x14b8  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:36:47.0969 0x14b8  gpsvc - ok
15:36:48.0016 0x14b8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:36:48.0016 0x14b8  gupdate - ok
15:36:48.0016 0x14b8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:36:48.0016 0x14b8  gupdatem - ok
15:36:48.0063 0x14b8  [ C2504AA983B5D411F7D31402E8B57725, B07370E6BF87546F2557C423F7450CBE90E2A13042DEA2864B6047EFE9F459C5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:36:48.0110 0x14b8  HdAudAddService - ok
15:36:48.0141 0x14b8  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
15:36:48.0141 0x14b8  HDAudBus - ok
15:36:48.0157 0x14b8  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
15:36:48.0157 0x14b8  HidBatt - ok
15:36:48.0203 0x14b8  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
15:36:48.0219 0x14b8  HidBth - ok
15:36:48.0219 0x14b8  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
15:36:48.0235 0x14b8  hidi2c - ok
15:36:48.0235 0x14b8  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
15:36:48.0250 0x14b8  HidIr - ok
15:36:48.0282 0x14b8  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
15:36:48.0282 0x14b8  hidserv - ok
15:36:48.0313 0x14b8  [ 9E11EE0F2E117B2D5A835B2B91752827, DA523B5DE025B54DC685CB7FF76A75B343EAA8A10C7A8870BB023F1AAEEB67F5 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
15:36:48.0313 0x14b8  HidUsb - ok
15:36:48.0344 0x14b8  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:36:48.0360 0x14b8  hkmsvc - ok
15:36:48.0391 0x14b8  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:36:48.0422 0x14b8  HomeGroupListener - ok
15:36:48.0485 0x14b8  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:36:48.0532 0x14b8  HomeGroupProvider - ok
15:36:48.0578 0x14b8  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:36:48.0578 0x14b8  HpSAMD - ok
15:36:48.0657 0x14b8  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:36:48.0703 0x14b8  HTTP - ok
15:36:48.0735 0x14b8  [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\System32\drivers\ew_jubusenum.sys
15:36:48.0735 0x14b8  huawei_enumerator - ok
15:36:48.0782 0x14b8  [ 4B80AF36EE9F31361C1DCB2EE563719A, 6729ABDFBADA03DF0EBC71B4A898951B797B9640E718D42B9669A0396F1BE730 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:36:48.0782 0x14b8  hwdatacard - ok
15:36:48.0860 0x14b8  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
15:36:48.0891 0x14b8  HWDeviceService64.exe - ok
15:36:48.0907 0x14b8  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:36:48.0922 0x14b8  hwpolicy - ok
15:36:48.0938 0x14b8  hwusbfake - ok
15:36:48.0969 0x14b8  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
15:36:48.0969 0x14b8  hyperkbd - ok
15:36:48.0985 0x14b8  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
15:36:48.0985 0x14b8  HyperVideo - ok
15:36:49.0016 0x14b8  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
15:36:49.0016 0x14b8  i8042prt - ok
15:36:49.0094 0x14b8  [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
15:36:49.0110 0x14b8  iaStorA - ok
15:36:49.0141 0x14b8  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:36:49.0141 0x14b8  iaStorV - ok
15:36:49.0172 0x14b8  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
15:36:49.0188 0x14b8  ICCS - ok
15:36:49.0391 0x14b8  [ 0245CD3AE14CACF6E2503C42019431D7, 87D2E1ACD3CC0B1C3F713EB5E0C6C510B386EC142AC7554B2043396305626C96 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:36:49.0547 0x14b8  igfx - ok
15:36:49.0578 0x14b8  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:36:49.0578 0x14b8  iirsp - ok
15:36:49.0625 0x14b8  [ 531B5A98145DA689741A0AC18F14EA94, BFD6FF79EA87627B2E5D96747518928119B60CFE772AE15F1643F9738DCD4DBB ] IKEEXT          C:\Windows\System32\ikeext.dll
15:36:49.0688 0x14b8  IKEEXT - ok
15:36:49.0875 0x14b8  [ 8DCD20B1E0007528647A127DC1E78C3E, 6C0DD5D8690B7548FAE283FCA15079A18B84BCA4CDF53AC33FE32FE65A95AC9D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:36:50.0000 0x14b8  IntcAzAudAddService - ok
15:36:50.0032 0x14b8  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:36:50.0032 0x14b8  IntcDAud - ok
15:36:50.0078 0x14b8  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:36:50.0125 0x14b8  Intel® Capability Licensing Service Interface - ok
15:36:50.0188 0x14b8  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
15:36:50.0250 0x14b8  Intel® Capability Licensing Service TCP IP Interface - ok
15:36:50.0266 0x14b8  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:36:50.0282 0x14b8  intelide - ok
15:36:50.0297 0x14b8  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
15:36:50.0297 0x14b8  intelppm - ok
15:36:50.0313 0x14b8  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:36:50.0313 0x14b8  IpFilterDriver - ok
15:36:50.0391 0x14b8  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:36:50.0422 0x14b8  iphlpsvc - ok
15:36:50.0438 0x14b8  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
15:36:50.0438 0x14b8  IPMIDRV - ok
15:36:50.0453 0x14b8  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:36:50.0453 0x14b8  IPNAT - ok
15:36:50.0485 0x14b8  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:36:50.0485 0x14b8  IRENUM - ok
15:36:50.0500 0x14b8  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:36:50.0500 0x14b8  isapnp - ok
15:36:50.0532 0x14b8  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
15:36:50.0579 0x14b8  iScsiPrt - ok
15:36:50.0641 0x14b8  [ 08B14887C0B98101F8EC207817A0D734, DF2B2C16F9C8EA05533AE26C3302C41D5B67966D8E55ED8625353AE1D70FBD29 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
15:36:50.0641 0x14b8  jhi_service - ok
15:36:50.0704 0x14b8  [ 80C1230525307EA65EDD91FF00F435FA, 7C14508CD989E39D60E1843D0764A7F0F438C848F08480BC171ABFD12F741025 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
15:36:50.0735 0x14b8  k57nd60a - ok
15:36:50.0750 0x14b8  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
15:36:50.0766 0x14b8  kbdclass - ok
15:36:50.0782 0x14b8  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
15:36:50.0782 0x14b8  kbdhid - ok
15:36:50.0813 0x14b8  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
15:36:50.0813 0x14b8  kdnic - ok
15:36:50.0829 0x14b8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso          C:\Windows\system32\lsass.exe
15:36:50.0844 0x14b8  KeyIso - ok
15:36:50.0860 0x14b8  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:36:50.0860 0x14b8  KSecDD - ok
15:36:50.0907 0x14b8  [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:36:50.0907 0x14b8  KSecPkg - ok
15:36:50.0922 0x14b8  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:36:50.0938 0x14b8  ksthunk - ok
15:36:50.0985 0x14b8  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:36:51.0016 0x14b8  KtmRm - ok
15:36:51.0094 0x14b8  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:36:51.0157 0x14b8  LanmanServer - ok
15:36:51.0188 0x14b8  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:36:51.0235 0x14b8  LanmanWorkstation - ok
15:36:51.0250 0x14b8  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:36:51.0266 0x14b8  lltdio - ok
15:36:51.0313 0x14b8  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:36:51.0360 0x14b8  lltdsvc - ok
15:36:51.0391 0x14b8  [ 95DD1E89A772A383E0FDC677A2E2ED44, 94701ACC1F4D5422CB7084609BC25D34A05F68829DB5030AA6697BD7DBC3B0B2 ] LMDriver        C:\Windows\System32\drivers\LMDriver.sys
15:36:51.0407 0x14b8  LMDriver - ok
15:36:51.0422 0x14b8  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:36:51.0422 0x14b8  lmhosts - ok
15:36:51.0469 0x14b8  [ 920F6774762DE8D8477088B6F38FBD6C, DA056D27FE775835CD6F8F5F3143179D818C20658304E21100B534C24079916C ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:36:51.0501 0x14b8  LMS - ok
15:36:51.0594 0x14b8  [ 5E57ABEAB076EBD32DDF795B59A09A12, 0B0F729469A7EDD28517E85792FEF96F909094E0E8C95813FB274CFFA4C1BE5F ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
15:36:51.0626 0x14b8  LMSvc - ok
15:36:51.0657 0x14b8  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:36:51.0672 0x14b8  LSI_SAS - ok
15:36:51.0688 0x14b8  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:36:51.0688 0x14b8  LSI_SAS2 - ok
15:36:51.0704 0x14b8  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:36:51.0719 0x14b8  LSI_SCSI - ok
15:36:51.0735 0x14b8  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
15:36:51.0735 0x14b8  LSI_SSS - ok
15:36:51.0782 0x14b8  [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM             C:\Windows\System32\lsm.dll
15:36:51.0829 0x14b8  LSM - ok
15:36:51.0844 0x14b8  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:36:51.0860 0x14b8  luafv - ok
15:36:51.0876 0x14b8  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:36:51.0876 0x14b8  megasas - ok
15:36:51.0922 0x14b8  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:36:51.0954 0x14b8  MegaSR - ok
15:36:51.0985 0x14b8  [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
15:36:52.0001 0x14b8  MEIx64 - ok
15:36:52.0032 0x14b8  [ 10947232B5F652B282DD57F845875896, 4881CA76924AB55D93D727E3CDDD25A74F77EA0B62E4071ADBE7C649B3254E43 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
15:36:52.0047 0x14b8  mfeapfk - ok
15:36:52.0063 0x14b8  [ A611EDB749D446A5F7D2DE8D5CCBC4AE, A9D2409872A578C83A610B6E91C68C30813205C43D3FDD94D8A1893E80DAD500 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
15:36:52.0079 0x14b8  mfeavfk - ok
15:36:52.0126 0x14b8  mfecore - ok
15:36:52.0157 0x14b8  [ 2D0378415EE29D01531E64B5052A37A6, DB5A86E8A1117A80276A6556EF8251E5CFD4558179CD386B9A2026F7FB6DC202 ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
15:36:52.0157 0x14b8  mfeelamk - ok
15:36:52.0204 0x14b8  [ 1D57A3BCBFE09980993F2899E95ECF1A, B2C5A72B316D18A94D4B1939E135CF21C72198102B68CE5C5D63B4E1C766635F ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:36:52.0282 0x14b8  mfefire - ok
15:36:52.0344 0x14b8  [ 45457CB3601D054D70DBC372BBE2A8E8, 16F66921DF0059595EC8CEF13D4C21C27146360236877DCC2F1887A9D0F8E996 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
15:36:52.0376 0x14b8  mfefirek - ok
15:36:52.0438 0x14b8  [ DD264F5A7EE58C48BD5085563C9E8191, B36781946865851F75A585D6874421D67DA8986415C3E164C92240189E567572 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
15:36:52.0469 0x14b8  mfehidk - ok
15:36:52.0516 0x14b8  [ 57EC9D22D989DD67E91A51BE082B1083, 4DF70334ACF3B34403E8C4B73B90298B465C481FD79EFDA756B147642CC7E27C ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
15:36:52.0532 0x14b8  mfencbdc - ok
15:36:52.0563 0x14b8  [ FCEEE953517CA72E4238954467CD63E8, B83FCF5CD882D9325729A1B347BAF741E51BC10B3ED0A47AF977D47BB68B19B5 ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
15:36:52.0579 0x14b8  mfencrk - ok
15:36:52.0594 0x14b8  [ BC0DFA8EBC3DD572834B640DC22847B4, F9391ECB65D8F4FF349240BE1400ED8F7D9094B5A45EF546C8C39FF3ED2F0D6F ] mfevtp          C:\windows\system32\mfevtps.exe
15:36:52.0626 0x14b8  mfevtp - ok
15:36:52.0672 0x14b8  [ EAE62CCDFB34E27D2E0CF9943695F50E, 27BA32E1631EDF939D8FEAAA6AB5CEE4844B58FCA5E9F349029330D78CC7CA50 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
15:36:52.0704 0x14b8  mfewfpk - ok
15:36:52.0735 0x14b8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll
15:36:52.0751 0x14b8  MMCSS - ok
15:36:52.0813 0x14b8  [ 1CE0621B591913C12BECAA5B50E88BB2, 115068C57570140C9389BD923A4E68236ACEBB4F733DA09D05AEEDAD7317AB46 ] Mobile Partner. RunOuc C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
15:36:52.0844 0x14b8  Mobile Partner. RunOuc - ok
15:36:52.0860 0x14b8  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
15:36:52.0860 0x14b8  Modem - ok
15:36:52.0876 0x14b8  [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935, CC3F4E09F8834C7293B607446FECFE3CBB9B9151E65AAD38E2A4A8B30244DE14 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:36:52.0876 0x14b8  monitor - ok
15:36:52.0907 0x14b8  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
15:36:52.0922 0x14b8  mouclass - ok
15:36:52.0938 0x14b8  [ CB2527B8B87D83E56FBF3944BBB6F606, F8DA5AF97B91099C58E14D1DACBCA02AF8F193E53A88DDC8CC4C0655A2E4F90B ] mouhid          C:\Windows\System32\drivers\mouhid.sys
15:36:52.0938 0x14b8  mouhid - ok
15:36:52.0969 0x14b8  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:36:52.0969 0x14b8  mountmgr - ok
15:36:53.0001 0x14b8  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C, BCBFF081FAFB822CE29D291FB329FC310D90F0EC0D1BB69CF8CB09ED5A2E84D1 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:36:53.0001 0x14b8  mpsdrv - ok
15:36:53.0079 0x14b8  [ 3031573A739DBEE8923851929D0AF423, E9EA6C0D12A896AC745173B1F1A58192B52724AA424718B16B8D05E9AC091741 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:36:53.0141 0x14b8  MpsSvc - ok
15:36:53.0172 0x14b8  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:36:53.0188 0x14b8  MRxDAV - ok
15:36:53.0235 0x14b8  [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:36:53.0266 0x14b8  mrxsmb - ok
15:36:53.0313 0x14b8  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:36:53.0360 0x14b8  mrxsmb10 - ok
15:36:53.0391 0x14b8  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:36:53.0407 0x14b8  mrxsmb20 - ok
15:36:53.0438 0x14b8  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
15:36:53.0454 0x14b8  MsBridge - ok
15:36:53.0485 0x14b8  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
15:36:53.0563 0x14b8  MSDTC - ok
15:36:53.0579 0x14b8  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:36:53.0579 0x14b8  Msfs - ok
15:36:53.0626 0x14b8  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
15:36:53.0626 0x14b8  msgpiowin32 - ok
15:36:53.0641 0x14b8  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:36:53.0641 0x14b8  mshidkmdf - ok
15:36:53.0657 0x14b8  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
15:36:53.0673 0x14b8  mshidumdf - ok
15:36:53.0688 0x14b8  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:36:53.0688 0x14b8  msisadrv - ok
15:36:53.0719 0x14b8  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:36:53.0751 0x14b8  MSiSCSI - ok
15:36:53.0751 0x14b8  msiserver - ok
15:36:53.0782 0x14b8  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:36:53.0782 0x14b8  MSKSSRV - ok
15:36:53.0813 0x14b8  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
15:36:53.0829 0x14b8  MsLldp - ok
15:36:53.0829 0x14b8  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:36:53.0844 0x14b8  MSPCLOCK - ok
15:36:53.0844 0x14b8  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:36:53.0860 0x14b8  MSPQM - ok
15:36:53.0891 0x14b8  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:36:53.0938 0x14b8  MsRPC - ok
15:36:53.0954 0x14b8  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
15:36:53.0969 0x14b8  mssmbios - ok
15:36:53.0969 0x14b8  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:36:53.0985 0x14b8  MSTEE - ok
15:36:54.0001 0x14b8  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
15:36:54.0001 0x14b8  MTConfig - ok
15:36:54.0032 0x14b8  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
15:36:54.0048 0x14b8  Mup - ok
15:36:54.0048 0x14b8  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
15:36:54.0063 0x14b8  mvumis - ok
15:36:54.0126 0x14b8  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
15:36:54.0173 0x14b8  napagent - ok
15:36:54.0219 0x14b8  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:36:54.0251 0x14b8  NativeWifiP - ok
15:36:54.0344 0x14b8  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        c:\Program Files (x86)\Nero\Update\NASvc.exe
15:36:54.0391 0x14b8  NAUpdate - ok
15:36:54.0438 0x14b8  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
15:36:54.0469 0x14b8  NcaSvc - ok
15:36:54.0485 0x14b8  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
15:36:54.0501 0x14b8  NcdAutoSetup - ok
15:36:54.0563 0x14b8  [ 03CFE4108D1DE16D6C59455B5C73319C, 0816BAB06457F7ED53F658E53314A7A1D5A0398151186A47CE11A3017D002161 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:36:54.0610 0x14b8  NDIS - ok
15:36:54.0641 0x14b8  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:36:54.0641 0x14b8  NdisCap - ok
15:36:54.0657 0x14b8  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
15:36:54.0673 0x14b8  NdisImPlatform - ok
15:36:54.0688 0x14b8  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:36:54.0688 0x14b8  NdisTapi - ok
15:36:54.0704 0x14b8  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:36:54.0704 0x14b8  Ndisuio - ok
15:36:54.0719 0x14b8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:36:54.0735 0x14b8  NdisWan - ok
15:36:54.0751 0x14b8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
15:36:54.0751 0x14b8  NDISWANLEGACY - ok
15:36:54.0782 0x14b8  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:36:54.0782 0x14b8  NDProxy - ok
15:36:54.0813 0x14b8  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
15:36:54.0813 0x14b8  Ndu - ok
15:36:54.0829 0x14b8  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:36:54.0829 0x14b8  NetBIOS - ok
15:36:54.0860 0x14b8  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:36:54.0876 0x14b8  NetBT - ok
15:36:54.0891 0x14b8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon        C:\Windows\system32\lsass.exe
15:36:54.0891 0x14b8  Netlogon - ok
15:36:54.0954 0x14b8  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
15:36:55.0001 0x14b8  Netman - ok
15:36:55.0063 0x14b8  [ 5FF52E13C72838D87DAF228EC9E92C89, DA25B5FB59E5476A3F204298638580AB3E151F339505FCB3756730EE435B1561 ] netprofm        C:\Windows\System32\netprofmsvc.dll
15:36:55.0094 0x14b8  netprofm - ok
15:36:55.0157 0x14b8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:55.0188 0x14b8  NetTcpPortSharing - ok
15:36:55.0219 0x14b8  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:36:55.0219 0x14b8  nfrd960 - ok
15:36:55.0282 0x14b8  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:36:55.0313 0x14b8  NlaSvc - ok
15:36:55.0501 0x14b8  [ FD8082D64C151589F12A4F620DBA3030, 649D61BF958ED50C0B5F7E0D2E633D20C8AAA00706A7AE9528DA78E2B6B3492E ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
15:36:55.0641 0x14b8  NOBU - ok
15:36:55.0657 0x14b8  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:36:55.0657 0x14b8  Npfs - ok
15:36:55.0688 0x14b8  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
15:36:55.0688 0x14b8  npsvctrig - ok
15:36:55.0720 0x14b8  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
15:36:55.0720 0x14b8  nsi - ok
15:36:55.0735 0x14b8  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:36:55.0751 0x14b8  nsiproxy - ok
15:36:55.0860 0x14b8  [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:36:55.0907 0x14b8  Ntfs - ok
15:36:55.0923 0x14b8  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
15:36:55.0923 0x14b8  Null - ok
15:36:56.0251 0x14b8  [ C7CD2A097712E8DE1381C931C29BE2D6, 8B13DEFBA4D9FEF30657B9DF63F286F3DEC12198C80965F39D127A6B8E99B1DE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:36:56.0548 0x14b8  nvlddmkm - ok
15:36:56.0579 0x14b8  [ 0898CA6496478F82CCB9EAC2F7DB17CD, 2B0541B2BC59372BA3047DAD3E735C74763318F3AB4F3BCCEB499D9AC2E3FB11 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
15:36:56.0579 0x14b8  nvpciflt - ok
15:36:56.0610 0x14b8  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:36:56.0626 0x14b8  nvraid - ok
15:36:56.0657 0x14b8  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:36:56.0657 0x14b8  nvstor - ok
15:36:56.0735 0x14b8  [ 367CC53EC000EA5339844D666E0C323A, 00EEF420B18185DB3D7D4F8D1B3108A0D3032897B60DF0375E665C582A585051 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:36:56.0767 0x14b8  nvsvc - ok
15:36:56.0876 0x14b8  [ D0795702AC54E9B8D7187880D1628686, 9BF3E70865BC37D088DC599395F69D40BAD750358B431E904361EC54E199D821 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:36:56.0938 0x14b8  nvUpdatusService - ok
15:36:56.0970 0x14b8  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:36:56.0970 0x14b8  nv_agp - ok
15:36:57.0001 0x14b8  [ C241EFC61A66F98333A33E2891B18246, 2E0B570D41326872FD3CD931924A82B00835249A97BEE6699CB61E08271827AB ] ONDA_MW823UP_cdc_acm C:\Windows\system32\DRIVERS\ONDA_MW823UP_cdc_acm.sys
15:36:57.0017 0x14b8  ONDA_MW823UP_cdc_acm - ok
15:36:57.0032 0x14b8  [ 605CB9036A92B93C23680D5AF746390E, BE91AFAB508DEFD44D0E5C715565BF09D9078CB1552083C0BD100B1950A4A872 ] ONDA_MW823UP_cdc_ecm C:\Windows\system32\DRIVERS\ONDA_MW823UP_cdc_ecm.sys
15:36:57.0032 0x14b8  ONDA_MW823UP_cdc_ecm - ok
15:36:57.0063 0x14b8  [ 3391CB819556C71683B55E181F587936, 85254F2A32F97E01F620113CF6021295FBC3C507D9A7C8BAC32B5A683DC4A71E ] ONDA_MW823UP_cpo C:\Windows\System32\drivers\ONDA_MW823UP_cpo.sys
15:36:57.0063 0x14b8  ONDA_MW823UP_cpo - ok
15:36:57.0095 0x14b8  [ F9F16AAA2A300007A0204A0E0456C8C7, AC6D4ECCEFE1AB773B71DA312E21CAAD58F024999316E5B56AC57915AF364F34 ] ONDA_MW823UP_dc_enum C:\Windows\System32\drivers\ONDA_MW823UP_dc_enum.sys
15:36:57.0110 0x14b8  ONDA_MW823UP_dc_enum - ok
15:36:57.0142 0x14b8  [ 2B8E4C792BED0E5882702720BC528AE5, 6D7CB027BC6014CB268C49B46049CDFF3BA94D07102A65BD053335A28E83D125 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:36:57.0157 0x14b8  ose - ok
15:36:57.0188 0x14b8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:36:57.0204 0x14b8  p2pimsvc - ok
15:36:57.0220 0x14b8  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:36:57.0235 0x14b8  p2psvc - ok
15:36:57.0267 0x14b8  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
15:36:57.0282 0x14b8  Parport - ok
15:36:57.0298 0x14b8  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:36:57.0314 0x14b8  partmgr - ok
15:36:57.0345 0x14b8  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:36:57.0392 0x14b8  PcaSvc - ok
15:36:57.0423 0x14b8  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
15:36:57.0439 0x14b8  pci - ok
15:36:57.0439 0x14b8  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
15:36:57.0454 0x14b8  pciide - ok
15:36:57.0470 0x14b8  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:36:57.0470 0x14b8  pcmcia - ok
15:36:57.0470 0x14b8  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
15:36:57.0485 0x14b8  pcw - ok
15:36:57.0501 0x14b8  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys
15:36:57.0501 0x14b8  pdc - ok
15:36:57.0579 0x14b8  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:36:57.0626 0x14b8  PEAUTH - ok
15:36:57.0751 0x14b8  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:36:57.0767 0x14b8  PerfHost - ok
15:36:57.0892 0x14b8  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
15:36:57.0954 0x14b8  pla - ok
15:36:57.0985 0x14b8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:36:57.0985 0x14b8  PlugPlay - ok
15:36:58.0017 0x14b8  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:36:58.0017 0x14b8  PNRPAutoReg - ok
15:36:58.0032 0x14b8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:36:58.0048 0x14b8  PNRPsvc - ok
15:36:58.0095 0x14b8  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:36:58.0126 0x14b8  PolicyAgent - ok
15:36:58.0157 0x14b8  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll
15:36:58.0173 0x14b8  Power - ok
15:36:58.0189 0x14b8  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:36:58.0189 0x14b8  PptpMiniport - ok
15:36:58.0345 0x14b8  [ 9D59831262CAD44E709D695FC9D5E7AB, F95C5475F91DA667C8D5C96253944CE8A0F2C9B1ED4DF8703E5D1D47A0C730B5 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
15:36:58.0423 0x14b8  PrintNotify - ok
15:36:58.0439 0x14b8  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys
15:36:58.0439 0x14b8  Processor - ok
15:36:58.0486 0x14b8  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll
15:36:58.0486 0x14b8  ProfSvc - ok
15:36:58.0501 0x14b8  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:36:58.0517 0x14b8  Psched - ok
15:36:58.0532 0x14b8  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
15:36:58.0548 0x14b8  QWAVE - ok
15:36:58.0548 0x14b8  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:36:58.0548 0x14b8  QWAVEdrv - ok
15:36:58.0579 0x14b8  [ E94067155C8AA4EF134CB2528E0C9CD7, 6EEF603F64827AB138930DFE379BF8E48E64AE8AA5EE7B9E0CA369022BAAA2EA ] RadioShim       C:\Windows\System32\drivers\RadioShim.sys
15:36:58.0579 0x14b8  RadioShim - ok
15:36:58.0611 0x14b8  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:36:58.0611 0x14b8  RasAcd - ok
15:36:58.0642 0x14b8  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:36:58.0642 0x14b8  RasAgileVpn - ok
15:36:58.0673 0x14b8  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
15:36:58.0689 0x14b8  RasAuto - ok
15:36:58.0720 0x14b8  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:36:58.0736 0x14b8  Rasl2tp - ok
15:36:58.0767 0x14b8  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
15:36:58.0814 0x14b8  RasMan - ok
15:36:58.0845 0x14b8  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:36:58.0845 0x14b8  RasPppoe - ok
15:36:58.0876 0x14b8  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:36:58.0892 0x14b8  RasSstp - ok
15:36:58.0939 0x14b8  [ B72C33DBD5326B3864CF2091AF8B906B, 85A22311FA870CE43CF70F69D7D101D96B9095A992DCF5FA1587886F6D4282DC ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:36:58.0970 0x14b8  rdbss - ok
15:36:59.0001 0x14b8  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
15:36:59.0017 0x14b8  rdpbus - ok
15:36:59.0032 0x14b8  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:36:59.0048 0x14b8  RDPDR - ok
15:36:59.0111 0x14b8  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:36:59.0111 0x14b8  RdpVideoMiniport - ok
15:36:59.0142 0x14b8  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:36:59.0157 0x14b8  RDPWD - ok
15:36:59.0189 0x14b8  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:36:59.0220 0x14b8  rdyboost - ok
15:36:59.0251 0x14b8  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:36:59.0251 0x14b8  RemoteAccess - ok
15:36:59.0314 0x14b8  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:36:59.0345 0x14b8  RemoteRegistry - ok
15:36:59.0376 0x14b8  [ 17EF582CBC4809F96B9E6D0543480763, 7097ACDC565A50C7F3F8659693356EE9CAA6B922124C27C4F9D7C89526A87481 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:36:59.0392 0x14b8  RFCOMM - ok
15:36:59.0423 0x14b8  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:36:59.0439 0x14b8  RpcEptMapper - ok
15:36:59.0470 0x14b8  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
15:36:59.0470 0x14b8  RpcLocator - ok
15:36:59.0533 0x14b8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
15:36:59.0564 0x14b8  RpcSs - ok
15:36:59.0595 0x14b8  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:36:59.0595 0x14b8  rspndr - ok
15:36:59.0611 0x14b8  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
15:36:59.0611 0x14b8  s3cap - ok
15:36:59.0626 0x14b8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs           C:\Windows\system32\lsass.exe
15:36:59.0626 0x14b8  SamSs - ok
15:36:59.0642 0x14b8  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:36:59.0642 0x14b8  sbp2port - ok
15:36:59.0673 0x14b8  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:36:59.0673 0x14b8  SCardSvr - ok
15:36:59.0689 0x14b8  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:36:59.0689 0x14b8  scfilter - ok
15:36:59.0736 0x14b8  [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule        C:\Windows\system32\schedsvc.dll
15:36:59.0783 0x14b8  Schedule - ok
15:36:59.0829 0x14b8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:36:59.0829 0x14b8  SCPolicySvc - ok
15:36:59.0845 0x14b8  [ 12F06525912BBEF67837DE47D87C60A9, 996A014FAF0300D734A80A6FA2037B9A389B644342F418719173E1C20D3A8F72 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
15:36:59.0845 0x14b8  sdbus - ok
15:36:59.0876 0x14b8  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:36:59.0876 0x14b8  SDRSVC - ok
15:36:59.0892 0x14b8  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
15:36:59.0892 0x14b8  sdstor - ok
15:36:59.0908 0x14b8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:36:59.0908 0x14b8  secdrv - ok
15:36:59.0923 0x14b8  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
15:36:59.0923 0x14b8  seclogon - ok
15:36:59.0939 0x14b8  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
15:36:59.0939 0x14b8  SENS - ok
15:36:59.0954 0x14b8  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:36:59.0970 0x14b8  SensrSvc - ok
15:36:59.0970 0x14b8  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
15:36:59.0970 0x14b8  SerCx - ok
15:36:59.0986 0x14b8  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
15:36:59.0986 0x14b8  Serenum - ok
15:36:59.0986 0x14b8  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
15:36:59.0986 0x14b8  Serial - ok
15:37:00.0001 0x14b8  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
15:37:00.0001 0x14b8  sermouse - ok
15:37:00.0111 0x14b8  [ 3C19C8CBC7917FEE066CB7A116D3F326, 3656E89F194BD27CD67D4F06A4A01E005F129E77E478F953AC1DE53D168CD9A9 ] Service KMSELDI C:\Program Files\KMSpico\Service_KMS.exe
15:37:00.0158 0x14b8  Service KMSELDI - ok
15:37:00.0204 0x14b8  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:37:00.0204 0x14b8  SessionEnv - ok
15:37:00.0236 0x14b8  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
15:37:00.0236 0x14b8  sfloppy - ok
15:37:00.0283 0x14b8  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:37:00.0314 0x14b8  SharedAccess - ok
15:37:00.0376 0x14b8  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:37:00.0439 0x14b8  ShellHWDetection - ok
15:37:00.0454 0x14b8  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:37:00.0454 0x14b8  SiSRaid2 - ok
15:37:00.0470 0x14b8  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:37:00.0470 0x14b8  SiSRaid4 - ok
15:37:00.0486 0x14b8  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:37:00.0501 0x14b8  SNMPTRAP - ok
15:37:00.0533 0x14b8  [ 872E937681910E2456A054331C7D5A18, 65230CCD7337BAB289CBC68A6089D1B194B89A3C51DF37236868467D946AA36D ] spaceport       C:\Windows\system32\drivers\spaceport.sys
15:37:00.0548 0x14b8  spaceport - ok
15:37:00.0564 0x14b8  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
15:37:00.0564 0x14b8  SpbCx - ok
15:37:00.0611 0x14b8  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
15:37:00.0642 0x14b8  Spooler - ok
15:37:00.0845 0x14b8  [ EC84D961501054F87A6878EC5D53388F, C69F3542B182BED4260EE1906361B72B9FFDE47FD92A161850E28BC6ED7505CC ] sppsvc          C:\Windows\system32\sppsvc.exe
15:37:01.0017 0x14b8  sppsvc - ok
15:37:01.0048 0x14b8  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:37:01.0048 0x14b8  srv - ok
15:37:01.0095 0x14b8  [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:37:01.0111 0x14b8  srv2 - ok
15:37:01.0126 0x14b8  [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:37:01.0126 0x14b8  srvnet - ok
15:37:01.0158 0x14b8  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:37:01.0173 0x14b8  SSDPSRV - ok
15:37:01.0189 0x14b8  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:37:01.0189 0x14b8  SstpSvc - ok
15:37:01.0220 0x14b8  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:37:01.0220 0x14b8  stexstor - ok
15:37:01.0236 0x14b8  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
15:37:01.0267 0x14b8  stisvc - ok
15:37:01.0283 0x14b8  [ C588BBD37B432CE3204E5765B459E6B2, 6A30570C82390C4D6668137D05C7EFBE243CAC243CBE405D308E3F7B2BC5729D ] storahci        C:\Windows\system32\drivers\storahci.sys
15:37:01.0283 0x14b8  storahci - ok
15:37:01.0298 0x14b8  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
15:37:01.0314 0x14b8  storflt - ok
15:37:01.0330 0x14b8  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
15:37:01.0330 0x14b8  StorSvc - ok
15:37:01.0345 0x14b8  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:37:01.0345 0x14b8  storvsc - ok
15:37:01.0361 0x14b8  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
15:37:01.0376 0x14b8  svsvc - ok
15:37:01.0376 0x14b8  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
15:37:01.0392 0x14b8  swenum - ok
15:37:01.0423 0x14b8  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
15:37:01.0455 0x14b8  swprv - ok
15:37:01.0533 0x14b8  [ DC21E1F06343773D7E24362DCEF7944B, E5C13A2D4DEEBEDC6E0E4882FFC56322EA0474A3BD8B1C8A077293F433854F9B ] SysMain         C:\Windows\system32\sysmain.dll
15:37:01.0642 0x14b8  SysMain - ok
15:37:01.0673 0x14b8  [ E219BF7BCCFE4881B0C053C7E0B47ECC, 38638803C4586B3583D6B935876EC59CA69A91A909734A864DC6F04D59D70C52 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
15:37:01.0673 0x14b8  SystemEventsBroker - ok
15:37:01.0705 0x14b8  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
15:37:01.0705 0x14b8  TabletInputService - ok
15:37:01.0955 0x14b8  [ 7C7E4D7EAC200630DE8581C8B67D36AB, 725735EF7E1213F3E1D6227557068719CACB9077FFA1A24155934326C7C28E1E ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
15:37:02.0048 0x14b8  TabletServicePen - ok
15:37:02.0095 0x14b8  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:37:02.0111 0x14b8  TapiSrv - ok
15:37:02.0220 0x14b8  [ F4F78B7F39BD56BD0BFE4C4399398F6F, 7A0387E08CEAC0AAD432C4AE71A464F03529486D4D2DED24074605EEF762737E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:37:02.0283 0x14b8  Tcpip - ok
15:37:02.0330 0x14b8  [ F4F78B7F39BD56BD0BFE4C4399398F6F, 7A0387E08CEAC0AAD432C4AE71A464F03529486D4D2DED24074605EEF762737E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:37:02.0377 0x14b8  TCPIP6 - ok
15:37:02.0392 0x14b8  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:37:02.0392 0x14b8  tcpipreg - ok
15:37:02.0408 0x14b8  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:37:02.0408 0x14b8  tdx - ok
15:37:02.0423 0x14b8  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
15:37:02.0423 0x14b8  terminpt - ok
15:37:02.0486 0x14b8  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll
15:37:02.0533 0x14b8  TermService - ok
15:37:02.0564 0x14b8  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
15:37:02.0564 0x14b8  Themes - ok
15:37:02.0595 0x14b8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll
15:37:02.0595 0x14b8  THREADORDER - ok
15:37:02.0611 0x14b8  [ FF4135424A79DCC2998276D8E39C9B4D, B61F57BC38B9C6E0576F1F555C41957D8F187D99D392967A8EBB66C73BFD3CBD ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
15:37:02.0642 0x14b8  TimeBroker - ok
15:37:02.0705 0x14b8  [ C4F3C11A5C4F413D16B09A33DCF7554C, 79B280E53B943B7EF06EEA07CE68ED54B463D7BBE69BA9FD5B5C446F3686B416 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
15:37:02.0736 0x14b8  TouchServicePen - ok
15:37:02.0783 0x14b8  [ B44EFE254C0B3719E4037088D24FE4B5, 5AC07658A599470C2BCB2813E644B132DDF886510470F5CC636113CEC48DC0F3 ] TPM             C:\Windows\system32\drivers\tpm.sys
15:37:02.0783 0x14b8  TPM - ok
15:37:02.0830 0x14b8  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
15:37:02.0845 0x14b8  TrkWks - ok
15:37:02.0908 0x14b8  [ 8D516AEF3C1DF980664CF17BB1FF6093, D68A82D7DE647EAD68D5B8F3E8174B520C7FC6387EC68C8685B3E161C6020488 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:37:02.0908 0x14b8  TrustedInstaller - ok
15:37:02.0939 0x14b8  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:37:02.0955 0x14b8  TsUsbFlt - ok
15:37:02.0970 0x14b8  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
15:37:02.0986 0x14b8  TsUsbGD - ok
15:37:03.0017 0x14b8  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:37:03.0033 0x14b8  tunnel - ok
15:37:03.0049 0x14b8  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:37:03.0049 0x14b8  uagp35 - ok
15:37:03.0064 0x14b8  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
15:37:03.0080 0x14b8  UASPStor - ok
15:37:03.0111 0x14b8  [ 1ED222DFE6C13DA50FE081ABF90CAFE1, B3DFAE29D2E08E2A5ABEF8B4D2C03CD25EE22B11D6E0B6BFCAC2D09B8D73AD49 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
15:37:03.0142 0x14b8  UCX01000 - ok
15:37:03.0174 0x14b8  [ DC5A461591C71AF7F19DC048A81E3F88, C6689C70B6CDE5A5707C06ABDC9CABF87CCE549BD23B96969EF3AA177A889320 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:37:03.0220 0x14b8  udfs - ok
15:37:03.0267 0x14b8  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:37:03.0283 0x14b8  UI0Detect - ok
15:37:03.0299 0x14b8  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:37:03.0299 0x14b8  uliagpkx - ok
15:37:03.0330 0x14b8  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
15:37:03.0330 0x14b8  umbus - ok
15:37:03.0346 0x14b8  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
15:37:03.0346 0x14b8  UmPass - ok
15:37:03.0377 0x14b8  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:37:03.0424 0x14b8  UmRdpService - ok
15:37:03.0517 0x14b8  [ 9B8C9350985983E9760E1786731A8728, 78178FDE1329E5B55F77FF73C66B01279A03E2E3C3CB7E3D9DF14291D206D780 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:37:03.0564 0x14b8  UNS - ok
15:37:03.0627 0x14b8  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
15:37:03.0674 0x14b8  upnphost - ok
15:37:03.0705 0x14b8  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B, AADB8991174CCDA3ADE14AF3EFB3A9826EC17A0F989F449FF43010A99D8CAA1F ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
15:37:03.0721 0x14b8  usbccgp - ok
15:37:03.0752 0x14b8  [ B395B62B62F28106218FA6FB17F4C797, 231CA3512B02BBE70E630A6304E899BCB741CE411FB10C2B3DE48E52034F24BB ] usbcir          C:\Windows\System32\drivers\usbcir.sys
15:37:03.0767 0x14b8  usbcir - ok
15:37:03.0783 0x14b8  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86, 93E2CC1D4A56A3BBDD85020A8F4AD1B9B119953DB83A155C56D667924D5D8A02 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
15:37:03.0799 0x14b8  usbehci - ok
15:37:03.0846 0x14b8  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE, 4B73F96CD6526439983462CC19D092C92B5FBEAFB37DF6E34A1DAEE9985210E0 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
15:37:03.0877 0x14b8  usbhub - ok
15:37:03.0924 0x14b8  [ C5986337DE3BF63ABD9ED4D834D34B89, 4164B83BF9B4739B122D8DBD470B2B07ED908FEF469DD00EDC968CCE644B05FB ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
15:37:03.0955 0x14b8  USBHUB3 - ok
15:37:03.0986 0x14b8  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
15:37:03.0986 0x14b8  usbohci - ok
15:37:04.0002 0x14b8  [ BA3ABE0CD1C14B3295BAD0F076B84CAC, 19E0679D44A9BD9DDCC336C7DE784147D6CFC3DE4250D5CA31CE49867D51A414 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
15:37:04.0002 0x14b8  usbprint - ok
15:37:04.0033 0x14b8  [ F77177F6C95B2116EE7AD23B5EF57007, 646E345DE5AFF26B338E17BC9D03D0EDA5608DF77D7685DE7AFF6E4113B9EB87 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
15:37:04.0033 0x14b8  USBSTOR - ok
15:37:04.0049 0x14b8  [ D25EF4A6EC244C5DE85D88A05B7C149D, A08793945D5FDC2CCCB2C621853A69941F1A108DF6CB559F3E8A21A047A8CCB3 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
15:37:04.0049 0x14b8  usbuhci - ok
15:37:04.0080 0x14b8  [ 09799E701B4327097E9F63D3FE221083, CF2B97D5B3D434D8E5547B2A86771C69A6F7F4857CAD70865B50462A04A27A48 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:37:04.0096 0x14b8  usbvideo - ok
15:37:04.0142 0x14b8  [ 9CD4259AD15F84DE27B94A956C978D6C, F3289BBB1C52E49D8F76D07877541A74DFB7AD3E950C2E58A2C6CDC443F824CF ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
15:37:04.0189 0x14b8  USBXHCI - ok
15:37:04.0221 0x14b8  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc        C:\Windows\system32\lsass.exe
15:37:04.0221 0x14b8  VaultSvc - ok
15:37:04.0236 0x14b8  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:37:04.0252 0x14b8  vdrvroot - ok
15:37:04.0314 0x14b8  [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71, 1B75B3BDA612FE1129B461A11A5C5333593E97CB79C8CBFD81E0E6AAD31ECF8B ] vds             C:\Windows\System32\vds.exe
15:37:04.0377 0x14b8  vds - ok
15:37:04.0392 0x14b8  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
15:37:04.0392 0x14b8  VerifierExt - ok
15:37:04.0439 0x14b8  [ 8628FA679F0EC4B709CCD1F6B6A3233B, E8A99795BB7956BFB9FDF6D24209280917FE6500E52F82F50C9FAD2EA6EDFA88 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
15:37:04.0455 0x14b8  vhdmp - ok
15:37:04.0471 0x14b8  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:37:04.0486 0x14b8  viaide - ok
15:37:04.0502 0x14b8  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:37:04.0517 0x14b8  vmbus - ok
15:37:04.0533 0x14b8  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
15:37:04.0533 0x14b8  VMBusHID - ok
15:37:04.0580 0x14b8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
15:37:04.0627 0x14b8  vmicheartbeat - ok
15:37:04.0658 0x14b8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
15:37:04.0674 0x14b8  vmickvpexchange - ok
15:37:04.0689 0x14b8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
15:37:04.0705 0x14b8  vmicrdv - ok
15:37:04.0721 0x14b8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
15:37:04.0736 0x14b8  vmicshutdown - ok
15:37:04.0752 0x14b8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
15:37:04.0767 0x14b8  vmictimesync - ok
15:37:04.0783 0x14b8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
15:37:04.0799 0x14b8  vmicvss - ok
15:37:04.0814 0x14b8  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:37:04.0814 0x14b8  volmgr - ok
15:37:04.0861 0x14b8  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:37:04.0908 0x14b8  volmgrx - ok
15:37:04.0939 0x14b8  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE, 26FD9DBCFAEDE0F945D80B11769741A3A837F84461263217A43C458B674566EE ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:37:04.0955 0x14b8  volsnap - ok
15:37:04.0971 0x14b8  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
15:37:04.0986 0x14b8  vpci - ok
15:37:04.0986 0x14b8  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:37:05.0002 0x14b8  vsmraid - ok
15:37:05.0096 0x14b8  [ EA658570314042C914964FC72AB50E6B, 0B10E16D5136BF71EAF68F0D9A8B25F92F6D686BF9F80FEEB9F291221C6B8284 ] VSS             C:\Windows\system32\vssvc.exe
15:37:05.0174 0x14b8  VSS - ok
15:37:05.0205 0x14b8  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
15:37:05.0221 0x14b8  VSTXRAID - ok
15:37:05.0236 0x14b8  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:37:05.0252 0x14b8  vwifibus - ok
15:37:05.0268 0x14b8  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:37:05.0268 0x14b8  vwififlt - ok
15:37:05.0283 0x14b8  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:37:05.0299 0x14b8  vwifimp - ok
15:37:05.0330 0x14b8  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
15:37:05.0346 0x14b8  W32Time - ok
15:37:05.0377 0x14b8  [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\System32\drivers\wacommousefilter.sys
15:37:05.0377 0x14b8  wacommousefilter - ok
15:37:05.0424 0x14b8  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
15:37:05.0424 0x14b8  WacomPen - ok
15:37:05.0439 0x14b8  [ EC1CEB237E365330C1FCFC4876AA0AC0, 9BFF9062AC5E4B9D0C6502D8DE7E59B887903ED29F26157A5F82966932F1EBD0 ] wacomvhid       C:\Windows\System32\drivers\wacomvhid.sys
15:37:05.0455 0x14b8  wacomvhid - ok
15:37:05.0471 0x14b8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:37:05.0486 0x14b8  Wanarp - ok
15:37:05.0502 0x14b8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:37:05.0502 0x14b8  Wanarpv6 - ok
15:37:05.0627 0x14b8  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
15:37:05.0705 0x14b8  wbengine - ok
15:37:05.0736 0x14b8  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:37:05.0736 0x14b8  WbioSrvc - ok
15:37:05.0768 0x14b8  [ D9C1E82651BF19C6FF69CEC6FD400124, 93B96481A5B26F5617B16DD775AF0F8CE9001B30251FFF58D6EF9044D5EE91CD ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
15:37:05.0768 0x14b8  Wcmsvc - ok
15:37:05.0799 0x14b8  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:37:05.0814 0x14b8  wcncsvc - ok
15:37:05.0830 0x14b8  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:37:05.0861 0x14b8  WcsPlugInService - ok
15:37:05.0877 0x14b8  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
15:37:05.0877 0x14b8  Wd - ok
15:37:05.0893 0x14b8  [ 6F4B5DDDC3B86091E94BC47347A78AF7, C57697FAE297D832BE4EA4CEAB2F3F7A63682465FB448B6CEAB1A041A7434286 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
15:37:05.0893 0x14b8  WdBoot - ok
15:37:05.0924 0x14b8  [ 2ADC985B85A71BD7D99712EC0C24358B, 22B2BAC79BBA83271AC23EA14E4EB1101F1F570691EBE68A43C0D74D1A3E8D23 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:37:05.0955 0x14b8  Wdf01000 - ok
15:37:05.0971 0x14b8  [ 99D404A9A0AFC4734E014EBEBAC13F8F, E8D4B4AFEC89D8AC707314C7086B1A981772FF3D64B5C2120D0809F1BBE9E62B ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
15:37:05.0986 0x14b8  WdFilter - ok
15:37:06.0002 0x14b8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:37:06.0002 0x14b8  WdiServiceHost - ok
15:37:06.0018 0x14b8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:37:06.0018 0x14b8  WdiSystemHost - ok
15:37:06.0049 0x14b8  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6 ] WebClient       C:\Windows\System32\webclnt.dll
15:37:06.0096 0x14b8  WebClient - ok
15:37:06.0143 0x14b8  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:37:06.0189 0x14b8  Wecsvc - ok
15:37:06.0205 0x14b8  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:37:06.0221 0x14b8  wercplsupport - ok
15:37:06.0252 0x14b8  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:37:06.0268 0x14b8  WerSvc - ok
15:37:06.0299 0x14b8  [ FE762D3498719C3A23471BBA62F747B4, 7F9390D5B0133BF1FA66BFC5FD933E17AADEB7845F141948EE4A52AB779A69F8 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
15:37:06.0314 0x14b8  WFPLWFS - ok
15:37:06.0330 0x14b8  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
15:37:06.0346 0x14b8  WiaRpc - ok
15:37:06.0393 0x14b8  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:37:06.0408 0x14b8  WIMMount - ok
15:37:06.0440 0x14b8  WinDefend - ok
15:37:06.0518 0x14b8  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
15:37:06.0565 0x14b8  WinHttpAutoProxySvc - ok
15:37:06.0643 0x14b8  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:37:06.0658 0x14b8  Winmgmt - ok
15:37:06.0799 0x14b8  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:37:06.0877 0x14b8  WinRM - ok
15:37:06.0971 0x14b8  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll
15:37:07.0049 0x14b8  WlanSvc - ok
15:37:07.0158 0x14b8  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
15:37:07.0268 0x14b8  wlidsvc - ok
15:37:07.0315 0x14b8  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
15:37:07.0315 0x14b8  WmiAcpi - ok
15:37:07.0346 0x14b8  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:37:07.0361 0x14b8  wmiApSrv - ok
15:37:07.0377 0x14b8  WMPNetworkSvc - ok
15:37:07.0408 0x14b8  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
15:37:07.0408 0x14b8  wpcfltr - ok
15:37:07.0455 0x14b8  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:37:07.0471 0x14b8  WPCSvc - ok
15:37:07.0486 0x14b8  [ 39D8AB837F91B729D12D32ED81E2062F, 6CA51524A9CD70B122035B92E64A9BAAC1DBD62C047EAAD19515F54589A5BDB5 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:37:07.0502 0x14b8  WPDBusEnum - ok
15:37:07.0533 0x14b8  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
15:37:07.0533 0x14b8  WpdUpFltr - ok
15:37:07.0565 0x14b8  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:37:07.0565 0x14b8  ws2ifsl - ok
15:37:07.0596 0x14b8  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:37:07.0627 0x14b8  wscsvc - ok
15:37:07.0627 0x14b8  WSearch - ok
15:37:07.0768 0x14b8  [ C10BFFEE7E0D7A1366E84F251796C51D, E1FD1DF5F5C5934F9A8584D54F35720655AC4F5D4CFD69CD1E063C0BBEC4D33D ] WSService       C:\Windows\System32\WSService.dll
15:37:07.0862 0x14b8  WSService - ok
15:37:07.0987 0x14b8  [ A8484C0CB54DB48180FB7CA00F1C3F8F, 8F03664255C7CDCCB871795D041EAFE757BE97CE2D6670B49C98896AFFCEC8CD ] wuauserv        C:\Windows\system32\wuaueng.dll
15:37:08.0143 0x14b8  wuauserv - ok
15:37:08.0158 0x14b8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:37:08.0158 0x14b8  WudfPf - ok
15:37:08.0174 0x14b8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
15:37:08.0190 0x14b8  WUDFRd - ok
15:37:08.0205 0x14b8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:37:08.0205 0x14b8  wudfsvc - ok
15:37:08.0221 0x14b8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
15:37:08.0221 0x14b8  WUDFWpdFs - ok
15:37:08.0252 0x14b8  [ F9D8D2E6ECE08B278621D5BF3A7240A6, 99EEEE51EA6CE8909713CA81A2AFA5102774AE9C8554F422F4D9A1D8B0ABDB09 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:37:08.0268 0x14b8  WwanSvc - ok
15:37:08.0299 0x14b8  ================ Scan global ===============================
15:37:08.0330 0x14b8  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
15:37:08.0377 0x14b8  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
15:37:08.0408 0x14b8  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
15:37:08.0440 0x14b8  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
15:37:08.0440 0x14b8  [ Global ] - ok
15:37:08.0440 0x14b8  ================ Scan MBR ==================================
15:37:08.0455 0x14b8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:37:08.0471 0x14b8  \Device\Harddisk0\DR0 - ok
15:37:08.0471 0x14b8  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR11
15:37:08.0471 0x14b8  \Device\Harddisk1\DR11 - ok
15:37:08.0471 0x14b8  ================ Scan VBR ==================================
15:37:08.0471 0x14b8  [ 409045F9B2B11C46B9A3CB8F37A30AE8 ] \Device\Harddisk0\DR0\Partition1
15:37:08.0487 0x14b8  \Device\Harddisk0\DR0\Partition1 - ok
15:37:08.0502 0x14b8  [ 42EEE5DC2B34974D1F279AE89FFE8EBE ] \Device\Harddisk0\DR0\Partition2
15:37:08.0518 0x14b8  \Device\Harddisk0\DR0\Partition2 - ok
15:37:08.0533 0x14b8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
15:37:08.0533 0x14b8  \Device\Harddisk0\DR0\Partition3 - ok
15:37:08.0549 0x14b8  [ D836887EDBC3758AFDA4EA5B4CDB6A1C ] \Device\Harddisk0\DR0\Partition4
15:37:08.0596 0x14b8  \Device\Harddisk0\DR0\Partition4 - ok
15:37:08.0643 0x14b8  [ DEA72D7543976C95459A53B2355CB3AB ] \Device\Harddisk0\DR0\Partition5
15:37:08.0658 0x14b8  \Device\Harddisk0\DR0\Partition5 - ok
15:37:08.0674 0x14b8  [ 13A5FFE49BFB1B7823B6D44C630FFE1C ] \Device\Harddisk1\DR11\Partition1
15:37:08.0674 0x14b8  \Device\Harddisk1\DR11\Partition1 - ok
15:37:08.0674 0x14b8  ================ Scan generic autorun ======================
15:37:08.0721 0x14b8  [ 3293EDFFDDD6428AF31277F8CE6E39A2, EA73444CE66447A407166126744FB45C8BCBA102505EF63588AA08AA5BB584B0 ] C:\Windows\system32\igfxtray.exe
15:37:08.0737 0x14b8  IgfxTray - ok
15:37:08.0799 0x14b8  [ 25BB22FF0CB62BBD56EB3141FDB6DC57, A8E600A81BB7285F0DAC511FADE5F648424FAF6C8159CF5D2D1C303EFF9E32F7 ] C:\Windows\system32\hkcmd.exe
15:37:08.0830 0x14b8  HotKeysCmds - ok
15:37:08.0862 0x14b8  [ DB3C847EAB293E36131DB5E56FCEE95B, 79C863133857870FD16447ABA58D158099018D68653C11765345988D7E33F2E0 ] C:\Windows\system32\igfxpers.exe
15:37:08.0877 0x14b8  Persistence - ok
15:37:08.0893 0x14b8  ETDCtrl - ok
15:37:09.0299 0x14b8  [ 637C513A8A3FFBB3AA05FAFAC3F9174D, 5BFE633BE091A1BCED55AB2E99A6FEB92B7166921249BFB4B05386EA3856B735 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:37:09.0502 0x14b8  RTHDVCPL - ok
15:37:09.0502 0x14b8  mcui_exe - ok
15:37:09.0643 0x14b8  [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
15:37:09.0659 0x14b8  BambooCore - ok
15:37:09.0830 0x14b8  [ 5CA0EB9538C6ACEBDC3593FC53527B9D, 35AC60899254C7414FF42BCDA4165FB58F6369BD5EDCAC24EBB1B5A095664CAC ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:37:09.0924 0x14b8  AvastUI.exe - ok
15:37:09.0955 0x14b8  [ 3A6209AC494296C24C2065CB4392B5F4, 944556A8521D4E59EE35B364C9FB1A3846924D512E73C2CB32DD440022E6B1B5 ] C:\Windows\system32\rundll32.exe
15:37:09.0971 0x14b8  Pokki - ok
15:37:10.0049 0x14b8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.2.223.0 ), 0x60100 ( disabled : updated )
15:37:10.0065 0x14b8  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
15:37:10.0112 0x14b8  Win FW state via NFP2: enabled
15:37:10.0112 0x14b8  ============================================================
15:37:10.0112 0x14b8  Scan finished
15:37:10.0112 0x14b8  ============================================================
15:37:10.0127 0x0298  Detected object count: 0
15:37:10.0127 0x0298  Actual detected object count: 0
 
 
--------------------------------------------------------------------------------------------------------------------------------------------
 
Result ESET Scanner:
 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir Win32/Thinknice.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir Win64/Thinknice.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir a variant of Win32/Thinknice.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir Win32/Thinknice.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir Win64/Thinknice.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir a variant of Win32/Thinknice.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir Win32/Thinknice.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir a variant of Win32/ELEX.AD potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\WindowsProtectManger\wprotectmanager.exe.vir a variant of Win32/ELEX.AM potentially unwanted application deleted - quarantined
C:\Program Files\KMSpico\KMSELDI.exe a variant of MSIL/HackTool.IdleKMS.C potentially unsafe application deleted - quarantined
C:\Program Files\KMSpico\Service_KMS.exe a variant of MSIL/HackTool.IdleKMS.C potentially unsafe application deleted - quarantined
 
 
 


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:41 PM

Posted 30 June 2014 - 01:19 PM

Ok how is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 kikiblumen

kikiblumen
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Italy
  • Local time:02:41 AM

Posted 30 June 2014 - 01:29 PM

Still no trouble nor annoying ads popping up!



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:41 PM

Posted 30 June 2014 - 01:54 PM

Looks good to me...


Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 kikiblumen

kikiblumen
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Italy
  • Local time:02:41 AM

Posted 30 June 2014 - 06:11 PM

Great. We ran TFC. Is there something more that we can do, or should we assume that now the computer is safe?



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:41 PM

Posted 30 June 2014 - 08:06 PM

Lets run one more than .. It will check for malware and rootkits.

Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Extract the ZIP archive and double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users