Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I Infected? Windows Gets Hung Up On Both Startup & Shutdown


  • This topic is locked This topic is locked
7 replies to this topic

#1 Tumbo

Tumbo

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:07 AM

Posted 18 October 2014 - 04:50 PM

Hello:

 

I am not sure if my computer is infected (Windows 7).

 

Sometimes the computer will get hung up on the "Starting Windows" screen.  Sometimes the computer will get hung up on the "Shutting down" screen.  Less often the machine will crash with a BSoD.  Also, the CD/DVD device sometimes shows as working fine under device manager, sometimes it is not recognized at all.  These problems happened occasionally in the past, but their frequency has been increasing greatly in recent weeks.

 

When I look under the Computer Reliability History, I can see many Critical Events...."Windows Failed to Start....Windows Stopped Working....Shut Down Unexpectedly...

 

I have tried many things to repair windows with no success, including using my windows repair disc, Dell Diagnostic tools....even a full reinstall of windows....and am wondering now if the problem is an infection.  The reason I want to check deeper on a possible infection is because prior to the re-install, I had run a Malwarebytes scan which found and removed some files (log available upon request).  Afterwards I ran Malwarebytes again, Avast, and ESET Online Scanner which found nothing.  But the problem still persisted...

 

Thanks for any assistance in advance -



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:07 AM

Posted 23 October 2014 - 12:40 PM

Hello Tumbo....Lets try to rule out malware.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Tumbo

Tumbo
  • Topic Starter

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:07 AM

Posted 23 October 2014 - 07:31 PM

Hello boopme.  Thanks for assisting me.  The results from each of the scans you requested are posted below:

 

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Dana (administrator) on 23-10-2014 at 13:23:33
Running from "C:\Users\Dana\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Dell Wireless 1705 802.11b/g/n (2.4GHZ) = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Inspiron
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hawaii.rr.com

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : BC-85-56-29-4D-92
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : hawaii.rr.com
   Description . . . . . . . . . . . : Dell Wireless 1705 802.11b/g/n (2.4GHZ)
   Physical Address. . . . . . . . . : BC-85-56-29-4D-91
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::215d:2d07:529b:cddd%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, October 23, 2014 1:20:58 PM
   Lease Expires . . . . . . . . . . : Friday, October 24, 2014 1:20:58 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 381453654
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-B2-8F-6C-74-86-7A-1A-42-A7
   DNS Servers . . . . . . . . . . . : 24.25.227.55
                                       209.18.47.61
                                       24.25.227.53
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 74-86-7A-1A-42-A7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hawaii.rr.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:283c:1391:3f57:fe9a(Preferred)
   Link-local IPv6 Address . . . . . : fe80::283c:1391:3f57:fe9a%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hawaii.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{234BFCB6-527C-47FC-86DE-0B46E163B9A9}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FD588794-2370-47C4-BA54-B92231FFA137}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  rdns-lb-01.hawaii.rr.com
Address:  24.25.227.55

Name:    google.com
Addresses:  2001:4860:4007:800::1002
      74.125.224.193
      74.125.224.194
      74.125.224.195
      74.125.224.196
      74.125.224.197
      74.125.224.198
      74.125.224.199
      74.125.224.200
      74.125.224.201
      74.125.224.206
      74.125.224.192


Pinging google.com [74.125.224.164] with 32 bytes of data:
Reply from 74.125.224.164: bytes=32 time=64ms TTL=52
Reply from 74.125.224.164: bytes=32 time=62ms TTL=52

Ping statistics for 74.125.224.164:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 62ms, Maximum = 64ms, Average = 63ms
Server:  rdns-lb-01.hawaii.rr.com
Address:  24.25.227.55

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=158ms TTL=45
Reply from 98.139.183.24: bytes=32 time=159ms TTL=45

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 158ms, Maximum = 159ms, Average = 158ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...bc 85 56 29 4d 92 ......Bluetooth Device (Personal Area Network)
 13...bc 85 56 29 4d 91 ......Dell Wireless 1705 802.11b/g/n (2.4GHZ)
 11...74 86 7a 1a 42 a7 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.101     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.101    281
    192.168.1.101  255.255.255.255         On-link     192.168.1.101    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.101    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.101    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.101    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6abd:283c:1391:3f57:fe9a/128
                                    On-link
 13    281 fe80::/64                On-link
 12    306 fe80::/64                On-link
 13    281 fe80::215d:2d07:529b:cddd/128
                                    On-link
 12    306 fe80::283c:1391:3f57:fe9a/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/22/2014 03:41:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/21/2014 03:45:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/20/2014 03:01:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/18/2014 09:20:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2014 08:48:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2014 07:10:04 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (10/16/2014 07:10:04 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (10/16/2014 06:58:44 PM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL

Error: (10/16/2014 06:57:58 PM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

Error: (10/16/2014 04:34:49 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


System errors:
=============
Error: (10/23/2014 01:21:58 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (10/23/2014 01:21:58 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (10/23/2014 01:21:58 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (10/23/2014 01:21:58 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (10/23/2014 01:21:58 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (10/23/2014 01:21:58 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (10/23/2014 01:21:58 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (10/23/2014 01:21:58 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (10/23/2014 01:21:58 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (10/23/2014 01:21:47 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-10-20 16:13:49.208
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-10-20 16:13:49.177
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-27 18:40:25.577
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sfc_os.dll because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{DBFBFCF5-DAFA-FBE2-F0D4-9BF130FE22D0}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Dell System Detect (HKCU\...\73f463568823ebbe) (Version: 5.11.0.3 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.1.0 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.2.1000 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.61.612.2012 - Realtek)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899475) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{23AE87D8-AB2F-4539-935C-442BC976F469}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 6031.36 MB
Available physical RAM: 4750.91 MB
Total Pagefile: 12060.89 MB
Available Pagefile: 10719.67 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.78 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:676.93 GB) (Free:642.08 GB) NTFS
3 Drive e: (RECOVERY) (Fixed) (Total:21.67 GB) (Free:11.38 GB) NTFS

========================= Users: ========================================

User accounts for \\INSPIRON

Administrator            Dana                     Guest                    


**** End of log ****
 

 

13:27:44.0421 0x0c74  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:27:51.0519 0x0c74  ============================================================
13:27:51.0519 0x0c74  Current date / time: 2014/10/23 13:27:51.0519
13:27:51.0519 0x0c74  SystemInfo:
13:27:51.0519 0x0c74  
13:27:51.0519 0x0c74  OS Version: 6.1.7601 ServicePack: 1.0
13:27:51.0519 0x0c74  Product type: Workstation
13:27:51.0519 0x0c74  ComputerName: INSPIRON
13:27:51.0519 0x0c74  UserName: Dana
13:27:51.0519 0x0c74  Windows directory: C:\Windows
13:27:51.0519 0x0c74  System windows directory: C:\Windows
13:27:51.0519 0x0c74  Running under WOW64
13:27:51.0519 0x0c74  Processor architecture: Intel x64
13:27:51.0519 0x0c74  Number of processors: 4
13:27:51.0519 0x0c74  Page size: 0x1000
13:27:51.0519 0x0c74  Boot type: Normal boot
13:27:51.0519 0x0c74  ============================================================
13:27:56.0370 0x0c74  KLMD registered as C:\Windows\system32\drivers\95677363.sys
13:27:56.0682 0x0c74  System UUID: {04C82F17-F106-B99B-B23B-7C626A17D47A}
13:27:57.0213 0x0c74  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:27:57.0228 0x0c74  ============================================================
13:27:57.0228 0x0c74  \Device\Harddisk0\DR0:
13:27:57.0228 0x0c74  MBR partitions:
13:27:57.0228 0x0c74  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x2B55000
13:27:57.0228 0x0c74  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2B69000, BlocksNum 0x549DC800
13:27:57.0228 0x0c74  ============================================================
13:27:57.0275 0x0c74  C: <-> \Device\Harddisk0\DR0\Partition2
13:27:57.0353 0x0c74  E: <-> \Device\Harddisk0\DR0\Partition1
13:27:57.0353 0x0c74  ============================================================
13:27:57.0353 0x0c74  Initialize success
13:27:57.0353 0x0c74  ============================================================
13:28:06.0011 0x0ecc  ============================================================
13:28:06.0011 0x0ecc  Scan started
13:28:06.0011 0x0ecc  Mode: Manual;
13:28:06.0011 0x0ecc  ============================================================
13:28:06.0011 0x0ecc  KSN ping started
13:28:20.0020 0x0ecc  KSN ping finished: true
13:28:21.0096 0x0ecc  ================ Scan system memory ========================
13:28:21.0096 0x0ecc  System memory - ok
13:28:21.0112 0x0ecc  ================ Scan services =============================
13:28:21.0362 0x0ecc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:28:21.0377 0x0ecc  1394ohci - ok
13:28:21.0455 0x0ecc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:28:21.0486 0x0ecc  ACPI - ok
13:28:21.0518 0x0ecc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:28:21.0518 0x0ecc  AcpiPmi - ok
13:28:21.0627 0x0ecc  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:28:21.0627 0x0ecc  AdobeARMservice - ok
13:28:21.0798 0x0ecc  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:28:21.0814 0x0ecc  AdobeFlashPlayerUpdateSvc - ok
13:28:21.0876 0x0ecc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:28:21.0908 0x0ecc  adp94xx - ok
13:28:21.0954 0x0ecc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:28:21.0970 0x0ecc  adpahci - ok
13:28:22.0001 0x0ecc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:28:22.0001 0x0ecc  adpu320 - ok
13:28:22.0048 0x0ecc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:28:22.0048 0x0ecc  AeLookupSvc - ok
13:28:22.0126 0x0ecc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
13:28:22.0173 0x0ecc  AFD - ok
13:28:22.0220 0x0ecc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:28:22.0220 0x0ecc  agp440 - ok
13:28:22.0251 0x0ecc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:28:22.0251 0x0ecc  ALG - ok
13:28:22.0313 0x0ecc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:28:22.0329 0x0ecc  aliide - ok
13:28:22.0344 0x0ecc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:28:22.0344 0x0ecc  amdide - ok
13:28:22.0376 0x0ecc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:28:22.0376 0x0ecc  AmdK8 - ok
13:28:22.0391 0x0ecc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:28:22.0407 0x0ecc  AmdPPM - ok
13:28:22.0454 0x0ecc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:28:22.0454 0x0ecc  amdsata - ok
13:28:22.0485 0x0ecc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:28:22.0500 0x0ecc  amdsbs - ok
13:28:22.0516 0x0ecc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:28:22.0516 0x0ecc  amdxata - ok
13:28:22.0563 0x0ecc  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
13:28:22.0578 0x0ecc  AppID - ok
13:28:22.0594 0x0ecc  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:28:22.0594 0x0ecc  AppIDSvc - ok
13:28:22.0641 0x0ecc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
13:28:22.0656 0x0ecc  Appinfo - ok
13:28:22.0703 0x0ecc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
13:28:22.0719 0x0ecc  arc - ok
13:28:22.0750 0x0ecc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:28:22.0766 0x0ecc  arcsas - ok
13:28:22.0906 0x0ecc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:28:22.0906 0x0ecc  aspnet_state - ok
13:28:22.0953 0x0ecc  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
13:28:22.0968 0x0ecc  aswHwid - ok
13:28:22.0984 0x0ecc  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:28:22.0984 0x0ecc  aswMonFlt - ok
13:28:23.0000 0x0ecc  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
13:28:23.0015 0x0ecc  aswRdr - ok
13:28:23.0031 0x0ecc  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
13:28:23.0031 0x0ecc  aswRvrt - ok
13:28:23.0109 0x0ecc  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:28:23.0140 0x0ecc  aswSnx - ok
13:28:23.0187 0x0ecc  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:28:23.0187 0x0ecc  aswSP - ok
13:28:23.0202 0x0ecc  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
13:28:23.0202 0x0ecc  aswStm - ok
13:28:23.0234 0x0ecc  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
13:28:23.0249 0x0ecc  aswVmm - ok
13:28:23.0280 0x0ecc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:28:23.0280 0x0ecc  AsyncMac - ok
13:28:23.0343 0x0ecc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:28:23.0343 0x0ecc  atapi - ok
13:28:23.0390 0x0ecc  [ 78B183A794A08978EA0A8D017054352B, 5C9BEF59619F235BB1F81A9BD88A39D7C7D594443F198B68B5373F20001937C3 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
13:28:23.0405 0x0ecc  AthBTPort - ok
13:28:23.0530 0x0ecc  [ 53BCA043AEE872A40AA75433D6711D45, F28714769467BD4BD2AD84DDA83A94E93E31FA255E774EE1EC47AFEB844830D0 ] AtherosSvc      C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
13:28:23.0530 0x0ecc  AtherosSvc - ok
13:28:23.0702 0x0ecc  [ 947AEA92989FFA16426725F9B94B99CD, 761813E530B379935C250B08D2EDC790974AEB10491DD161E2225FE1FB4C567F ] athr            C:\Windows\system32\DRIVERS\athrx.sys
13:28:23.0873 0x0ecc  athr - ok
13:28:23.0967 0x0ecc  [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:28:24.0014 0x0ecc  AudioEndpointBuilder - ok
13:28:24.0060 0x0ecc  [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:28:24.0076 0x0ecc  AudioSrv - ok
13:28:24.0185 0x0ecc  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:28:24.0185 0x0ecc  avast! Antivirus - ok
13:28:24.0232 0x0ecc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:28:24.0248 0x0ecc  AxInstSV - ok
13:28:24.0326 0x0ecc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:28:24.0372 0x0ecc  b06bdrv - ok
13:28:24.0435 0x0ecc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:28:24.0482 0x0ecc  b57nd60a - ok
13:28:24.0513 0x0ecc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:28:24.0528 0x0ecc  BDESVC - ok
13:28:24.0544 0x0ecc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:28:24.0544 0x0ecc  Beep - ok
13:28:24.0638 0x0ecc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:28:24.0669 0x0ecc  BFE - ok
13:28:24.0747 0x0ecc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
13:28:24.0778 0x0ecc  BITS - ok
13:28:24.0809 0x0ecc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:28:24.0825 0x0ecc  blbdrive - ok
13:28:24.0856 0x0ecc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:28:24.0872 0x0ecc  bowser - ok
13:28:24.0903 0x0ecc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:28:24.0903 0x0ecc  BrFiltLo - ok
13:28:24.0918 0x0ecc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:28:24.0918 0x0ecc  BrFiltUp - ok
13:28:24.0981 0x0ecc  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:28:24.0996 0x0ecc  BridgeMP - ok
13:28:25.0028 0x0ecc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:28:25.0043 0x0ecc  Browser - ok
13:28:25.0074 0x0ecc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:28:25.0106 0x0ecc  Brserid - ok
13:28:25.0137 0x0ecc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:28:25.0137 0x0ecc  BrSerWdm - ok
13:28:25.0168 0x0ecc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:28:25.0168 0x0ecc  BrUsbMdm - ok
13:28:25.0199 0x0ecc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:28:25.0199 0x0ecc  BrUsbSer - ok
13:28:25.0277 0x0ecc  [ 26D5F579D12FA37224CC32F2F4BB4FA8, 274F937CD57DCC165A3BF76BE39AA0B3065C4EB4647799F332370E6DCDAB2879 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
13:28:25.0293 0x0ecc  BTATH_A2DP - ok
13:28:25.0308 0x0ecc  [ 38B5D9ACC7BC80E737F8F86127B6B47B, 088ED227C823EE0A359515FFD5832F2126780B61F68F1034DDD18DC00625434E ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
13:28:25.0324 0x0ecc  btath_avdt - ok
13:28:25.0371 0x0ecc  [ 3FE1E64011BF4EA727AD0C8A26C303C2, E0161C2232DC4BB591427EE3A45F86A61C2ACE8CF1A9A81BC9BA7D3F737FF120 ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
13:28:25.0371 0x0ecc  BTATH_BUS - ok
13:28:25.0402 0x0ecc  [ 6EFA8C93009E0BE0886C2422C7D20BC5, 55717C459893B533C9F21FAA997004001646F43629F4DA9D8464408E20575F02 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
13:28:25.0402 0x0ecc  BTATH_HCRP - ok
13:28:25.0449 0x0ecc  [ E6BAD29E234AA5BDF003479DC33AC553, 783EDE32D34270BF112A790C65D0AA0A3C0942FE9EF57D740D7660632A0DBA92 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
13:28:25.0449 0x0ecc  BTATH_LWFLT - ok
13:28:25.0480 0x0ecc  [ 5DDA87869BBCEC62A866211CB7B5DE9E, 1378E7C2D261D1620D83190ED65D741137B71DA0CBB5CF62DA3AF8FEB0F54FD5 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
13:28:25.0496 0x0ecc  BTATH_RCP - ok
13:28:25.0574 0x0ecc  [ C9177315415FA501B803166DA350FDE4, 100595F724B4AD38E34DA069657E4C1AEC4C2AAF273BA8B2E1A15012F9730F01 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
13:28:25.0605 0x0ecc  BtFilter - ok
13:28:25.0652 0x0ecc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
13:28:25.0652 0x0ecc  BthEnum - ok
13:28:25.0683 0x0ecc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:28:25.0698 0x0ecc  BTHMODEM - ok
13:28:25.0745 0x0ecc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:28:25.0761 0x0ecc  BthPan - ok
13:28:25.0808 0x0ecc  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
13:28:25.0854 0x0ecc  BTHPORT - ok
13:28:25.0917 0x0ecc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:28:25.0917 0x0ecc  bthserv - ok
13:28:25.0948 0x0ecc  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
13:28:25.0948 0x0ecc  BTHUSB - ok
13:28:25.0995 0x0ecc  catchme - ok
13:28:26.0026 0x0ecc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:28:26.0042 0x0ecc  cdfs - ok
13:28:26.0088 0x0ecc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:28:26.0104 0x0ecc  cdrom - ok
13:28:26.0151 0x0ecc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:28:26.0151 0x0ecc  CertPropSvc - ok
13:28:26.0182 0x0ecc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:28:26.0182 0x0ecc  circlass - ok
13:28:26.0229 0x0ecc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:28:26.0260 0x0ecc  CLFS - ok
13:28:26.0338 0x0ecc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:28:26.0354 0x0ecc  clr_optimization_v2.0.50727_32 - ok
13:28:26.0385 0x0ecc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:28:26.0400 0x0ecc  clr_optimization_v2.0.50727_64 - ok
13:28:26.0478 0x0ecc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:28:26.0478 0x0ecc  clr_optimization_v4.0.30319_32 - ok
13:28:26.0525 0x0ecc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:28:26.0525 0x0ecc  clr_optimization_v4.0.30319_64 - ok
13:28:26.0572 0x0ecc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:28:26.0572 0x0ecc  CmBatt - ok
13:28:26.0588 0x0ecc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:28:26.0603 0x0ecc  cmdide - ok
13:28:26.0650 0x0ecc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
13:28:26.0697 0x0ecc  CNG - ok
13:28:26.0744 0x0ecc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:28:26.0759 0x0ecc  Compbatt - ok
13:28:26.0790 0x0ecc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:28:26.0790 0x0ecc  CompositeBus - ok
13:28:26.0806 0x0ecc  COMSysApp - ok
13:28:26.0978 0x0ecc  [ A3683FA160596CD1E0DACFAE7D9B7E88, 2E9854B18A5F26B7A717EC403867683C5E5D99EC355EBFCCBC2B4D9CD32B7B79 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
13:28:27.0009 0x0ecc  cphs - ok
13:28:27.0024 0x0ecc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:28:27.0040 0x0ecc  crcdisk - ok
13:28:27.0118 0x0ecc  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:28:27.0134 0x0ecc  CryptSvc - ok
13:28:27.0227 0x0ecc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:28:27.0274 0x0ecc  DcomLaunch - ok
13:28:27.0336 0x0ecc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:28:27.0368 0x0ecc  defragsvc - ok
13:28:27.0399 0x0ecc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:28:27.0399 0x0ecc  DfsC - ok
13:28:27.0477 0x0ecc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:28:27.0508 0x0ecc  Dhcp - ok
13:28:27.0539 0x0ecc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:28:27.0539 0x0ecc  discache - ok
13:28:27.0602 0x0ecc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
13:28:27.0602 0x0ecc  Disk - ok
13:28:27.0664 0x0ecc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:28:27.0680 0x0ecc  Dnscache - ok
13:28:27.0726 0x0ecc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:28:27.0758 0x0ecc  dot3svc - ok
13:28:27.0789 0x0ecc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:28:27.0804 0x0ecc  DPS - ok
13:28:27.0851 0x0ecc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:28:27.0867 0x0ecc  drmkaud - ok
13:28:27.0945 0x0ecc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:28:27.0992 0x0ecc  DXGKrnl - ok
13:28:28.0007 0x0ecc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:28:28.0007 0x0ecc  EapHost - ok
13:28:28.0148 0x0ecc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:28:28.0241 0x0ecc  ebdrv - ok
13:28:28.0288 0x0ecc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
13:28:28.0288 0x0ecc  EFS - ok
13:28:28.0397 0x0ecc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:28:28.0413 0x0ecc  ehRecvr - ok
13:28:28.0444 0x0ecc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:28:28.0444 0x0ecc  ehSched - ok
13:28:28.0522 0x0ecc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:28:28.0553 0x0ecc  elxstor - ok
13:28:28.0569 0x0ecc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:28:28.0584 0x0ecc  ErrDev - ok
13:28:28.0647 0x0ecc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:28:28.0678 0x0ecc  EventSystem - ok
13:28:28.0725 0x0ecc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:28:28.0740 0x0ecc  exfat - ok
13:28:28.0772 0x0ecc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:28:28.0787 0x0ecc  fastfat - ok
13:28:28.0850 0x0ecc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:28:28.0912 0x0ecc  Fax - ok
13:28:28.0943 0x0ecc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
13:28:28.0943 0x0ecc  fdc - ok
13:28:28.0959 0x0ecc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:28:28.0974 0x0ecc  fdPHost - ok
13:28:28.0990 0x0ecc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:28:28.0990 0x0ecc  FDResPub - ok
13:28:29.0052 0x0ecc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:28:29.0052 0x0ecc  FileInfo - ok
13:28:29.0052 0x0ecc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:28:29.0068 0x0ecc  Filetrace - ok
13:28:29.0084 0x0ecc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:28:29.0084 0x0ecc  flpydisk - ok
13:28:29.0115 0x0ecc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:28:29.0130 0x0ecc  FltMgr - ok
13:28:29.0240 0x0ecc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
13:28:29.0302 0x0ecc  FontCache - ok
13:28:29.0364 0x0ecc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:28:29.0364 0x0ecc  FontCache3.0.0.0 - ok
13:28:29.0380 0x0ecc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:28:29.0396 0x0ecc  FsDepends - ok
13:28:29.0427 0x0ecc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:28:29.0427 0x0ecc  Fs_Rec - ok
13:28:29.0489 0x0ecc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:28:29.0505 0x0ecc  fvevol - ok
13:28:29.0520 0x0ecc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:28:29.0536 0x0ecc  gagp30kx - ok
13:28:29.0614 0x0ecc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:28:29.0661 0x0ecc  gpsvc - ok
13:28:29.0692 0x0ecc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:28:29.0692 0x0ecc  hcw85cir - ok
13:28:29.0754 0x0ecc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:28:29.0801 0x0ecc  HdAudAddService - ok
13:28:29.0848 0x0ecc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:28:29.0848 0x0ecc  HDAudBus - ok
13:28:29.0864 0x0ecc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:28:29.0864 0x0ecc  HidBatt - ok
13:28:29.0895 0x0ecc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:28:29.0895 0x0ecc  HidBth - ok
13:28:29.0926 0x0ecc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:28:29.0942 0x0ecc  HidIr - ok
13:28:29.0973 0x0ecc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
13:28:29.0988 0x0ecc  hidserv - ok
13:28:30.0035 0x0ecc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
13:28:30.0035 0x0ecc  HidUsb - ok
13:28:30.0082 0x0ecc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:28:30.0082 0x0ecc  hkmsvc - ok
13:28:30.0129 0x0ecc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:28:30.0160 0x0ecc  HomeGroupListener - ok
13:28:30.0207 0x0ecc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:28:30.0254 0x0ecc  HomeGroupProvider - ok
13:28:30.0285 0x0ecc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:28:30.0300 0x0ecc  HpSAMD - ok
13:28:30.0378 0x0ecc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:28:30.0410 0x0ecc  HTTP - ok
13:28:30.0425 0x0ecc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:28:30.0425 0x0ecc  hwpolicy - ok
13:28:30.0456 0x0ecc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:28:30.0456 0x0ecc  i8042prt - ok
13:28:30.0534 0x0ecc  [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
13:28:30.0550 0x0ecc  iaStorA - ok
13:28:30.0675 0x0ecc  [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:28:30.0675 0x0ecc  IAStorDataMgrSvc - ok
13:28:30.0690 0x0ecc  [ B9D5AE799CB622C144AE5399C55EF29B, 5C2858590436EEDDE029C5448AEC3ACBB1C0FCED23F305302BAF831C6EC1654A ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
13:28:30.0690 0x0ecc  iaStorF - ok
13:28:30.0753 0x0ecc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:28:30.0815 0x0ecc  iaStorV - ok
13:28:30.0909 0x0ecc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:28:30.0956 0x0ecc  idsvc - ok
13:28:30.0987 0x0ecc  IEEtwCollectorService - ok
13:28:31.0314 0x0ecc  [ 11A31FC2481BFE69B0507ED8C80215F4, 8A1E90611F749E8F04B6D86E835E981CAC16D0841305CADB19E58682DA006698 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:28:31.0626 0x0ecc  igfx - ok
13:28:31.0673 0x0ecc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:28:31.0673 0x0ecc  iirsp - ok
13:28:31.0751 0x0ecc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:28:31.0798 0x0ecc  IKEEXT - ok
13:28:31.0860 0x0ecc  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
13:28:31.0876 0x0ecc  IntcDAud - ok
13:28:31.0985 0x0ecc  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:28:32.0032 0x0ecc  Intel® Capability Licensing Service Interface - ok
13:28:32.0063 0x0ecc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:28:32.0063 0x0ecc  intelide - ok
13:28:32.0110 0x0ecc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:28:32.0110 0x0ecc  intelppm - ok
13:28:32.0157 0x0ecc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:28:32.0157 0x0ecc  IPBusEnum - ok
13:28:32.0188 0x0ecc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:28:32.0188 0x0ecc  IpFilterDriver - ok
13:28:32.0282 0x0ecc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:28:32.0328 0x0ecc  iphlpsvc - ok
13:28:32.0344 0x0ecc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:28:32.0360 0x0ecc  IPMIDRV - ok
13:28:32.0375 0x0ecc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:28:32.0391 0x0ecc  IPNAT - ok
13:28:32.0406 0x0ecc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:28:32.0422 0x0ecc  IRENUM - ok
13:28:32.0438 0x0ecc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:28:32.0453 0x0ecc  isapnp - ok
13:28:32.0500 0x0ecc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:28:32.0531 0x0ecc  iScsiPrt - ok
13:28:32.0562 0x0ecc  [ 75779002A6084C1A011E195E421A9C75, 03D84CE7E50EEA1DFB298F4CE3669F478920ECEB33513FE2DC16C8BF90DF3830 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
13:28:32.0562 0x0ecc  iusb3hcs - ok
13:28:32.0625 0x0ecc  [ F390B641FE6115F536B8B78AA71B8814, 8F26FCEC9B1442224A8DEE3B6459F788DBCEDFB206846BFAA3B26E40B06E2D28 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
13:28:32.0640 0x0ecc  iusb3hub - ok
13:28:32.0718 0x0ecc  [ 653B86AA174FF7661D00EE1E524B234F, F4598336206097DD3C838F7315D87D989D8AB755F773ED613E984C2CC95D511B ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
13:28:32.0750 0x0ecc  iusb3xhc - ok
13:28:32.0890 0x0ecc  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
13:28:32.0906 0x0ecc  jhi_service - ok
13:28:32.0952 0x0ecc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:28:32.0952 0x0ecc  kbdclass - ok
13:28:32.0984 0x0ecc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
13:28:32.0999 0x0ecc  kbdhid - ok
13:28:33.0030 0x0ecc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
13:28:33.0030 0x0ecc  KeyIso - ok
13:28:33.0077 0x0ecc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:28:33.0093 0x0ecc  KSecDD - ok
13:28:33.0108 0x0ecc  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:28:33.0124 0x0ecc  KSecPkg - ok
13:28:33.0140 0x0ecc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:28:33.0140 0x0ecc  ksthunk - ok
13:28:33.0202 0x0ecc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:28:33.0233 0x0ecc  KtmRm - ok
13:28:33.0264 0x0ecc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:28:33.0280 0x0ecc  LanmanServer - ok
13:28:33.0342 0x0ecc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:28:33.0342 0x0ecc  LanmanWorkstation - ok
13:28:33.0389 0x0ecc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:28:33.0389 0x0ecc  lltdio - ok
13:28:33.0436 0x0ecc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:28:33.0483 0x0ecc  lltdsvc - ok
13:28:33.0514 0x0ecc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:28:33.0514 0x0ecc  lmhosts - ok
13:28:33.0608 0x0ecc  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:28:33.0623 0x0ecc  LMS - ok
13:28:33.0670 0x0ecc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:28:33.0670 0x0ecc  LSI_FC - ok
13:28:33.0701 0x0ecc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:28:33.0701 0x0ecc  LSI_SAS - ok
13:28:33.0732 0x0ecc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:28:33.0732 0x0ecc  LSI_SAS2 - ok
13:28:33.0764 0x0ecc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:28:33.0764 0x0ecc  LSI_SCSI - ok
13:28:33.0795 0x0ecc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:28:33.0795 0x0ecc  luafv - ok
13:28:33.0826 0x0ecc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:28:33.0842 0x0ecc  Mcx2Svc - ok
13:28:33.0857 0x0ecc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:28:33.0873 0x0ecc  megasas - ok
13:28:33.0920 0x0ecc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:28:33.0951 0x0ecc  MegaSR - ok
13:28:33.0998 0x0ecc  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
13:28:33.0998 0x0ecc  MEIx64 - ok
13:28:34.0060 0x0ecc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:28:34.0060 0x0ecc  MMCSS - ok
13:28:34.0091 0x0ecc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:28:34.0091 0x0ecc  Modem - ok
13:28:34.0122 0x0ecc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:28:34.0122 0x0ecc  monitor - ok
13:28:34.0138 0x0ecc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:28:34.0154 0x0ecc  mouclass - ok
13:28:34.0169 0x0ecc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:28:34.0169 0x0ecc  mouhid - ok
13:28:34.0200 0x0ecc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:28:34.0216 0x0ecc  mountmgr - ok
13:28:34.0263 0x0ecc  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:28:34.0278 0x0ecc  MozillaMaintenance - ok
13:28:34.0310 0x0ecc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:28:34.0310 0x0ecc  mpio - ok
13:28:34.0341 0x0ecc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:28:34.0356 0x0ecc  mpsdrv - ok
13:28:34.0450 0x0ecc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:28:34.0481 0x0ecc  MpsSvc - ok
13:28:34.0528 0x0ecc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:28:34.0528 0x0ecc  MRxDAV - ok
13:28:34.0575 0x0ecc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:28:34.0590 0x0ecc  mrxsmb - ok
13:28:34.0622 0x0ecc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:28:34.0653 0x0ecc  mrxsmb10 - ok
13:28:34.0684 0x0ecc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:28:34.0684 0x0ecc  mrxsmb20 - ok
13:28:34.0731 0x0ecc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:28:34.0746 0x0ecc  msahci - ok
13:28:34.0778 0x0ecc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:28:34.0793 0x0ecc  msdsm - ok
13:28:34.0824 0x0ecc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:28:34.0840 0x0ecc  MSDTC - ok
13:28:34.0871 0x0ecc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:28:34.0871 0x0ecc  Msfs - ok
13:28:34.0902 0x0ecc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:28:34.0902 0x0ecc  mshidkmdf - ok
13:28:34.0918 0x0ecc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:28:34.0918 0x0ecc  msisadrv - ok
13:28:34.0980 0x0ecc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:28:34.0996 0x0ecc  MSiSCSI - ok
13:28:34.0996 0x0ecc  msiserver - ok
13:28:35.0027 0x0ecc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:28:35.0027 0x0ecc  MSKSSRV - ok
13:28:35.0043 0x0ecc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:28:35.0043 0x0ecc  MSPCLOCK - ok
13:28:35.0074 0x0ecc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:28:35.0074 0x0ecc  MSPQM - ok
13:28:35.0121 0x0ecc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:28:35.0168 0x0ecc  MsRPC - ok
13:28:35.0183 0x0ecc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:28:35.0183 0x0ecc  mssmbios - ok
13:28:35.0199 0x0ecc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:28:35.0199 0x0ecc  MSTEE - ok
13:28:35.0214 0x0ecc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:28:35.0214 0x0ecc  MTConfig - ok
13:28:35.0230 0x0ecc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:28:35.0230 0x0ecc  Mup - ok
13:28:35.0292 0x0ecc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:28:35.0339 0x0ecc  napagent - ok
13:28:35.0402 0x0ecc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:28:35.0448 0x0ecc  NativeWifiP - ok
13:28:35.0542 0x0ecc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:28:35.0604 0x0ecc  NDIS - ok
13:28:35.0620 0x0ecc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:28:35.0636 0x0ecc  NdisCap - ok
13:28:35.0651 0x0ecc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:28:35.0651 0x0ecc  NdisTapi - ok
13:28:35.0682 0x0ecc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:28:35.0682 0x0ecc  Ndisuio - ok
13:28:35.0714 0x0ecc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:28:35.0714 0x0ecc  NdisWan - ok
13:28:35.0729 0x0ecc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:28:35.0729 0x0ecc  NDProxy - ok
13:28:35.0745 0x0ecc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:28:35.0760 0x0ecc  NetBIOS - ok
13:28:35.0776 0x0ecc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:28:35.0792 0x0ecc  NetBT - ok
13:28:35.0823 0x0ecc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
13:28:35.0823 0x0ecc  Netlogon - ok
13:28:35.0885 0x0ecc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:28:35.0916 0x0ecc  Netman - ok
13:28:35.0979 0x0ecc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:28:35.0979 0x0ecc  NetMsmqActivator - ok
13:28:36.0010 0x0ecc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:28:36.0010 0x0ecc  NetPipeActivator - ok
13:28:36.0057 0x0ecc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:28:36.0104 0x0ecc  netprofm - ok
13:28:36.0119 0x0ecc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:28:36.0119 0x0ecc  NetTcpActivator - ok
13:28:36.0135 0x0ecc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:28:36.0150 0x0ecc  NetTcpPortSharing - ok
13:28:36.0182 0x0ecc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:28:36.0197 0x0ecc  nfrd960 - ok
13:28:36.0228 0x0ecc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:28:36.0260 0x0ecc  NlaSvc - ok
13:28:36.0275 0x0ecc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:28:36.0275 0x0ecc  Npfs - ok
13:28:36.0322 0x0ecc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:28:36.0322 0x0ecc  nsi - ok
13:28:36.0338 0x0ecc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:28:36.0353 0x0ecc  nsiproxy - ok
13:28:36.0478 0x0ecc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:28:36.0540 0x0ecc  Ntfs - ok
13:28:36.0556 0x0ecc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:28:36.0556 0x0ecc  Null - ok
13:28:36.0603 0x0ecc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:28:36.0618 0x0ecc  nvraid - ok
13:28:36.0634 0x0ecc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:28:36.0650 0x0ecc  nvstor - ok
13:28:36.0665 0x0ecc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:28:36.0681 0x0ecc  nv_agp - ok
13:28:36.0774 0x0ecc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:28:36.0821 0x0ecc  odserv - ok
13:28:36.0868 0x0ecc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:28:36.0868 0x0ecc  ohci1394 - ok
13:28:36.0930 0x0ecc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:28:36.0946 0x0ecc  ose - ok
13:28:37.0024 0x0ecc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:28:37.0055 0x0ecc  p2pimsvc - ok
13:28:37.0102 0x0ecc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:28:37.0149 0x0ecc  p2psvc - ok
13:28:37.0180 0x0ecc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
13:28:37.0180 0x0ecc  Parport - ok
13:28:37.0227 0x0ecc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:28:37.0227 0x0ecc  partmgr - ok
13:28:37.0274 0x0ecc  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:28:37.0289 0x0ecc  PcaSvc - ok
13:28:37.0320 0x0ecc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:28:37.0336 0x0ecc  pci - ok
13:28:37.0383 0x0ecc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:28:37.0383 0x0ecc  pciide - ok
13:28:37.0430 0x0ecc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:28:37.0445 0x0ecc  pcmcia - ok
13:28:37.0461 0x0ecc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:28:37.0476 0x0ecc  pcw - ok
13:28:37.0523 0x0ecc  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:28:37.0554 0x0ecc  PEAUTH - ok
13:28:37.0679 0x0ecc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:28:37.0679 0x0ecc  PerfHost - ok
13:28:37.0804 0x0ecc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:28:37.0866 0x0ecc  pla - ok
13:28:37.0929 0x0ecc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:28:37.0960 0x0ecc  PlugPlay - ok
13:28:37.0976 0x0ecc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:28:37.0976 0x0ecc  PNRPAutoReg - ok
13:28:38.0022 0x0ecc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:28:38.0038 0x0ecc  PNRPsvc - ok
13:28:38.0100 0x0ecc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:28:38.0132 0x0ecc  PolicyAgent - ok
13:28:38.0178 0x0ecc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:28:38.0194 0x0ecc  Power - ok
13:28:38.0256 0x0ecc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:28:38.0256 0x0ecc  PptpMiniport - ok
13:28:38.0288 0x0ecc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
13:28:38.0288 0x0ecc  Processor - ok
13:28:38.0334 0x0ecc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:28:38.0366 0x0ecc  ProfSvc - ok
13:28:38.0381 0x0ecc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:28:38.0397 0x0ecc  ProtectedStorage - ok
13:28:38.0412 0x0ecc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:28:38.0412 0x0ecc  Psched - ok
13:28:38.0537 0x0ecc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:28:38.0600 0x0ecc  ql2300 - ok
13:28:38.0615 0x0ecc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:28:38.0615 0x0ecc  ql40xx - ok
13:28:38.0662 0x0ecc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:28:38.0693 0x0ecc  QWAVE - ok
13:28:38.0724 0x0ecc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:28:38.0724 0x0ecc  QWAVEdrv - ok
13:28:38.0756 0x0ecc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:28:38.0756 0x0ecc  RasAcd - ok
13:28:38.0818 0x0ecc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:28:38.0818 0x0ecc  RasAgileVpn - ok
13:28:38.0849 0x0ecc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:28:38.0865 0x0ecc  RasAuto - ok
13:28:38.0880 0x0ecc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:28:38.0880 0x0ecc  Rasl2tp - ok
13:28:38.0912 0x0ecc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:28:38.0943 0x0ecc  RasMan - ok
13:28:38.0974 0x0ecc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:28:38.0974 0x0ecc  RasPppoe - ok
13:28:38.0990 0x0ecc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:28:38.0990 0x0ecc  RasSstp - ok
13:28:39.0036 0x0ecc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:28:39.0068 0x0ecc  rdbss - ok
13:28:39.0083 0x0ecc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:28:39.0083 0x0ecc  rdpbus - ok
13:28:39.0114 0x0ecc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:28:39.0130 0x0ecc  RDPCDD - ok
13:28:39.0146 0x0ecc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:28:39.0146 0x0ecc  RDPENCDD - ok
13:28:39.0161 0x0ecc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:28:39.0161 0x0ecc  RDPREFMP - ok
13:28:39.0239 0x0ecc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:28:39.0255 0x0ecc  RdpVideoMiniport - ok
13:28:39.0302 0x0ecc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:28:39.0348 0x0ecc  RDPWD - ok
13:28:39.0411 0x0ecc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:28:39.0411 0x0ecc  rdyboost - ok
13:28:39.0458 0x0ecc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:28:39.0458 0x0ecc  RemoteAccess - ok
13:28:39.0504 0x0ecc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:28:39.0504 0x0ecc  RemoteRegistry - ok
13:28:39.0551 0x0ecc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:28:39.0551 0x0ecc  RFCOMM - ok
13:28:39.0598 0x0ecc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:28:39.0614 0x0ecc  RpcEptMapper - ok
13:28:39.0645 0x0ecc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:28:39.0660 0x0ecc  RpcLocator - ok
13:28:39.0723 0x0ecc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\System32\rpcss.dll
13:28:39.0738 0x0ecc  RpcSs - ok
13:28:39.0785 0x0ecc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:28:39.0801 0x0ecc  rspndr - ok
13:28:39.0879 0x0ecc  [ 3713DACCA1025B05A6343104112708D9, 77830F361775166ED2408CFF9F0DBEDFF225895DD0FAC93F3DC5FFD8DBE0ED2B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:28:39.0910 0x0ecc  RTL8167 - ok
13:28:39.0926 0x0ecc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
13:28:39.0926 0x0ecc  SamSs - ok
13:28:39.0941 0x0ecc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:28:39.0957 0x0ecc  sbp2port - ok
13:28:39.0988 0x0ecc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:28:40.0004 0x0ecc  SCardSvr - ok
13:28:40.0019 0x0ecc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:28:40.0019 0x0ecc  scfilter - ok
13:28:40.0097 0x0ecc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:28:40.0144 0x0ecc  Schedule - ok
13:28:40.0175 0x0ecc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:28:40.0175 0x0ecc  SCPolicySvc - ok
13:28:40.0206 0x0ecc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:28:40.0206 0x0ecc  SDRSVC - ok
13:28:40.0222 0x0ecc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:28:40.0238 0x0ecc  secdrv - ok
13:28:40.0253 0x0ecc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:28:40.0253 0x0ecc  seclogon - ok
13:28:40.0284 0x0ecc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
13:28:40.0300 0x0ecc  SENS - ok
13:28:40.0316 0x0ecc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:28:40.0331 0x0ecc  SensrSvc - ok
13:28:40.0362 0x0ecc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:28:40.0362 0x0ecc  Serenum - ok
13:28:40.0394 0x0ecc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
13:28:40.0409 0x0ecc  Serial - ok
13:28:40.0440 0x0ecc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:28:40.0440 0x0ecc  sermouse - ok
13:28:40.0472 0x0ecc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:28:40.0487 0x0ecc  SessionEnv - ok
13:28:40.0503 0x0ecc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:28:40.0503 0x0ecc  sffdisk - ok
13:28:40.0518 0x0ecc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:28:40.0534 0x0ecc  sffp_mmc - ok
13:28:40.0550 0x0ecc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:28:40.0550 0x0ecc  sffp_sd - ok
13:28:40.0596 0x0ecc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:28:40.0596 0x0ecc  sfloppy - ok
13:28:40.0659 0x0ecc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:28:40.0706 0x0ecc  SharedAccess - ok
13:28:40.0752 0x0ecc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:28:40.0799 0x0ecc  ShellHWDetection - ok
13:28:40.0830 0x0ecc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:28:40.0830 0x0ecc  SiSRaid2 - ok
13:28:40.0846 0x0ecc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:28:40.0862 0x0ecc  SiSRaid4 - ok
13:28:40.0893 0x0ecc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:28:40.0893 0x0ecc  Smb - ok
13:28:40.0955 0x0ecc  [ 016B6E23FC7F2E4C63D0F5C00501EEEE, 61A920C1289D25DB7F4A07A690D2152B9994BDFDEC8DA836D9D3BCBBF824185D ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
13:28:40.0955 0x0ecc  SmbDrvI - ok
13:28:41.0018 0x0ecc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:28:41.0033 0x0ecc  SNMPTRAP - ok
13:28:41.0049 0x0ecc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:28:41.0049 0x0ecc  spldr - ok
13:28:41.0127 0x0ecc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:28:41.0174 0x0ecc  Spooler - ok
13:28:41.0314 0x0ecc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:28:41.0439 0x0ecc  sppsvc - ok
13:28:41.0454 0x0ecc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:28:41.0470 0x0ecc  sppuinotify - ok
13:28:41.0517 0x0ecc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:28:41.0564 0x0ecc  srv - ok
13:28:41.0595 0x0ecc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:28:41.0626 0x0ecc  srv2 - ok
13:28:41.0673 0x0ecc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:28:41.0673 0x0ecc  srvnet - ok
13:28:41.0735 0x0ecc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:28:41.0782 0x0ecc  SSDPSRV - ok
13:28:41.0798 0x0ecc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:28:41.0813 0x0ecc  SstpSvc - ok
13:28:41.0844 0x0ecc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:28:41.0844 0x0ecc  stexstor - ok
13:28:41.0907 0x0ecc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:28:41.0954 0x0ecc  stisvc - ok
13:28:41.0969 0x0ecc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:28:41.0969 0x0ecc  swenum - ok
13:28:42.0016 0x0ecc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:28:42.0047 0x0ecc  swprv - ok
13:28:42.0125 0x0ecc  [ F80FE7A585E3B855D8680FDEB3107A1F, 73786227B4D90155A3FF37634BE1E92CAB30FF992B7B0EDBA6B14901DEDBD04B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:28:42.0141 0x0ecc  SynTP - ok
13:28:42.0219 0x0ecc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:28:42.0266 0x0ecc  SysMain - ok
13:28:42.0281 0x0ecc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:28:42.0281 0x0ecc  TabletInputService - ok
13:28:42.0312 0x0ecc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:28:42.0328 0x0ecc  TapiSrv - ok
13:28:42.0344 0x0ecc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:28:42.0344 0x0ecc  TBS - ok
13:28:42.0468 0x0ecc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:28:42.0546 0x0ecc  Tcpip - ok
13:28:42.0671 0x0ecc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:28:42.0718 0x0ecc  TCPIP6 - ok
13:28:42.0749 0x0ecc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:28:42.0749 0x0ecc  tcpipreg - ok
13:28:42.0780 0x0ecc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:28:42.0780 0x0ecc  TDPIPE - ok
13:28:42.0827 0x0ecc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:28:42.0827 0x0ecc  TDTCP - ok
13:28:42.0858 0x0ecc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:28:42.0858 0x0ecc  tdx - ok
13:28:42.0874 0x0ecc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:28:42.0874 0x0ecc  TermDD - ok
13:28:42.0952 0x0ecc  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
13:28:42.0999 0x0ecc  TermService - ok
13:28:43.0030 0x0ecc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:28:43.0030 0x0ecc  Themes - ok
13:28:43.0046 0x0ecc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:28:43.0061 0x0ecc  THREADORDER - ok
13:28:43.0077 0x0ecc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:28:43.0077 0x0ecc  TrkWks - ok
13:28:43.0155 0x0ecc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:28:43.0155 0x0ecc  TrustedInstaller - ok
13:28:43.0202 0x0ecc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:28:43.0202 0x0ecc  tssecsrv - ok
13:28:43.0264 0x0ecc  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:28:43.0264 0x0ecc  TsUsbFlt - ok
13:28:43.0311 0x0ecc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:28:43.0311 0x0ecc  TsUsbGD - ok
13:28:43.0373 0x0ecc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:28:43.0373 0x0ecc  tunnel - ok
13:28:43.0404 0x0ecc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:28:43.0404 0x0ecc  uagp35 - ok
13:28:43.0436 0x0ecc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:28:43.0482 0x0ecc  udfs - ok
13:28:43.0514 0x0ecc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:28:43.0529 0x0ecc  UI0Detect - ok
13:28:43.0560 0x0ecc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:28:43.0576 0x0ecc  uliagpkx - ok
13:28:43.0592 0x0ecc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:28:43.0592 0x0ecc  umbus - ok
13:28:43.0623 0x0ecc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:28:43.0623 0x0ecc  UmPass - ok
13:28:43.0763 0x0ecc  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:28:43.0794 0x0ecc  UNS - ok
13:28:43.0857 0x0ecc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:28:43.0888 0x0ecc  upnphost - ok
13:28:43.0935 0x0ecc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:28:43.0950 0x0ecc  usbccgp - ok
13:28:43.0982 0x0ecc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:28:43.0982 0x0ecc  usbcir - ok
13:28:44.0013 0x0ecc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:28:44.0013 0x0ecc  usbehci - ok
13:28:44.0060 0x0ecc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:28:44.0106 0x0ecc  usbhub - ok
13:28:44.0122 0x0ecc  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:28:44.0138 0x0ecc  usbohci - ok
13:28:44.0153 0x0ecc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:28:44.0153 0x0ecc  usbprint - ok
13:28:44.0184 0x0ecc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:28:44.0200 0x0ecc  USBSTOR - ok
13:28:44.0216 0x0ecc  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:28:44.0216 0x0ecc  usbuhci - ok
13:28:44.0278 0x0ecc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:28:44.0278 0x0ecc  usbvideo - ok
13:28:44.0325 0x0ecc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:28:44.0340 0x0ecc  UxSms - ok
13:28:44.0356 0x0ecc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
13:28:44.0372 0x0ecc  VaultSvc - ok
13:28:44.0403 0x0ecc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:28:44.0403 0x0ecc  vdrvroot - ok
13:28:44.0465 0x0ecc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:28:44.0512 0x0ecc  vds - ok
13:28:44.0528 0x0ecc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:28:44.0543 0x0ecc  vga - ok
13:28:44.0559 0x0ecc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:28:44.0559 0x0ecc  VgaSave - ok
13:28:44.0590 0x0ecc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:28:44.0621 0x0ecc  vhdmp - ok
13:28:44.0652 0x0ecc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:28:44.0652 0x0ecc  viaide - ok
13:28:44.0699 0x0ecc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:28:44.0699 0x0ecc  volmgr - ok
13:28:44.0762 0x0ecc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:28:44.0808 0x0ecc  volmgrx - ok
13:28:44.0855 0x0ecc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:28:44.0886 0x0ecc  volsnap - ok
13:28:44.0918 0x0ecc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:28:44.0933 0x0ecc  vsmraid - ok
13:28:45.0058 0x0ecc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:28:45.0136 0x0ecc  VSS - ok
13:28:45.0136 0x0ecc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:28:45.0136 0x0ecc  vwifibus - ok
13:28:45.0167 0x0ecc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:28:45.0183 0x0ecc  vwififlt - ok
13:28:45.0214 0x0ecc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:28:45.0230 0x0ecc  W32Time - ok
13:28:45.0245 0x0ecc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:28:45.0245 0x0ecc  WacomPen - ok
13:28:45.0276 0x0ecc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:28:45.0276 0x0ecc  WANARP - ok
13:28:45.0292 0x0ecc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:28:45.0292 0x0ecc  Wanarpv6 - ok
13:28:45.0401 0x0ecc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:28:45.0479 0x0ecc  WatAdminSvc - ok
13:28:45.0588 0x0ecc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:28:45.0666 0x0ecc  wbengine - ok
13:28:45.0682 0x0ecc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:28:45.0698 0x0ecc  WbioSrvc - ok
13:28:45.0713 0x0ecc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:28:45.0729 0x0ecc  wcncsvc - ok
13:28:45.0729 0x0ecc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:28:45.0729 0x0ecc  WcsPlugInService - ok
13:28:45.0776 0x0ecc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:28:45.0776 0x0ecc  Wd - ok
13:28:45.0807 0x0ecc  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
13:28:45.0807 0x0ecc  WDC_SAM - ok
13:28:45.0885 0x0ecc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:28:45.0947 0x0ecc  Wdf01000 - ok
13:28:45.0978 0x0ecc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:28:45.0994 0x0ecc  WdiServiceHost - ok
13:28:45.0994 0x0ecc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:28:46.0010 0x0ecc  WdiSystemHost - ok
13:28:46.0041 0x0ecc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
13:28:46.0072 0x0ecc  WebClient - ok
13:28:46.0103 0x0ecc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:28:46.0103 0x0ecc  Wecsvc - ok
13:28:46.0119 0x0ecc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:28:46.0119 0x0ecc  wercplsupport - ok
13:28:46.0150 0x0ecc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:28:46.0150 0x0ecc  WerSvc - ok
13:28:46.0197 0x0ecc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:28:46.0197 0x0ecc  WfpLwf - ok
13:28:46.0212 0x0ecc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:28:46.0212 0x0ecc  WIMMount - ok
13:28:46.0244 0x0ecc  WinDefend - ok
13:28:46.0275 0x0ecc  WinHttpAutoProxySvc - ok
13:28:46.0368 0x0ecc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:28:46.0400 0x0ecc  Winmgmt - ok
13:28:46.0540 0x0ecc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:28:46.0634 0x0ecc  WinRM - ok
13:28:46.0727 0x0ecc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:28:46.0774 0x0ecc  Wlansvc - ok
13:28:46.0805 0x0ecc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:28:46.0805 0x0ecc  WmiAcpi - ok
13:28:46.0852 0x0ecc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:28:46.0868 0x0ecc  wmiApSrv - ok
13:28:46.0914 0x0ecc  WMPNetworkSvc - ok
13:28:46.0930 0x0ecc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:28:46.0946 0x0ecc  WPCSvc - ok
13:28:46.0977 0x0ecc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:28:46.0992 0x0ecc  WPDBusEnum - ok
13:28:47.0008 0x0ecc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:28:47.0024 0x0ecc  ws2ifsl - ok
13:28:47.0039 0x0ecc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:28:47.0055 0x0ecc  wscsvc - ok
13:28:47.0070 0x0ecc  WSearch - ok
13:28:47.0211 0x0ecc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:28:47.0351 0x0ecc  wuauserv - ok
13:28:47.0382 0x0ecc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:28:47.0382 0x0ecc  WudfPf - ok
13:28:47.0429 0x0ecc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:28:47.0429 0x0ecc  WUDFRd - ok
13:28:47.0460 0x0ecc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:28:47.0460 0x0ecc  wudfsvc - ok
13:28:47.0492 0x0ecc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:28:47.0523 0x0ecc  WwanSvc - ok
13:28:47.0585 0x0ecc  [ DB37B94EFC0B1702A0CFE49D85805DA3, 2E9538E1AD1C46F42A8D0EA2C177245F80A495177623F8BA79CAFC1124ACD111 ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
13:28:47.0585 0x0ecc  ZAtheros Wlan Agent - ok
13:28:47.0632 0x0ecc  ================ Scan global ===============================
13:28:47.0663 0x0ecc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:28:47.0710 0x0ecc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:28:47.0757 0x0ecc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:28:47.0819 0x0ecc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:28:47.0882 0x0ecc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:28:47.0913 0x0ecc  [ Global ] - ok
13:28:47.0913 0x0ecc  ================ Scan MBR ==================================
13:28:47.0928 0x0ecc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:28:48.0381 0x0ecc  \Device\Harddisk0\DR0 - ok
13:28:48.0381 0x0ecc  ================ Scan VBR ==================================
13:28:48.0381 0x0ecc  [ 4775256666E897449563E25B29AD24AC ] \Device\Harddisk0\DR0\Partition1
13:28:48.0396 0x0ecc  \Device\Harddisk0\DR0\Partition1 - ok
13:28:48.0396 0x0ecc  [ CEB5A4C652E1966D5F253D6DD0CA14C5 ] \Device\Harddisk0\DR0\Partition2
13:28:48.0412 0x0ecc  \Device\Harddisk0\DR0\Partition2 - ok
13:28:48.0412 0x0ecc  ================ Scan generic autorun ======================
13:28:48.0459 0x0ecc  [ CE5C9E3593324EA855589F63189E6212, 29816FAF4FE8EA1E64D31CC75748E91C4FAF99C8AB0CB5BE9B10EE03263F24E1 ] C:\Windows\system32\igfxpers.exe
13:28:48.0490 0x0ecc  Persistence - ok
13:28:48.0537 0x0ecc  [ 93B3EA10E44CCBFF4DFF02E5A95AC2FB, 6963EE9F99BDC4205DA9F41DD0BBA3E43E0DE629CDA42E4F17B2D04F5B3E0DE4 ] C:\Windows\system32\igfxtray.exe
13:28:48.0552 0x0ecc  IgfxTray - ok
13:28:48.0677 0x0ecc  [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
13:28:48.0677 0x0ecc  IAStorIcon - ok
13:28:48.0724 0x0ecc  [ 24F403C2C47FD51A123A00A285A87F4B, 2BECE3EBACD0561AFAF0F4DEE4477222854E1A0928EAE11715B22F10731427EC ] C:\Windows\system32\hkcmd.exe
13:28:48.0755 0x0ecc  HotKeysCmds - ok
13:28:48.0880 0x0ecc  [ 549C837B793151CA2A55F558D2DEC1F1, 13C711E5A350B0EB3737BAC63214003344EC7A49771107D4487E9CB7FE795CDB ] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe
13:28:48.0911 0x0ecc  AtherosBtStack - ok
13:28:48.0942 0x0ecc  [ 5CD998EF2E1A706D49A3CC59ED0E4B43, C18A1F0445FC8595E8B491506953016A45DCB5B4A0FDD5CB9D4853EA2F3E398D ] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe
13:28:48.0958 0x0ecc  AthBtTray - ok
13:28:48.0958 0x0ecc  SynTPEnh - ok
13:28:49.0020 0x0ecc  [ 796227FCA947A0B8E3D6A097B27F2363, F14B1F8CF253A27554D4C24228911355FA475AABF086B66A498E825E8E3CBFA5 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
13:28:49.0052 0x0ecc  USB3MON - ok
13:28:49.0130 0x0ecc  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:28:49.0145 0x0ecc  SunJavaUpdateSched - ok
13:28:49.0348 0x0ecc  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
13:28:49.0520 0x0ecc  AvastUI.exe - ok
13:28:49.0613 0x0ecc  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:28:49.0660 0x0ecc  Adobe ARM - ok
13:28:49.0816 0x0ecc  [ 528ABB384D6B586565EEDE45D3B40CFC, 520A35517C88693566A56B94D94EC6201629BB629064416004BE18C7EF460713 ] C:\Users\Dana\AppData\Local\Apps\2.0\NQPP692R.83T\MGL0A4W4.6LQ\dell..tion_e30b47f5d4a30e9e_0005.000b_1df8a3cb60a9209e\DellSystemDetect.exe
13:28:49.0832 0x0ecc  DellSystemDetect - ok
13:28:49.0832 0x0ecc  Waiting for KSN requests completion. In queue: 37
13:28:50.0846 0x0ecc  Waiting for KSN requests completion. In queue: 37
13:28:51.0860 0x0ecc  Waiting for KSN requests completion. In queue: 37
13:28:52.0920 0x0ecc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
13:28:52.0967 0x0ecc  Win FW state via NFP2: enabled
13:28:55.0666 0x0ecc  ============================================================
13:28:55.0666 0x0ecc  Scan finished
13:28:55.0666 0x0ecc  ============================================================
13:28:55.0682 0x10e0  Detected object count: 0
13:28:55.0682 0x10e0  Actual detected object count: 0
13:29:15.0228 0x111c  Deinitialize success
 

 

# AdwCleaner v4.001 - Report created 23/10/2014 at 13:35:24
# DB v2014-10-23.2
# Updated 20/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dana - INSPIRON
# Running from : C:\Users\Dana\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Search Extensions

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 en-US)


*************************

AdwCleaner[R0].txt - [1457 octets] - [14/10/2014 18:04:51]
AdwCleaner[R1].txt - [920 octets] - [23/10/2014 13:31:41]
AdwCleaner[S0].txt - [1435 octets] - [14/10/2014 18:07:05]
AdwCleaner[S1].txt - [837 octets] - [23/10/2014 13:35:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [896 octets] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Home Premium x64
Ran by Dana on Thu 10/23/2014 at 13:40:01.52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Dana\AppData\Roaming\getrighttogo"



~~~ FireFox

Emptied folder: C:\Users\Dana\AppData\Roaming\mozilla\firefox\profiles\piug3ttm.default\minidumps [10 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/23/2014 at 13:43:23.46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

-ESET no threats....no log...



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:07 AM

Posted 28 October 2014 - 01:05 PM

Perhaps it is not malware but file corruption.

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk, then restart your computer.

1406373241-3-o.png


Once the above is done, go to Step 4 and allow it to run System File Check by clicking on the Do It button.

1406373250-4-o.png


Go to Step 5 and under"System Restore" click on Create button.

1406373259-5-o.png


Go to Start Repairs tab and click the Start button.

1406373267-start1-o.png


Leave the check marks as they are.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start Repairs button.

1406373275-start2-o.png


After the repair finished, you may be prompted to restart the computer. Please allow it to do so.

Please post the Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Tumbo

Tumbo
  • Topic Starter

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:07 AM

Posted 28 October 2014 - 02:05 PM

Thank you for your continued assistance.  That's good the problem is probably not malware.

 

Below is the Tweaking.com Windows Repair log.  Also, a couple of days ago I had run WhoCrashed....I have attached that log below as well for your analysis.  I have not acted on any of the information and will await your instructions.

 

 

Tweaking.com - Windows Repair v2.10.0
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: INSPIRON
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Dana
Current Profile SID: S-1-5-21-451217856-685515885-3611321925-1000
Current Profile Classes: S-1-5-21-451217856-685515885-3611321925-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Dana\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 01:41:32

Process Count: 58
Commit Total: 1.92 GB
Commit Limit: 11.78 GB
Commit Peak: 2.58 GB
Handle Count: 19534
Kernel Total: 553.94 MB
Kernel Paged: 425.04 MB
Kernel Non Paged: 128.90 MB
System Cache: 4.09 GB
Thread Count: 853
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 5.89 GB
Memory Used: 1.93 GB(32.6972%)
Memory Avail.: 3.96 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 5.89 GB
Memory Used: 1.57 GB(26.6868%)
Memory Avail.: 4.32 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (10/28/2014 8:40:32 AM)

Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 1
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (10/28/2014 8:40:34 AM)
   Running Repair Under Current User Account
   Done (10/28/2014 8:40:38 AM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (10/28/2014 8:40:38 AM)
   Running Repair Under System Account
   Done (10/28/2014 8:43:25 AM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (10/28/2014 8:43:25 AM)
   Running Repair Under System Account
   Done (10/28/2014 8:44:24 AM)

03 - Reset Service Permissions
   Start (10/28/2014 8:44:24 AM)
   Running Repair Under System Account
   Done (10/28/2014 8:44:35 AM)

04 - Register System Files
   Start (10/28/2014 8:44:35 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:45:04 AM)

05 - Repair WMI
   Start (10/28/2014 8:45:04 AM)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   avast! Antivirus Exported.

   Exporting AntiSpyware Info...
   Windows Defender Exported.
   avast! Antivirus Exported.

   Exporting 3rd Party Firewall Info...
   No Firewall Products Reported.

   Running Repair Under Current User Account
   Done (10/28/2014 8:48:35 AM)

06 - Repair Windows Firewall
   Start (10/28/2014 8:48:35 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:49:04 AM)

07 - Repair Internet Explorer
   Start (10/28/2014 8:49:04 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:49:27 AM)

08 - Repair MDAC/MS Jet
   Start (10/28/2014 8:49:28 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:49:36 AM)

09 - Repair Hosts File
   Start (10/28/2014 8:49:36 AM)
   Running Repair Under System Account
   Done (10/28/2014 8:49:37 AM)

10 - Remove Policies Set By Infections
   Start (10/28/2014 8:49:37 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:49:40 AM)

11 - Repair Start Menu Icons Removed By Infections
   Start (10/28/2014 8:49:40 AM)
   Running Repair Under System Account
   Done (10/28/2014 8:49:42 AM)

12 - Repair Icons
   Start (10/28/2014 8:49:42 AM)
   Running Repair Under Current User Account
   Done (10/28/2014 8:49:43 AM)

13 - Repair Winsock & DNS Cache
   Start (10/28/2014 8:49:43 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:50:02 AM)

15 - Repair Proxy Settings
   Start (10/28/2014 8:50:02 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:50:04 AM)

17 - Repair Windows Updates
   Start (10/28/2014 8:50:04 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (10/28/2014 8:50:31 AM)

18 - Repair CD/DVD Missing/Not Working
   Start (10/28/2014 8:50:31 AM)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (10/28/2014 8:50:31 AM)

19 - Repair Volume Shadow Copy Service
   Start (10/28/2014 8:50:31 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:50:53 AM)

21 - Repair MSI (Windows Installer)
   Start (10/28/2014 8:50:53 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:06 AM)

23.01 - Repair bat Association
   Start (10/28/2014 8:51:06 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:08 AM)

23.02 - Repair cmd Association
   Start (10/28/2014 8:51:08 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:10 AM)

23.03 - Repair com Association
   Start (10/28/2014 8:51:11 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:13 AM)

23.04 - Repair Directory Association
   Start (10/28/2014 8:51:13 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:15 AM)

23.05 - Repair Drive Association
   Start (10/28/2014 8:51:15 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:17 AM)

23.06 - Repair exe Association
   Start (10/28/2014 8:51:17 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:19 AM)

23.07 - Repair Folder Association
   Start (10/28/2014 8:51:19 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:23 AM)

23.08 - Repair inf Association
   Start (10/28/2014 8:51:23 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:25 AM)

23.09 - Repair lnk (Shortcuts) Association
   Start (10/28/2014 8:51:25 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:27 AM)

23.10 - Repair msc Association
   Start (10/28/2014 8:51:27 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:29 AM)

23.11 - Repair reg Association
   Start (10/28/2014 8:51:29 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:32 AM)

23.12 - Repair scr Association
   Start (10/28/2014 8:51:32 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:34 AM)

24 - Repair Windows Safe Mode
   Start (10/28/2014 8:51:34 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:36 AM)

25 - Repair Print Spooler
   Start (10/28/2014 8:51:36 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:50 AM)

26 - Restore Important Windows Services
   Start (10/28/2014 8:51:50 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:51:58 AM)

27 - Set Windows Services To Default Startup
   Start (10/28/2014 8:51:58 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:52:07 AM)

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

31 - Repair Windows 'New' Submenu
   Start (10/28/2014 8:52:07 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/28/2014 8:52:09 AM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (10/28/2014 8:52:09 AM)
   Total Repair Time: 00:11:39


...YOU MUST RESTART YOUR SYSTEM...
 

 

 

Welcome to WhoCrashed (HOME EDITION) v 5.02


This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.

Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.

This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. It will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.

To obtain technical support visit www.resplendence.com/support

Click here to check if you have the latest version or if an update is available.

Just click the Analyze button for a comprehensible report ...




Home Edition Notice


This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which allows you to perform more thorough and detailed analysis. It also offers a range of additional features such as remote analysis on remote directories and remote computers on the network.

Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.



System Information (local)


computer name: INSPIRON
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
Hardware: Inspiron 3721, Dell Inc., 044D20
CPU: GenuineIntel Intel® Core™ i5-3337U CPU @ 1.80GHz Intel586, level: 6
4 logical processors, active mask: 15
RAM: 6324334592 total





Crash Dump Analysis


Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Sun 10/26/2014 7:20:06 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\102614-16520-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x78A8A)
Bugcheck code: 0x1000009F (0x4, 0x258, 0xFFFFFA80057E3040, 0xFFFFF80000B9A3D0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Sun 10/26/2014 7:20:06 AM GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: ntkrnlmp.exe (nt!KeBugCheckEx+0x0)
Bugcheck code: 0x9F (0x4, 0x258, 0xFFFFFA80057E3040, 0xFFFFF80000B9A3D0)
Error: DRIVER_POWER_STATE_FAILURE
Bug check description: This bug check indicates that the driver is in an inconsistent or invalid power state.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Wed 10/22/2014 8:14:28 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\102214-24866-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x78A8A)
Bugcheck code: 0x1000009F (0x4, 0x258, 0xFFFFFA80057E3040, 0xFFFFF800043443D0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Tue 10/21/2014 12:29:18 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\102014-15802-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x78A8A)
Bugcheck code: 0x1000009F (0x4, 0x258, 0xFFFFFA80057E6660, 0xFFFFF80000B9A3D0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Fri 10/17/2014 6:23:45 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\101614-16192-01.dmp
This was probably caused by the following module: iastora.sys (0xFFFFF8800114FD91)
Bugcheck code: 0xD1 (0xC0, 0x2, 0x0, 0xFFFFF8800114FD91)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\iastora.sys
product: Intel Rapid Storage Technology driver
company: Intel Corporation
description: Intel Rapid Storage Technology driver - x64
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastora.sys (Intel Rapid Storage Technology driver - x64, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Fri 10/17/2014 5:33:00 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\101614-23774-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x78A8A)
Bugcheck code: 0x1000009F (0x4, 0x258, 0xFFFFFA80057E3B50, 0xFFFFF80000B9A3D0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Mon 10/13/2014 2:49:46 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\101214-18142-01.dmp
This was probably caused by the following module: iastora.sys (0xFFFFF880012F1D91)
Bugcheck code: 0xD1 (0xC0, 0x2, 0x0, 0xFFFFF880012F1D91)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\iastora.sys
product: Intel Rapid Storage Technology driver
company: Intel Corporation
description: Intel Rapid Storage Technology driver - x64
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastora.sys (Intel Rapid Storage Technology driver - x64, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Sat 10/11/2014 10:39:02 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\101114-76768-01.dmp
This was probably caused by the following module: iastora.sys (0xFFFFF880012FDD91)
Bugcheck code: 0xD1 (0xC0, 0x2, 0x0, 0xFFFFF880012FDD91)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\iastora.sys
product: Intel Rapid Storage Technology driver
company: Intel Corporation
description: Intel Rapid Storage Technology driver - x64
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastora.sys (Intel Rapid Storage Technology driver - x64, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Wed 10/8/2014 7:14:09 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\100814-16645-01.dmp
This was probably caused by the following module: iastora.sys (0xFFFFF88001356D91)
Bugcheck code: 0xD1 (0xC0, 0x2, 0x0, 0xFFFFF88001356D91)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\iastora.sys
product: Intel Rapid Storage Technology driver
company: Intel Corporation
description: Intel Rapid Storage Technology driver - x64
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastora.sys (Intel Rapid Storage Technology driver - x64, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Wed 10/8/2014 4:14:32 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\100714-27424-01.dmp
This was probably caused by the following module: iastora.sys (0xFFFFF88001334D91)
Bugcheck code: 0xD1 (0xC0, 0x2, 0x0, 0xFFFFF88001334D91)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\iastora.sys
product: Intel Rapid Storage Technology driver
company: Intel Corporation
description: Intel Rapid Storage Technology driver - x64
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastora.sys (Intel Rapid Storage Technology driver - x64, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL





Conclusion

17 crash dumps have been found and analyzed. Only 10 are included in this report. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

iastora.sys (Intel Rapid Storage Technology driver - x64, Intel Corporation)

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
 

 

 

*** Note:  The problem still persists after running Tweaking.com Windows Repair. 

 

For example, if I restart the computer it often goes to the "Starting Windows" screen for quite a while, then goes to the "Windows Error Recovery" screen.  If I select "Launch Startup Repair" from here, it runs, attempts repairs" but after running for a while always states "Startup Repair cannot repair this computer automatically".  If I try to start normally from the "Windows Error Recovery" screen, sometimes it will startup normally, but often it will get stuck in a loop and not startup normally sending me back to the "Windows Error Recovery" screen... and I will have to keep trying to startup normally until it finally works...

 


Edited by Tumbo, 28 October 2014 - 03:39 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:07 AM

Posted 29 October 2014 - 08:12 PM

Hello.. looking at all the Kernel and iastore.sys issues you may have a protected infection. As it's a system file we can just remove it and it may me protected by the driver. I think we should get a deeper look. You can use the same title in the new topic.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Tumbo

Tumbo
  • Topic Starter

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:07 AM

Posted 29 October 2014 - 09:50 PM

Hi boopme,

I ran the steps you requested and started a new topic here:

 

http://www.bleepingcomputer.com/forums/t/553942/am-i-infected-windows-gets-hung-up-on-both-startup-shutdown/



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:07 AM

Posted 29 October 2014 - 09:56 PM

Thank you!!

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 5 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users