Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

artemis!EB40DC01EF0D Trojan!


  • Please log in to reply
16 replies to this topic

#1 Jespinosa101

Jespinosa101

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 09 November 2014 - 05:14 PM

Hi I am Jespinosa101,
I have had a virus before or pc issues before and now I have this thing called artemis!EB40DC01EF0D that mcafee detected as a Trojan it currently put it into a quaritine place. Also my pc has been running slow lately and I don't know if this is from before or not. Also my Firefox takes a while to open like 2-5 minutes to open. Finally searching stuff up is slow and my internet connection is pretty good. Finally opening applications and like right clicking takes a while to pop up or show up.Thanks in advance.

Thanks,
Jespinosa101

BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:34 PM

Posted 09 November 2014 - 11:35 PM

Welcome, let's look at the results of these.

Artemis is a generic name given by McAfee Labs to detections of unknowns by the antivirus component of your software. The number that follows identifies it to the labs as to whatever group it belongs to and only they know what it is. It can be an infection, a PUP or even a false alarm, in fact it could be anything that isn't yet known. Within a few days they analyze any samples submitted and come to a decision as to exactly what it is.

So lets see what we find.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 09 November 2014 - 11:40 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Jespinosa101

Jespinosa101
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 11 November 2014 - 11:16 AM

MiniToolBox by Farbar  Version: 21-07-2014
Ran by jespi_000 (administrator) on 11-11-2014 at 09:10:15
Running from "C:\Users\jespi_000\Desktop"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter = Wi-Fi (Connected)
LogMeIn Hamachi Virtual Ethernet Adapter = Ethernet 2 (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Ethernet 2" address=25.59.151.22 mask=255.0.0.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Joshua_Computer
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 1A-D2-24-EE-BF-83
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 48-D2-24-EE-BF-83
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::7051:e7df:1500:bda6%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.107(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, November 11, 2014 8:56:16 AM
   Lease Expires . . . . . . . . . . : Wednesday, November 12, 2014 8:56:16 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 323539492
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-CA-F3-FA-9C-B6-54-42-2A-60
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 9C-B6-54-42-2A-60
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : LogMeIn Hamachi Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 7A-79-19-3B-97-16
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::193b:9716(Preferred)
   Link-local IPv6 Address . . . . . : fe80::cd97:73b3:8c47:fb90%22(Preferred)
   IPv4 Address. . . . . . . . . . . : 25.59.151.22(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
   DHCPv6 IAID . . . . . . . . . . . : 620908786
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-CA-F3-FA-9C-B6-54-42-2A-60
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  Balikatan
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:400a:805::1009
      173.194.33.169
      173.194.33.168
      173.194.33.174
      173.194.33.161
      173.194.33.167
      173.194.33.160
      173.194.33.166
      173.194.33.162
      173.194.33.163
      173.194.33.164
      173.194.33.165


Pinging google.com [173.194.33.165] with 32 bytes of data:
Reply from 173.194.33.165: bytes=32 time=141ms TTL=56
Reply from 173.194.33.165: bytes=32 time=35ms TTL=56

Ping statistics for 173.194.33.165:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 35ms, Maximum = 141ms, Average = 88ms
Server:  Balikatan
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24
      98.138.253.109
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=146ms TTL=50
Reply from 206.190.36.45: bytes=32 time=41ms TTL=50

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 41ms, Maximum = 146ms, Average = 93ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...1a d2 24 ee bf 83 ......Microsoft Wi-Fi Direct Virtual Adapter
 13...48 d2 24 ee bf 83 ......Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
 12...9c b6 54 42 2a 60 ......Realtek PCIe FE Family Controller
 22...7a 79 19 3b 97 16 ......LogMeIn Hamachi Virtual Ethernet Adapter
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.107     25
         25.0.0.0        255.0.0.0         On-link      25.59.151.22    261
     25.59.151.22  255.255.255.255         On-link      25.59.151.22    261
   25.255.255.255  255.255.255.255         On-link      25.59.151.22    261
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.107    281
    192.168.1.107  255.255.255.255         On-link     192.168.1.107    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.107    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      25.59.151.22    261
        224.0.0.0        240.0.0.0         On-link     192.168.1.107    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      25.59.151.22    261
  255.255.255.255  255.255.255.255         On-link     192.168.1.107    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 22   9005 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 22    261 2620:9b::/96             On-link
 22    261 2620:9b::193b:9716/128   On-link
 22    261 fe80::/64                On-link
 13    281 fe80::/64                On-link
 13    281 fe80::7051:e7df:1500:bda6/128
                                    On-link
 22    261 fe80::cd97:73b3:8c47:fb90/128
                                    On-link
  1    306 ff00::/8                 On-link
 22    261 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/11/2014 09:00:25 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a0ad1307-ec13-407d-8340-1f293a0645e0}

Error: (11/11/2014 08:58:00 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.2.9200.16628, time stamp: 0x51a94434
Faulting module name: twinui.dll, version: 6.2.9200.17101, time stamp: 0x54015816
Exception code: 0xc0000005
Fault offset: 0x000000000000186c
Faulting process id: 0x8a4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (11/10/2014 07:52:21 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (11/10/2014 07:35:21 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {e790cdef-d001-432f-9e79-aafafc347e8c}

Error: (11/10/2014 06:21:08 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {f2dd0855-f522-4184-a6b3-2f35fc4f6fd9}

Error: (11/09/2014 08:37:46 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ff1b4e33-6805-49b8-a75d-01945c0acfc6}

Error: (11/09/2014 02:58:56 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {0d253099-5334-4209-ac0f-9c9237ce5d07}

Error: (11/09/2014 02:57:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.2.9200.16628, time stamp: 0x51a94434
Faulting module name: twinui.dll, version: 6.2.9200.17101, time stamp: 0x54015816
Exception code: 0xc0000005
Fault offset: 0x000000000000186c
Faulting process id: 0xffc
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (11/09/2014 02:45:54 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2e7ff14b-cc82-4508-9324-3188ad8d952b}

Error: (11/09/2014 02:42:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -550.


System errors:
=============
Error: (11/11/2014 08:55:25 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (11/10/2014 07:30:42 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (11/10/2014 06:21:34 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (11/10/2014 06:15:37 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (11/09/2014 08:33:16 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (11/09/2014 08:33:55 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:55:44 PM on ‎11/‎9/‎2014 was unexpected.

Error: (11/09/2014 02:54:26 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (11/09/2014 02:45:46 PM) (Source: Service Control Manager) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%1053

Error: (11/09/2014 02:45:46 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.

Error: (11/09/2014 02:40:28 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0


Microsoft Office Sessions:
=========================
Error: (11/11/2014 09:00:25 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a0ad1307-ec13-407d-8340-1f293a0645e0}

Error: (11/11/2014 08:58:00 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.2.9200.1662851a94434twinui.dll6.2.9200.1710154015816c0000005000000000000186c8a401cffdc8109bec95C:\Windows\Explorer.EXEC:\Windows\System32\twinui.dll829c7fbe-69bb-11e4-bf1f-9cb654422a60

Error: (11/10/2014 07:52:21 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (11/10/2014 07:35:21 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {e790cdef-d001-432f-9e79-aafafc347e8c}

Error: (11/10/2014 06:21:08 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {f2dd0855-f522-4184-a6b3-2f35fc4f6fd9}

Error: (11/09/2014 08:37:46 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ff1b4e33-6805-49b8-a75d-01945c0acfc6}

Error: (11/09/2014 02:58:56 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {0d253099-5334-4209-ac0f-9c9237ce5d07}

Error: (11/09/2014 02:57:02 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.2.9200.1662851a94434twinui.dll6.2.9200.1710154015816c0000005000000000000186cffc01cffc67f9e4660fC:\Windows\Explorer.EXEC:\Windows\System32\twinui.dll55b16807-685b-11e4-bf1b-9cb654422a60

Error: (11/09/2014 02:45:54 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2e7ff14b-cc82-4508-9324-3188ad8d952b}

Error: (11/09/2014 02:42:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -550


CodeIntegrity Errors:
===================================
  Date: 2014-08-14 20:14:05.368
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



=========================== Installed Programs ============================
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{CB4C08E3-800F-65F6-9C00-06814A6B7CE7}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2: Free (HKLM-x32\...\Steam App 107400) (Version:  - Bohemia Interactive)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
BattlEye (A2Free) Uninstall (HKLM-x32\...\BattlEye A2 Free) (Version:  - )
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.5901 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3.5901 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2608 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.3.2608 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.3.2527 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5108 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.5108 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.6.6119 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{8C1ADF61-4F87-44BC-804C-C20FC70D98BB}) (Version: 1.4.0.0 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Recovery Manager (x32 Version: 9.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{B2F0406F-1609-489A-8626-7DB46776AB57}) (Version: 1.0.5 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Java Auto Updater (x32 Version: 2.1.72.14 - Oracle, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.266 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.266 - LogMeIn, Inc.) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee Online Backup (Version: 1.16.4.0 - McAfee, Inc.) Hidden
McAfee Online Backup (x32 Version:  - McAfee, Inc.) Hidden
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 13.6.1367 - McAfee, Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 en-US)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29053 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.2 - IObit)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version:  - Ubisoft Singapore)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
USB Video Device (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10242 - Realtek Semiconductor Corp.)
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.20 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.2 - win.rar GmbH)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3682.26 MB
Available physical RAM: 2356.48 MB
Total Pagefile: 7394.26 MB
Available Pagefile: 5312.08 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.79 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:443.03 GB) (Free:379.59 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:21.96 GB) (Free:2.23 GB) NTFS

========================= Users: ========================================

User accounts for \\JOSHUA_COMPUTER

Administrator            Greg                     Guest                    
jespi_000                


**** End of log ****
 



#4 Jespinosa101

Jespinosa101
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 11 November 2014 - 11:24 AM

09:19:15.0691 0x1454  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
09:19:15.0691 0x1454  UEFI system
09:19:30.0714 0x1454  ============================================================
09:19:30.0714 0x1454  Current date / time: 2014/11/11 09:19:30.0714
09:19:30.0714 0x1454  SystemInfo:
09:19:30.0714 0x1454  
09:19:30.0714 0x1454  OS Version: 6.2.9200 ServicePack: 0.0
09:19:30.0714 0x1454  Product type: Workstation
09:19:30.0714 0x1454  ComputerName: JOSHUA_COMPUTER
09:19:30.0714 0x1454  UserName: jespi_000
09:19:30.0714 0x1454  Windows directory: C:\Windows
09:19:30.0714 0x1454  System windows directory: C:\Windows
09:19:30.0714 0x1454  Running under WOW64
09:19:30.0714 0x1454  Processor architecture: Intel x64
09:19:30.0714 0x1454  Number of processors: 2
09:19:30.0714 0x1454  Page size: 0x1000
09:19:30.0714 0x1454  Boot type: Normal boot
09:19:30.0714 0x1454  ============================================================
09:19:31.0604 0x1454  KLMD registered as C:\Windows\system32\drivers\98948987.sys
09:19:32.0321 0x1454  System UUID: {3B5C9F96-4EE1-63DD-A654-171A2514412E}
09:19:35.0192 0x1454  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:19:35.0207 0x1454  ============================================================
09:19:35.0207 0x1454  \Device\Harddisk0\DR0:
09:19:35.0207 0x1454  GPT partitions:
09:19:35.0207 0x1454  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5B0BBC25-830E-43BB-AA63-FD47E35EBBF9}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
09:19:35.0207 0x1454  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {16509862-90BA-4F23-A706-196A878737F0}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
09:19:35.0207 0x1454  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5B5F1912-507C-438A-A875-ECD631C774BE}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
09:19:35.0207 0x1454  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {04C4BE50-1F27-4730-A13D-FE2CD6306C71}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x37610800
09:19:35.0207 0x1454  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D1A0E2BB-FAE1-4A52-9A1B-52B15200986D}, Name: Basic data partition, StartLBA 0x3779B000, BlocksNum 0x2BEB000
09:19:35.0207 0x1454  MBR partitions:
09:19:35.0207 0x1454  ============================================================
09:19:35.0254 0x1454  C: <-> \Device\Harddisk0\DR0\Partition4
09:19:35.0301 0x1454  D: <-> \Device\Harddisk0\DR0\Partition5
09:19:35.0301 0x1454  ============================================================
09:19:35.0301 0x1454  Initialize success
09:19:35.0301 0x1454  ============================================================
09:19:45.0254 0x1428  ============================================================
09:19:45.0254 0x1428  Scan started
09:19:45.0254 0x1428  Mode: Manual;
09:19:45.0254 0x1428  ============================================================
09:19:45.0254 0x1428  KSN ping started
09:19:48.0109 0x1428  KSN ping finished: true
09:19:49.0091 0x1428  ================ Scan system memory ========================
09:19:49.0107 0x1428  System memory - ok
09:19:49.0107 0x1428  ================ Scan services =============================
09:19:49.0201 0x1428  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:19:49.0216 0x1428  !SASCORE - ok
09:19:49.0544 0x1428  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
09:19:49.0637 0x1428  1394ohci - ok
09:19:49.0669 0x1428  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
09:19:49.0747 0x1428  3ware - ok
09:19:49.0825 0x1428  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:19:49.0871 0x1428  ACPI - ok
09:19:49.0903 0x1428  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
09:19:49.0918 0x1428  acpiex - ok
09:19:49.0949 0x1428  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
09:19:50.0074 0x1428  acpipagr - ok
09:19:50.0105 0x1428  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
09:19:50.0246 0x1428  AcpiPmi - ok
09:19:50.0261 0x1428  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
09:19:50.0355 0x1428  acpitime - ok
09:19:50.0527 0x1428  [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:19:50.0558 0x1428  AdobeFlashPlayerUpdateSvc - ok
09:19:50.0620 0x1428  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:19:50.0714 0x1428  adp94xx - ok
09:19:50.0792 0x1428  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:19:50.0870 0x1428  adpahci - ok
09:19:50.0932 0x1428  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:19:51.0010 0x1428  adpu320 - ok
09:19:51.0275 0x1428  [ CAC04FF26BD3D6521BE79B5B4EB2E53A, 35E48845D5C2D638130B8BD4E953C709C81B0B3AE1C89372A01484D0CC8094A3 ] AdvancedSystemCareService7 C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
09:19:51.0353 0x1428  AdvancedSystemCareService7 - ok
09:19:51.0478 0x1428  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:19:51.0494 0x1428  AeLookupSvc - ok
09:19:51.0541 0x1428  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
09:19:51.0556 0x1428  AERTFilters - ok
09:19:51.0603 0x1428  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\Windows\system32\drivers\afd.sys
09:19:51.0650 0x1428  AFD - ok
09:19:51.0681 0x1428  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:19:51.0759 0x1428  agp440 - ok
09:19:51.0790 0x1428  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
09:19:51.0884 0x1428  ALG - ok
09:19:51.0915 0x1428  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
09:19:52.0009 0x1428  AllUserInstallAgent - ok
09:19:52.0071 0x1428  [ EC139C9EB060A1F01E34286AB5776A23, C9D3B3B492D6F7DF4DB12BB597244234BBDF6A31A3A5E69E591B4A056C93B717 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:19:52.0087 0x1428  AMD External Events Utility - ok
09:19:52.0118 0x1428  AMD FUEL Service - ok
09:19:52.0165 0x1428  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
09:19:52.0227 0x1428  AmdK8 - ok
09:19:53.0069 0x1428  [ 28C78619D346ED73212EE50FC0ADC9A5, EC6D322D17F621EA8371772EEBC0D36FBAB59BEF9E2A4CDD34A0D68119E73440 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
09:19:53.0865 0x1428  amdkmdag - ok
09:19:54.0021 0x1428  [ 81AB83C7AA11DF5F03EA7FFCADA17019, 77E95BFE85114A4D77D765B1E74A913C96BF9C006A400F7F1EF99D8D2165EB5D ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
09:19:54.0146 0x1428  amdkmdap - ok
09:19:54.0177 0x1428  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
09:19:54.0193 0x1428  AmdPPM - ok
09:19:54.0224 0x1428  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:19:54.0286 0x1428  amdsata - ok
09:19:54.0333 0x1428  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:19:54.0395 0x1428  amdsbs - ok
09:19:54.0427 0x1428  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:19:54.0489 0x1428  amdxata - ok
09:19:54.0536 0x1428  [ C34265B45F8425D3401DA986CC6A1D2C, 9EB0CAADD5EB0C031B58F836B0FE5DD64B9320DCE462120C83F1A77D6B100E47 ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
09:19:54.0536 0x1428  amd_sata - ok
09:19:54.0551 0x1428  [ DFD313793E08048D5F6CAEB9086A5673, AF919FE15F1FE908689C75ECD8059ADA26431E37ABEE3BCA77F673674B305152 ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
09:19:54.0567 0x1428  amd_xata - ok
09:19:54.0629 0x1428  [ 823F34D1DEF120A657BB7529ABF4461F, C56D6614F6B3DA13DF7F6AC6B70ACA39D1DB146F7324CF96029CA038C3063DB3 ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
09:19:54.0645 0x1428  AppHostSvc - ok
09:19:54.0661 0x1428  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
09:19:54.0739 0x1428  AppID - ok
09:19:54.0770 0x1428  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:19:54.0848 0x1428  AppIDSvc - ok
09:19:54.0895 0x1428  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll
09:19:54.0910 0x1428  Appinfo - ok
09:19:54.0988 0x1428  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:19:55.0004 0x1428  Apple Mobile Device - ok
09:19:55.0066 0x1428  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
09:19:55.0129 0x1428  arc - ok
09:19:55.0175 0x1428  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:19:55.0238 0x1428  arcsas - ok
09:19:55.0363 0x1428  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:19:55.0409 0x1428  aspnet_state - ok
09:19:55.0456 0x1428  [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
09:19:55.0456 0x1428  aswHwid - ok
09:19:55.0503 0x1428  [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
09:19:55.0503 0x1428  aswMonFlt - ok
09:19:55.0534 0x1428  [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
09:19:55.0534 0x1428  aswRdr - ok
09:19:55.0565 0x1428  [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
09:19:55.0565 0x1428  aswRvrt - ok
09:19:55.0690 0x1428  [ 655D6F1B8722091427FB18663A546E2C, 92074D308C9CF1752C49CAA47ED16FB327366174A1AFBE2CAEBFD23021EC830C ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
09:19:55.0768 0x1428  aswSnx - ok
09:19:55.0815 0x1428  [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
09:19:55.0846 0x1428  aswSP - ok
09:19:55.0878 0x1428  [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm          C:\Windows\system32\drivers\aswStm.sys
09:19:55.0893 0x1428  aswStm - ok
09:19:55.0924 0x1428  [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
09:19:55.0955 0x1428  aswVmm - ok
09:19:55.0971 0x1428  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:19:56.0049 0x1428  AsyncMac - ok
09:19:56.0065 0x1428  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:19:56.0127 0x1428  atapi - ok
09:19:56.0408 0x1428  [ A34167BD20D771B8E68F2C41CC85168C, 33E5ACA0D853918E1DE2B9544A6B0B616C09CA92013B1D99C7F48655B1DDB4A9 ] athr            C:\Windows\system32\DRIVERS\athw8x.sys
09:19:56.0657 0x1428  athr - ok
09:19:56.0735 0x1428  [ DFCCB0FE19E8EB2B7122D9195AC67EE1, 50F2A607B2E4ADB1C00DC575BDBE1368D4BACE55CBC5F2AAF760EB717D016AB1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW86.sys
09:19:56.0751 0x1428  AtiHDAudioService - ok
09:19:56.0798 0x1428  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
09:19:56.0813 0x1428  AudioEndpointBuilder - ok
09:19:56.0907 0x1428  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:19:56.0954 0x1428  Audiosrv - ok
09:19:57.0063 0x1428  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:19:57.0063 0x1428  avast! Antivirus - ok
09:19:57.0094 0x1428  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:19:57.0172 0x1428  AxInstSV - ok
09:19:57.0250 0x1428  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:19:57.0344 0x1428  b06bdrv - ok
09:19:57.0375 0x1428  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
09:19:57.0391 0x1428  BasicDisplay - ok
09:19:57.0422 0x1428  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
09:19:57.0422 0x1428  BasicRender - ok
09:19:57.0469 0x1428  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
09:19:57.0562 0x1428  BDESVC - ok
09:19:57.0593 0x1428  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
09:19:57.0593 0x1428  Beep - ok
09:19:57.0671 0x1428  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\Windows\System32\bfe.dll
09:19:57.0718 0x1428  BFE - ok
09:19:57.0796 0x1428  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\system32\qmgr.dll
09:19:57.0859 0x1428  BITS - ok
09:19:57.0921 0x1428  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:19:57.0952 0x1428  Bonjour Service - ok
09:19:57.0983 0x1428  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:19:57.0999 0x1428  bowser - ok
09:19:58.0030 0x1428  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
09:19:58.0061 0x1428  BrokerInfrastructure - ok
09:19:58.0093 0x1428  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
09:19:58.0124 0x1428  Browser - ok
09:19:58.0171 0x1428  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
09:19:58.0249 0x1428  BthAvrcpTg - ok
09:19:58.0280 0x1428  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
09:19:58.0389 0x1428  BthHFEnum - ok
09:19:58.0405 0x1428  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
09:19:58.0498 0x1428  bthhfhid - ok
09:19:58.0529 0x1428  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
09:19:58.0639 0x1428  BTHMODEM - ok
09:19:58.0686 0x1428  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
09:19:58.0763 0x1428  bthserv - ok
09:19:58.0763 0x1428  catchme - ok
09:19:58.0795 0x1428  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:19:58.0810 0x1428  cdfs - ok
09:19:58.0857 0x1428  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
09:19:58.0857 0x1428  cdrom - ok
09:19:58.0904 0x1428  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:19:58.0982 0x1428  CertPropSvc - ok
09:19:59.0029 0x1428  [ 3B6316004C773CFAD5E6C38EC5DDDBD4, 7F8A68A6267E0C8EC11F84A1034F71991DBD78BB1C7440B6D4AE025EFBCBB534 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
09:19:59.0044 0x1428  cfwids - ok
09:19:59.0076 0x1428  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
09:19:59.0169 0x1428  circlass - ok
09:19:59.0200 0x1428  cleanhlp - ok
09:19:59.0247 0x1428  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
09:19:59.0310 0x1428  CLFS - ok
09:19:59.0512 0x1428  [ 871EEE78F98D6E31C80FD39433A8FE2F, 67602F597FADA1E7102BC373287A4A78339E057D37FCEAD0B2502F70450EC7CE ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
09:19:59.0637 0x1428  ClickToRunSvc - ok
09:19:59.0731 0x1428  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
09:19:59.0731 0x1428  CLVirtualDrive - ok
09:19:59.0777 0x1428  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
09:19:59.0777 0x1428  CmBatt - ok
09:19:59.0856 0x1428  [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG             C:\Windows\system32\Drivers\cng.sys
09:19:59.0887 0x1428  CNG - ok
09:19:59.0934 0x1428  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
09:19:59.0934 0x1428  CompositeBus - ok
09:19:59.0949 0x1428  COMSysApp - ok
09:19:59.0980 0x1428  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
09:19:59.0980 0x1428  condrv - ok
09:20:00.0058 0x1428  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:20:00.0074 0x1428  CryptSvc - ok
09:20:00.0121 0x1428  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\Windows\system32\drivers\dam.sys
09:20:00.0136 0x1428  dam - ok
09:20:00.0230 0x1428  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:20:00.0292 0x1428  DcomLaunch - ok
09:20:00.0355 0x1428  [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc       C:\Windows\System32\defragsvc.dll
09:20:00.0386 0x1428  defragsvc - ok
09:20:00.0448 0x1428  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
09:20:00.0464 0x1428  DeviceAssociationService - ok
09:20:00.0511 0x1428  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
09:20:00.0542 0x1428  DeviceInstall - ok
09:20:00.0573 0x1428  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
09:20:00.0589 0x1428  Dfsc - ok
09:20:00.0651 0x1428  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:20:00.0713 0x1428  Dhcp - ok
09:20:00.0760 0x1428  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
09:20:00.0760 0x1428  discache - ok
09:20:00.0854 0x1428  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\Windows\system32\drivers\disk.sys
09:20:00.0869 0x1428  disk - ok
09:20:00.0885 0x1428  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
09:20:01.0010 0x1428  dmvsc - ok
09:20:01.0041 0x1428  [ A2C6DACDE258D0835DA4B5075225272C, 6AD668A1992642BA8EF1B24B9AAA4BBA32E7ACDF14FA7B4410A14F7272505EF4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:20:01.0072 0x1428  Dnscache - ok
09:20:01.0119 0x1428  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
09:20:01.0213 0x1428  dot3svc - ok
09:20:01.0244 0x1428  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
09:20:01.0275 0x1428  DPS - ok
09:20:01.0291 0x1428  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:20:01.0369 0x1428  drmkaud - ok
09:20:01.0416 0x1428  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
09:20:01.0509 0x1428  DsmSvc - ok
09:20:01.0618 0x1428  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:20:01.0728 0x1428  DXGKrnl - ok
09:20:01.0774 0x1428  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
09:20:01.0852 0x1428  Eaphost - ok
09:20:02.0118 0x1428  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:20:02.0445 0x1428  ebdrv - ok
09:20:02.0492 0x1428  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\Windows\System32\lsass.exe
09:20:02.0508 0x1428  EFS - ok
09:20:02.0539 0x1428  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
09:20:02.0554 0x1428  EhStorClass - ok
09:20:02.0570 0x1428  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
09:20:02.0632 0x1428  EhStorTcgDrv - ok
09:20:02.0664 0x1428  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
09:20:02.0726 0x1428  ErrDev - ok
09:20:02.0820 0x1428  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
09:20:02.0866 0x1428  EventSystem - ok
09:20:02.0898 0x1428  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
09:20:02.0991 0x1428  exfat - ok
09:20:03.0038 0x1428  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:20:03.0054 0x1428  fastfat - ok
09:20:03.0116 0x1428  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
09:20:03.0350 0x1428  Fax - ok
09:20:03.0397 0x1428  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
09:20:03.0475 0x1428  fdc - ok
09:20:03.0490 0x1428  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:20:03.0568 0x1428  fdPHost - ok
09:20:03.0600 0x1428  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:20:03.0678 0x1428  FDResPub - ok
09:20:03.0724 0x1428  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
09:20:03.0802 0x1428  fhsvc - ok
09:20:03.0849 0x1428  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:20:03.0865 0x1428  FileInfo - ok
09:20:03.0880 0x1428  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:20:03.0958 0x1428  Filetrace - ok
09:20:03.0990 0x1428  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
09:20:04.0068 0x1428  flpydisk - ok
09:20:04.0114 0x1428  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:20:04.0146 0x1428  FltMgr - ok
09:20:04.0270 0x1428  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll
09:20:04.0364 0x1428  FontCache - ok
09:20:04.0442 0x1428  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:20:04.0489 0x1428  FontCache3.0.0.0 - ok
09:20:04.0520 0x1428  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:20:04.0582 0x1428  FsDepends - ok
09:20:04.0614 0x1428  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:20:04.0629 0x1428  Fs_Rec - ok
09:20:04.0676 0x1428  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:20:04.0707 0x1428  fvevol - ok
09:20:04.0738 0x1428  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
09:20:04.0816 0x1428  FxPPM - ok
09:20:04.0848 0x1428  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:20:04.0894 0x1428  gagp30kx - ok
09:20:04.0957 0x1428  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:20:05.0050 0x1428  GamesAppService - ok
09:20:05.0097 0x1428  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:20:05.0097 0x1428  GEARAspiWDM - ok
09:20:05.0144 0x1428  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
09:20:05.0206 0x1428  gencounter - ok
09:20:05.0238 0x1428  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
09:20:05.0316 0x1428  GPIOClx0101 - ok
09:20:05.0425 0x1428  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:20:05.0534 0x1428  gpsvc - ok
09:20:05.0581 0x1428  [ 186AD2DF9B3323DF4637A5EA65B6F49A, C081755F389A5FEDE9F82320CCF63697B0D732F7E2A621ABF1D0D2563214E40F ] Hamachi         C:\Windows\system32\DRIVERS\Hamdrv.sys
09:20:05.0596 0x1428  Hamachi - ok
09:20:05.0815 0x1428  [ 72BE101788DD12A08ABF63AF801BE3B7, 9AFE6AB040C239E26B820520470DEDA449F47AAC70C295DC69F90BF8A2CBA69A ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
09:20:05.0986 0x1428  Hamachi2Svc - ok
09:20:06.0064 0x1428  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:20:06.0158 0x1428  HdAudAddService - ok
09:20:06.0189 0x1428  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
09:20:06.0189 0x1428  HDAudBus - ok
09:20:06.0220 0x1428  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
09:20:06.0298 0x1428  HidBatt - ok
09:20:06.0330 0x1428  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
09:20:06.0408 0x1428  HidBth - ok
09:20:06.0454 0x1428  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
09:20:06.0532 0x1428  hidi2c - ok
09:20:06.0564 0x1428  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
09:20:06.0673 0x1428  HidIr - ok
09:20:06.0704 0x1428  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\System32\hidserv.dll
09:20:06.0766 0x1428  hidserv - ok
09:20:06.0798 0x1428  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
09:20:06.0798 0x1428  HidUsb - ok
09:20:06.0860 0x1428  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
09:20:06.0922 0x1428  HipShieldK - ok
09:20:06.0985 0x1428  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:20:07.0078 0x1428  hkmsvc - ok
09:20:07.0156 0x1428  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:20:07.0234 0x1428  HomeGroupListener - ok
09:20:07.0312 0x1428  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:20:07.0344 0x1428  HomeGroupProvider - ok
09:20:07.0468 0x1428  [ 06212FD50D92ACAEE7E6DF38549215BE, 66A889DAD26F0C26F63FD960BE86A941CFD797359B29AFD90CCFEEF7F7C7F17A ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:20:07.0500 0x1428  HomeNetSvc - ok
09:20:07.0593 0x1428  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
09:20:07.0593 0x1428  HP Support Assistant Service - ok
09:20:07.0687 0x1428  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
09:20:07.0812 0x1428  hpqwmiex - ok
09:20:07.0858 0x1428  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:20:07.0921 0x1428  HpSAMD - ok
09:20:08.0014 0x1428  [ A76C371A65AF0CA1E7F9D85A5722E643, C76ABB51A80213B7363C02AC5561641E2A24477546316BF448750D256977A3BF ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
09:20:08.0077 0x1428  HPWMISVC - ok
09:20:08.0170 0x1428  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:20:08.0233 0x1428  HTTP - ok
09:20:08.0248 0x1428  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:20:08.0264 0x1428  hwpolicy - ok
09:20:08.0280 0x1428  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
09:20:08.0342 0x1428  hyperkbd - ok
09:20:08.0358 0x1428  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
09:20:08.0514 0x1428  HyperVideo - ok
09:20:08.0529 0x1428  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
09:20:08.0545 0x1428  i8042prt - ok
09:20:08.0623 0x1428  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
09:20:08.0716 0x1428  iaStorA - ok
09:20:08.0779 0x1428  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:20:08.0872 0x1428  iaStorV - ok
09:20:09.0075 0x1428  [ DEA2F976E7327716AA0038EBF550003A, 5EA4666874F1D03879EA95F28228AC9EA3D7DF0F2E199EEE9B5BC6C81CA290B3 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
09:20:09.0231 0x1428  IconMan_R - ok
09:20:09.0933 0x1428  [ 83915E05E168AB63B48302F7DC5D8E00, CD7300A5FFD5A8CE47690CDC1223F4693C536D5667F842CA457CC8716AA3F618 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:20:10.0729 0x1428  igfx - ok
09:20:10.0854 0x1428  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:20:10.0916 0x1428  iirsp - ok
09:20:11.0010 0x1428  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:20:11.0103 0x1428  IKEEXT - ok
09:20:11.0400 0x1428  [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:20:11.0649 0x1428  IntcAzAudAddService - ok
09:20:11.0696 0x1428  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:20:11.0743 0x1428  intelide - ok
09:20:11.0790 0x1428  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
09:20:11.0868 0x1428  intelppm - ok
09:20:11.0899 0x1428  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:20:11.0977 0x1428  IpFilterDriver - ok
09:20:12.0070 0x1428  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:20:12.0195 0x1428  iphlpsvc - ok
09:20:12.0242 0x1428  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
09:20:12.0320 0x1428  IPMIDRV - ok
09:20:12.0351 0x1428  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:20:12.0460 0x1428  IPNAT - ok
09:20:12.0538 0x1428  [ 835FC2EA0631B734BB06C12B0665F01D, B8A8B0148C6C3AFC40835B44E3D6508CB9EEE8AC430A7904711C8B51C2116A8D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:20:12.0632 0x1428  iPod Service - ok
09:20:12.0663 0x1428  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:20:12.0726 0x1428  IRENUM - ok
09:20:12.0741 0x1428  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:20:12.0804 0x1428  isapnp - ok
09:20:12.0866 0x1428  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
09:20:12.0944 0x1428  iScsiPrt - ok
09:20:12.0960 0x1428  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
09:20:12.0975 0x1428  kbdclass - ok
09:20:13.0007 0x1428  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
09:20:13.0053 0x1428  kbdhid - ok
09:20:13.0084 0x1428  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
09:20:13.0100 0x1428  kdnic - ok
09:20:13.0116 0x1428  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\Windows\system32\lsass.exe
09:20:13.0131 0x1428  KeyIso - ok
09:20:13.0178 0x1428  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:20:13.0194 0x1428  KSecDD - ok
09:20:13.0225 0x1428  [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:20:13.0240 0x1428  KSecPkg - ok
09:20:13.0272 0x1428  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:20:13.0272 0x1428  ksthunk - ok
09:20:13.0334 0x1428  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:20:13.0428 0x1428  KtmRm - ok
09:20:13.0506 0x1428  [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer    C:\Windows\System32\srvsvc.dll
09:20:13.0537 0x1428  LanmanServer - ok
09:20:13.0599 0x1428  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:20:13.0615 0x1428  LanmanWorkstation - ok
09:20:13.0833 0x1428  [ D69FDDADA5CF0097966C4F52C2E6FEBA, 35FA7E4658AFCCE293F31E66B695D45D31A0ADF4C837DA1C801F7577B73754AC ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
09:20:13.0942 0x1428  LiveUpdateSvc - ok
09:20:13.0989 0x1428  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:20:13.0989 0x1428  lltdio - ok
09:20:14.0036 0x1428  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:20:14.0145 0x1428  lltdsvc - ok
09:20:14.0177 0x1428  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:20:14.0192 0x1428  lmhosts - ok
09:20:14.0239 0x1428  [ 687DBC3FCBB7C60192EF048066336F5C, 335E80F3B8F4A313840AB61D64A9C2E17C712A0DF38FE00DC252E3483AC03DA8 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
09:20:14.0270 0x1428  LMIGuardianSvc - ok
09:20:14.0317 0x1428  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:20:14.0379 0x1428  LSI_SAS - ok
09:20:14.0410 0x1428  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:20:14.0473 0x1428  LSI_SAS2 - ok
09:20:14.0488 0x1428  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:20:14.0551 0x1428  LSI_SCSI - ok
09:20:14.0566 0x1428  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
09:20:14.0629 0x1428  LSI_SSS - ok
09:20:14.0691 0x1428  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\Windows\System32\lsm.dll
09:20:14.0738 0x1428  LSM - ok
09:20:14.0769 0x1428  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:20:14.0785 0x1428  luafv - ok
09:20:14.0878 0x1428  [ 51700D4BD678B2B13167CB0BB4477F4C, 44BCF7BFE2F78AB2B62BEFF08133922A678A8491B8213EF27B94757D1BB56ACC ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
09:20:14.0910 0x1428  McAPExe - ok
09:20:14.0956 0x1428  [ 06212FD50D92ACAEE7E6DF38549215BE, 66A889DAD26F0C26F63FD960BE86A941CFD797359B29AFD90CCFEEF7F7C7F17A ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:20:14.0988 0x1428  McMPFSvc - ok
09:20:15.0019 0x1428  [ 06212FD50D92ACAEE7E6DF38549215BE, 66A889DAD26F0C26F63FD960BE86A941CFD797359B29AFD90CCFEEF7F7C7F17A ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:20:15.0050 0x1428  McNaiAnn - ok
09:20:15.0206 0x1428  [ 015A9542ACB72131899E114CB8124681, 8944A195DCA9FAF82E9AAB336DFEB54186465AC8A0A28857BB643422D2AD335F ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
09:20:15.0237 0x1428  McODS - ok
09:20:15.0268 0x1428  [ 06212FD50D92ACAEE7E6DF38549215BE, 66A889DAD26F0C26F63FD960BE86A941CFD797359B29AFD90CCFEEF7F7C7F17A ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:20:15.0300 0x1428  mcpltsvc - ok
09:20:15.0331 0x1428  [ 06212FD50D92ACAEE7E6DF38549215BE, 66A889DAD26F0C26F63FD960BE86A941CFD797359B29AFD90CCFEEF7F7C7F17A ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:20:15.0347 0x1428  McProxy - ok
09:20:15.0393 0x1428  [ 3DA891A743F714CA07CA769AE6441424, C7C731333D4E9C012EA383D4B4B8B5D2475132ED7A72913E66E897BFC7DB3A88 ] McPvDrv         C:\Windows\system32\drivers\McPvDrv.sys
09:20:15.0409 0x1428  McPvDrv - ok
09:20:15.0456 0x1428  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:20:15.0502 0x1428  megasas - ok
09:20:15.0549 0x1428  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:20:15.0627 0x1428  MegaSR - ok
09:20:15.0674 0x1428  [ 1A0C96A38A888838DF9523C973E3FE87, 9C41EDBFA21DF2684EED81AD56FC440AED002FB5C760DECFF1A454835273637B ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
09:20:15.0690 0x1428  mfeapfk - ok
09:20:15.0768 0x1428  [ 3EAF75ED747B2D60ABA4E45107D96E80, DC8141AAE425417F64D5070D573A0BDA40CF4FBDE041240FB331B2DDF0F8A361 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
09:20:15.0783 0x1428  mfeavfk - ok
09:20:15.0908 0x1428  [ 30B435B504063DF0586128CE617D760F, DE61E8D0E92500341BBE456F1C98211563335563AF5422C3389C07AE3FE88B46 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
09:20:15.0970 0x1428  mfecore - ok
09:20:16.0017 0x1428  [ B330B4A4F5E41462AB334A26897856BD, 2ECD4B2F1DF54EFF8FF8EA0FC4529ECD18F70BD14CE8C8680F08D9AE3950575F ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
09:20:16.0017 0x1428  mfeelamk - ok
09:20:16.0095 0x1428  [ 12279E1080026A15D272AE6AAB97FBC7, A52F2D9B7CECA6D1CF28B72F5766F001F1480F08C7ACDC32BC7F9057FBBF9277 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:20:16.0111 0x1428  mfefire - ok
09:20:16.0173 0x1428  [ 07CFCE5D75C27474E20DE8715794F229, C20F36B242DB592D2FE1EB43EA339514969BAB9561D76FAC7CA6204F6AFCB8B8 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
09:20:16.0204 0x1428  mfefirek - ok
09:20:16.0298 0x1428  [ 29D0483A9EBB01DB2036A52E3BF23D6B, D4D6FDE489E937634BEA2C2F5DF65C560E5160AD9EA85088A59AE88FD9C06B2E ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
09:20:16.0392 0x1428  mfehidk - ok
09:20:16.0470 0x1428  [ 7E0CB59045BEB5976B32C3541DB0BFBB, 8D9B760772D885611DAD5AB4C82705FC8608B8C7F2BC30A19883506A81A804B1 ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
09:20:16.0501 0x1428  mfencbdc - ok
09:20:16.0532 0x1428  [ 4B34DFBC138C5C8FAC6F814575E41376, 584F76A0EA8ADAC415D118796E7B08969ABE717CB0FCC2D3B505BF86450D4E40 ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
09:20:16.0594 0x1428  mfencrk - ok
09:20:16.0672 0x1428  [ 9A642F163F1FB12DE395A6010A9AD687, A86E092417C0C40E6FB9F6206D82391CEE4495FFA6F8A442BE50D349ACBA44B9 ] mfevtp          C:\Windows\system32\mfevtps.exe
09:20:16.0688 0x1428  mfevtp - ok
09:20:16.0750 0x1428  [ 1134C87CC1184F5B88F0C7002ACFDC99, 9029E15BF5186258CACF7D46F0E182949E93B78B3F17ED680FE8ECF12EFFF646 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
09:20:16.0782 0x1428  mfewfpk - ok
09:20:16.0828 0x1428  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll
09:20:16.0844 0x1428  MMCSS - ok
09:20:16.0891 0x1428  [ 8CC001C65C31633171991FA72A551D43, F256EED72C712C2B5C1DB6DE31DA52609EC0E47EB869E7BC0B70B286593A96DB ] MOBKbackup      C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
09:20:16.0906 0x1428  MOBKbackup - ok
09:20:16.0953 0x1428  [ 3800C23D0D90C59AAFCDEFDC82B5C4AF, D949CACB9EF881194B06A961071938F57F3AD57EBB5440B6E7F0B340757641BD ] MOBKFilter      C:\Windows\system32\DRIVERS\MOBK.sys
09:20:16.0953 0x1428  MOBKFilter - ok
09:20:16.0984 0x1428  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
09:20:17.0063 0x1428  Modem - ok
09:20:17.0094 0x1428  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys
09:20:17.0094 0x1428  monitor - ok
09:20:17.0141 0x1428  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
09:20:17.0141 0x1428  mouclass - ok
09:20:17.0172 0x1428  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
09:20:17.0172 0x1428  mouhid - ok
09:20:17.0218 0x1428  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:20:17.0218 0x1428  mountmgr - ok
09:20:17.0265 0x1428  [ 28048289E32294004A86935CC40A3252, D397C3BAD6BCDA33FA0982E10677598E8BDF69A0933D19A36873CB45BA4FB819 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:20:17.0328 0x1428  MozillaMaintenance - ok
09:20:17.0359 0x1428  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:20:17.0374 0x1428  mpsdrv - ok
09:20:17.0453 0x1428  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:20:17.0531 0x1428  MpsSvc - ok
09:20:17.0562 0x1428  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:20:17.0640 0x1428  MRxDAV - ok
09:20:17.0702 0x1428  [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:20:17.0733 0x1428  mrxsmb - ok
09:20:17.0780 0x1428  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:20:17.0811 0x1428  mrxsmb10 - ok
09:20:17.0843 0x1428  [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:20:17.0858 0x1428  mrxsmb20 - ok
09:20:17.0889 0x1428  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
09:20:17.0983 0x1428  MsBridge - ok
09:20:18.0045 0x1428  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
09:20:18.0123 0x1428  MSDTC - ok
09:20:18.0186 0x1428  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:20:18.0186 0x1428  Msfs - ok
09:20:18.0233 0x1428  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
09:20:18.0279 0x1428  msgpiowin32 - ok
09:20:18.0311 0x1428  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:20:18.0373 0x1428  mshidkmdf - ok
09:20:18.0389 0x1428  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
09:20:18.0451 0x1428  mshidumdf - ok
09:20:18.0482 0x1428  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:20:18.0482 0x1428  msisadrv - ok
09:20:18.0529 0x1428  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:20:18.0607 0x1428  MSiSCSI - ok
09:20:18.0623 0x1428  msiserver - ok
09:20:18.0669 0x1428  [ 06212FD50D92ACAEE7E6DF38549215BE, 66A889DAD26F0C26F63FD960BE86A941CFD797359B29AFD90CCFEEF7F7C7F17A ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:20:18.0685 0x1428  MSK80Service - ok
09:20:18.0716 0x1428  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:20:18.0779 0x1428  MSKSSRV - ok
09:20:18.0810 0x1428  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
09:20:18.0872 0x1428  MsLldp - ok
09:20:18.0872 0x1428  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:20:18.0966 0x1428  MSPCLOCK - ok
09:20:18.0981 0x1428  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:20:19.0044 0x1428  MSPQM - ok
09:20:19.0106 0x1428  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:20:19.0122 0x1428  MsRPC - ok
09:20:19.0168 0x1428  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
09:20:19.0168 0x1428  mssmbios - ok
09:20:19.0184 0x1428  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:20:19.0262 0x1428  MSTEE - ok
09:20:19.0293 0x1428  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
09:20:19.0371 0x1428  MTConfig - ok
09:20:19.0403 0x1428  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
09:20:19.0403 0x1428  Mup - ok
09:20:19.0449 0x1428  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
09:20:19.0512 0x1428  mvumis - ok
09:20:19.0574 0x1428  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
09:20:19.0621 0x1428  napagent - ok
09:20:19.0683 0x1428  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:20:19.0715 0x1428  NativeWifiP - ok
09:20:19.0761 0x1428  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
09:20:19.0839 0x1428  NcaSvc - ok
09:20:19.0871 0x1428  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
09:20:19.0949 0x1428  NcdAutoSetup - ok
09:20:20.0042 0x1428  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:20:20.0105 0x1428  NDIS - ok
09:20:20.0151 0x1428  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:20:20.0245 0x1428  NdisCap - ok
09:20:20.0292 0x1428  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
09:20:20.0370 0x1428  NdisImPlatform - ok
09:20:20.0401 0x1428  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:20:20.0401 0x1428  NdisTapi - ok
09:20:20.0432 0x1428  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:20:20.0448 0x1428  Ndisuio - ok
09:20:20.0479 0x1428  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:20:20.0479 0x1428  NdisWan - ok
09:20:20.0510 0x1428  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
09:20:20.0526 0x1428  NDISWANLEGACY - ok
09:20:20.0573 0x1428  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:20:20.0573 0x1428  NDProxy - ok
09:20:20.0604 0x1428  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
09:20:20.0619 0x1428  Ndu - ok
09:20:20.0635 0x1428  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:20:20.0651 0x1428  NetBIOS - ok
09:20:20.0682 0x1428  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:20:20.0713 0x1428  NetBT - ok
09:20:20.0744 0x1428  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\Windows\system32\lsass.exe
09:20:20.0760 0x1428  Netlogon - ok
09:20:20.0822 0x1428  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
09:20:20.0853 0x1428  Netman - ok
09:20:20.0931 0x1428  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
09:20:20.0963 0x1428  netprofm - ok
09:20:21.0041 0x1428  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:20:21.0119 0x1428  NetTcpPortSharing - ok
09:20:21.0165 0x1428  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:20:21.0228 0x1428  nfrd960 - ok
09:20:21.0275 0x1428  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:20:21.0306 0x1428  NlaSvc - ok
09:20:21.0337 0x1428  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:20:21.0337 0x1428  Npfs - ok
09:20:21.0368 0x1428  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
09:20:21.0368 0x1428  npsvctrig - ok
09:20:21.0415 0x1428  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
09:20:21.0431 0x1428  nsi - ok
09:20:21.0446 0x1428  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:20:21.0446 0x1428  nsiproxy - ok
09:20:21.0618 0x1428  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:20:21.0743 0x1428  Ntfs - ok
09:20:21.0774 0x1428  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
09:20:21.0789 0x1428  Null - ok
09:20:21.0821 0x1428  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:20:21.0883 0x1428  nvraid - ok
09:20:21.0930 0x1428  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:20:21.0992 0x1428  nvstor - ok
09:20:22.0023 0x1428  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:20:22.0086 0x1428  nv_agp - ok
09:20:22.0164 0x1428  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:20:22.0226 0x1428  ose - ok
09:20:22.0289 0x1428  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:20:22.0398 0x1428  p2pimsvc - ok
09:20:22.0445 0x1428  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:20:22.0554 0x1428  p2psvc - ok
09:20:22.0585 0x1428  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
09:20:22.0647 0x1428  Parport - ok
09:20:22.0694 0x1428  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:20:22.0710 0x1428  partmgr - ok
09:20:22.0772 0x1428  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:20:22.0803 0x1428  PcaSvc - ok
09:20:22.0850 0x1428  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
09:20:22.0881 0x1428  pci - ok
09:20:22.0897 0x1428  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
09:20:22.0959 0x1428  pciide - ok
09:20:22.0991 0x1428  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:20:23.0069 0x1428  pcmcia - ok
09:20:23.0100 0x1428  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
09:20:23.0100 0x1428  pcw - ok
09:20:23.0147 0x1428  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys
09:20:23.0162 0x1428  pdc - ok
09:20:23.0256 0x1428  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:20:23.0303 0x1428  PEAUTH - ok
09:20:23.0427 0x1428  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:20:23.0505 0x1428  PerfHost - ok
09:20:23.0646 0x1428  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
09:20:23.0833 0x1428  pla - ok
09:20:23.0880 0x1428  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:20:23.0895 0x1428  PlugPlay - ok
09:20:23.0927 0x1428  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:20:23.0989 0x1428  PNRPAutoReg - ok
09:20:24.0036 0x1428  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:20:24.0067 0x1428  PNRPsvc - ok
09:20:24.0114 0x1428  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:20:24.0145 0x1428  PolicyAgent - ok
09:20:24.0207 0x1428  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll
09:20:24.0223 0x1428  Power - ok
09:20:24.0270 0x1428  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:20:24.0285 0x1428  PptpMiniport - ok
09:20:24.0535 0x1428  [ EE553F62E81D7F7F3718DB960A1EF2C0, 84A8C79B4F51D606F567A038280007F278D57BE06AB0F060E4D43AC1347AB459 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
09:20:24.0800 0x1428  PrintNotify - ok
09:20:24.0863 0x1428  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys
09:20:24.0925 0x1428  Processor - ok
09:20:24.0972 0x1428  [ 7319B31138CF508E0C4502946657A4B4, 03C57F90F673012B983720D1477822AABA6D6D54F700AB2248CAED6451B37CA3 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:20:25.0003 0x1428  ProfSvc - ok
09:20:25.0034 0x1428  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:20:25.0034 0x1428  Psched - ok
09:20:25.0097 0x1428  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
09:20:25.0190 0x1428  QWAVE - ok
09:20:25.0222 0x1428  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:20:25.0284 0x1428  QWAVEdrv - ok
09:20:25.0315 0x1428  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:20:25.0393 0x1428  RasAcd - ok
09:20:25.0440 0x1428  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:20:25.0455 0x1428  RasAgileVpn - ok
09:20:25.0487 0x1428  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
09:20:25.0580 0x1428  RasAuto - ok
09:20:25.0611 0x1428  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:20:25.0627 0x1428  Rasl2tp - ok
09:20:25.0674 0x1428  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
09:20:25.0705 0x1428  RasMan - ok
09:20:25.0721 0x1428  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:20:25.0736 0x1428  RasPppoe - ok
09:20:25.0783 0x1428  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:20:25.0799 0x1428  RasSstp - ok
09:20:25.0861 0x1428  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:20:25.0892 0x1428  rdbss - ok
09:20:25.0939 0x1428  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
09:20:25.0955 0x1428  rdpbus - ok
09:20:25.0986 0x1428  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:20:26.0064 0x1428  RDPDR - ok
09:20:26.0126 0x1428  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:20:26.0189 0x1428  RdpVideoMiniport - ok
09:20:26.0220 0x1428  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:20:26.0298 0x1428  RDPWD - ok
09:20:26.0345 0x1428  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:20:26.0360 0x1428  rdyboost - ok
09:20:26.0423 0x1428  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:20:26.0516 0x1428  RemoteAccess - ok
09:20:26.0547 0x1428  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:20:26.0641 0x1428  RemoteRegistry - ok
09:20:26.0688 0x1428  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:20:26.0703 0x1428  RpcEptMapper - ok
09:20:26.0735 0x1428  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
09:20:26.0797 0x1428  RpcLocator - ok
09:20:26.0875 0x1428  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
09:20:26.0937 0x1428  RpcSs - ok
09:20:26.0984 0x1428  [ 3A5E99CDC013A1A132461454406C6916, 775E2217FB31C49724ADF3CED38E978D89D7711D5C85988A3ACD55168B09EC37 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
09:20:27.0000 0x1428  RSP2STOR - ok
09:20:27.0047 0x1428  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:20:27.0062 0x1428  rspndr - ok
09:20:27.0140 0x1428  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
09:20:27.0171 0x1428  RtkAudioService - ok
09:20:27.0267 0x1428  [ 28BEF2E6CCB3BA4AB67B832FF6F82BF6, DBC02CE0BC044166DD3F79977AC61C4FA2509114665AFF038C89576E6C0CC4E7 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
09:20:27.0314 0x1428  RTL8168 - ok
09:20:27.0922 0x1428  [ FB25B6BB17CE0D877CDEADF7EC71C147, 94434C32639596BAE1B54FC36FBB577A7F53EA9B767558814C5EDEA81DFFF6A8 ] rtsuvc          C:\Windows\system32\DRIVERS\rtsuvc.sys
09:20:28.0484 0x1428  rtsuvc - ok
09:20:28.0624 0x1428  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
09:20:28.0687 0x1428  s3cap - ok
09:20:28.0734 0x1428  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\Windows\system32\lsass.exe
09:20:28.0749 0x1428  SamSs - ok
09:20:28.0796 0x1428  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
09:20:28.0796 0x1428  SASDIFSV - ok
09:20:28.0811 0x1428  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
09:20:28.0827 0x1428  SASKUTIL - ok
09:20:28.0858 0x1428  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:20:28.0921 0x1428  sbp2port - ok
09:20:29.0014 0x1428  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:20:29.0123 0x1428  SCardSvr - ok
09:20:29.0155 0x1428  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:20:29.0248 0x1428  scfilter - ok
09:20:29.0373 0x1428  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\Windows\system32\schedsvc.dll
09:20:29.0467 0x1428  Schedule - ok
09:20:29.0529 0x1428  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:20:29.0545 0x1428  SCPolicySvc - ok
09:20:29.0591 0x1428  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
09:20:29.0669 0x1428  sdbus - ok
09:20:29.0716 0x1428  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:20:29.0794 0x1428  SDRSVC - ok
09:20:29.0841 0x1428  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
09:20:29.0903 0x1428  sdstor - ok
09:20:29.0935 0x1428  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:20:29.0950 0x1428  secdrv - ok
09:20:29.0981 0x1428  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
09:20:30.0075 0x1428  seclogon - ok
09:20:30.0106 0x1428  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\system32\sens.dll
09:20:30.0137 0x1428  SENS - ok
09:20:30.0169 0x1428  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:20:30.0262 0x1428  SensrSvc - ok
09:20:30.0309 0x1428  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
09:20:30.0371 0x1428  SerCx - ok
09:20:30.0403 0x1428  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
09:20:30.0481 0x1428  Serenum - ok
09:20:30.0512 0x1428  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
09:20:30.0590 0x1428  Serial - ok
09:20:30.0605 0x1428  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
09:20:30.0683 0x1428  sermouse - ok
09:20:30.0746 0x1428  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:20:30.0871 0x1428  SessionEnv - ok
09:20:30.0886 0x1428  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
09:20:30.0964 0x1428  sfloppy - ok
09:20:31.0042 0x1428  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:20:31.0073 0x1428  SharedAccess - ok
09:20:31.0167 0x1428  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:20:31.0214 0x1428  ShellHWDetection - ok
09:20:31.0245 0x1428  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:20:31.0308 0x1428  SiSRaid2 - ok
09:20:31.0323 0x1428  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:20:31.0385 0x1428  SiSRaid4 - ok
09:20:31.0417 0x1428  [ E77CB3736A702D46A6FB15FB4A9894E3, A341AD51825D4DB8A68ADDABE0FD17693DE387B0DA11800D427B8EA31577626C ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
09:20:31.0432 0x1428  SmartDefragDriver - ok
09:20:31.0464 0x1428  [ 5EAD96037C04363F4450E065BE30C429, 82AC053669C1C4E63D441CFB6457C4C94F24BFB178C9E1092AF4609A07154B28 ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
09:20:31.0510 0x1428  SmbDrv - ok
09:20:31.0541 0x1428  [ 962ABD93C70B28CE97F78B8F115FF1B2, C3C83AF01764E24FFEFDDC8383DA4667107A0D84C2533FE71794EF90C3C374A7 ] SmbDrvI         C:\Windows\System32\drivers\Smb_driver_Intel.sys
09:20:31.0588 0x1428  SmbDrvI - ok
09:20:31.0635 0x1428  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:20:31.0651 0x1428  SNMPTRAP - ok
09:20:31.0697 0x1428  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
09:20:31.0713 0x1428  spaceport - ok
09:20:31.0744 0x1428  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
09:20:31.0822 0x1428  SpbCx - ok
09:20:31.0900 0x1428  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
09:20:31.0963 0x1428  Spooler - ok
09:20:32.0306 0x1428  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe
09:20:32.0571 0x1428  sppsvc - ok
09:20:32.0696 0x1428  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:20:32.0712 0x1428  srv - ok
09:20:32.0790 0x1428  [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:20:32.0836 0x1428  srv2 - ok
09:20:32.0868 0x1428  [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:20:32.0899 0x1428  srvnet - ok
09:20:32.0961 0x1428  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:20:32.0992 0x1428  SSDPSRV - ok
09:20:33.0024 0x1428  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:20:33.0039 0x1428  SstpSvc - ok
09:20:33.0180 0x1428  [ 3CD16D86B5D613D5BDA9CEDA4DDA4216, CFFAD9C820B90C1A41FE72F101E0FCF148496350DDA12E7B67E517C7D3BBA717 ] StartMenuService C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
09:20:33.0195 0x1428  StartMenuService - ok
09:20:33.0289 0x1428  [ 189879824D01F9A0DD1D72259A120F50, D587688E9EF7C43319AB87EEA368C9310F3A8F4A8A6D8A6E427A54126C209DF0 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:20:33.0398 0x1428  Steam Client Service - ok
09:20:33.0429 0x1428  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:20:33.0492 0x1428  stexstor - ok
09:20:33.0570 0x1428  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
09:20:33.0616 0x1428  stisvc - ok
09:20:33.0663 0x1428  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys
09:20:33.0741 0x1428  storahci - ok
09:20:33.0757 0x1428  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
09:20:33.0819 0x1428  storflt - ok
09:20:33.0866 0x1428  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
09:20:33.0944 0x1428  StorSvc - ok
09:20:33.0991 0x1428  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:20:34.0053 0x1428  storvsc - ok
09:20:34.0084 0x1428  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
09:20:34.0178 0x1428  svsvc - ok
09:20:34.0209 0x1428  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
09:20:34.0225 0x1428  swenum - ok
09:20:34.0334 0x1428  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
09:20:34.0630 0x1428  swprv - ok
09:20:34.0693 0x1428  [ 1C9BC67929C728DED1091CA19C3F7D41, 78C7EA28E339FCDBD74470938298E33AB41A14CEE967E1B82CE1D11C54594135 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:20:34.0740 0x1428  SynTP - ok
09:20:34.0849 0x1428  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\Windows\system32\sysmain.dll
09:20:34.0974 0x1428  SysMain - ok
09:20:35.0036 0x1428  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
09:20:35.0067 0x1428  SystemEventsBroker - ok
09:20:35.0130 0x1428  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
09:20:35.0223 0x1428  TabletInputService - ok
09:20:35.0254 0x1428  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:20:35.0286 0x1428  TapiSrv - ok
09:20:35.0473 0x1428  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:20:35.0613 0x1428  Tcpip - ok
09:20:35.0785 0x1428  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:20:35.0910 0x1428  TCPIP6 - ok
09:20:35.0956 0x1428  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:20:35.0972 0x1428  tcpipreg - ok
09:20:36.0019 0x1428  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:20:36.0034 0x1428  tdx - ok
09:20:36.0066 0x1428  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
09:20:36.0128 0x1428  terminpt - ok
09:20:36.0206 0x1428  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService     C:\Windows\System32\termsrv.dll
09:20:36.0331 0x1428  TermService - ok
09:20:36.0378 0x1428  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
09:20:36.0393 0x1428  Themes - ok
09:20:36.0440 0x1428  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:20:36.0456 0x1428  THREADORDER - ok
09:20:36.0502 0x1428  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
09:20:36.0518 0x1428  TimeBroker - ok
09:20:36.0565 0x1428  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\Windows\system32\drivers\tpm.sys
09:20:36.0580 0x1428  TPM - ok
09:20:36.0627 0x1428  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
09:20:36.0658 0x1428  TrkWks - ok
09:20:36.0721 0x1428  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:20:36.0721 0x1428  TrustedInstaller - ok
09:20:36.0768 0x1428  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:20:36.0846 0x1428  TsUsbFlt - ok
09:20:36.0861 0x1428  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
09:20:36.0955 0x1428  TsUsbGD - ok
09:20:36.0986 0x1428  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:20:37.0002 0x1428  tunnel - ok
09:20:37.0033 0x1428  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:20:37.0111 0x1428  uagp35 - ok
09:20:37.0142 0x1428  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
09:20:37.0204 0x1428  UASPStor - ok
09:20:37.0251 0x1428  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
09:20:37.0314 0x1428  UCX01000 - ok
09:20:37.0376 0x1428  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:20:37.0470 0x1428  udfs - ok
09:20:37.0532 0x1428  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:20:37.0626 0x1428  UI0Detect - ok
09:20:37.0641 0x1428  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:20:37.0704 0x1428  uliagpkx - ok
09:20:37.0735 0x1428  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
09:20:37.0735 0x1428  umbus - ok
09:20:37.0766 0x1428  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
09:20:37.0766 0x1428  UmPass - ok
09:20:37.0813 0x1428  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:20:37.0906 0x1428  UmRdpService - ok
09:20:37.0969 0x1428  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
09:20:38.0016 0x1428  upnphost - ok
09:20:38.0062 0x1428  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
09:20:38.0172 0x1428  USBAAPL64 - ok
09:20:38.0218 0x1428  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
09:20:38.0218 0x1428  usbccgp - ok
09:20:38.0281 0x1428  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\Windows\System32\drivers\usbcir.sys
09:20:38.0359 0x1428  usbcir - ok
09:20:38.0390 0x1428  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
09:20:38.0406 0x1428  usbehci - ok
09:20:38.0437 0x1428  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
09:20:38.0452 0x1428  usbfilter - ok
09:20:38.0530 0x1428  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
09:20:38.0562 0x1428  usbhub - ok
09:20:38.0640 0x1428  [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
09:20:38.0733 0x1428  USBHUB3 - ok
09:20:38.0764 0x1428  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
09:20:38.0764 0x1428  usbohci - ok
09:20:38.0811 0x1428  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
09:20:38.0874 0x1428  usbprint - ok
09:20:38.0920 0x1428  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
09:20:38.0998 0x1428  USBSTOR - ok
09:20:39.0061 0x1428  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
09:20:39.0139 0x1428  usbuhci - ok
09:20:39.0186 0x1428  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:20:39.0279 0x1428  usbvideo - ok
09:20:39.0373 0x1428  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
09:20:39.0451 0x1428  USBXHCI - ok
09:20:39.0482 0x1428  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\Windows\system32\lsass.exe
09:20:39.0498 0x1428  VaultSvc - ok
09:20:39.0529 0x1428  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:20:39.0529 0x1428  vdrvroot - ok
09:20:39.0622 0x1428  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\Windows\System32\vds.exe
09:20:39.0732 0x1428  vds - ok
09:20:39.0778 0x1428  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
09:20:39.0841 0x1428  VerifierExt - ok
09:20:39.0919 0x1428  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
09:20:40.0012 0x1428  vhdmp - ok
09:20:40.0059 0x1428  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:20:40.0106 0x1428  viaide - ok
09:20:40.0184 0x1428  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:20:40.0246 0x1428  vmbus - ok
09:20:40.0278 0x1428  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
09:20:40.0356 0x1428  VMBusHID - ok
09:20:40.0418 0x1428  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
09:20:40.0512 0x1428  vmicheartbeat - ok
09:20:40.0543 0x1428  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
09:20:40.0574 0x1428  vmickvpexchange - ok
09:20:40.0605 0x1428  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
09:20:40.0636 0x1428  vmicrdv - ok
09:20:40.0699 0x1428  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
09:20:40.0730 0x1428  vmicshutdown - ok
09:20:40.0761 0x1428  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
09:20:40.0792 0x1428  vmictimesync - ok
09:20:40.0824 0x1428  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
09:20:40.0855 0x1428  vmicvss - ok
09:20:40.0902 0x1428  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:20:40.0933 0x1428  volmgr - ok
09:20:40.0980 0x1428  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:20:41.0011 0x1428  volmgrx - ok
09:20:41.0073 0x1428  [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:20:41.0104 0x1428  volsnap - ok
09:20:41.0136 0x1428  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
09:20:41.0198 0x1428  vpci - ok
09:20:41.0245 0x1428  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:20:41.0323 0x1428  vsmraid - ok
09:20:41.0448 0x1428  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\Windows\system32\vssvc.exe
09:20:41.0541 0x1428  VSS - ok
09:20:41.0588 0x1428  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
09:20:41.0666 0x1428  VSTXRAID - ok
09:20:41.0697 0x1428  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:20:41.0697 0x1428  vwifibus - ok
09:20:41.0760 0x1428  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:20:41.0775 0x1428  vwififlt - ok
09:20:41.0791 0x1428  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:20:41.0807 0x1428  vwifimp - ok
09:20:41.0869 0x1428  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
09:20:41.0900 0x1428  W32Time - ok
09:20:41.0947 0x1428  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
09:20:42.0009 0x1428  WacomPen - ok
09:20:42.0056 0x1428  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
09:20:42.0072 0x1428  Wanarp - ok
09:20:42.0087 0x1428  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:20:42.0087 0x1428  Wanarpv6 - ok
09:20:42.0196 0x1428  [ 901CC968412F8155B08D7ABE0171166A, D05A8E3D4D159546394E902C618D0583FE497B51C8F1C86D8E3B9E046819DD53 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
09:20:42.0290 0x1428  WAS - ok
09:20:42.0430 0x1428  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
09:20:42.0555 0x1428  wbengine - ok
09:20:42.0602 0x1428  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:20:42.0711 0x1428  WbioSrvc - ok
09:20:42.0774 0x1428  [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
09:20:42.0805 0x1428  Wcmsvc - ok
09:20:42.0867 0x1428  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:20:42.0976 0x1428  wcncsvc - ok
09:20:43.0023 0x1428  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:20:43.0101 0x1428  WcsPlugInService - ok
09:20:43.0148 0x1428  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
09:20:43.0210 0x1428  Wd - ok
09:20:43.0257 0x1428  [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
09:20:43.0320 0x1428  WdBoot - ok
09:20:43.0413 0x1428  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:20:43.0460 0x1428  Wdf01000 - ok
09:20:43.0507 0x1428  [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
09:20:43.0600 0x1428  WdFilter - ok
09:20:43.0632 0x1428  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:20:43.0663 0x1428  WdiServiceHost - ok
09:20:43.0678 0x1428  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:20:43.0710 0x1428  WdiSystemHost - ok
09:20:43.0772 0x1428  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\Windows\System32\webclnt.dll
09:20:43.0866 0x1428  WebClient - ok
09:20:43.0912 0x1428  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:20:44.0006 0x1428  Wecsvc - ok
09:20:44.0037 0x1428  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:20:44.0068 0x1428  wercplsupport - ok
09:20:44.0100 0x1428  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:20:44.0131 0x1428  WerSvc - ok
09:20:44.0162 0x1428  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
09:20:44.0178 0x1428  WFPLWFS - ok
09:20:44.0209 0x1428  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
09:20:44.0302 0x1428  WiaRpc - ok
09:20:44.0365 0x1428  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:20:44.0412 0x1428  WIMMount - ok
09:20:44.0458 0x1428  WinDefend - ok
09:20:44.0568 0x1428  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
09:20:44.0614 0x1428  WinHttpAutoProxySvc - ok
09:20:44.0708 0x1428  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:20:44.0724 0x1428  Winmgmt - ok
09:20:44.0848 0x1428  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
09:20:44.0895 0x1428  WinRing0_1_2_0 - ok
09:20:45.0114 0x1428  [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:20:45.0410 0x1428  WinRM - ok
09:20:45.0472 0x1428  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:20:45.0582 0x1428  WinUsb - ok
09:20:45.0628 0x1428  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
09:20:45.0628 0x1428  WirelessButtonDriver - ok
09:20:45.0753 0x1428  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll
09:20:45.0862 0x1428  WlanSvc - ok
09:20:46.0034 0x1428  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
09:20:46.0190 0x1428  wlidsvc - ok
09:20:46.0221 0x1428  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
09:20:46.0237 0x1428  WmiAcpi - ok
09:20:46.0299 0x1428  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:20:46.0393 0x1428  wmiApSrv - ok
09:20:46.0424 0x1428  WMPNetworkSvc - ok
09:20:46.0471 0x1428  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
09:20:46.0549 0x1428  wpcfltr - ok
09:20:46.0596 0x1428  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:20:46.0674 0x1428  WPCSvc - ok
09:20:46.0720 0x1428  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:20:46.0752 0x1428  WPDBusEnum - ok
09:20:46.0783 0x1428  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
09:20:46.0892 0x1428  WpdUpFltr - ok
09:20:46.0939 0x1428  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:20:46.0939 0x1428  ws2ifsl - ok
09:20:47.0001 0x1428  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\system32\wscsvc.dll
09:20:47.0017 0x1428  wscsvc - ok
09:20:47.0064 0x1428  [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
09:20:47.0126 0x1428  WSDPrintDevice - ok
09:20:47.0157 0x1428  WSearch - ok
09:20:47.0360 0x1428  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\Windows\System32\WSService.dll
09:20:47.0532 0x1428  WSService - ok
09:20:47.0781 0x1428  [ 10EA2DBD2820A504D98D19F5EDAAFC04, 5B84D7C169CBAEBCE4A03BB89426E74DBF5AFCA1F8FDE2A5BC1006A8464D7E24 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:20:48.0015 0x1428  wuauserv - ok
09:20:48.0078 0x1428  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:20:48.0140 0x1428  WudfPf - ok
09:20:48.0171 0x1428  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
09:20:48.0265 0x1428  WUDFRd - ok
09:20:48.0280 0x1428  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
09:20:48.0296 0x1428  WUDFSensorLP - ok
09:20:48.0358 0x1428  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:20:48.0452 0x1428  wudfsvc - ok
09:20:48.0483 0x1428  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
09:20:48.0499 0x1428  WUDFWpdFs - ok
09:20:48.0530 0x1428  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
09:20:48.0546 0x1428  WUDFWpdMtp - ok
09:20:48.0608 0x1428  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:20:48.0733 0x1428  WwanSvc - ok
09:20:48.0811 0x1428  ================ Scan global ===============================
09:20:48.0873 0x1428  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
09:20:48.0936 0x1428  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
09:20:48.0982 0x1428  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
09:20:49.0045 0x1428  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
09:20:49.0076 0x1428  [ Global ] - ok
09:20:49.0076 0x1428  ================ Scan MBR ==================================
09:20:49.0107 0x1428  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:20:49.0185 0x1428  \Device\Harddisk0\DR0 - ok
09:20:49.0185 0x1428  ================ Scan VBR ==================================
09:20:49.0201 0x1428  [ 0381C5CAA26BBA804CDB04F19D31970D ] \Device\Harddisk0\DR0\Partition1
09:20:49.0216 0x1428  \Device\Harddisk0\DR0\Partition1 - ok
09:20:49.0248 0x1428  [ CBAD9F3912786F9BDD3B630014527D89 ] \Device\Harddisk0\DR0\Partition2
09:20:49.0248 0x1428  \Device\Harddisk0\DR0\Partition2 - ok
09:20:49.0263 0x1428  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
09:20:49.0279 0x1428  \Device\Harddisk0\DR0\Partition3 - ok
09:20:49.0294 0x1428  [ F403F8C47D4A74A4DE0EFA8C1BB80B20 ] \Device\Harddisk0\DR0\Partition4
09:20:49.0294 0x1428  \Device\Harddisk0\DR0\Partition4 - ok
09:20:49.0341 0x1428  [ 94851B31470D624908B1EE948979D9EB ] \Device\Harddisk0\DR0\Partition5
09:20:49.0357 0x1428  \Device\Harddisk0\DR0\Partition5 - ok
09:20:49.0357 0x1428  ================ Scan generic autorun ======================
09:20:49.0404 0x1428  [ AFE5CD3EF5DB5078830BF1250E7E5AEA, 92AD8D5A2030BF5E5F6344747B2C05FCAD741BF2635227216AC72DD56960519A ] C:\Windows\RTSCM64.EXE
09:20:49.0419 0x1428  RtsCM - ok
09:20:49.0560 0x1428  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
09:20:49.0575 0x1428  NCPluginUpdater - ok
09:20:49.0669 0x1428  [ 8F6044A94EA311890F05A4B034608893, 039FDF46347256F99B3FEBBF5E68A22CE35095C13CEC8D1619813CB9E3866BE7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
09:20:49.0716 0x1428  StartCCC - ok
09:20:49.0778 0x1428  [ A2221900B57AEC20577996744FA4A56A, AFEF9176DBA86CDB16A7E84AD0DF6433D4F5865948774FB6B619CBEBEC004592 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
09:20:50.0012 0x1428  RemoteControl10 - ok
09:20:50.0121 0x1428  [ 30D312FB9F4CD0DB48884AC58841D420, 55758E68FB3A5CF5A5D936448E8AE585835E9BEA2AD95BE3429D0959EA689789 ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
09:20:50.0246 0x1428  HPMessageService - ok
09:20:50.0308 0x1428  [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
09:20:50.0371 0x1428  APSDaemon - ok
09:20:50.0449 0x1428  [ 916A2C4EB028604783FD5EA169236C1D, C97DAA1BE5C912DDCEDBA7619631BB98F4A9B32B1E40C5374A64E25305E0A1C4 ] C:\Program Files (x86)\QuickTime\QTTask.exe
09:20:50.0480 0x1428  QuickTime Task - ok
09:20:50.0620 0x1428  [ DA6DA7B1546E0D26EB2E1A015E24757C, 8DD459ECA7C72C900BDB70079D6861EC352EE2E4F0722EBD4FEB694885660462 ] C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe
09:20:50.0667 0x1428  mcpltui_exe - ok
09:20:51.0089 0x1428  [ 07AF92553C94A548C38BE54B6A668318, C43269A6F2B7F95290D4ABF9EFDA8E2631408671A7A6E01A06DD90E503467C36 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
09:20:51.0541 0x1428  AvastUI.exe - ok
09:20:51.0635 0x1428  [ E0AAE46829E5909AA87D6A323F7C81D2, F3B70007A333F5BF16F87AF9220A6622B59F3168EAD5683869693020DF67DA5C ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:20:51.0759 0x1428  SunJavaUpdateSched - ok
09:20:52.0056 0x1428  [ CFEDDB638643C9B4DDD1570EB17D7C16, 8EA72FAD24BA0DE4E207773CAADF6BAE7055C6B27E3E3D1B8B74EE726872054A ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
09:20:52.0259 0x1428  LogMeIn Hamachi Ui - ok
09:20:52.0758 0x1428  [ 82BBF2E5350D13A944839886A88F122A, EC5B99D51AA67B75C4A0CD51F61FBDFB7DF9F03B2E342D6ACB65C88872A176CA ] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
09:20:53.0413 0x1428  Advanced SystemCare 7 - ok
09:20:53.0522 0x1428  [ 574A3244B28A430EA8B5D6942910C4F1, C8F029641BCEDFA5194F2569E9A7C8764F97B61633D5A7F7632D74D760570525 ] C:\AdwCleaner\AdwCleaner[S4].txt
09:20:53.0600 0x1428  Report - ok
09:20:54.0271 0x1428  [ CB7668CCBD88BA171BE8117A2F5A19B9, 28F4E1C7E1A048F6A5958DB96CA395BF572A8B31DB7F3B6288C820D88C9AFC6A ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
09:20:54.0739 0x1428  SUPERAntiSpyware - ok
09:20:54.0770 0x1428  Waiting for KSN requests completion. In queue: 136
09:20:55.0784 0x1428  Waiting for KSN requests completion. In queue: 136
09:20:56.0798 0x1428  Waiting for KSN requests completion. In queue: 136
09:20:57.0859 0x1428  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51000 ( enabled : updated )
09:20:58.0031 0x1428  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
09:20:58.0109 0x1428  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
09:20:58.0124 0x1428  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51010 ( enabled )
09:21:01.0010 0x1428  ============================================================
09:21:01.0010 0x1428  Scan finished
09:21:01.0010 0x1428  ============================================================
09:21:01.0026 0x1574  Detected object count: 0
09:21:01.0026 0x1574  Actual detected object count: 0
 



#5 Jespinosa101

Jespinosa101
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 11 November 2014 - 11:51 AM

# AdwCleaner v4.101 - Report created 11/11/2014 at 09:35:28
# Updated 09/11/2014 by Xplode
# Database : 2014-11-10.9 [Live]
# Operating System : Windows 8  (64 bits)
# Username : jespi_000 - JOSHUA_COMPUTER
# Running from : C:\Users\jespi_000\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\q9mm8l6v.default\user.js
File Deleted : C:\Users\jespi_000\AppData\Roaming\Mozilla\Firefox\Profiles\woys1x6u.default\user.js
File Deleted : C:\Users\jespi_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\jespi_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

[x] Not Deleted : Driver Booster Scan
[x] Not Deleted : Driver Booster Update

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Escolade
Key Deleted : HKCU\Software\AppDataLow\Software\Compete
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\educationask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\spigotmc.org

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17116


-\\ Mozilla Firefox v33.0.3 (x86 en-US)


-\\ Google Chrome v

[C:\Users\jespi_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\jespi_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [7779 octets] - [13/08/2014 15:46:48]
AdwCleaner[R10].txt - [1678 octets] - [17/08/2014 10:05:32]
AdwCleaner[R11].txt - [1739 octets] - [18/08/2014 15:35:43]
AdwCleaner[R12].txt - [1939 octets] - [23/08/2014 10:57:25]
AdwCleaner[R13].txt - [1922 octets] - [23/08/2014 11:17:01]
AdwCleaner[R14].txt - [1983 octets] - [24/08/2014 10:10:19]
AdwCleaner[R15].txt - [2042 octets] - [26/08/2014 16:16:00]
AdwCleaner[R16].txt - [2103 octets] - [27/08/2014 19:19:10]
AdwCleaner[R17].txt - [2164 octets] - [06/09/2014 11:06:30]
AdwCleaner[R18].txt - [2211 octets] - [25/10/2014 10:22:56]
AdwCleaner[R19].txt - [2225 octets] - [26/10/2014 19:14:48]
AdwCleaner[R1].txt - [7839 octets] - [13/08/2014 15:56:08]
AdwCleaner[R20].txt - [2373 octets] - [30/10/2014 19:46:16]
AdwCleaner[R21].txt - [2434 octets] - [31/10/2014 22:15:11]
AdwCleaner[R22].txt - [3716 octets] - [11/11/2014 09:33:32]
AdwCleaner[R2].txt - [7899 octets] - [13/08/2014 18:48:40]
AdwCleaner[R3].txt - [7959 octets] - [13/08/2014 18:52:56]
AdwCleaner[R4].txt - [962 octets] - [13/08/2014 19:06:21]
AdwCleaner[R5].txt - [1021 octets] - [14/08/2014 15:14:46]
AdwCleaner[R6].txt - [1075 octets] - [15/08/2014 15:50:58]
AdwCleaner[R7].txt - [1255 octets] - [16/08/2014 11:49:38]
AdwCleaner[R8].txt - [1555 octets] - [17/08/2014 09:41:59]
AdwCleaner[R9].txt - [1557 octets] - [17/08/2014 09:52:42]
AdwCleaner[S0].txt - [7410 octets] - [13/08/2014 18:58:31]
AdwCleaner[S1].txt - [1618 octets] - [17/08/2014 09:49:25]
AdwCleaner[S2].txt - [1618 octets] - [17/08/2014 09:56:46]
AdwCleaner[S3].txt - [2001 octets] - [23/08/2014 11:11:40]
AdwCleaner[S4].txt - [2491 octets] - [31/10/2014 22:22:02]
AdwCleaner[S5].txt - [3628 octets] - [11/11/2014 09:35:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [3688 octets] ##########
 



#6 Jespinosa101

Jespinosa101
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 11 November 2014 - 11:58 AM

For the Junkware Removal Tool I dont know how to turn off my protection software, but I downloaded it



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:34 PM

Posted 11 November 2014 - 03:14 PM

Run it anyway.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Jespinosa101

Jespinosa101
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 12 November 2014 - 07:24 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 8 x64
Ran by jespi_000 on Wed 11/12/2014 at 16:38:45.99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\ConsumerInputUpdateTaskMachineCore.job
Successfully deleted: [File] C:\Windows\Tasks\ConsumerInputUpdateTaskMachineUA.job
Successfully deleted: [File] C:\Windows\prefetch\DRIVER-BOOSTER-SETUP.TMP-711E6F3A.pf
Successfully deleted: [File] C:\Windows\prefetch\DRIVERBOOSTER.EXE-D5205666.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\jespi_000\AppData\Roaming\mozilla\firefox\profiles\woys1x6u.default\minidumps [20 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/12/2014 at 17:10:11.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#9 Jespinosa101

Jespinosa101
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 12 November 2014 - 08:23 PM

Almost done with final scan



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:34 PM

Posted 12 November 2014 - 08:43 PM

OK
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Jespinosa101

Jespinosa101
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 15 November 2014 - 07:07 PM

The eset scan seems to be taking a really long time. Is that normal with it?

#12 Jespinosa101

Jespinosa101
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 17 November 2014 - 11:55 PM

I am sorry for not posting the eset scan logs but it just seems to take to long to finish. It has been running for about 5 hours and its at 33%. I also have been canceling the other eset scans because I had to go to sleep and I can't keep my pc up. Sorry.

Edited by Jespinosa101, 18 November 2014 - 12:09 AM.


#13 Jespinosa101

Jespinosa101
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 18 November 2014 - 12:14 AM

I will try to find time over the weekend to do this scan, also is there anything else you would like me to do?

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:34 PM

Posted 18 November 2014 - 03:43 PM

There are times it can take twelve hours. Start it before you sleep and turn the monitor off.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Jespinosa101

Jespinosa101
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 19 November 2014 - 10:31 AM

Oh also I forgot to mention my pc is starting to say "Your Pc ran into a problem and this problem caused your pc to restart" That happened a few minutes after I started up my pc but it did not restart or anything. It also showed a few files and stuff.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users