Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with an unknown (Was Trojan.Poweliks!gm?)


  • Please log in to reply
13 replies to this topic

#1 Applesandoranges

Applesandoranges

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 21 November 2014 - 07:41 PM

Hello,

 

I have a laptop that is running Windows 7 Home Premium 64-bit.

 

Symptoms:

Norton anti-virus "stopped" attempt by "Trojan.Poweliks!gm". (This used to happen roughly every 10 or so minutes)

Roughly 9-12 processes named "gdzalotqjgek.exe" running in the task manager with a discription of "Goggle Chrome".

Cannot upload/download anything through the internet browser. (I can transfer needed files with a flash drive to repair it)

 

 

I have not run anything other than Norton and Malwarebytes the first time I saw it was infected. It was fine for roughly one day, then it started happening again.

Completely unsure of what it could be infected with.

 

Please note, I am not the main user of this laptop so currently I am unable to comment on what the user may have been doing at the time of the first sign of infection.

 

Thank you in advance for any asssitance you can provide.

 

-Matt



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,303 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:41 AM

Posted 21 November 2014 - 07:53 PM

Welcome to BC !

 

Scan using the Eset Tool below that can find and remove poweliks. Let us know if poweliks was found or not.

There is likely other unwanted adware/ malware, too. So, if the Eset scan gets rid of poweliks, I'll have further comment.

Please download Powelikscleaner (by ESET) and save it to your Desktop.

  • Double-click ESETPoweliksCleaner.exe to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

1.png
2.png

 


Edited by buddy215, 21 November 2014 - 07:54 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Applesandoranges

Applesandoranges
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 21 November 2014 - 08:04 PM

Hello and thank you for taking the time to look at my problem. 

 

I have done as instructed and it came back and told me that Win32/Poweliks was not found in my system. Odd that Norton was flagging that yet it is not there...

 

Here is the log incase there happens to be any other relevent information:

 

[2014.11.21 17:00:14.223] - Begin
[2014.11.21 17:00:14.223] -
[2014.11.21 17:00:14.234] -     ....................................
[2014.11.21 17:00:14.235] -   ..::::::::::::::::::....................
[2014.11.21 17:00:14.236] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2014.11.21 17:00:14.237] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.1
[2014.11.21 17:00:14.238] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Oct 15 2014
[2014.11.21 17:00:14.238] -  .::EE:::::::::::::SS:.EE..........TT......
[2014.11.21 17:00:14.239] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2014.11.21 17:00:14.239] -   ..::::::::::::::::::....................    1992-2013. All rights reserved.
[2014.11.21 17:00:14.240] -     ....................................
[2014.11.21 17:00:14.240] -
[2014.11.21 17:00:14.240] - --------------------------------------------------------------------------------
[2014.11.21 17:00:14.240] -
[2014.11.21 17:00:14.241] - INFO: OS: 6.1.7601 SP1
[2014.11.21 17:00:14.241] - INFO: Product Type: Workstation
[2014.11.21 17:00:14.241] - INFO: WoW64: True
[2014.11.21 17:00:14.241] - INFO: Machine guid: C1E86AFE-4253-442E-927B-BA72E005BAB3
[2014.11.21 17:00:14.242] -
[2014.11.21 17:00:14.381] - INFO: Scanning for system infection...
[2014.11.21 17:00:14.381] - --------------------------------------------------------------------------------
[2014.11.21 17:00:14.382] -
[2014.11.21 17:00:14.382] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.21 17:00:14.382] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.21 17:00:14.383] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.21 17:00:14.383] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.21 17:00:14.383] - INFO: Processing classes...
[2014.11.21 17:00:14.383] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{0000002F-0000-0000-C000-000000000046}]
[2014.11.21 17:00:14.383] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{00020420-0000-0000-C000-000000000046}]
[2014.11.21 17:00:14.383] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{00020421-0000-0000-C000-000000000046}]
[2014.11.21 17:00:14.383] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{00020422-0000-0000-C000-000000000046}]
[2014.11.21 17:00:14.383] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{00020423-0000-0000-C000-000000000046}]
[2014.11.21 17:00:14.383] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{00020424-0000-0000-C000-000000000046}]
[2014.11.21 17:00:14.383] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{00020425-0000-0000-C000-000000000046}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{0002E005-0000-0000-C000-000000000046}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{36B65F6A-FBA5-4510-ACB3-702C5BE97A80}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}]
[2014.11.21 17:00:14.384] - INFO: Processing clsid [\Registry\User\S-1-5-21-2828999966-1190776608-1198943771-1000\SOFTWARE\Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}]
[2014.11.21 17:00:14.384] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.21 17:00:14.384] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.21 17:00:14.384] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.21 17:00:14.384] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.21 17:00:14.385] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.21 17:00:14.385] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.21 17:00:14.385] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.21 17:00:14.385] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.21 17:00:14.385] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.21 17:00:14.385] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.21 17:00:14.385] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.21 17:00:14.385] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.21 17:00:14.385] - INFO: Win32/Poweliks not found
[2014.11.21 17:00:56.981] - End



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:41 AM

Posted 21 November 2014 - 08:04 PM

Cannot upload/download anything through the internet browser. (I can transfer needed files with a flash drive to repair it)

If you are having trouble downloading files with Internet Explorer, follow these instructions to re-enable downloads/reset all Security zones to default.

Then continue with ESETPoweliksCleaner.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 buddy215

buddy215

  • Moderator
  • 13,303 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:41 AM

Posted 21 November 2014 - 08:16 PM

If you are still having a problem downloading, follow quietman7's instruction for resetting all security zones.

Once that is done, try running a scan using Eset Online Scanner. If you are still unable to download follow the

directions for using Rkill first. If you use Rkill DO NOT reboot. Go directly to using Eset Online Scanner.

 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

RKill Download

Be sure to read what Rkill does. Reminder....don't reboot after using it. Start the Eset Online Scan.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:41 AM

Posted 21 November 2014 - 08:33 PM

BTW...Trojan.Poweliks!gm is a heuristic detection used to detect threats associated with the Trojan.Poweliks family. That does not necessarily mean you are dealing with an actual Poweliks infection as heuristics are prone to false detections.

Poweliks is unique when compared to traditional malware because it resides only in Windows registry and memory. It does not exist on a compromised computer as a physical file. gdzalotqjgek.exe is a physical file.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Applesandoranges

Applesandoranges
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 22 November 2014 - 12:40 AM

That was an incredibly long scan time but it is finally finished. Here is the list of threats that ESET reported:

 

C:\Program Files (x86)\VideoDownloadConverter\VDCScriptHelper.dll    a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\xfin_portal\comcastdx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\xfin_portal\comcasttb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application    deleted - quarantined
C:\Users\ozz\AppData\Local\{C2FFFCBE-A4D0-4CEB-B88D-2E74EBA30059}\Cvcvobwjkqr.dll    a variant of Win32/Kryptik.CPNG trojan    cleaned by deleting (after the next restart) - quarantined
C:\Users\ozz\AppData\LocalLow\xjuedks.dll    a variant of Win32/Kryptik.CPNG trojan    cleaned by deleting - quarantined
Operating memory    multiple threats    
 



#8 buddy215

buddy215

  • Moderator
  • 13,303 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:41 AM

Posted 22 November 2014 - 07:44 AM

Are you now able to download? I included the instructions for MBAM. You already have it but I want to be

sure you update it and verify the settings allow for scanning for rootkits and PUPS. Post its log if finds anything.

 

Use CCleaner to remove Temporary files, program caches, ALL cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars...especially Yahoo.

You may see Google Tool Bar being offered. You can choose to download and use the portable version and avoid any chance

of installing an unwanted toolbar.  

CCleaner - PC Optimization and Cleaning - Free Download

Piriform - How to run CCleaner from a USB drive

  • download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR REVIEW.

 

Download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Download TDSSKiller and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 Applesandoranges

Applesandoranges
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 22 November 2014 - 01:36 PM

Yes, I am able to download on the laptop now after resetting the security settings as instructed above, thank you. 

 

As follows are the log files that were requested:

 

----ADWCleaner:

 

# AdwCleaner v4.101 - Report created 22/11/2014 at 09:37:09
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ozz - OZZ-PC
# Running from : C:\Users\ozz\Desktop\fix\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\comcasttb
Folder Deleted : C:\Program Files (x86)\VideoDownloadConverter
Folder Deleted : C:\Program Files (x86)\xfin_portal
Folder Deleted : C:\Users\ozz\AppData\Local\VideoDownloadConverter_4z
Folder Deleted : C:\Users\ozz\AppData\LocalLow\iac
Folder Deleted : C:\Users\ozz\AppData\LocalLow\xfin_portal
Folder Deleted : C:\Users\ozz\AppData\Roaming\Babylon
Folder Deleted : C:\Users\ozz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter.ScriptHelper
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter.ScriptHelper.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08635077-8829-49E2-B338-C968817EB460}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20A3F109-F7C1-47B4-8098-8E654B264B1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8A4E8BCB-5598-4CAF-9DEC-4D452760E28D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C7478AB-3155-463E-936F-55F91F0F10D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9E1B65EE-A131-42B4-94CA-847505E2F611}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{385F1935-3784-48D0-A61F-6385493DED3C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A11A6BD-7880-49BD-92D4-6F09D0BD3250}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A4E8BCB-5598-4CAF-9DEC-4D452760E28D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF6E4B1C-DBDE-457E-9CEF-AB8ECAC8A5E8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Key Deleted : HKCU\Software\AppDataLow\Software\xfin_portal
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\VideoDownloadConverter
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\xfin_portal
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v39.0.2171.65

[C:\Users\ozz\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_crm
[C:\Users\ozz\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_crm
[C:\Users\ozz\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\ozz\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\ozz\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_crm
[C:\Users\ozz\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_crm
[C:\Users\ozz\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk

*************************

AdwCleaner[R0].txt - [7638 octets] - [22/11/2014 09:33:45]
AdwCleaner[S0].txt - [7463 octets] - [22/11/2014 09:37:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7523 octets] ##########
 

 

---MBAM:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/22/2014
Scan Time: 9:45:34 AM
Logfile: MBAM Log 11-22.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.22.09
Rootkit Database: v2014.11.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ozz

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 320581
Time Elapsed: 27 min, 47 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

----JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by ozz on Sat 11/22/2014 at 10:17:26.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] antispywareservice
Successfully deleted: [Service] antispywareservice



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{05FDCDA5-7E0E-4048-BA04-05802CF4744A}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{084FFBB9-A1E4-408C-A0B1-BE498825A4EE}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{09E19DCA-2E51-41A8-BF19-9DE3A8173D5A}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{09F2F3A7-6344-45B1-B997-1DB3CC743ECC}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{0CCF03F3-3EC1-49B5-B6D8-ACBF3EF15E3E}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{1256088D-3FF3-4156-AD29-EFAE5D7AB7F6}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{1C707DFE-D786-4960-939E-40EEAD1703B5}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{3623F4CE-9192-4D27-A413-96E8662B58F1}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{3C330DEE-9227-4244-90DE-2F4BC438F3C6}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{3C33DB4E-0C69-49CC-96E1-F2A61B0B1255}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{3F72D7BB-AB1D-4B8D-A337-A721416EBA54}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{44075276-599D-4035-BDBC-A3D90442FBB7}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{485C4B52-3A19-4998-A652-FD3D76646D35}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{49D8E7B7-B78A-47E7-860F-02085A822120}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{4B18D995-1772-4865-B91A-8617B90FC93B}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{4EEBA970-72C7-4566-824B-42C523BF3E72}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{63B3C4BD-4D38-46B2-997A-2F29EC82D48E}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{651F2184-FE57-485A-BEC3-34B28E0E43CB}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{786AA146-D18C-4AFA-B373-88AC4B504384}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{81130745-6B13-431E-B43E-2EAC7F3DA1CE}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{860000A7-D6E8-463A-8EA1-F5D22A77AF0E}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{89D97E5D-B24B-4EAD-9601-2E92F75568F0}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{948C7B61-22AC-4E15-9713-54FD6141A812}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{94AEF0F8-DC29-41F8-B1BD-D2B6478E03B5}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{959F544B-1422-462F-901D-FCA22CDE23DF}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{967B60A8-8263-4F0E-93A9-227AA9E0A79D}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{989209E5-EF61-49BB-9CF4-4AAD96E9B76D}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{9C373FF3-54FA-4F38-AA66-EF83C241A397}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{9CE4056D-F7D6-4244-98C1-D7E4061DFDD3}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{A1612A43-17E3-4921-91C5-8A8A3E2D46B7}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{A55B5D99-99BE-4E1E-82DC-739FE877A59A}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{A5874578-11DF-4CFD-928C-7E6836A506FB}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{A9613534-6E29-4C71-9AED-D0CC1C708840}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{AB624120-0CC9-4E2C-838C-37E9072DA650}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{ABD8A8A1-D5AD-487E-8305-4289D5B4ED36}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{B28A95DB-310A-4C69-9E37-70BD17283E94}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{BA98E6F4-90CB-48D6-B1E5-39716D42A9D6}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{C10C0B59-0357-4FBD-BA10-6578ED75984B}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{C1C612D3-9C45-4E2F-B3CB-0A05EAF244AE}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{C2FFFCBE-A4D0-4CEB-B88D-2E74EBA30059}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{C4069DD6-1C52-4135-ADF8-CB4A20B797B8}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{C883B1FF-5D3E-4B47-B93C-2F6718599280}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{C9632A41-89AA-4E47-9A7F-3C75E78A392C}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{CEB70289-4649-43F1-941E-34C78AE40454}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{DAE1DAE0-CB34-467A-B161-58BA4CFBC551}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{EA7D7494-15AA-416F-A271-008F8E9C5A31}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{F0A80896-D6D8-4FEE-86C4-99BDE32174F8}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{F2BE8197-96AD-45F6-90BB-818B9ADFE54F}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{FD38FF15-C577-499A-A301-B03E31F40444}
Successfully deleted: [Empty Folder] C:\Users\ozz\appdata\local\{FFA15975-0356-4CF9-B03A-C9D5D0586410}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 11/22/2014 at 10:20:58.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

---- TDSSKiller:

 

10:24:25.0846 0x1088  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
10:24:48.0803 0x1088  ============================================================
10:24:48.0803 0x1088  Current date / time: 2014/11/22 10:24:48.0803
10:24:48.0803 0x1088  SystemInfo:
10:24:48.0803 0x1088  
10:24:48.0803 0x1088  OS Version: 6.1.7601 ServicePack: 1.0
10:24:48.0803 0x1088  Product type: Workstation
10:24:48.0803 0x1088  ComputerName: OZZ-PC
10:24:48.0803 0x1088  UserName: ozz
10:24:48.0803 0x1088  Windows directory: C:\Windows
10:24:48.0803 0x1088  System windows directory: C:\Windows
10:24:48.0803 0x1088  Running under WOW64
10:24:48.0803 0x1088  Processor architecture: Intel x64
10:24:48.0803 0x1088  Number of processors: 4
10:24:48.0803 0x1088  Page size: 0x1000
10:24:48.0803 0x1088  Boot type: Normal boot
10:24:48.0803 0x1088  ============================================================
10:24:49.0757 0x1088  KLMD registered as C:\Windows\system32\drivers\69930244.sys
10:24:50.0127 0x1088  System UUID: {B55703B0-3FA9-22D4-F967-EA6FDA316756}
10:24:50.0731 0x1088  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:24:50.0736 0x1088  ============================================================
10:24:50.0736 0x1088  \Device\Harddisk0\DR0:
10:24:50.0737 0x1088  MBR partitions:
10:24:50.0737 0x1088  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x1DCF0000
10:24:50.0763 0x1088  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x20EF1000, BlocksNum 0x29966800
10:24:50.0764 0x1088  ============================================================
10:24:50.0834 0x1088  C: <-> \Device\Harddisk0\DR0\Partition1
10:24:50.0874 0x1088  D: <-> \Device\Harddisk0\DR0\Partition2
10:24:50.0874 0x1088  ============================================================
10:24:50.0874 0x1088  Initialize success
10:24:50.0874 0x1088  ============================================================
10:24:56.0991 0x1aa0  ============================================================
10:24:56.0991 0x1aa0  Scan started
10:24:56.0991 0x1aa0  Mode: Manual;
10:24:56.0991 0x1aa0  ============================================================
10:24:56.0991 0x1aa0  KSN ping started
10:25:00.0189 0x1aa0  KSN ping finished: true
10:25:02.0741 0x1aa0  ================ Scan system memory ========================
10:25:02.0741 0x1aa0  System memory - ok
10:25:02.0741 0x1aa0  ================ Scan services =============================
10:25:02.0945 0x1aa0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:25:02.0958 0x1aa0  1394ohci - ok
10:25:03.0008 0x1aa0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:25:03.0022 0x1aa0  ACPI - ok
10:25:03.0042 0x1aa0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:25:03.0042 0x1aa0  AcpiPmi - ok
10:25:03.0135 0x1aa0  [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:25:03.0135 0x1aa0  AdobeARMservice - ok
10:25:03.0291 0x1aa0  [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:25:03.0307 0x1aa0  AdobeFlashPlayerUpdateSvc - ok
10:25:03.0369 0x1aa0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:25:03.0385 0x1aa0  adp94xx - ok
10:25:03.0416 0x1aa0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:25:03.0416 0x1aa0  adpahci - ok
10:25:03.0447 0x1aa0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:25:03.0463 0x1aa0  adpu320 - ok
10:25:03.0510 0x1aa0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:25:03.0525 0x1aa0  AeLookupSvc - ok
10:25:03.0619 0x1aa0  [ 69FD46FAC0D9C4A8ECD522AC6A7481F5, 048FA3F77423D43346A35F142DBD0ACEC190F5E68F79960856C325B3CA7DD6C9 ] AFBAgent        C:\Windows\system32\FBAgent.exe
10:25:03.0650 0x1aa0  AFBAgent - ok
10:25:03.0697 0x1aa0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:25:03.0713 0x1aa0  AFD - ok
10:25:03.0744 0x1aa0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:25:03.0744 0x1aa0  agp440 - ok
10:25:03.0784 0x1aa0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:25:03.0791 0x1aa0  ALG - ok
10:25:03.0834 0x1aa0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:25:03.0835 0x1aa0  aliide - ok
10:25:03.0859 0x1aa0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:25:03.0861 0x1aa0  amdide - ok
10:25:03.0879 0x1aa0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:25:03.0882 0x1aa0  AmdK8 - ok
10:25:03.0900 0x1aa0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:25:03.0903 0x1aa0  AmdPPM - ok
10:25:03.0936 0x1aa0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:25:03.0939 0x1aa0  amdsata - ok
10:25:03.0964 0x1aa0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:25:03.0970 0x1aa0  amdsbs - ok
10:25:03.0986 0x1aa0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:25:03.0988 0x1aa0  amdxata - ok
10:25:04.0014 0x1aa0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:25:04.0016 0x1aa0  AppID - ok
10:25:04.0040 0x1aa0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:25:04.0045 0x1aa0  AppIDSvc - ok
10:25:04.0062 0x1aa0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:25:04.0062 0x1aa0  Appinfo - ok
10:25:04.0077 0x1aa0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
10:25:04.0077 0x1aa0  arc - ok
10:25:04.0093 0x1aa0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:25:04.0093 0x1aa0  arcsas - ok
10:25:04.0155 0x1aa0  [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
10:25:04.0155 0x1aa0  ASLDRService - ok
10:25:04.0186 0x1aa0  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
10:25:04.0186 0x1aa0  ASMMAP64 - ok
10:25:04.0233 0x1aa0  [ C5F36B1087553BAC84B493E4DFEA9036, 7D9CB71B50CA794B5E2A52B88E070D00108285C8A0159241B921CBD1C4434F86 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
10:25:04.0249 0x1aa0  asmthub3 - ok
10:25:04.0280 0x1aa0  [ AA6797E04AC24DBAC4C239A33F468463, 56797FB2C91785357728CCE785FBD5C8D3767BDBACABC8E601A9F64613124B81 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
10:25:04.0296 0x1aa0  asmtxhci - ok
10:25:04.0389 0x1aa0  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:25:04.0405 0x1aa0  aspnet_state - ok
10:25:04.0436 0x1aa0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:25:04.0452 0x1aa0  AsyncMac - ok
10:25:04.0483 0x1aa0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:25:04.0483 0x1aa0  atapi - ok
10:25:04.0592 0x1aa0  [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr            C:\Windows\system32\DRIVERS\athrx.sys
10:25:04.0623 0x1aa0  athr - ok
10:25:04.0654 0x1aa0  [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
10:25:04.0670 0x1aa0  ATKGFNEXSrv - ok
10:25:04.0701 0x1aa0  [ AC31727F9946E9009480708E4D1B9986, D1D5DC2A377D37483E10BF5F96D670712718BC27C753E86ABBB6C0708992E7C9 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
10:25:04.0701 0x1aa0  ATKWMIACPIIO - ok
10:25:04.0764 0x1aa0  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:25:04.0779 0x1aa0  AudioEndpointBuilder - ok
10:25:04.0812 0x1aa0  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:25:04.0823 0x1aa0  AudioSrv - ok
10:25:04.0861 0x1aa0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:25:04.0864 0x1aa0  AxInstSV - ok
10:25:04.0906 0x1aa0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:25:04.0917 0x1aa0  b06bdrv - ok
10:25:04.0951 0x1aa0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:25:04.0957 0x1aa0  b57nd60a - ok
10:25:05.0027 0x1aa0  [ 93EE7D9C35AE7E9FFDA148D7805F1421, 9D88D5CC08F887B35A893FEC80D8CC4A9E4EAAF533E27D0F1B9CC36C171C92DA ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:25:05.0031 0x1aa0  BBSvc - ok
10:25:05.0045 0x1aa0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:25:05.0061 0x1aa0  BDESVC - ok
10:25:05.0076 0x1aa0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:25:05.0076 0x1aa0  Beep - ok
10:25:05.0123 0x1aa0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:25:05.0139 0x1aa0  BFE - ok
10:25:05.0357 0x1aa0  [ D90F5136CB6512B2B9A855C94F79B0B5, 7E2FFDF2B1147E25EA2530DB55667352116EE676D0B6F76ED4C6FEAFC88AB5D4 ] BHDrvx64        C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141118.001\BHDrvx64.sys
10:25:05.0404 0x1aa0  BHDrvx64 - ok
10:25:05.0451 0x1aa0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:25:05.0466 0x1aa0  BITS - ok
10:25:05.0513 0x1aa0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:25:05.0513 0x1aa0  blbdrive - ok
10:25:05.0560 0x1aa0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:25:05.0560 0x1aa0  bowser - ok
10:25:05.0591 0x1aa0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:25:05.0591 0x1aa0  BrFiltLo - ok
10:25:05.0622 0x1aa0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:25:05.0622 0x1aa0  BrFiltUp - ok
10:25:05.0638 0x1aa0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:25:05.0653 0x1aa0  Browser - ok
10:25:05.0685 0x1aa0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:25:05.0700 0x1aa0  Brserid - ok
10:25:05.0716 0x1aa0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:25:05.0716 0x1aa0  BrSerWdm - ok
10:25:05.0731 0x1aa0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:25:05.0731 0x1aa0  BrUsbMdm - ok
10:25:05.0763 0x1aa0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:25:05.0763 0x1aa0  BrUsbSer - ok
10:25:05.0818 0x1aa0  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
10:25:05.0821 0x1aa0  BthEnum - ok
10:25:05.0845 0x1aa0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:25:05.0847 0x1aa0  BTHMODEM - ok
10:25:05.0868 0x1aa0  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:25:05.0871 0x1aa0  BthPan - ok
10:25:05.0923 0x1aa0  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
10:25:05.0935 0x1aa0  BTHPORT - ok
10:25:05.0969 0x1aa0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:25:05.0972 0x1aa0  bthserv - ok
10:25:05.0988 0x1aa0  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
10:25:05.0991 0x1aa0  BTHUSB - ok
10:25:06.0062 0x1aa0  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys
10:25:06.0062 0x1aa0  ccSet_N360 - ok
10:25:06.0109 0x1aa0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:25:06.0109 0x1aa0  cdfs - ok
10:25:06.0140 0x1aa0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:25:06.0140 0x1aa0  cdrom - ok
10:25:06.0171 0x1aa0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:25:06.0187 0x1aa0  CertPropSvc - ok
10:25:06.0202 0x1aa0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:25:06.0202 0x1aa0  circlass - ok
10:25:06.0233 0x1aa0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:25:06.0249 0x1aa0  CLFS - ok
10:25:06.0311 0x1aa0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:25:06.0311 0x1aa0  clr_optimization_v2.0.50727_32 - ok
10:25:06.0374 0x1aa0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:25:06.0389 0x1aa0  clr_optimization_v2.0.50727_64 - ok
10:25:06.0452 0x1aa0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:25:06.0452 0x1aa0  clr_optimization_v4.0.30319_32 - ok
10:25:06.0483 0x1aa0  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:25:06.0499 0x1aa0  clr_optimization_v4.0.30319_64 - ok
10:25:06.0530 0x1aa0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:25:06.0530 0x1aa0  CmBatt - ok
10:25:06.0561 0x1aa0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:25:06.0577 0x1aa0  cmdide - ok
10:25:06.0655 0x1aa0  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:25:06.0670 0x1aa0  CNG - ok
10:25:06.0701 0x1aa0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:25:06.0701 0x1aa0  Compbatt - ok
10:25:06.0717 0x1aa0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
10:25:06.0717 0x1aa0  CompositeBus - ok
10:25:06.0717 0x1aa0  COMSysApp - ok
10:25:06.0748 0x1aa0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:25:06.0748 0x1aa0  crcdisk - ok
10:25:06.0813 0x1aa0  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:25:06.0829 0x1aa0  CryptSvc - ok
10:25:06.0878 0x1aa0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:25:06.0891 0x1aa0  DcomLaunch - ok
10:25:06.0920 0x1aa0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:25:06.0927 0x1aa0  defragsvc - ok
10:25:06.0948 0x1aa0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:25:06.0951 0x1aa0  DfsC - ok
10:25:06.0989 0x1aa0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:25:06.0997 0x1aa0  Dhcp - ok
10:25:07.0023 0x1aa0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:25:07.0025 0x1aa0  discache - ok
10:25:07.0063 0x1aa0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
10:25:07.0063 0x1aa0  Disk - ok
10:25:07.0110 0x1aa0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:25:07.0125 0x1aa0  Dnscache - ok
10:25:07.0172 0x1aa0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:25:07.0172 0x1aa0  dot3svc - ok
10:25:07.0219 0x1aa0  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:25:07.0235 0x1aa0  Dot4 - ok
10:25:07.0250 0x1aa0  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:25:07.0250 0x1aa0  Dot4Print - ok
10:25:07.0266 0x1aa0  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:25:07.0266 0x1aa0  dot4usb - ok
10:25:07.0266 0x13c8  Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
10:25:07.0297 0x1aa0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:25:07.0297 0x1aa0  DPS - ok
10:25:07.0344 0x1aa0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:25:07.0344 0x1aa0  drmkaud - ok
10:25:07.0406 0x1aa0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:25:07.0437 0x1aa0  DXGKrnl - ok
10:25:07.0484 0x1aa0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:25:07.0484 0x1aa0  EapHost - ok
10:25:07.0625 0x1aa0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:25:07.0718 0x1aa0  ebdrv - ok
10:25:07.0857 0x1aa0  [ 03E1B8BA59327D186C7C533A6998FEF9, 224937A697B55BD9CCD790771DBE9D135021AD1DC3E6D6AC7C431C56F0FFBBB5 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:25:07.0869 0x1aa0  eeCtrl - ok
10:25:07.0897 0x1aa0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:25:07.0899 0x1aa0  EFS - ok
10:25:07.0954 0x1aa0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:25:07.0970 0x1aa0  ehRecvr - ok
10:25:07.0988 0x1aa0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:25:07.0991 0x1aa0  ehSched - ok
10:25:08.0060 0x1aa0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:25:08.0065 0x1aa0  elxstor - ok
10:25:08.0143 0x1aa0  [ 142EA7DF1851C563571F2DCFC7AFBB40, 14DE008B68D127F246A64290DFCBD7ECDE8FF7932B3BAE660EB131860E826EAD ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:25:08.0143 0x1aa0  EraserUtilRebootDrv - ok
10:25:08.0159 0x1aa0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:25:08.0174 0x1aa0  ErrDev - ok
10:25:08.0221 0x1aa0  [ 871AB1BFA00ECA5DFDE99D6EECE1BFD4, 3C84D241B6275CA9A89685945DD7346B69C9D57E2859F34D98BF247B0309EB03 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
10:25:08.0237 0x1aa0  ETD - ok
10:25:08.0268 0x1aa0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:25:08.0284 0x1aa0  EventSystem - ok
10:25:08.0315 0x1aa0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:25:08.0315 0x1aa0  exfat - ok
10:25:08.0346 0x1aa0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:25:08.0362 0x1aa0  fastfat - ok
10:25:08.0424 0x1aa0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:25:08.0440 0x1aa0  Fax - ok
10:25:08.0455 0x1aa0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
10:25:08.0455 0x1aa0  fdc - ok
10:25:08.0486 0x1aa0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:25:08.0486 0x1aa0  fdPHost - ok
10:25:08.0502 0x1aa0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:25:08.0502 0x1aa0  FDResPub - ok
10:25:08.0533 0x1aa0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:25:08.0533 0x1aa0  FileInfo - ok
10:25:08.0549 0x1aa0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:25:08.0549 0x1aa0  Filetrace - ok
10:25:08.0549 0x1aa0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:25:08.0549 0x1aa0  flpydisk - ok
10:25:08.0580 0x1aa0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:25:08.0596 0x1aa0  FltMgr - ok
10:25:08.0674 0x1aa0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:25:08.0705 0x1aa0  FontCache - ok
10:25:08.0752 0x1aa0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:25:08.0752 0x1aa0  FontCache3.0.0.0 - ok
10:25:08.0783 0x1aa0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:25:08.0783 0x1aa0  FsDepends - ok
10:25:08.0826 0x1aa0  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
10:25:08.0828 0x1aa0  fssfltr - ok
10:25:08.0943 0x1aa0  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:25:08.0975 0x1aa0  fsssvc - ok
10:25:09.0001 0x1aa0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:25:09.0001 0x1aa0  Fs_Rec - ok
10:25:09.0041 0x1aa0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:25:09.0047 0x1aa0  fvevol - ok
10:25:09.0067 0x1aa0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:25:09.0067 0x1aa0  gagp30kx - ok
10:25:09.0130 0x1aa0  [ 9BA22AEE7F531EF9CE085CC2E1112BC4, 3A540C3763C6DDEC96CE80576BDBE8876C96D8CCCA221CC4BC7D1929B32365D0 ] GIDv2           C:\Windows\system32\drivers\GIDv2.sys
10:25:09.0130 0x1aa0  GIDv2 - ok
10:25:09.0177 0x1aa0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:25:09.0208 0x1aa0  gpsvc - ok
10:25:09.0270 0x1aa0  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:25:09.0286 0x1aa0  gupdate - ok
10:25:09.0333 0x1aa0  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:25:09.0333 0x1aa0  gupdatem - ok
10:25:09.0379 0x1aa0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:25:09.0379 0x1aa0  gusvc - ok
10:25:09.0411 0x1aa0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:25:09.0411 0x1aa0  hcw85cir - ok
10:25:09.0442 0x1aa0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:25:09.0457 0x1aa0  HdAudAddService - ok
10:25:09.0504 0x1aa0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:25:09.0504 0x1aa0  HDAudBus - ok
10:25:09.0520 0x1aa0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:25:09.0520 0x1aa0  HidBatt - ok
10:25:09.0551 0x1aa0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:25:09.0551 0x1aa0  HidBth - ok
10:25:09.0582 0x1aa0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:25:09.0582 0x1aa0  HidIr - ok
10:25:09.0598 0x1aa0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:25:09.0598 0x1aa0  hidserv - ok
10:25:09.0645 0x1aa0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
10:25:09.0645 0x1aa0  HidUsb - ok
10:25:09.0676 0x1aa0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:25:09.0676 0x1aa0  hkmsvc - ok
10:25:09.0691 0x1aa0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:25:09.0707 0x1aa0  HomeGroupListener - ok
10:25:09.0738 0x1aa0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:25:09.0738 0x1aa0  HomeGroupProvider - ok
10:25:09.0785 0x1aa0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:25:09.0785 0x1aa0  HpSAMD - ok
10:25:09.0814 0x1aa0  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
10:25:09.0816 0x1aa0  HTCAND64 - ok
10:25:09.0877 0x1aa0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:25:09.0901 0x1aa0  HTTP - ok
10:25:09.0915 0x1aa0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:25:09.0916 0x1aa0  hwpolicy - ok
10:25:09.0953 0x1aa0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:25:09.0956 0x1aa0  i8042prt - ok
10:25:09.0993 0x1aa0  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:25:10.0003 0x1aa0  iaStor - ok
10:25:10.0045 0x1aa0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:25:10.0054 0x1aa0  iaStorV - ok
10:25:10.0131 0x1aa0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:25:10.0162 0x1aa0  idsvc - ok
10:25:10.0287 0x1aa0  [ B463A82741E67093B7DBAE8D460159D0, E4DD5FFF9F2C4322AD7E05DEAB5200346196995CBDAD5F7A583748041BB048A6 ] IDSVia64        C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141121.001\IDSvia64.sys
10:25:10.0303 0x1aa0  IDSVia64 - ok
10:25:10.0334 0x13c8  Object send P2P result: true
10:25:10.0365 0x1aa0  [ A744324E96D6C12A007A4A11E910AFDB, 022691F65B68019EF57D7019D42A9A96DA3C17CB25746543E579B7C342A5C90E ] IDVaultSvc      C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
10:25:10.0365 0x1aa0  IDVaultSvc - ok
10:25:10.0412 0x1aa0  IEEtwCollectorService - ok
10:25:10.0909 0x1aa0  [ 10BB0DC3361C9420CC1B0B2128BB89DB, 566CB4FFFDFAB224D472455DE04A0D5E73EA72F17C93896204B60E3B7514F29F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:25:11.0320 0x1aa0  igfx - ok
10:25:11.0352 0x1aa0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:25:11.0352 0x1aa0  iirsp - ok
10:25:11.0383 0x1aa0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:25:11.0414 0x1aa0  IKEEXT - ok
10:25:11.0554 0x1aa0  [ 02C93EBAA4421418411448FE7FDFD815, A80175A2E2814C6E5354F6365EDE47D212D109D5022A4AD9DD1099A68E30D32E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:25:11.0601 0x1aa0  IntcAzAudAddService - ok
10:25:11.0664 0x1aa0  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:25:11.0679 0x1aa0  IntcDAud - ok
10:25:11.0710 0x1aa0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:25:11.0710 0x1aa0  intelide - ok
10:25:11.0742 0x1aa0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:25:11.0742 0x1aa0  intelppm - ok
10:25:11.0773 0x1aa0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:25:11.0788 0x1aa0  IPBusEnum - ok
10:25:11.0823 0x1aa0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:25:11.0826 0x1aa0  IpFilterDriver - ok
10:25:11.0877 0x1aa0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:25:11.0892 0x1aa0  iphlpsvc - ok
10:25:11.0904 0x1aa0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:25:11.0906 0x1aa0  IPMIDRV - ok
10:25:11.0934 0x1aa0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:25:11.0938 0x1aa0  IPNAT - ok
10:25:11.0956 0x1aa0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:25:11.0957 0x1aa0  IRENUM - ok
10:25:11.0974 0x1aa0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:25:11.0985 0x1aa0  isapnp - ok
10:25:12.0007 0x1aa0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:25:12.0013 0x1aa0  iScsiPrt - ok
10:25:12.0070 0x1aa0  [ 54F694C6CD3A1149BA3A8BDACC83BADC, 2CB02C1EFE0F625BA346546452874491D2DEB4CE982BC647759822F7AB455C95 ] ITMRTSVC        C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
10:25:12.0070 0x1aa0  ITMRTSVC - ok
10:25:12.0086 0x1aa0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:25:12.0101 0x1aa0  kbdclass - ok
10:25:12.0132 0x1aa0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:25:12.0132 0x1aa0  kbdhid - ok
10:25:12.0164 0x1aa0  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
10:25:12.0164 0x1aa0  kbfiltr - ok
10:25:12.0179 0x1aa0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:25:12.0179 0x1aa0  KeyIso - ok
10:25:12.0226 0x1aa0  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:25:12.0226 0x1aa0  KSecDD - ok
10:25:12.0273 0x1aa0  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:25:12.0288 0x1aa0  KSecPkg - ok
10:25:12.0335 0x1aa0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:25:12.0335 0x1aa0  ksthunk - ok
10:25:12.0382 0x1aa0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:25:12.0398 0x1aa0  KtmRm - ok
10:25:12.0413 0x1aa0  [ 655A5D8E80869781CCE23760ADA7E695, 86DA2FC5DBA28762A89BC70D9DA0F370FC4A9F4F28E6802AD5972C387F4EEFD3 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
10:25:12.0429 0x1aa0  L1C - ok
10:25:12.0460 0x1aa0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:25:12.0491 0x1aa0  LanmanServer - ok
10:25:12.0507 0x1aa0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:25:12.0522 0x1aa0  LanmanWorkstation - ok
10:25:12.0554 0x1aa0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:25:12.0554 0x1aa0  lltdio - ok
10:25:12.0585 0x1aa0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:25:12.0600 0x1aa0  lltdsvc - ok
10:25:12.0616 0x1aa0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:25:12.0616 0x1aa0  lmhosts - ok
10:25:12.0678 0x1aa0  [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:25:12.0694 0x1aa0  LMS - ok
10:25:12.0725 0x1aa0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:25:12.0741 0x1aa0  LSI_FC - ok
10:25:12.0772 0x1aa0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:25:12.0772 0x1aa0  LSI_SAS - ok
10:25:12.0772 0x1aa0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:25:12.0772 0x1aa0  LSI_SAS2 - ok
10:25:12.0803 0x1aa0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:25:12.0803 0x1aa0  LSI_SCSI - ok
10:25:12.0845 0x1aa0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:25:12.0849 0x1aa0  luafv - ok
10:25:12.0874 0x1aa0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:25:12.0877 0x1aa0  Mcx2Svc - ok
10:25:12.0911 0x1aa0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:25:12.0913 0x1aa0  megasas - ok
10:25:12.0934 0x1aa0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:25:12.0943 0x1aa0  MegaSR - ok
10:25:12.0982 0x1aa0  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
10:25:12.0984 0x1aa0  MEIx64 - ok
10:25:12.0999 0x1aa0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:25:13.0001 0x1aa0  MMCSS - ok
10:25:13.0024 0x1aa0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:25:13.0026 0x1aa0  Modem - ok
10:25:13.0047 0x1aa0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:25:13.0049 0x1aa0  monitor - ok
10:25:13.0078 0x1aa0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:25:13.0080 0x1aa0  mouclass - ok
10:25:13.0089 0x1aa0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
10:25:13.0104 0x1aa0  mouhid - ok
10:25:13.0120 0x1aa0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:25:13.0120 0x1aa0  mountmgr - ok
10:25:13.0151 0x1aa0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:25:13.0151 0x1aa0  mpio - ok
10:25:13.0182 0x1aa0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:25:13.0198 0x1aa0  mpsdrv - ok
10:25:13.0229 0x1aa0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:25:13.0245 0x1aa0  MpsSvc - ok
10:25:13.0276 0x1aa0  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:25:13.0276 0x1aa0  MRxDAV - ok
10:25:13.0307 0x1aa0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:25:13.0307 0x1aa0  mrxsmb - ok
10:25:13.0338 0x1aa0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:25:13.0338 0x1aa0  mrxsmb10 - ok
10:25:13.0354 0x1aa0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:25:13.0385 0x1aa0  mrxsmb20 - ok
10:25:13.0401 0x1aa0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:25:13.0416 0x1aa0  msahci - ok
10:25:13.0432 0x1aa0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:25:13.0448 0x1aa0  msdsm - ok
10:25:13.0463 0x1aa0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:25:13.0479 0x1aa0  MSDTC - ok
10:25:13.0494 0x1aa0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:25:13.0494 0x1aa0  Msfs - ok
10:25:13.0526 0x1aa0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:25:13.0526 0x1aa0  mshidkmdf - ok
10:25:13.0541 0x1aa0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:25:13.0541 0x1aa0  msisadrv - ok
10:25:13.0588 0x1aa0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:25:13.0588 0x1aa0  MSiSCSI - ok
10:25:13.0588 0x1aa0  msiserver - ok
10:25:13.0619 0x1aa0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:25:13.0619 0x1aa0  MSKSSRV - ok
10:25:13.0635 0x1aa0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:25:13.0635 0x1aa0  MSPCLOCK - ok
10:25:13.0650 0x1aa0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:25:13.0650 0x1aa0  MSPQM - ok
10:25:13.0682 0x1aa0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:25:13.0682 0x1aa0  MsRPC - ok
10:25:13.0713 0x1aa0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:25:13.0713 0x1aa0  mssmbios - ok
10:25:13.0744 0x1aa0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:25:13.0744 0x1aa0  MSTEE - ok
10:25:13.0760 0x1aa0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:25:13.0775 0x1aa0  MTConfig - ok
10:25:13.0791 0x1aa0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:25:13.0806 0x1aa0  Mup - ok
10:25:13.0982 0x1aa0  [ 63F5AC8B04F3134E97379CA38DBFBC3C, 1F414CD4554407A0106FB34FC502818A5471E859992A8E7E253B15573283DA5D ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe
10:25:13.0990 0x1aa0  N360 - ok
10:25:14.0033 0x1aa0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:25:14.0044 0x1aa0  napagent - ok
10:25:14.0088 0x1aa0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:25:14.0091 0x1aa0  NativeWifiP - ok
10:25:14.0185 0x1aa0  [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG          C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141121.017\ENG64.SYS
10:25:14.0185 0x1aa0  NAVENG - ok
10:25:14.0309 0x1aa0  [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15         C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141121.017\EX64.SYS
10:25:14.0356 0x1aa0  NAVEX15 - ok
10:25:14.0450 0x1aa0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:25:14.0559 0x1aa0  NDIS - ok
10:25:14.0575 0x1aa0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:25:14.0590 0x1aa0  NdisCap - ok
10:25:14.0668 0x1aa0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:25:14.0684 0x1aa0  NdisTapi - ok
10:25:14.0715 0x1aa0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:25:14.0715 0x1aa0  Ndisuio - ok
10:25:14.0762 0x1aa0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:25:14.0777 0x1aa0  NdisWan - ok
10:25:14.0826 0x1aa0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:25:14.0827 0x1aa0  NDProxy - ok
10:25:14.0879 0x1aa0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:25:14.0881 0x1aa0  NetBIOS - ok
10:25:14.0901 0x1aa0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:25:14.0908 0x1aa0  NetBT - ok
10:25:14.0931 0x1aa0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:25:14.0932 0x1aa0  Netlogon - ok
10:25:14.0983 0x1aa0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:25:14.0993 0x1aa0  Netman - ok
10:25:15.0032 0x1aa0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:25:15.0037 0x1aa0  NetMsmqActivator - ok
10:25:15.0045 0x1aa0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:25:15.0048 0x1aa0  NetPipeActivator - ok
10:25:15.0077 0x1aa0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:25:15.0087 0x1aa0  netprofm - ok
10:25:15.0108 0x1aa0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:25:15.0108 0x1aa0  NetTcpActivator - ok
10:25:15.0108 0x1aa0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:25:15.0108 0x1aa0  NetTcpPortSharing - ok
10:25:15.0155 0x1aa0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:25:15.0155 0x1aa0  nfrd960 - ok
10:25:15.0201 0x1aa0  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:25:15.0217 0x1aa0  NlaSvc - ok
10:25:15.0233 0x1aa0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:25:15.0233 0x1aa0  Npfs - ok
10:25:15.0248 0x1aa0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:25:15.0264 0x1aa0  nsi - ok
10:25:15.0279 0x1aa0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:25:15.0279 0x1aa0  nsiproxy - ok
10:25:15.0389 0x1aa0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:25:15.0420 0x1aa0  Ntfs - ok
10:25:15.0451 0x1aa0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:25:15.0451 0x1aa0  Null - ok
10:25:15.0482 0x1aa0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:25:15.0482 0x1aa0  nvraid - ok
10:25:15.0513 0x1aa0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:25:15.0513 0x1aa0  nvstor - ok
10:25:15.0529 0x1aa0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:25:15.0529 0x1aa0  nv_agp - ok
10:25:15.0638 0x1aa0  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:25:15.0654 0x1aa0  odserv - ok
10:25:15.0685 0x1aa0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:25:15.0685 0x1aa0  ohci1394 - ok
10:25:15.0701 0x1aa0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:25:15.0716 0x1aa0  ose - ok
10:25:15.0747 0x1aa0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:25:15.0747 0x1aa0  p2pimsvc - ok
10:25:15.0779 0x1aa0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:25:15.0794 0x1aa0  p2psvc - ok
10:25:15.0841 0x1aa0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
10:25:15.0849 0x1aa0  Parport - ok
10:25:15.0878 0x1aa0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:25:15.0881 0x1aa0  partmgr - ok
10:25:15.0902 0x1aa0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:25:15.0908 0x1aa0  PcaSvc - ok
10:25:15.0937 0x1aa0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:25:15.0943 0x1aa0  pci - ok
10:25:15.0964 0x1aa0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:25:15.0965 0x1aa0  pciide - ok
10:25:15.0989 0x1aa0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:25:15.0995 0x1aa0  pcmcia - ok
10:25:16.0011 0x1aa0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:25:16.0013 0x1aa0  pcw - ok
10:25:16.0046 0x1aa0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:25:16.0062 0x1aa0  PEAUTH - ok
10:25:16.0140 0x1aa0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:25:16.0156 0x1aa0  PerfHost - ok
10:25:16.0281 0x1aa0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:25:16.0312 0x1aa0  pla - ok
10:25:16.0343 0x1aa0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:25:16.0359 0x1aa0  PlugPlay - ok
10:25:16.0374 0x1aa0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:25:16.0374 0x1aa0  PNRPAutoReg - ok
10:25:16.0390 0x1aa0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:25:16.0390 0x1aa0  PNRPsvc - ok
10:25:16.0437 0x1aa0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:25:16.0452 0x1aa0  PolicyAgent - ok
10:25:16.0483 0x1aa0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:25:16.0483 0x1aa0  Power - ok
10:25:16.0515 0x1aa0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:25:16.0515 0x1aa0  PptpMiniport - ok
10:25:16.0530 0x1aa0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
10:25:16.0530 0x1aa0  Processor - ok
10:25:16.0577 0x1aa0  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:25:16.0577 0x1aa0  ProfSvc - ok
10:25:16.0608 0x1aa0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:25:16.0608 0x1aa0  ProtectedStorage - ok
10:25:16.0624 0x1aa0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:25:16.0624 0x1aa0  Psched - ok
10:25:16.0686 0x1aa0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:25:16.0717 0x1aa0  ql2300 - ok
10:25:16.0749 0x1aa0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:25:16.0749 0x1aa0  ql40xx - ok
10:25:16.0841 0x1aa0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:25:16.0859 0x1aa0  QWAVE - ok
10:25:16.0876 0x1aa0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:25:16.0878 0x1aa0  QWAVEdrv - ok
10:25:16.0887 0x1aa0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:25:16.0889 0x1aa0  RasAcd - ok
10:25:16.0922 0x1aa0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:25:16.0924 0x1aa0  RasAgileVpn - ok
10:25:16.0960 0x1aa0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:25:16.0965 0x1aa0  RasAuto - ok
10:25:17.0007 0x1aa0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:25:17.0011 0x1aa0  Rasl2tp - ok
10:25:17.0046 0x1aa0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:25:17.0058 0x1aa0  RasMan - ok
10:25:17.0073 0x1aa0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:25:17.0076 0x1aa0  RasPppoe - ok
10:25:17.0095 0x1aa0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:25:17.0095 0x1aa0  RasSstp - ok
10:25:17.0142 0x1aa0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:25:17.0157 0x1aa0  rdbss - ok
10:25:17.0157 0x1aa0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
10:25:17.0173 0x1aa0  rdpbus - ok
10:25:17.0204 0x1aa0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:25:17.0204 0x1aa0  RDPCDD - ok
10:25:17.0220 0x1aa0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:25:17.0220 0x1aa0  RDPENCDD - ok
10:25:17.0220 0x1aa0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:25:17.0220 0x1aa0  RDPREFMP - ok
10:25:17.0251 0x1aa0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:25:17.0266 0x1aa0  RDPWD - ok
10:25:17.0298 0x1aa0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:25:17.0298 0x1aa0  rdyboost - ok
10:25:17.0329 0x1aa0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:25:17.0329 0x1aa0  RemoteAccess - ok
10:25:17.0376 0x1aa0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:25:17.0376 0x1aa0  RemoteRegistry - ok
10:25:17.0422 0x1aa0  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:25:17.0422 0x1aa0  RFCOMM - ok
10:25:17.0469 0x1aa0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:25:17.0469 0x1aa0  RpcEptMapper - ok
10:25:17.0500 0x1aa0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:25:17.0500 0x1aa0  RpcLocator - ok
10:25:17.0547 0x1aa0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:25:17.0563 0x1aa0  RpcSs - ok
10:25:17.0594 0x1aa0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:25:17.0594 0x1aa0  rspndr - ok
10:25:17.0688 0x1aa0  [ 25AABB94BB2D59F1CA6101290255D2E8, 2715ADC4A246714388E9C7E4AEAC8BA1BECFA72F0F0CD2479C13B3D1455060F5 ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
10:25:17.0719 0x1aa0  RTL8192Ce - ok
10:25:17.0719 0x1aa0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:25:17.0719 0x1aa0  SamSs - ok
10:25:17.0750 0x1aa0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:25:17.0750 0x1aa0  sbp2port - ok
10:25:17.0797 0x1aa0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:25:17.0797 0x1aa0  SCardSvr - ok
10:25:17.0812 0x1aa0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:25:17.0812 0x1aa0  scfilter - ok
10:25:17.0873 0x1aa0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:25:17.0898 0x1aa0  Schedule - ok
10:25:17.0929 0x1aa0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:25:17.0931 0x1aa0  SCPolicySvc - ok
10:25:17.0960 0x1aa0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:25:17.0966 0x1aa0  SDRSVC - ok
10:25:18.0009 0x1aa0  [ CC781378E7EDA615D2CDCA3B17829FA4, 137BF83A2A3D69335AD031B8D73473526F782CB8917A34B3CD92F923E7660F2A ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:25:18.0015 0x1aa0  SeaPort - ok
10:25:18.0039 0x1aa0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:25:18.0040 0x1aa0  secdrv - ok
10:25:18.0064 0x1aa0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:25:18.0066 0x1aa0  seclogon - ok
10:25:18.0077 0x1aa0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:25:18.0080 0x1aa0  SENS - ok
10:25:18.0092 0x1aa0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:25:18.0094 0x1aa0  SensrSvc - ok
10:25:18.0112 0x1aa0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:25:18.0112 0x1aa0  Serenum - ok
10:25:18.0158 0x1aa0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
10:25:18.0158 0x1aa0  Serial - ok
10:25:18.0190 0x1aa0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:25:18.0190 0x1aa0  sermouse - ok
10:25:18.0221 0x1aa0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:25:18.0221 0x1aa0  SessionEnv - ok
10:25:18.0236 0x1aa0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:25:18.0236 0x1aa0  sffdisk - ok
10:25:18.0252 0x1aa0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:25:18.0252 0x1aa0  sffp_mmc - ok
10:25:18.0268 0x1aa0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:25:18.0268 0x1aa0  sffp_sd - ok
10:25:18.0283 0x1aa0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:25:18.0283 0x1aa0  sfloppy - ok
10:25:18.0346 0x1aa0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:25:18.0361 0x1aa0  SharedAccess - ok
10:25:18.0408 0x1aa0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:25:18.0424 0x1aa0  ShellHWDetection - ok
10:25:18.0439 0x1aa0  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
10:25:18.0439 0x1aa0  SiSGbeLH - ok
10:25:18.0486 0x1aa0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:25:18.0486 0x1aa0  SiSRaid2 - ok
10:25:18.0517 0x1aa0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:25:18.0517 0x1aa0  SiSRaid4 - ok
10:25:18.0548 0x1aa0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:25:18.0564 0x1aa0  Smb - ok
10:25:18.0595 0x1aa0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:25:18.0595 0x1aa0  SNMPTRAP - ok
10:25:18.0626 0x1aa0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:25:18.0626 0x1aa0  spldr - ok
10:25:18.0673 0x1aa0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:25:18.0689 0x1aa0  Spooler - ok
10:25:18.0829 0x1aa0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:25:18.0967 0x1aa0  sppsvc - ok
10:25:18.0983 0x1aa0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:25:18.0986 0x1aa0  sppuinotify - ok
10:25:19.0065 0x1aa0  [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP           C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS
10:25:19.0084 0x1aa0  SRTSP - ok
10:25:19.0111 0x1aa0  [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX          C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS
10:25:19.0113 0x1aa0  SRTSPX - ok
10:25:19.0140 0x1aa0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:25:19.0151 0x1aa0  srv - ok
10:25:19.0169 0x1aa0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:25:19.0184 0x1aa0  srv2 - ok
10:25:19.0200 0x1aa0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:25:19.0215 0x1aa0  srvnet - ok
10:25:19.0247 0x1aa0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:25:19.0247 0x1aa0  SSDPSRV - ok
10:25:19.0262 0x1aa0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:25:19.0262 0x1aa0  SstpSvc - ok
10:25:19.0293 0x1aa0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:25:19.0293 0x1aa0  stexstor - ok
10:25:19.0340 0x1aa0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:25:19.0356 0x1aa0  stisvc - ok
10:25:19.0356 0x1aa0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:25:19.0356 0x1aa0  swenum - ok
10:25:19.0387 0x1aa0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:25:19.0403 0x1aa0  swprv - ok
10:25:19.0449 0x1aa0  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\N360x64\1506000.020\SYMDS64.SYS
10:25:19.0481 0x1aa0  SymDS - ok
10:25:19.0590 0x1aa0  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\Windows\system32\drivers\N360x64\1506000.020\SYMEFA64.SYS
10:25:19.0621 0x1aa0  SymEFA - ok
10:25:19.0652 0x1aa0  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:25:19.0668 0x1aa0  SymEvent - ok
10:25:19.0715 0x1aa0  [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON         C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS
10:25:19.0730 0x1aa0  SymIRON - ok
10:25:19.0808 0x1aa0  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS
10:25:19.0839 0x1aa0  SymNetS - ok
10:25:19.0924 0x1aa0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:25:19.0962 0x1aa0  SysMain - ok
10:25:19.0980 0x1aa0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:25:19.0984 0x1aa0  TabletInputService - ok
10:25:20.0015 0x1aa0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:25:20.0023 0x1aa0  TapiSrv - ok
10:25:20.0040 0x1aa0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:25:20.0043 0x1aa0  TBS - ok
10:25:20.0156 0x1aa0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:25:20.0195 0x1aa0  Tcpip - ok
10:25:20.0258 0x1aa0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:25:20.0305 0x1aa0  TCPIP6 - ok
10:25:20.0320 0x1aa0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:25:20.0320 0x1aa0  tcpipreg - ok
10:25:20.0351 0x1aa0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:25:20.0351 0x1aa0  TDPIPE - ok
10:25:20.0383 0x1aa0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:25:20.0383 0x1aa0  TDTCP - ok
10:25:20.0429 0x1aa0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:25:20.0445 0x1aa0  tdx - ok
10:25:20.0461 0x1aa0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:25:20.0476 0x1aa0  TermDD - ok
10:25:20.0554 0x1aa0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
10:25:20.0570 0x1aa0  TermService - ok
10:25:20.0601 0x1aa0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:25:20.0601 0x1aa0  Themes - ok
10:25:20.0617 0x1aa0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:25:20.0632 0x1aa0  THREADORDER - ok
10:25:20.0648 0x1aa0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:25:20.0663 0x1aa0  TrkWks - ok
10:25:20.0710 0x1aa0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:25:20.0726 0x1aa0  TrustedInstaller - ok
10:25:20.0757 0x1aa0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:25:20.0757 0x1aa0  tssecsrv - ok
10:25:20.0788 0x1aa0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:25:20.0804 0x1aa0  TsUsbFlt - ok
10:25:20.0835 0x1aa0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:25:20.0835 0x1aa0  TsUsbGD - ok
10:25:20.0882 0x1aa0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:25:20.0897 0x1aa0  tunnel - ok
10:25:20.0944 0x1aa0  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
10:25:20.0944 0x1aa0  TurboB - ok
10:25:21.0022 0x1aa0  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:25:21.0022 0x1aa0  TurboBoost - ok
10:25:21.0053 0x1aa0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:25:21.0053 0x1aa0  uagp35 - ok
10:25:21.0069 0x1aa0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:25:21.0085 0x1aa0  udfs - ok
10:25:21.0116 0x1aa0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:25:21.0131 0x1aa0  UI0Detect - ok
10:25:21.0163 0x1aa0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:25:21.0163 0x1aa0  uliagpkx - ok
10:25:21.0194 0x1aa0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:25:21.0194 0x1aa0  umbus - ok
10:25:21.0225 0x1aa0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:25:21.0225 0x1aa0  UmPass - ok
10:25:21.0381 0x1aa0  [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:25:21.0443 0x1aa0  UNS - ok
10:25:21.0475 0x1aa0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:25:21.0490 0x1aa0  upnphost - ok
10:25:21.0506 0x1aa0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:25:21.0521 0x1aa0  usbccgp - ok
10:25:21.0553 0x1aa0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:25:21.0553 0x1aa0  usbcir - ok
10:25:21.0584 0x1aa0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:25:21.0584 0x1aa0  usbehci - ok
10:25:21.0631 0x1aa0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:25:21.0662 0x1aa0  usbhub - ok
10:25:21.0677 0x1aa0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:25:21.0677 0x1aa0  usbohci - ok
10:25:21.0709 0x1aa0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:25:21.0724 0x1aa0  usbprint - ok
10:25:21.0755 0x1aa0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
10:25:21.0771 0x1aa0  usbscan - ok
10:25:21.0802 0x1aa0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:25:21.0802 0x1aa0  USBSTOR - ok
10:25:21.0833 0x1aa0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:25:21.0849 0x1aa0  usbuhci - ok
10:25:21.0896 0x1aa0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:25:21.0919 0x1aa0  usbvideo - ok
10:25:21.0948 0x1aa0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:25:21.0951 0x1aa0  UxSms - ok
10:25:21.0964 0x1aa0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:25:21.0966 0x1aa0  VaultSvc - ok
10:25:22.0002 0x1aa0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:25:22.0004 0x1aa0  vdrvroot - ok
10:25:22.0030 0x1aa0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:25:22.0045 0x1aa0  vds - ok
10:25:22.0079 0x1aa0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:25:22.0080 0x1aa0  vga - ok
10:25:22.0099 0x1aa0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:25:22.0101 0x1aa0  VgaSave - ok
10:25:22.0118 0x1aa0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:25:22.0123 0x1aa0  vhdmp - ok
10:25:22.0147 0x1aa0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:25:22.0148 0x1aa0  viaide - ok
10:25:22.0178 0x1aa0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:25:22.0181 0x1aa0  volmgr - ok
10:25:22.0185 0x1aa0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:25:22.0201 0x1aa0  volmgrx - ok
10:25:22.0217 0x1aa0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:25:22.0232 0x1aa0  volsnap - ok
10:25:22.0263 0x1aa0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:25:22.0263 0x1aa0  vsmraid - ok
10:25:22.0373 0x1aa0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:25:22.0404 0x1aa0  VSS - ok
10:25:22.0419 0x1aa0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:25:22.0419 0x1aa0  vwifibus - ok
10:25:22.0435 0x1aa0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:25:22.0435 0x1aa0  vwififlt - ok
10:25:22.0466 0x1aa0  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:25:22.0466 0x1aa0  vwifimp - ok
10:25:22.0482 0x1aa0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:25:22.0497 0x1aa0  W32Time - ok
10:25:22.0513 0x1aa0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:25:22.0513 0x1aa0  WacomPen - ok
10:25:22.0560 0x1aa0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:25:22.0560 0x1aa0  WANARP - ok
10:25:22.0575 0x1aa0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:25:22.0575 0x1aa0  Wanarpv6 - ok
10:25:22.0669 0x1aa0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:25:22.0700 0x1aa0  WatAdminSvc - ok
10:25:22.0841 0x1aa0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:25:22.0872 0x1aa0  wbengine - ok
10:25:22.0903 0x1aa0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:25:22.0903 0x1aa0  WbioSrvc - ok
10:25:22.0932 0x1aa0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:25:22.0942 0x1aa0  wcncsvc - ok
10:25:22.0950 0x1aa0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:25:22.0953 0x1aa0  WcsPlugInService - ok
10:25:22.0981 0x1aa0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:25:22.0982 0x1aa0  Wd - ok
10:25:23.0027 0x1aa0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:25:23.0045 0x1aa0  Wdf01000 - ok
10:25:23.0073 0x1aa0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:25:23.0076 0x1aa0  WdiServiceHost - ok
10:25:23.0080 0x1aa0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:25:23.0083 0x1aa0  WdiSystemHost - ok
10:25:23.0111 0x1aa0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:25:23.0118 0x1aa0  WebClient - ok
10:25:23.0151 0x1aa0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:25:23.0158 0x1aa0  Wecsvc - ok
10:25:23.0173 0x1aa0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:25:23.0176 0x1aa0  wercplsupport - ok
10:25:23.0202 0x1aa0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:25:23.0202 0x1aa0  WerSvc - ok
10:25:23.0233 0x1aa0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:25:23.0233 0x1aa0  WfpLwf - ok
10:25:23.0265 0x1aa0  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
10:25:23.0280 0x1aa0  WimFltr - ok
10:25:23.0311 0x1aa0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:25:23.0311 0x1aa0  WIMMount - ok
10:25:23.0343 0x1aa0  WinDefend - ok
10:25:23.0358 0x1aa0  WinHttpAutoProxySvc - ok
10:25:23.0421 0x1aa0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:25:23.0436 0x1aa0  Winmgmt - ok
10:25:23.0545 0x1aa0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:25:23.0577 0x1aa0  WinRM - ok
10:25:23.0655 0x1aa0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:25:23.0655 0x1aa0  WinUsb - ok
10:25:23.0733 0x1aa0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:25:23.0748 0x1aa0  Wlansvc - ok
10:25:23.0779 0x1aa0  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:25:23.0779 0x1aa0  wlcrasvc - ok
10:25:23.0967 0x1aa0  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:25:24.0013 0x1aa0  wlidsvc - ok
10:25:24.0029 0x1aa0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:25:24.0029 0x1aa0  WmiAcpi - ok
10:25:24.0076 0x1aa0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:25:24.0076 0x1aa0  wmiApSrv - ok
10:25:24.0091 0x1aa0  WMPNetworkSvc - ok
10:25:24.0123 0x1aa0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:25:24.0123 0x1aa0  WPCSvc - ok
10:25:24.0138 0x1aa0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:25:24.0138 0x1aa0  WPDBusEnum - ok
10:25:24.0154 0x1aa0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:25:24.0154 0x1aa0  ws2ifsl - ok
10:25:24.0201 0x1aa0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:25:24.0201 0x1aa0  wscsvc - ok
10:25:24.0216 0x1aa0  WSearch - ok
10:25:24.0357 0x1aa0  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:25:24.0403 0x1aa0  wuauserv - ok
10:25:24.0435 0x1aa0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:25:24.0435 0x1aa0  WudfPf - ok
10:25:24.0466 0x1aa0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:25:24.0481 0x1aa0  WUDFRd - ok
10:25:24.0513 0x1aa0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:25:24.0513 0x1aa0  wudfsvc - ok
10:25:24.0544 0x1aa0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:25:24.0544 0x1aa0  WwanSvc - ok
10:25:24.0575 0x1aa0  ================ Scan global ===============================
10:25:24.0591 0x1aa0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:25:24.0622 0x1aa0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:25:24.0637 0x1aa0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:25:24.0669 0x1aa0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:25:24.0700 0x1aa0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:25:24.0700 0x1aa0  [ Global ] - ok
10:25:24.0700 0x1aa0  ================ Scan MBR ==================================
10:25:24.0731 0x1aa0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:25:25.0118 0x1aa0  \Device\Harddisk0\DR0 - ok
10:25:25.0119 0x1aa0  ================ Scan VBR ==================================
10:25:25.0137 0x1aa0  [ 98200A147DDDB54C0E7C659791D986EA ] \Device\Harddisk0\DR0\Partition1
10:25:25.0139 0x1aa0  \Device\Harddisk0\DR0\Partition1 - ok
10:25:25.0161 0x1aa0  [ 7E426154AA14C0363DE69ED4665A2B98 ] \Device\Harddisk0\DR0\Partition2
10:25:25.0163 0x1aa0  \Device\Harddisk0\DR0\Partition2 - ok
10:25:25.0164 0x1aa0  ================ Scan generic autorun ======================
10:25:25.0164 0x1aa0  ETDCtrl - ok
10:25:25.0222 0x1aa0  [ 4490896F4491FD5F1BE601BA9C8245BD, 53709493AFDDE795A08F5E54FCF210479304B998522A06054AA9FAF514C8F1C6 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
10:25:25.0238 0x1aa0  AmIcoSinglun64 - ok
10:25:25.0332 0x1aa0  [ 495B01F44E917CCDF79005CC0EC56F5A, F9FE6E5EC0C40B8877F846568BA4DC23EEBCC0CCA1F43364C65079F7B77F19F9 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
10:25:25.0378 0x1aa0  RtHDVBg - ok
10:25:25.0378 0x1aa0  IntelTBRunOnce - ok
10:25:25.0410 0x1aa0  [ 66AED1BEEB42C3276F74C8206EF652B0, 6E5ED8B212E745A82B8AB6B14AFD50A5ADA74E219536FDB50897CADF19003D92 ] C:\Windows\system32\igfxtray.exe
10:25:25.0425 0x1aa0  IgfxTray - ok
10:25:25.0441 0x1aa0  [ A2E88CF9FEFE538E7F6AFF9E0B6D0A72, 18D989B6B30FA66C62868D5CA647F01239F3EEF15E744BF1F581407AA0EF1F25 ] C:\Windows\system32\hkcmd.exe
10:25:25.0441 0x1aa0  HotKeysCmds - ok
10:25:25.0488 0x1aa0  [ 757A595F75E7840A7132EC11E6E6188A, 95085E8B5432F76E0C50D79F74DECAD54662BB32FFDD575BC8CBAC2C79B1C069 ] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe
10:25:25.0488 0x1aa0  Nuance PDF Reader-reminder - ok
10:25:25.0597 0x1aa0  [ BBE8B2B11C5903995802B2565DF4947B, 9C199205C93CD87347B75A0FBDC9BD0304E1B8DDE7EDCEAE5F951D647CEBB2AF ] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe
10:25:25.0628 0x1aa0  ASUSWebStorage - ok
10:25:25.0675 0x1aa0  [ 7EE22E13DEC8A6D18F4643C1EA34B0F0, C36CE0B46763359AD0A9D02DA538A7E3A1A8CA5E6A02F36CE1AC46D5FAF03CF5 ] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
10:25:25.0706 0x1aa0  SonicMasterTray - ok
10:25:25.0947 0x1aa0  [ 5BB1F77C8AF725A15EC9366498D275BB, 87146A81FB6F313ACF087C72F219CFAA92D4CA456810C49241BD182384B2DAAC ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
10:25:26.0117 0x1aa0  ATKOSD2 - ok
10:25:26.0143 0x1aa0  [ 79A3B950988F8D2B81906D0C0473158B, 7D9EDB4F9A4800D31C103CF2BBC93C0F5F31888E93E899C43EC5984B4807C3D8 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
10:25:26.0147 0x1aa0  ATKMEDIA - ok
10:25:26.0176 0x1aa0  [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
10:25:26.0179 0x1aa0  HControlUser - ok
10:25:26.0254 0x1aa0  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
10:25:26.0269 0x1aa0  UpdateLBPShortCut - ok
10:25:26.0316 0x1aa0  [ 493C7DF03D478DE0F7B47D64C680C3EC, 8B09F7324106C0D677D28239EC68909CC83C66824895C03232ED06E2D0C66717 ] C:\Program Files (x86)\SFT\GuardedID\gidd.exe
10:25:26.0316 0x1aa0  GIDDesktop - ok
10:25:26.0425 0x1aa0  [ 47C1DE0A890613FFCFF1D67648EEDF90, 5821567D7DD99623257AEA794023EF4200E6E17FD09656B40D97C44A35C701BB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:25:26.0441 0x1aa0  Adobe ARM - ok
10:25:26.0597 0x1aa0  [ 04AB67DB445F75369CBF99B174F10297, 2202D9F93870A416C220883598F3C55335BA02865B5962199ADE67A2060F75AC ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
10:25:26.0644 0x1aa0  Wireless Console 3 - ok
10:25:26.0753 0x1aa0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:25:26.0784 0x1aa0  Sidebar - ok
10:25:26.0831 0x1aa0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:25:26.0831 0x1aa0  mctadmin - ok
10:25:26.0893 0x1aa0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:25:26.0925 0x1aa0  Sidebar - ok
10:25:26.0925 0x1aa0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:25:26.0925 0x1aa0  mctadmin - ok
10:25:26.0925 0x1aa0  ComcastAntispyClient - ok
10:25:27.0365 0x1aa0  [ C1C1DC114D1CF460FD1F04DD6A8999D9, FD4C01DDEA011A73F731645D208CD800896BA2DFE7C3D0A204120BBCF8733AFF ] C:\Program Files\CCleaner\CCleaner64.exe
10:25:27.0755 0x1aa0  CCleaner Monitoring - ok
10:25:27.0755 0x1aa0  Waiting for KSN requests completion. In queue: 32
10:25:28.0755 0x1aa0  Waiting for KSN requests completion. In queue: 32
10:25:29.0758 0x1aa0  Waiting for KSN requests completion. In queue: 32
10:25:30.0759 0x1aa0  Waiting for KSN requests completion. In queue: 32
10:25:31.0790 0x1aa0  AV detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x50000 ( disabled : updated )
10:25:31.0790 0x1aa0  FW detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x51010 ( enabled )
10:25:34.0711 0x1aa0  ============================================================
10:25:34.0711 0x1aa0  Scan finished
10:25:34.0711 0x1aa0  ============================================================
10:25:34.0727 0x1838  Detected object count: 0
10:25:34.0727 0x1838  Actual detected object count: 0
10:26:10.0896 0x1b2c  Deinitialize success
 



#10 buddy215

buddy215

  • Moderator
  • 13,303 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:41 AM

Posted 22 November 2014 - 03:37 PM

Is this still happening...Roughly 9-12 processes named "gdzalotqjgek.exe" running in the task manager with a discription of "Goggle Chrome".?

 

Reset Google Chrome

Google Chrome gives you the option to reset your browser settings in one easy click. In some cases, programs that you install can change your Chrome settings without your knowledge. You may see additional extensions and toolbars or a different search engine. Resetting your browser settings will reset the unwanted changes caused by installing other programs. However, your saved bookmarks and passwords will not be cleared or changed.

Reset your browser settings
  1. In the top-right corner of the browser window, click the Chrome menu
  2. Select Settings.
  3. At the bottom, click Show advanced settings.
  4. Under the section "Reset settings,” click Reset settings.
  5. In the dialog that appears, click Reset.

Open CCleaner and click on Tools. Choose Startups. At the bottom of that page is a button when clicked will allow you

to copy and paste the list of items in startup. Please post that list in your next reply.

 

Check for security updates for all Adobe products such as flash and Reader; Java (not java script).


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 Applesandoranges

Applesandoranges
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 22 November 2014 - 04:42 PM

All of those random string processes tied to "Google Chrome" are no longer there.  Here is the "startup" list from CCleaner:

 

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run ComcastAntispyClient  "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide
No HKCU:Run Syncables syncables, LLC C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
Yes HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run AmIcoSinglun64 Alcor Micro Corp. C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
No HKLM:Run ASUS Screen Saver Protector ASUS C:\Windows\AsScrPro.exe
Yes HKLM:Run ASUSWebStorage ecareme C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
Yes HKLM:Run ATKMEDIA ASUS C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
Yes HKLM:Run ATKOSD2 ASUS C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
No HKLM:Run CLMLServer CyberLink "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
Yes HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
Yes HKLM:Run GIDDesktop StrikeForce Technologies Inc. C:\Program Files (x86)\SFT\GuardedID\gidd.exe  /s
Yes HKLM:Run HControlUser ASUS C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
Yes HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
Yes HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
Yes HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
Yes HKLM:Run Nuance PDF Reader-reminder Nuance Communications, Inc. "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
Yes HKLM:Run RtHDVBg Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
No HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
No HKLM:Run Setwallpaper  c:\programdata\SetWallpaper.cmd
Yes HKLM:Run SonicMasterTray Virage Logic Corporation / Sonic Focus C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
Yes HKLM:Run UpdateLBPShortCut CyberLink Corp. "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
Yes HKLM:Run Wireless Console 3 ASUS C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
Yes Startup Common AsusVibeLauncher.lnk ASUSTeK Computer Inc. C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
Yes Startup Common Constant Guard.lnk  C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
No Startup Common FancyStart daemon.lnk  C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe -d
Yes Startup User Intel® Turbo Boost Technology Monitor 2.0.lnk Intel® Corporation C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
 



#12 buddy215

buddy215

  • Moderator
  • 13,303 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:41 AM

Posted 22 November 2014 - 05:29 PM

Disable these Startups using CCleaner: (removing these will improve startup time and possibly some spyware/ unnecessary monitoring....you can always reenable if you

find one or more inconvenient)

 

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run ComcastAntispyClient  "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide

Yes HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run AmIcoSinglun64 Alcor Micro Corp. C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
Yes HKLM:Run ASUSWebStorage ecareme C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S (Unless you use the cloud storage)

Yes HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe

Yes HKLM:Run Nuance PDF Reader-reminder Nuance Communications, Inc. "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"

Yes HKLM:Run UpdateLBPShortCut CyberLink Corp. "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

Yes Startup Common Constant Guard.lnk  C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe

 

After doing the above you should be good to go....Happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 Applesandoranges

Applesandoranges
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 22 November 2014 - 05:33 PM

Thank you very much for all of your help!



#14 buddy215

buddy215

  • Moderator
  • 13,303 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:41 AM

Posted 22 November 2014 - 05:41 PM

You're welcome....enjoyed working with you..


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users