Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Intermitten random sites don't connect on all browsers, had trovi


  • Please log in to reply
8 replies to this topic

#1 Chry5alid

Chry5alid

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 26 December 2014 - 08:24 PM

Hey I'm running Windows 7 Ultimate, x64. I have a copy of MBAM and AVG but evidently it didn't do me any good or I already was infected when in installed them. I have in the past gone through some guidance on another system at another time so am somewhat familiar with the process.

 

Hosts file was protected and I was able to regain administrator rights and remove bad entries. Ran Hitman Pro and that found a few things but the issue hasn't been solved, so that's when i turned to the forums. Let me know how you would like me to start and with what.

 

Please/Thanks!

Chry



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 PM

Posted 26 December 2014 - 09:02 PM

Hello Chry

What browser are you using?

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Chry5alid

Chry5alid
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 26 December 2014 - 09:40 PM

I hop between Firefox and Chrome, Chrome seemed to be worse.

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Overlord (administrator) on 26-12-2014 at 19:38:33
Running from "C:\Users\Overlord\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost



127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8723AE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : MediaSlave
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.co.comcast.net

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : hsd1.co.comcast.net.
   Description . . . . . . . . . . . : Realtek RTL8723AE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 54-27-1E-AC-40-51
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:1:8900:ec9:e1f3:3958:1932:8fe5(Preferred)
   Temporary IPv6 Address. . . . . . : 2601:1:8900:ec9:d525:5e3c:2016:7d76(Preferred)
   Link-local IPv6 Address . . . . . : fe80::e1f3:3958:1932:8fe5%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.1.20(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, December 26, 2014 5:45:39 PM
   Lease Expires . . . . . . . . . . : Saturday, December 27, 2014 5:45:42 PM
   Default Gateway . . . . . . . . . : fe80::ae7f:3eff:fee7:7154%13
                                       10.0.1.1
   DHCP Server . . . . . . . . . . . : 10.0.1.1
   DHCPv6 IAID . . . . . . . . . . . : 357836574
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-13-0F-B6-94-DE-80-F8-59-EE
   DNS Servers . . . . . . . . . . . : 2601:1:8900:ec9:ae7f:3eff:fee7:7154
                                       10.0.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
   Connection-specific DNS Suffix Search List :
                                       hsd1.co.comcast.net

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 94-DE-80-F8-59-EE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 54-27-1E-AC-68-78
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.co.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.co.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:1ce3:292a:f5ff:feeb(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1ce3:292a:f5ff:feeb%14(Preferred)
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  2601:1:8900:ec9:ae7f:3eff:fee7:7154

Name:    google.com
Addresses:  2607:f8b0:400f:803::200e
      74.125.239.38
      74.125.239.39
      74.125.239.33
      74.125.239.32
      74.125.239.34
      74.125.239.35
      74.125.239.40
      74.125.239.37
      74.125.239.36
      74.125.239.41
      74.125.239.46


Pinging google.com [2607:f8b0:400f:803::200e] with 32 bytes of data:
Reply from 2607:f8b0:400f:803::200e: time=24ms
Reply from 2607:f8b0:400f:803::200e: time=25ms

Ping statistics for 2607:f8b0:400f:803::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 24ms, Maximum = 25ms, Average = 24ms
Server:  UnKnown
Address:  2601:1:8900:ec9:ae7f:3eff:fee7:7154

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=60ms TTL=51
Reply from 206.190.36.45: bytes=32 time=59ms TTL=51

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 59ms, Maximum = 60ms, Average = 59ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...54 27 1e ac 40 51 ......Realtek RTL8723AE Wireless LAN 802.11n PCI-E NIC
 12...94 de 80 f8 59 ee ......Realtek PCIe GBE Family Controller
 11...54 27 1e ac 68 78 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.1.1        10.0.1.20     25
         10.0.1.0    255.255.255.0         On-link         10.0.1.20    281
        10.0.1.20  255.255.255.255         On-link         10.0.1.20    281
       10.0.1.255  255.255.255.255         On-link         10.0.1.20    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.1.20    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.1.20    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     41 ::/0                     fe80::ae7f:3eff:fee7:7154
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:5ef5:79fb:1ce3:292a:f5ff:feeb/128
                                    On-link
 13     33 2601:1:8900:ec9::/64     On-link
 13    281 2601:1:8900:ec9::/64     fe80::ae7f:3eff:fee7:7154
 13    281 2601:1:8900:ec9:d525:5e3c:2016:7d76/128
                                    On-link
 13    281 2601:1:8900:ec9:e1f3:3958:1932:8fe5/128
                                    On-link
 13    281 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::1ce3:292a:f5ff:feeb/128
                                    On-link
 13    281 fe80::e1f3:3958:1932:8fe5/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/26/2014 07:38:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/26/2014 06:38:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/26/2014 06:11:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: Seagate.Dashboard.DASWindowsService.exe, version: 3.2.2.0, time stamp: 0x5386ed9f
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0xa24
Faulting application start time: 0xSeagate.Dashboard.DASWindowsService.exe0
Faulting application path: Seagate.Dashboard.DASWindowsService.exe1
Faulting module path: Seagate.Dashboard.DASWindowsService.exe2
Report Id: Seagate.Dashboard.DASWindowsService.exe3

Error: (12/26/2014 06:11:39 PM) (Source: .NET Runtime) (User: )
Description: Application: Seagate.Dashboard.DASWindowsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IndexOutOfRangeException
Stack:
   at UserDataCollection.UserDataHelper.GetUserAppFolderForService()
   at UserDataCollection.UserDataHelper.GetAppDataFolder()
   at UserDataCollection.UserDataHelper.get_UdcFolder()
   at UserDataCollection.UserDataHelper.SaveAll()
   at UserDataCollection.UserDataHelper.UploadThreadFunctionCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/26/2014 05:19:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: bxlaui.exe, version: 1.0.5406.29356, time stamp: 0x54457c28
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0x19f8
Faulting application start time: 0xbxlaui.exe0
Faulting application path: bxlaui.exe1
Faulting module path: bxlaui.exe2
Report Id: bxlaui.exe3

Error: (12/26/2014 05:19:23 PM) (Source: .NET Runtime) (User: )
Description: Application: bxlaui.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
Stack:
   at System.Diagnostics.Process.StartWithShellExecuteEx(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at System.Diagnostics.Process.Start(System.Diagnostics.ProcessStartInfo)
   at Bloomberg.OfficeTools.CLRHost.ApiEnvDiagCheck.RunDiagTool()
   at Bloomberg.OfficeTools.CLRHost.ApiEnvDiagCheck.RunLoop()
   at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()


System errors:
=============
Error: (12/26/2014 06:11:52 PM) (Source: Service Control Manager) (User: )
Description: The Seagate Dashboard Services service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/26/2014 05:41:06 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (12/26/2014 05:24:07 PM) (Source: Service Control Manager) (User: )
Description: The KMS Server Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/26/2014 03:59:10 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service hung on starting.


Microsoft Office Sessions:
=========================
Error: (12/26/2014 07:38:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Overlord\Downloads\esetsmartinstaller_enu.exe

Error: (12/26/2014 06:38:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Overlord\Downloads\esetsmartinstaller_enu.exe

Error: (12/26/2014 06:11:40 PM) (Source: Application Error)(User: )
Description: Seagate.Dashboard.DASWindowsService.exe3.2.2.05386ed9fKERNELBASE.dll6.1.7601.1840953159a86e04343520000c42da2401d0216e6fb8f2ccC:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exeC:\Windows\syswow64\KERNELBASE.dll4f890d5d-8d65-11e4-9b10-54271eac6878

Error: (12/26/2014 06:11:39 PM) (Source: .NET Runtime)(User: )
Description: Application: Seagate.Dashboard.DASWindowsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IndexOutOfRangeException
Stack:
   at UserDataCollection.UserDataHelper.GetUserAppFolderForService()
   at UserDataCollection.UserDataHelper.GetAppDataFolder()
   at UserDataCollection.UserDataHelper.get_UdcFolder()
   at UserDataCollection.UserDataHelper.SaveAll()
   at UserDataCollection.UserDataHelper.UploadThreadFunctionCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/26/2014 05:19:24 PM) (Source: Application Error)(User: )
Description: bxlaui.exe1.0.5406.2935654457c28KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d19f801d0216260227d52c:\blp\api\office tools\bxlaui.exeC:\Windows\syswow64\KERNELBASE.dll029070e6-8d5e-11e4-8ce2-54271eac6878

Error: (12/26/2014 05:19:23 PM) (Source: .NET Runtime)(User: )
Description: Application: bxlaui.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
Stack:
   at System.Diagnostics.Process.StartWithShellExecuteEx(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at System.Diagnostics.Process.Start(System.Diagnostics.ProcessStartInfo)
   at Bloomberg.OfficeTools.CLRHost.ApiEnvDiagCheck.RunDiagTool()
   at Bloomberg.OfficeTools.CLRHost.ApiEnvDiagCheck.RunLoop()
   at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()


CodeIntegrity Errors:
===================================
  Date: 2014-12-26 17:41:06.223
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-26 17:41:06.161
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



=========================== Installed Programs ============================
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (x32 Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Airfoil (HKLM-x32\...\Airfoil) (Version: 3.5.0 - Rogue Amoeba)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5576 - AVG Technologies)
AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5576 - AVG Technologies) Hidden
Bloomberg API (HKLM-x32\...\Bloomberg API) (Version:  - )
Bloomberg Keyboard v11.9 (HKLM-x32\...\Bloomberg Keyboard v11.9) (Version: v11.9 - Bloomberg L.P.)
Bloomberg Office Tools (32-bit) (HKLM-x32\...\Bloomberg Office Tools (32-bit)) (Version:  - )
Bloomberg Professional Service (HKLM-x32\...\Bloomberg Professional Service) (Version:  - )
Bloomberg SFD Data Dictionary (HKLM-x32\...\Bloomberg SFD Data Dictionary) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Definition Update for Microsoft Office 2010 (KB2910899) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4A25440C-70D7-45A3-881E-92DD0D6C0BDB}) (Version:  - Microsoft)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Evernote v. 5.8.1 (HKLM-x32\...\{4FD2D1C8-8636-11E4-9D21-00163E98E7D6}) (Version: 5.8.1.6061 - Evernote Corp.)
explorer-task (HKLM-x32\...\{8B5E8E15-7229-4C46-887A-27E1F62AC7FC}) (Version: 1.0.0 - TopTab)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.212 - SurfRight B.V.)
Instant Eyedropper 1.75 (HKLM-x32\...\Instant Eyedropper_is1) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3220 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MetaX for Windows (HKLM-x32\...\{37C00961-B793-45A8-9BEF-0E9A281107B0}) (Version: 2.25 - No Bull Software)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Paragon HFS+ for Windows™ 10.0 (HKLM-x32\...\{456534C0-51E7-11DF-B336-005056C00008}) (Version: 1.00 - Paragon Software)
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.744.744.052913 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.69.304.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0221 - REALTEK Semiconductor Corp.)
SchweserPro Level 1 2014 (HKLM-x32\...\SchweserPro Level 1 2014) (Version:  - )
Seagate Dashboard (HKLM-x32\...\{F1D8690F-06B3-4100-9949-398EA253AC61}) (Version: 3.2.1802.2 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84 - Transmission)
tricomfi (HKLM-x32\...\{74f1e872-8d6f-4cc7-58d6-c60d8dfe43ed}) (Version: 1.0.0 - estdemin)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition (HKLM\...\{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7F57246-AFBD-4977-974F-9C7BCDFF648E}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7F57246-AFBD-4977-974F-9C7BCDFF648E}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition (HKLM\...\{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7F57246-AFBD-4977-974F-9C7BCDFF648E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B340E9EB-DDA6-40E7-8501-5B7BAEC6D25F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597089) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{2CE7AC23-5E40-43BD-8DA3-8D17677D8199}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{9505441B-65A1-4AD5-B727-0CE42D24D2B7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{69CF587A-D75B-47F8-9D59-3958C37C0A88}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{69CF587A-D75B-47F8-9D59-3958C37C0A88}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{956B3213-0246-42A8-A6FE-3EF7DC6E66A9}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889818) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8F8930D5-8742-437E-BD53-366A0372E882}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889818) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8F8930D5-8742-437E-BD53-366A0372E882}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0BD1F50F-19CE-40F8-B409-18CA5BD6E52D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{569742BC-C32F-4C9C-9B21-18409AFF9599}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{512A0E32-6C63-4C73-9C82-FC1B10668ED8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B28BBA96-A9B0-4946-839D-36771176F8FD}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B28BBA96-A9B0-4946-839D-36771176F8FD}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 64-Bit Edition (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7CCA745-11BC-4F86-951D-4DCB9396CDA2}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2880517) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{50E292AD-677D-4E6F-842A-D226E7B7C8DE}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2880517) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{E524AD3D-6342-41BB-82D9-4EA962839356}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VNC Server 5.2.2 (HKLM\...\{AAE140B3-14D5-4AF9-A4AF-1628250A8EF1}) (Version: 5.2.2 - RealVNC Ltd)
VNC Viewer 5.2.2 (HKLM\...\{FF0D75AD-1856-4170-95CE-556CC3B0E36C}) (Version: 5.2.2 - RealVNC Ltd)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 8111.28 MB
Available physical RAM: 3222.41 MB
Total Pagefile: 16220.74 MB
Available Pagefile: 11147.02 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.32 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:223.47 GB) (Free:143.99 GB) NTFS
2 Drive d: (Seagate Backup Plus Drive) (Fixed) (Total:2794.51 GB) (Free:1245.32 GB) NTFS

========================= Users: ========================================

User accounts for \\MEDIASLAVE

Administrator            Guest                    Overlord                 


**** End of log ****

 



#4 Chry5alid

Chry5alid
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 26 December 2014 - 09:44 PM

19:42:15.0316 0x00e4  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
19:42:19.0006 0x00e4  ============================================================
19:42:19.0006 0x00e4  Current date / time: 2014/12/26 19:42:19.0006
19:42:19.0006 0x00e4  SystemInfo:
19:42:19.0006 0x00e4  
19:42:19.0006 0x00e4  OS Version: 6.1.7601 ServicePack: 1.0
19:42:19.0006 0x00e4  Product type: Workstation
19:42:19.0006 0x00e4  ComputerName: MEDIASLAVE
19:42:19.0007 0x00e4  UserName: Overlord
19:42:19.0007 0x00e4  Windows directory: C:\Windows
19:42:19.0007 0x00e4  System windows directory: C:\Windows
19:42:19.0007 0x00e4  Running under WOW64
19:42:19.0007 0x00e4  Processor architecture: Intel x64
19:42:19.0007 0x00e4  Number of processors: 4
19:42:19.0007 0x00e4  Page size: 0x1000
19:42:19.0007 0x00e4  Boot type: Normal boot
19:42:19.0007 0x00e4  ============================================================
19:42:19.0205 0x00e4  KLMD registered as C:\Windows\system32\drivers\06649988.sys
19:42:19.0387 0x00e4  System UUID: {CAEB467D-F027-07AD-5103-804E082B08C6}
19:42:20.0038 0x00e4  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:42:20.0038 0x00e4  Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1475000 ( 2794.52 Gb ), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:42:20.0272 0x00e4  ============================================================
19:42:20.0272 0x00e4  \Device\Harddisk0\DR0:
19:42:20.0272 0x00e4  MBR partitions:
19:42:20.0272 0x00e4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:42:20.0272 0x00e4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF1000
19:42:20.0272 0x00e4  \Device\Harddisk1\DR1:
19:42:20.0272 0x00e4  MBR partitions:
19:42:20.0272 0x00e4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2BAA0800
19:42:20.0272 0x00e4  ============================================================
19:42:20.0272 0x00e4  C: <-> \Device\Harddisk0\DR0\Partition2
19:42:20.0287 0x00e4  D: <-> \Device\Harddisk1\DR1\Partition1
19:42:20.0287 0x00e4  ============================================================
19:42:20.0287 0x00e4  Initialize success
19:42:20.0287 0x00e4  ============================================================
19:42:39.0415 0x1c84  ============================================================
19:42:39.0415 0x1c84  Scan started
19:42:39.0415 0x1c84  Mode: Manual;
19:42:39.0415 0x1c84  ============================================================
19:42:39.0415 0x1c84  KSN ping started
19:42:42.0082 0x1c84  KSN ping finished: true
19:42:43.0237 0x1c84  ================ Scan system memory ========================
19:42:43.0237 0x1c84  System memory - ok
19:42:43.0237 0x1c84  ================ Scan services =============================
19:42:43.0284 0x1c84  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:42:43.0299 0x1c84  1394ohci - ok
19:42:43.0330 0x1c84  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:42:43.0346 0x1c84  ACPI - ok
19:42:43.0346 0x1c84  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:42:43.0346 0x1c84  AcpiPmi - ok
19:42:43.0346 0x1c84  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:42:43.0362 0x1c84  AdobeARMservice - ok
19:42:43.0393 0x1c84  [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:42:43.0393 0x1c84  AdobeFlashPlayerUpdateSvc - ok
19:42:43.0408 0x1c84  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:42:43.0424 0x1c84  adp94xx - ok
19:42:43.0440 0x1c84  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:42:43.0455 0x1c84  adpahci - ok
19:42:43.0455 0x1c84  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:42:43.0471 0x1c84  adpu320 - ok
19:42:43.0471 0x1c84  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:42:43.0471 0x1c84  AeLookupSvc - ok
19:42:43.0502 0x1c84  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
19:42:43.0502 0x1c84  AFD - ok
19:42:43.0518 0x1c84  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:42:43.0518 0x1c84  agp440 - ok
19:42:43.0533 0x1c84  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:42:43.0533 0x1c84  ALG - ok
19:42:43.0533 0x1c84  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:42:43.0533 0x1c84  aliide - ok
19:42:43.0533 0x1c84  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:42:43.0533 0x1c84  amdide - ok
19:42:43.0549 0x1c84  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:42:43.0549 0x1c84  AmdK8 - ok
19:42:43.0549 0x1c84  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:42:43.0564 0x1c84  AmdPPM - ok
19:42:43.0564 0x1c84  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:42:43.0564 0x1c84  amdsata - ok
19:42:43.0580 0x1c84  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:42:43.0580 0x1c84  amdsbs - ok
19:42:43.0596 0x1c84  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:42:43.0596 0x1c84  amdxata - ok
19:42:43.0596 0x1c84  [ C635BD52E33B0D72DC9B8913C22E5749, 678F44B5E0971AD8C70B4E2E87B570ECF4A8BDAA643C342D34B184543B5D050B ] apmwin          C:\Windows\system32\DRIVERS\apmwin.sys
19:42:43.0596 0x1c84  apmwin - ok
19:42:43.0611 0x1c84  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:42:43.0611 0x1c84  AppID - ok
19:42:43.0611 0x1c84  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:42:43.0611 0x1c84  AppIDSvc - ok
19:42:43.0627 0x1c84  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
19:42:43.0627 0x1c84  Appinfo - ok
19:42:43.0627 0x1c84  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:42:43.0642 0x1c84  Apple Mobile Device - ok
19:42:43.0642 0x1c84  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:42:43.0658 0x1c84  AppMgmt - ok
19:42:43.0658 0x1c84  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:42:43.0658 0x1c84  arc - ok
19:42:43.0674 0x1c84  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:42:43.0674 0x1c84  arcsas - ok
19:42:43.0689 0x1c84  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:42:43.0689 0x1c84  aspnet_state - ok
19:42:43.0705 0x1c84  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:42:43.0705 0x1c84  AsyncMac - ok
19:42:43.0705 0x1c84  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:42:43.0705 0x1c84  atapi - ok
19:42:43.0736 0x1c84  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:42:43.0752 0x1c84  AudioEndpointBuilder - ok
19:42:43.0783 0x1c84  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:42:43.0798 0x1c84  AudioSrv - ok
19:42:43.0798 0x1c84  [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
19:42:43.0814 0x1c84  Avgdiska - ok
19:42:43.0814 0x1c84  [ CA10D51653068DB6A0ADEEDDC4946C47, 6E731B28C38ED2BA48CF4855EBBF8B548D45C8DB8ABD9521E5516227CA68072B ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
19:42:43.0814 0x1c84  Avgfwfd - ok
19:42:43.0861 0x1c84  [ 841C76AC952F5C33490C88A229DDF9CD, C928178F0E690A5F550ABA2DEFA3B336EC56E0DEA613FE1D448B1227C632C753 ] avgfws          C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
19:42:43.0892 0x1c84  avgfws - ok
19:42:44.0001 0x1c84  [ 0CA879655A9245522FA20996B5B067CF, 301E9F936670A599958358F32D40DCDBCF9D0C8BE1E1EFC5A8445B40630B6130 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
19:42:44.0079 0x1c84  AVGIDSAgent - ok
19:42:44.0095 0x1c84  [ 4A989DB4EABAC4297A9DE0D70A9483CB, C739F577988916216A7537D43247FF4FBFEB59531BC02AF92BD7DF5375ED8F6B ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:42:44.0110 0x1c84  AVGIDSDriver - ok
19:42:44.0110 0x1c84  [ 17C34C4B42C8B2EFCF2C065178BF4806, CB28BEE44B7A821EE728EFFD1B1882B57E417292A3A5377F3A98F16B0AF14DC7 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
19:42:44.0126 0x1c84  AVGIDSHA - ok
19:42:44.0126 0x1c84  [ 7C9E8FD2BFCE60BDF9B5944C0BE47C87, 0F51507BAECDEF7B6F553066621A03832FF070EC6837A8E304AABA1227F779BF ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
19:42:44.0142 0x1c84  Avgldx64 - ok
19:42:44.0157 0x1c84  [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
19:42:44.0157 0x1c84  Avgloga - ok
19:42:44.0173 0x1c84  [ B4D589C734D796B5B76E0A0E5DA50397, CACAB2C0D01583CEB55C62334A4E9BB46A2E399BE9B7EDC988AEC785DF1FCC1C ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
19:42:44.0173 0x1c84  Avgmfx64 - ok
19:42:44.0173 0x1c84  [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
19:42:44.0173 0x1c84  Avgrkx64 - ok
19:42:44.0188 0x1c84  [ 0BB7ECAC81554D83A66A0B9F961BB9D0, BBCE86FE8980E06F5A92E8636D6D3F2FD7B6EF7DB999BBEB0E68A5FCB220EDC9 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
19:42:44.0204 0x1c84  Avgtdia - ok
19:42:44.0204 0x1c84  [ B96CB814ABC0B5C6C5FD105AADE18A1F, 191F913381EAB0AA97BA2AEE9A23624B767745D73F532D4D4DCE687D1F2AAFB3 ] avgwd           C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
19:42:44.0220 0x1c84  avgwd - ok
19:42:44.0220 0x1c84  [ F9E224D23B9E0527916DD92FDDDCD524, F4DBDA41DFADBD80F05DA5938B4E6C85F7C952DA1B0044957A9D43B9EE138C52 ] AvrcpService    C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
19:42:44.0220 0x1c84  AvrcpService - ok
19:42:44.0235 0x1c84  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:42:44.0235 0x1c84  AxInstSV - ok
19:42:44.0251 0x1c84  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:42:44.0266 0x1c84  b06bdrv - ok
19:42:44.0282 0x1c84  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:42:44.0282 0x1c84  b57nd60a - ok
19:42:44.0298 0x1c84  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:42:44.0298 0x1c84  BDESVC - ok
19:42:44.0313 0x1c84  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:42:44.0313 0x1c84  Beep - ok
19:42:44.0329 0x1c84  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:42:44.0344 0x1c84  BFE - ok
19:42:44.0376 0x1c84  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
19:42:44.0407 0x1c84  BITS - ok
19:42:44.0407 0x1c84  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:42:44.0422 0x1c84  blbdrive - ok
19:42:44.0438 0x1c84  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:42:44.0454 0x1c84  Bonjour Service - ok
19:42:44.0454 0x1c84  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:42:44.0469 0x1c84  bowser - ok
19:42:44.0469 0x1c84  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:42:44.0469 0x1c84  BrFiltLo - ok
19:42:44.0485 0x1c84  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:42:44.0485 0x1c84  BrFiltUp - ok
19:42:44.0485 0x1c84  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
19:42:44.0500 0x1c84  BridgeMP - ok
19:42:44.0500 0x1c84  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:42:44.0516 0x1c84  Browser - ok
19:42:44.0516 0x1c84  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:42:44.0532 0x1c84  Brserid - ok
19:42:44.0532 0x1c84  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:42:44.0532 0x1c84  BrSerWdm - ok
19:42:44.0547 0x1c84  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:42:44.0547 0x1c84  BrUsbMdm - ok
19:42:44.0547 0x1c84  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:42:44.0547 0x1c84  BrUsbSer - ok
19:42:44.0563 0x1c84  [ 756F8E3D44B6FA17A51ACFE33E4B757B, D80E375EDECA5BCA002C4613418F9B9CF992E6B1E111DB1EDFEEAC13D6CA48DF ] BTDevManager    C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
19:42:44.0563 0x1c84  BTDevManager - ok
19:42:44.0563 0x1c84  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
19:42:44.0563 0x1c84  BthEnum - ok
19:42:44.0578 0x1c84  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:42:44.0578 0x1c84  BTHMODEM - ok
19:42:44.0578 0x1c84  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:42:44.0594 0x1c84  BthPan - ok
19:42:44.0610 0x1c84  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
19:42:44.0625 0x1c84  BTHPORT - ok
19:42:44.0625 0x1c84  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:42:44.0625 0x1c84  bthserv - ok
19:42:44.0641 0x1c84  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:42:44.0641 0x1c84  BTHUSB - ok
19:42:44.0641 0x1c84  catchme - ok
19:42:44.0656 0x1c84  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:42:44.0656 0x1c84  cdfs - ok
19:42:44.0672 0x1c84  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
19:42:44.0672 0x1c84  cdrom - ok
19:42:44.0672 0x1c84  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:42:44.0688 0x1c84  CertPropSvc - ok
19:42:44.0688 0x1c84  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:42:44.0688 0x1c84  circlass - ok
19:42:44.0703 0x1c84  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:42:44.0719 0x1c84  CLFS - ok
19:42:44.0734 0x1c84  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:42:44.0734 0x1c84  clr_optimization_v2.0.50727_32 - ok
19:42:44.0734 0x1c84  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:42:44.0750 0x1c84  clr_optimization_v2.0.50727_64 - ok
19:42:44.0766 0x1c84  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:42:44.0766 0x1c84  clr_optimization_v4.0.30319_32 - ok
19:42:44.0781 0x1c84  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:42:44.0781 0x1c84  clr_optimization_v4.0.30319_64 - ok
19:42:44.0797 0x1c84  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:42:44.0797 0x1c84  CmBatt - ok
19:42:44.0797 0x1c84  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:42:44.0797 0x1c84  cmdide - ok
19:42:44.0812 0x1c84  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
19:42:44.0828 0x1c84  CNG - ok
19:42:44.0844 0x1c84  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:42:44.0844 0x1c84  Compbatt - ok
19:42:44.0859 0x1c84  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:42:44.0859 0x1c84  CompositeBus - ok
19:42:44.0859 0x1c84  COMSysApp - ok
19:42:44.0890 0x1c84  [ 5992C4DCE252FCD776F2C22CA39C41B1, C589D88DCC02CB507096801E73DDB9D6FDD291EC9061D4010F2291FEC6650B55 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:42:44.0906 0x1c84  cphs - ok
19:42:44.0906 0x1c84  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:42:44.0906 0x1c84  crcdisk - ok
19:42:44.0922 0x1c84  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:42:44.0922 0x1c84  CryptSvc - ok
19:42:44.0953 0x1c84  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
19:42:44.0953 0x1c84  CSC - ok
19:42:44.0984 0x1c84  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
19:42:45.0000 0x1c84  CscService - ok
19:42:45.0031 0x1c84  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:42:45.0046 0x1c84  DcomLaunch - ok
19:42:45.0046 0x1c84  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:42:45.0062 0x1c84  defragsvc - ok
19:42:45.0078 0x1c84  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:42:45.0078 0x1c84  DfsC - ok
19:42:45.0093 0x1c84  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:42:45.0093 0x1c84  Dhcp - ok
19:42:45.0093 0x1c84  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:42:45.0109 0x1c84  discache - ok
19:42:45.0109 0x1c84  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:42:45.0109 0x1c84  Disk - ok
19:42:45.0124 0x1c84  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:42:45.0124 0x1c84  Dnscache - ok
19:42:45.0140 0x1c84  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:42:45.0140 0x1c84  dot3svc - ok
19:42:45.0156 0x1c84  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:42:45.0156 0x1c84  DPS - ok
19:42:45.0156 0x1c84  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:42:45.0156 0x1c84  drmkaud - ok
19:42:45.0202 0x1c84  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:42:45.0218 0x1c84  DXGKrnl - ok
19:42:45.0234 0x1c84  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:42:45.0234 0x1c84  EapHost - ok
19:42:45.0327 0x1c84  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:42:45.0405 0x1c84  ebdrv - ok
19:42:45.0421 0x1c84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
19:42:45.0436 0x1c84  EFS - ok
19:42:45.0452 0x1c84  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:42:45.0483 0x1c84  ehRecvr - ok
19:42:45.0483 0x1c84  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:42:45.0483 0x1c84  ehSched - ok
19:42:45.0514 0x1c84  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:42:45.0514 0x1c84  elxstor - ok
19:42:45.0530 0x1c84  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:42:45.0530 0x1c84  ErrDev - ok
19:42:45.0546 0x1c84  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:42:45.0561 0x1c84  EventSystem - ok
19:42:45.0561 0x1c84  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:42:45.0577 0x1c84  exfat - ok
19:42:45.0577 0x1c84  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:42:45.0592 0x1c84  fastfat - ok
19:42:45.0608 0x1c84  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:42:45.0639 0x1c84  Fax - ok
19:42:45.0639 0x1c84  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:42:45.0639 0x1c84  fdc - ok
19:42:45.0639 0x1c84  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:42:45.0639 0x1c84  fdPHost - ok
19:42:45.0655 0x1c84  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:42:45.0655 0x1c84  FDResPub - ok
19:42:45.0655 0x1c84  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:42:45.0655 0x1c84  FileInfo - ok
19:42:45.0670 0x1c84  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:42:45.0670 0x1c84  Filetrace - ok
19:42:45.0670 0x1c84  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:42:45.0670 0x1c84  flpydisk - ok
19:42:45.0686 0x1c84  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:42:45.0686 0x1c84  FltMgr - ok
19:42:45.0733 0x1c84  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
19:42:45.0764 0x1c84  FontCache - ok
19:42:45.0764 0x1c84  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:42:45.0764 0x1c84  FontCache3.0.0.0 - ok
19:42:45.0780 0x1c84  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:42:45.0780 0x1c84  FsDepends - ok
19:42:45.0780 0x1c84  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:42:45.0780 0x1c84  Fs_Rec - ok
19:42:45.0795 0x1c84  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:42:45.0795 0x1c84  fvevol - ok
19:42:45.0811 0x1c84  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:42:45.0811 0x1c84  gagp30kx - ok
19:42:45.0811 0x1c84  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:42:45.0811 0x1c84  GEARAspiWDM - ok
19:42:45.0842 0x1c84  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:42:45.0858 0x1c84  gpsvc - ok
19:42:45.0873 0x1c84  [ 29BA44A348518B39A725C8B2BACD7C43, E721AD20C53C6FE1EB7E2AEB3732C9499CF8B9E96A3995F8F5ED8050C8B48E5E ] gpt_loader      C:\Windows\system32\DRIVERS\gpt_loader.sys
19:42:45.0873 0x1c84  gpt_loader - ok
19:42:45.0873 0x1c84  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:42:45.0873 0x1c84  gupdate - ok
19:42:45.0889 0x1c84  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:42:45.0889 0x1c84  gupdatem - ok
19:42:45.0889 0x1c84  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:42:45.0889 0x1c84  hcw85cir - ok
19:42:45.0904 0x1c84  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:42:45.0920 0x1c84  HdAudAddService - ok
19:42:45.0920 0x1c84  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:42:45.0936 0x1c84  HDAudBus - ok
19:42:45.0936 0x1c84  [ FD5F4C9F460E61B72E1D30EF48910E38, 6E5ECCBB3D32CD7D362DA5849190194230A326751F924FE95440385AE82573AB ] Hfsplus         C:\Windows\system32\DRIVERS\hfsplus.sys
19:42:45.0951 0x1c84  Hfsplus - ok
19:42:45.0951 0x1c84  [ B13D6D7980141E16D30BD17007ECD567, 200A5F5C468CA94C4EA9A617A96EC30E536B223A02F922346E966BCDE11A8D2F ] HfsplusRec      C:\Windows\system32\DRIVERS\hfsplusrec.sys
19:42:45.0951 0x1c84  HfsplusRec - ok
19:42:45.0967 0x1c84  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:42:45.0967 0x1c84  HidBatt - ok
19:42:45.0967 0x1c84  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:42:45.0967 0x1c84  HidBth - ok
19:42:45.0982 0x1c84  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:42:45.0982 0x1c84  HidIr - ok
19:42:45.0982 0x1c84  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
19:42:45.0982 0x1c84  hidserv - ok
19:42:45.0998 0x1c84  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:42:45.0998 0x1c84  HidUsb - ok
19:42:45.0998 0x1c84  [ 760B03AE5E3244E22FFC3C1AE1F5264A, 1D926E28B95394C211CC29B898ECF3C3E19814EF4D09B04DBF9BDFB2596BD1AB ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
19:42:46.0014 0x1c84  HitmanProScheduler - ok
19:42:46.0014 0x1c84  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:42:46.0014 0x1c84  hkmsvc - ok
19:42:46.0029 0x1c84  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:42:46.0045 0x1c84  HomeGroupListener - ok
19:42:46.0045 0x1c84  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:42:46.0060 0x1c84  HomeGroupProvider - ok
19:42:46.0060 0x1c84  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:42:46.0060 0x1c84  HpSAMD - ok
19:42:46.0092 0x1c84  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:42:46.0107 0x1c84  HTTP - ok
19:42:46.0107 0x1c84  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:42:46.0107 0x1c84  hwpolicy - ok
19:42:46.0123 0x1c84  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:42:46.0123 0x1c84  i8042prt - ok
19:42:46.0154 0x1c84  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
19:42:46.0170 0x1c84  iaStorA - ok
19:42:46.0170 0x1c84  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:42:46.0170 0x1c84  IAStorDataMgrSvc - ok
19:42:46.0170 0x1c84  [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
19:42:46.0170 0x1c84  iaStorF - ok
19:42:46.0185 0x1c84  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:42:46.0201 0x1c84  iaStorV - ok
19:42:46.0232 0x1c84  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:42:46.0248 0x1c84  idsvc - ok
19:42:46.0263 0x1c84  IEEtwCollectorService - ok
19:42:46.0388 0x1c84  [ 347E954F53CC100CBFEE96DC4FC8EC1B, 1BA25F55856D4AD094A133C6CF95C4849ED719F223A9A8B180063ECF2F5925DD ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:42:46.0497 0x1c84  igfx - ok
19:42:46.0513 0x1c84  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:42:46.0513 0x1c84  iirsp - ok
19:42:46.0544 0x1c84  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:42:46.0575 0x1c84  IKEEXT - ok
19:42:46.0684 0x1c84  [ E551BB77E7D436380139977124BDFF62, 34C339D5FDAE67E6A73753D0607B5D9E5735421C2EF93C183844AF5D858BFE82 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:42:46.0794 0x1c84  IntcAzAudAddService - ok
19:42:46.0825 0x1c84  [ EEE7376243CD8A4B49B885EF122D25E5, A3B89E7B513C95558C4DA41D3C136D464381263BA43E00EC136FC776DAA0BA94 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:42:46.0840 0x1c84  IntcDAud - ok
19:42:46.0872 0x1c84  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:42:46.0903 0x1c84  Intel® Capability Licensing Service Interface - ok
19:42:46.0934 0x1c84  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:42:46.0965 0x1c84  Intel® Capability Licensing Service TCP IP Interface - ok
19:42:46.0965 0x1c84  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:42:46.0965 0x1c84  intelide - ok
19:42:46.0981 0x1c84  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:42:46.0981 0x1c84  intelppm - ok
19:42:46.0981 0x1c84  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:42:46.0996 0x1c84  IPBusEnum - ok
19:42:47.0012 0x1c84  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:42:47.0012 0x1c84  IpFilterDriver - ok
19:42:47.0028 0x1c84  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:42:47.0043 0x1c84  iphlpsvc - ok
19:42:47.0059 0x1c84  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:42:47.0059 0x1c84  IPMIDRV - ok
19:42:47.0074 0x1c84  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:42:47.0074 0x1c84  IPNAT - ok
19:42:47.0106 0x1c84  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:42:47.0121 0x1c84  iPod Service - ok
19:42:47.0137 0x1c84  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:42:47.0137 0x1c84  IRENUM - ok
19:42:47.0152 0x1c84  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:42:47.0152 0x1c84  isapnp - ok
19:42:47.0168 0x1c84  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:42:47.0168 0x1c84  iScsiPrt - ok
19:42:47.0184 0x1c84  [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
19:42:47.0184 0x1c84  iusb3hcs - ok
19:42:47.0215 0x1c84  [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
19:42:47.0215 0x1c84  iusb3hub - ok
19:42:47.0262 0x1c84  [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:42:47.0277 0x1c84  iusb3xhc - ok
19:42:47.0293 0x1c84  [ 1128B38EEC9DAF1B36373B65E87C00A3, 071E9454B9B442C2C3272FBC1AE5E92911A23CDB99F1C718C34067A70B99F910 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
19:42:47.0308 0x1c84  jhi_service - ok
19:42:47.0308 0x1c84  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:42:47.0308 0x1c84  kbdclass - ok
19:42:47.0324 0x1c84  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:42:47.0324 0x1c84  kbdhid - ok
19:42:47.0324 0x1c84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
19:42:47.0340 0x1c84  KeyIso - ok
19:42:47.0355 0x1c84  [ 138D72280A7B84B3BF1FF82C90B00BCC, 2914F8B195172D7CEFA4F4A576EDE1C6A8B35733ACFB801D0B4FAAB6FA80422D ] KMSServerService C:\Windows\KMSServerService\KMS Server Service.exe
19:42:47.0355 0x1c84  KMSServerService - ok
19:42:47.0371 0x1c84  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:42:47.0371 0x1c84  KSecDD - ok
19:42:47.0386 0x1c84  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:42:47.0386 0x1c84  KSecPkg - ok
19:42:47.0402 0x1c84  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:42:47.0402 0x1c84  ksthunk - ok
19:42:47.0418 0x1c84  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:42:47.0433 0x1c84  KtmRm - ok
19:42:47.0449 0x1c84  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
19:42:47.0449 0x1c84  LanmanServer - ok
19:42:47.0464 0x1c84  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:42:47.0464 0x1c84  LanmanWorkstation - ok
19:42:47.0464 0x1c84  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:42:47.0480 0x1c84  lltdio - ok
19:42:47.0480 0x1c84  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:42:47.0496 0x1c84  lltdsvc - ok
19:42:47.0496 0x1c84  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:42:47.0496 0x1c84  lmhosts - ok
19:42:47.0511 0x1c84  [ 60471C88EB4906DB0C2026B3290EE4B6, D51752E4149A5BA578BF9F8DA83443BFF0719BAA34D91BD938DAC831BC0BA6DC ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:42:47.0527 0x1c84  LMS - ok
19:42:47.0542 0x1c84  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:42:47.0542 0x1c84  LSI_FC - ok
19:42:47.0558 0x1c84  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:42:47.0558 0x1c84  LSI_SAS - ok
19:42:47.0589 0x1c84  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:42:47.0589 0x1c84  LSI_SAS2 - ok
19:42:47.0605 0x1c84  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:42:47.0605 0x1c84  LSI_SCSI - ok
19:42:47.0620 0x1c84  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:42:47.0620 0x1c84  luafv - ok
19:42:47.0620 0x1c84  [ 478CC94C937D235CB0A96AB8F2359D81, 1877AF93FD777F0D5BC02C0CD6E806A165991B6C77D424B13D2D77F8F9D1EFCC ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
19:42:47.0636 0x1c84  mbamchameleon - ok
19:42:47.0636 0x1c84  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:42:47.0652 0x1c84  MBAMProtector - ok
19:42:47.0714 0x1c84  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
19:42:47.0776 0x1c84  MBAMScheduler - ok
19:42:47.0808 0x1c84  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
19:42:47.0839 0x1c84  MBAMService - ok
19:42:47.0839 0x1c84  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:42:47.0854 0x1c84  MBAMSwissArmy - ok
19:42:47.0854 0x1c84  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:42:47.0854 0x1c84  MBAMWebAccessControl - ok
19:42:47.0870 0x1c84  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:42:47.0870 0x1c84  Mcx2Svc - ok
19:42:47.0870 0x1c84  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:42:47.0870 0x1c84  megasas - ok
19:42:47.0886 0x1c84  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:42:47.0901 0x1c84  MegaSR - ok
19:42:47.0901 0x1c84  [ 6FE7B681F1840366B2E4E8B15BE8E2CB, D60DB52345FB17160C1761AE5BF6C8CF56B350FC626A40C985CA2AE5C88B2F50 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
19:42:47.0917 0x1c84  MEIx64 - ok
19:42:47.0917 0x1c84  Microsoft SharePoint Workspace Audit Service - ok
19:42:47.0932 0x1c84  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:42:47.0932 0x1c84  MMCSS - ok
19:42:47.0948 0x1c84  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:42:47.0948 0x1c84  Modem - ok
19:42:47.0948 0x1c84  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:42:47.0948 0x1c84  monitor - ok
19:42:47.0964 0x1c84  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:42:47.0964 0x1c84  mouclass - ok
19:42:47.0979 0x1c84  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:42:47.0979 0x1c84  mouhid - ok
19:42:47.0979 0x1c84  [ 6247AF322F4324E717B0BA5BDAB8CBEA, 766518F0372206FB55BD7C7FECF92498A7934BC5803FE3662D98908B540C8FF8 ] mounthlp        C:\Windows\system32\DRIVERS\mounthlp.sys
19:42:47.0979 0x1c84  mounthlp - ok
19:42:47.0995 0x1c84  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:42:47.0995 0x1c84  mountmgr - ok
19:42:48.0010 0x1c84  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:42:48.0010 0x1c84  MozillaMaintenance - ok
19:42:48.0010 0x1c84  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:42:48.0026 0x1c84  mpio - ok
19:42:48.0026 0x1c84  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:42:48.0026 0x1c84  mpsdrv - ok
19:42:48.0057 0x1c84  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:42:48.0088 0x1c84  MpsSvc - ok
19:42:48.0088 0x1c84  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:42:48.0104 0x1c84  MRxDAV - ok
19:42:48.0104 0x1c84  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:42:48.0120 0x1c84  mrxsmb - ok
19:42:48.0135 0x1c84  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:42:48.0135 0x1c84  mrxsmb10 - ok
19:42:48.0151 0x1c84  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:42:48.0151 0x1c84  mrxsmb20 - ok
19:42:48.0151 0x1c84  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:42:48.0166 0x1c84  msahci - ok
19:42:48.0166 0x1c84  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:42:48.0182 0x1c84  msdsm - ok
19:42:48.0182 0x1c84  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:42:48.0182 0x1c84  MSDTC - ok
19:42:48.0198 0x1c84  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:42:48.0198 0x1c84  Msfs - ok
19:42:48.0213 0x1c84  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:42:48.0213 0x1c84  mshidkmdf - ok
19:42:48.0213 0x1c84  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:42:48.0213 0x1c84  msisadrv - ok
19:42:48.0229 0x1c84  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:42:48.0229 0x1c84  MSiSCSI - ok
19:42:48.0229 0x1c84  msiserver - ok
19:42:48.0244 0x1c84  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:42:48.0244 0x1c84  MSKSSRV - ok
19:42:48.0244 0x1c84  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:42:48.0244 0x1c84  MSPCLOCK - ok
19:42:48.0260 0x1c84  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:42:48.0260 0x1c84  MSPQM - ok
19:42:48.0276 0x1c84  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:42:48.0291 0x1c84  MsRPC - ok
19:42:48.0307 0x1c84  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:42:48.0307 0x1c84  mssmbios - ok
19:42:48.0307 0x1c84  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:42:48.0307 0x1c84  MSTEE - ok
19:42:48.0322 0x1c84  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:42:48.0322 0x1c84  MTConfig - ok
19:42:48.0338 0x1c84  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:42:48.0338 0x1c84  Mup - ok
19:42:48.0354 0x1c84  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:42:48.0369 0x1c84  napagent - ok
19:42:48.0385 0x1c84  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:42:48.0400 0x1c84  NativeWifiP - ok
19:42:48.0432 0x1c84  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:42:48.0447 0x1c84  NDIS - ok
19:42:48.0463 0x1c84  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:42:48.0463 0x1c84  NdisCap - ok
19:42:48.0463 0x1c84  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:42:48.0478 0x1c84  NdisTapi - ok
19:42:48.0478 0x1c84  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:42:48.0478 0x1c84  Ndisuio - ok
19:42:48.0494 0x1c84  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:42:48.0494 0x1c84  NdisWan - ok
19:42:48.0510 0x1c84  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:42:48.0510 0x1c84  NDProxy - ok
19:42:48.0510 0x1c84  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:42:48.0525 0x1c84  NetBIOS - ok
19:42:48.0525 0x1c84  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:42:48.0541 0x1c84  NetBT - ok
19:42:48.0541 0x1c84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
19:42:48.0541 0x1c84  Netlogon - ok
19:42:48.0556 0x1c84  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:42:48.0572 0x1c84  Netman - ok
19:42:48.0588 0x1c84  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:42:48.0588 0x1c84  NetMsmqActivator - ok
19:42:48.0603 0x1c84  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:42:48.0603 0x1c84  NetPipeActivator - ok
19:42:48.0619 0x1c84  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:42:48.0634 0x1c84  netprofm - ok
19:42:48.0650 0x1c84  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:42:48.0650 0x1c84  NetTcpActivator - ok
19:42:48.0666 0x1c84  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:42:48.0666 0x1c84  NetTcpPortSharing - ok
19:42:48.0666 0x1c84  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:42:48.0666 0x1c84  nfrd960 - ok
19:42:48.0681 0x1c84  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:42:48.0697 0x1c84  NlaSvc - ok
19:42:48.0697 0x1c84  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:42:48.0697 0x1c84  Npfs - ok
19:42:48.0712 0x1c84  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:42:48.0712 0x1c84  nsi - ok
19:42:48.0728 0x1c84  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:42:48.0728 0x1c84  nsiproxy - ok
19:42:48.0775 0x1c84  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:42:48.0822 0x1c84  Ntfs - ok
19:42:48.0837 0x1c84  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:42:48.0837 0x1c84  Null - ok
19:42:48.0837 0x1c84  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:42:48.0853 0x1c84  nvraid - ok
19:42:48.0853 0x1c84  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:42:48.0868 0x1c84  nvstor - ok
19:42:48.0868 0x1c84  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:42:48.0884 0x1c84  nv_agp - ok
19:42:48.0884 0x1c84  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:42:48.0884 0x1c84  ohci1394 - ok
19:42:48.0900 0x1c84  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:42:48.0900 0x1c84  ose64 - ok
19:42:49.0040 0x1c84  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:42:49.0165 0x1c84  osppsvc - ok
19:42:49.0196 0x1c84  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:42:49.0212 0x1c84  p2pimsvc - ok
19:42:49.0227 0x1c84  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:42:49.0243 0x1c84  p2psvc - ok
19:42:49.0243 0x1c84  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:42:49.0243 0x1c84  Parport - ok
19:42:49.0258 0x1c84  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:42:49.0258 0x1c84  partmgr - ok
19:42:49.0274 0x1c84  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:42:49.0274 0x1c84  PcaSvc - ok
19:42:49.0290 0x1c84  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:42:49.0290 0x1c84  pci - ok
19:42:49.0290 0x1c84  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:42:49.0290 0x1c84  pciide - ok
19:42:49.0305 0x1c84  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:42:49.0321 0x1c84  pcmcia - ok
19:42:49.0321 0x1c84  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:42:49.0321 0x1c84  pcw - ok
19:42:49.0352 0x1c84  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:42:49.0368 0x1c84  PEAUTH - ok
19:42:49.0399 0x1c84  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:42:49.0446 0x1c84  PeerDistSvc - ok
19:42:49.0477 0x1c84  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:42:49.0477 0x1c84  PerfHost - ok
19:42:49.0524 0x1c84  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:42:49.0555 0x1c84  pla - ok
19:42:49.0570 0x1c84  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:42:49.0586 0x1c84  PlugPlay - ok
19:42:49.0602 0x1c84  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:42:49.0602 0x1c84  PNRPAutoReg - ok
19:42:49.0617 0x1c84  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:42:49.0617 0x1c84  PNRPsvc - ok
19:42:49.0648 0x1c84  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:42:49.0664 0x1c84  PolicyAgent - ok
19:42:49.0664 0x1c84  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:42:49.0680 0x1c84  Power - ok
19:42:49.0680 0x1c84  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:42:49.0695 0x1c84  PptpMiniport - ok
19:42:49.0695 0x1c84  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:42:49.0695 0x1c84  Processor - ok
19:42:49.0711 0x1c84  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:42:49.0726 0x1c84  ProfSvc - ok
19:42:49.0726 0x1c84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:42:49.0726 0x1c84  ProtectedStorage - ok
19:42:49.0742 0x1c84  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:42:49.0742 0x1c84  Psched - ok
19:42:49.0789 0x1c84  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:42:49.0836 0x1c84  ql2300 - ok
19:42:49.0836 0x1c84  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:42:49.0851 0x1c84  ql40xx - ok
19:42:49.0851 0x1c84  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:42:49.0867 0x1c84  QWAVE - ok
19:42:49.0867 0x1c84  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:42:49.0882 0x1c84  QWAVEdrv - ok
19:42:49.0882 0x1c84  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:42:49.0882 0x1c84  RasAcd - ok
19:42:49.0882 0x1c84  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:42:49.0898 0x1c84  RasAgileVpn - ok
19:42:49.0898 0x1c84  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:42:49.0898 0x1c84  RasAuto - ok
19:42:49.0914 0x1c84  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:42:49.0914 0x1c84  Rasl2tp - ok
19:42:49.0929 0x1c84  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:42:49.0945 0x1c84  RasMan - ok
19:42:49.0960 0x1c84  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:42:49.0960 0x1c84  RasPppoe - ok
19:42:49.0960 0x1c84  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:42:49.0960 0x1c84  RasSstp - ok
19:42:49.0992 0x1c84  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:42:49.0992 0x1c84  rdbss - ok
19:42:50.0007 0x1c84  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:42:50.0007 0x1c84  rdpbus - ok
19:42:50.0007 0x1c84  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:42:50.0007 0x1c84  RDPCDD - ok
19:42:50.0023 0x1c84  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:42:50.0023 0x1c84  RDPDR - ok
19:42:50.0038 0x1c84  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:42:50.0038 0x1c84  RDPENCDD - ok
19:42:50.0038 0x1c84  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:42:50.0038 0x1c84  RDPREFMP - ok
19:42:50.0054 0x1c84  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:42:50.0054 0x1c84  RdpVideoMiniport - ok
19:42:50.0070 0x1c84  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:42:50.0070 0x1c84  RDPWD - ok
19:42:50.0085 0x1c84  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:42:50.0085 0x1c84  rdyboost - ok
19:42:50.0101 0x1c84  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:42:50.0101 0x1c84  RemoteAccess - ok
19:42:50.0101 0x1c84  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:42:50.0116 0x1c84  RemoteRegistry - ok
19:42:50.0132 0x1c84  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:42:50.0132 0x1c84  RFCOMM - ok
19:42:50.0132 0x1c84  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:42:50.0148 0x1c84  RpcEptMapper - ok
19:42:50.0148 0x1c84  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:42:50.0148 0x1c84  RpcLocator - ok
19:42:50.0163 0x1c84  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:42:50.0179 0x1c84  RpcSs - ok
19:42:50.0194 0x1c84  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:42:50.0194 0x1c84  rspndr - ok
19:42:50.0194 0x1c84  [ 543AFFECD35CFABD4490661F83685A0D, 819C022284E54C950D1144B9260C944D493CB4646713B30790818EFC99B82CCB ] RtkBleServ      C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
19:42:50.0194 0x1c84  RtkBleServ - ok
19:42:50.0226 0x1c84  [ 297C7F2117503E4BC4E4CFA5B82819D6, D2F1F4324B08D218DAC42453F0D5BB2E6B230724F02D59C984CB43D516E1174F ] RtkBtFilter     C:\Windows\system32\DRIVERS\RtkBtfilter.sys
19:42:50.0241 0x1c84  RtkBtFilter - ok
19:42:50.0272 0x1c84  [ F15623B73768C35A666BB5CDCEEF497F, 80C3C5A98A740D537C8634741FEA3A128108CE82A9D5CDE80FB57D6800DC7C3C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:42:50.0288 0x1c84  RTL8167 - ok
19:42:50.0366 0x1c84  [ 4770E65F19E024BB324113A8478FD00C, 037F5ED4070663F709FD882B47E1DB30DB3A772A47BD0D9BCFCD6802D47844F2 ] RTWlanE         C:\Windows\system32\DRIVERS\rtwlane.sys
19:42:50.0444 0x1c84  RTWlanE - ok
19:42:50.0460 0x1c84  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:42:50.0460 0x1c84  s3cap - ok
19:42:50.0460 0x1c84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
19:42:50.0460 0x1c84  SamSs - ok
19:42:50.0475 0x1c84  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:42:50.0475 0x1c84  sbp2port - ok
19:42:50.0491 0x1c84  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:42:50.0491 0x1c84  SCardSvr - ok
19:42:50.0506 0x1c84  [ 4B12E2E559641B0F26474BBC6D7CFAFF, 33DD2EE9CE8F2E7F387A24F1D680D064CD5ECF474AF3C31E2F9AE58570F4B133 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
19:42:50.0506 0x1c84  SCDEmu - ok
19:42:50.0506 0x1c84  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:42:50.0506 0x1c84  scfilter - ok
19:42:50.0538 0x1c84  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:42:50.0569 0x1c84  Schedule - ok
19:42:50.0584 0x1c84  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:42:50.0584 0x1c84  SCPolicySvc - ok
19:42:50.0600 0x1c84  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:42:50.0600 0x1c84  SDRSVC - ok
19:42:50.0616 0x1c84  [ 64AEB3422A5B02E20E364109FA7D5723, AB1F1B07005F36398803BC499D02CE01B894606B1A860015A519B9C02B8F5806 ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
19:42:50.0616 0x1c84  Seagate Dashboard Services - ok
19:42:50.0616 0x1c84  [ C175D89AE2DDBEBB98B5A72B411DFDA1, D04194C7A5749BEA010A1B719ECFDB4ABF46993911FF79BD9ABB907EC64176A3 ] Seagate MobileBackup Service C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
19:42:50.0631 0x1c84  Seagate MobileBackup Service - ok
19:42:50.0631 0x1c84  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:42:50.0631 0x1c84  secdrv - ok
19:42:50.0647 0x1c84  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:42:50.0647 0x1c84  seclogon - ok
19:42:50.0647 0x1c84  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
19:42:50.0647 0x1c84  SENS - ok
19:42:50.0662 0x1c84  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:42:50.0662 0x1c84  SensrSvc - ok
19:42:50.0678 0x1c84  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:42:50.0678 0x1c84  Serenum - ok
19:42:50.0678 0x1c84  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:42:50.0694 0x1c84  Serial - ok
19:42:50.0694 0x1c84  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:42:50.0694 0x1c84  sermouse - ok
19:42:50.0709 0x1c84  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:42:50.0725 0x1c84  SessionEnv - ok
19:42:50.0725 0x1c84  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:42:50.0725 0x1c84  sffdisk - ok
19:42:50.0725 0x1c84  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:42:50.0740 0x1c84  sffp_mmc - ok
19:42:50.0740 0x1c84  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:42:50.0740 0x1c84  sffp_sd - ok
19:42:50.0740 0x1c84  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:42:50.0740 0x1c84  sfloppy - ok
19:42:50.0772 0x1c84  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:42:50.0772 0x1c84  SharedAccess - ok
19:42:50.0787 0x1c84  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:42:50.0803 0x1c84  ShellHWDetection - ok
19:42:50.0818 0x1c84  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:42:50.0818 0x1c84  SiSRaid2 - ok
19:42:50.0834 0x1c84  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:42:50.0834 0x1c84  SiSRaid4 - ok
19:42:50.0834 0x1c84  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:42:50.0850 0x1c84  Smb - ok
19:42:50.0850 0x1c84  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:42:50.0865 0x1c84  SNMPTRAP - ok
19:42:50.0865 0x1c84  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:42:50.0865 0x1c84  spldr - ok
19:42:50.0881 0x1c84  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:42:50.0896 0x1c84  Spooler - ok
19:42:51.0006 0x1c84  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:42:51.0099 0x1c84  sppsvc - ok
19:42:51.0115 0x1c84  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:42:51.0115 0x1c84  sppuinotify - ok
19:42:51.0130 0x1c84  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:42:51.0146 0x1c84  srv - ok
19:42:51.0162 0x1c84  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:42:51.0177 0x1c84  srv2 - ok
19:42:51.0193 0x1c84  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:42:51.0193 0x1c84  srvnet - ok
19:42:51.0208 0x1c84  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:42:51.0208 0x1c84  SSDPSRV - ok
19:42:51.0208 0x1c84  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:42:51.0224 0x1c84  SstpSvc - ok
19:42:51.0224 0x1c84  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:42:51.0224 0x1c84  stexstor - ok
19:42:51.0240 0x1c84  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:42:51.0255 0x1c84  stisvc - ok
19:42:51.0271 0x1c84  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:42:51.0271 0x1c84  storflt - ok
19:42:51.0271 0x1c84  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:42:51.0271 0x1c84  storvsc - ok
19:42:51.0286 0x1c84  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:42:51.0286 0x1c84  swenum - ok
19:42:51.0302 0x1c84  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:42:51.0318 0x1c84  swprv - ok
19:42:51.0318 0x1c84  Synth3dVsc - ok
19:42:51.0380 0x1c84  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:42:51.0427 0x1c84  SysMain - ok
19:42:51.0427 0x1c84  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:42:51.0442 0x1c84  TabletInputService - ok
19:42:51.0442 0x1c84  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:42:51.0458 0x1c84  TapiSrv - ok
19:42:51.0458 0x1c84  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:42:51.0474 0x1c84  TBS - ok
19:42:51.0520 0x1c84  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:42:51.0567 0x1c84  Tcpip - ok
19:42:51.0630 0x1c84  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:42:51.0676 0x1c84  TCPIP6 - ok
19:42:51.0676 0x1c84  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:42:51.0676 0x1c84  tcpipreg - ok
19:42:51.0692 0x1c84  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:42:51.0692 0x1c84  TDPIPE - ok
19:42:51.0692 0x1c84  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:42:51.0692 0x1c84  TDTCP - ok
19:42:51.0708 0x1c84  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:42:51.0708 0x1c84  tdx - ok
19:42:51.0723 0x1c84  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:42:51.0723 0x1c84  TermDD - ok
19:42:51.0739 0x1c84  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
19:42:51.0770 0x1c84  TermService - ok
19:42:51.0770 0x1c84  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:42:51.0770 0x1c84  Themes - ok
19:42:51.0786 0x1c84  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:42:51.0801 0x1c84  THREADORDER - ok
19:42:51.0801 0x1c84  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:42:51.0817 0x1c84  TrkWks - ok
19:42:51.0817 0x1c84  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:42:51.0832 0x1c84  TrustedInstaller - ok
19:42:51.0832 0x1c84  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:42:51.0832 0x1c84  tssecsrv - ok
19:42:51.0848 0x1c84  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:42:51.0848 0x1c84  TsUsbFlt - ok
19:42:51.0848 0x1c84  tsusbhub - ok
19:42:51.0864 0x1c84  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:42:51.0864 0x1c84  tunnel - ok
19:42:51.0864 0x1c84  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:42:51.0879 0x1c84  uagp35 - ok
19:42:51.0879 0x1c84  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:42:51.0895 0x1c84  udfs - ok
19:42:51.0910 0x1c84  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:42:51.0910 0x1c84  UI0Detect - ok
19:42:51.0910 0x1c84  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:42:51.0926 0x1c84  uliagpkx - ok
19:42:51.0926 0x1c84  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
19:42:51.0926 0x1c84  umbus - ok
19:42:51.0942 0x1c84  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:42:51.0942 0x1c84  UmPass - ok
19:42:51.0942 0x1c84  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:42:51.0957 0x1c84  UmRdpService - ok
19:42:51.0973 0x1c84  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:42:51.0988 0x1c84  upnphost - ok
19:42:51.0988 0x1c84  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:42:51.0988 0x1c84  USBAAPL64 - ok
19:42:52.0004 0x1c84  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:42:52.0004 0x1c84  usbccgp - ok
19:42:52.0020 0x1c84  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:42:52.0020 0x1c84  usbcir - ok
19:42:52.0020 0x1c84  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:42:52.0020 0x1c84  usbehci - ok
19:42:52.0035 0x1c84  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:42:52.0051 0x1c84  usbhub - ok
19:42:52.0051 0x1c84  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:42:52.0066 0x1c84  usbohci - ok
19:42:52.0066 0x1c84  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:42:52.0066 0x1c84  usbprint - ok
19:42:52.0082 0x1c84  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
19:42:52.0082 0x1c84  USBSTOR - ok
19:42:52.0082 0x1c84  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:42:52.0082 0x1c84  usbuhci - ok
19:42:52.0098 0x1c84  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:42:52.0098 0x1c84  UxSms - ok
19:42:52.0098 0x1c84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
19:42:52.0113 0x1c84  VaultSvc - ok
19:42:52.0113 0x1c84  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:42:52.0113 0x1c84  vdrvroot - ok
19:42:52.0144 0x1c84  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:42:52.0160 0x1c84  vds - ok
19:42:52.0160 0x1c84  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:42:52.0160 0x1c84  vga - ok
19:42:52.0176 0x1c84  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:42:52.0176 0x1c84  VgaSave - ok
19:42:52.0176 0x1c84  VGPU - ok
19:42:52.0191 0x1c84  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:42:52.0191 0x1c84  vhdmp - ok
19:42:52.0207 0x1c84  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:42:52.0207 0x1c84  viaide - ok
19:42:52.0222 0x1c84  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:42:52.0222 0x1c84  vmbus - ok
19:42:52.0222 0x1c84  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:42:52.0222 0x1c84  VMBusHID - ok
19:42:52.0238 0x1c84  [ 93F279A2C172562050700A18FA84BE2E, EBFB6C530B4AC714963D31B5D424E7AF2B7D2CA1CF3E455294BE1E56CC8A3A12 ] vncmirror       C:\Windows\system32\DRIVERS\vncmirror.sys
19:42:52.0238 0x1c84  vncmirror - ok
19:42:52.0254 0x1c84  [ 36A9CE791DD90B8EF58A5920024BC431, 9A49494E649950C21AA225616F0389EE2E9558E2439A1222143FC1410326FD63 ] vncserver       C:\Program Files\RealVNC\VNC Server\vncservice.exe
19:42:52.0269 0x1c84  vncserver - ok
19:42:52.0285 0x1c84  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:42:52.0285 0x1c84  volmgr - ok
19:42:52.0300 0x1c84  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:42:52.0316 0x1c84  volmgrx - ok
19:42:52.0332 0x1c84  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:42:52.0332 0x1c84  volsnap - ok
19:42:52.0347 0x1c84  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:42:52.0347 0x1c84  vsmraid - ok
19:42:52.0394 0x1c84  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:42:52.0441 0x1c84  VSS - ok
19:42:52.0441 0x1c84  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:42:52.0441 0x1c84  vwifibus - ok
19:42:52.0456 0x1c84  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:42:52.0456 0x1c84  vwififlt - ok
19:42:52.0472 0x1c84  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:42:52.0488 0x1c84  W32Time - ok
19:42:52.0488 0x1c84  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:42:52.0488 0x1c84  WacomPen - ok
19:42:52.0503 0x1c84  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:42:52.0503 0x1c84  WANARP - ok
19:42:52.0503 0x1c84  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:42:52.0503 0x1c84  Wanarpv6 - ok
19:42:52.0550 0x1c84  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:42:52.0581 0x1c84  WatAdminSvc - ok
19:42:52.0628 0x1c84  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:42:52.0675 0x1c84  wbengine - ok
19:42:52.0690 0x1c84  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:42:52.0690 0x1c84  WbioSrvc - ok
19:42:52.0706 0x1c84  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:42:52.0722 0x1c84  wcncsvc - ok
19:42:52.0722 0x1c84  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:42:52.0737 0x1c84  WcsPlugInService - ok
19:42:52.0737 0x1c84  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:42:52.0737 0x1c84  Wd - ok
19:42:52.0768 0x1c84  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:42:52.0784 0x1c84  Wdf01000 - ok
19:42:52.0800 0x1c84  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:42:52.0800 0x1c84  WdiServiceHost - ok
19:42:52.0800 0x1c84  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:42:52.0800 0x1c84  WdiSystemHost - ok
19:42:52.0815 0x1c84  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
19:42:52.0831 0x1c84  WebClient - ok
19:42:52.0846 0x1c84  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:42:52.0846 0x1c84  Wecsvc - ok
19:42:52.0862 0x1c84  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:42:52.0862 0x1c84  wercplsupport - ok
19:42:52.0862 0x1c84  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:42:52.0878 0x1c84  WerSvc - ok
19:42:52.0878 0x1c84  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:42:52.0878 0x1c84  WfpLwf - ok
19:42:52.0878 0x1c84  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:42:52.0878 0x1c84  WIMMount - ok
19:42:52.0893 0x1c84  WinDefend - ok
19:42:52.0893 0x1c84  WinHttpAutoProxySvc - ok
19:42:52.0909 0x1c84  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:42:52.0924 0x1c84  Winmgmt - ok
19:42:52.0987 0x1c84  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
19:42:53.0034 0x1c84  WinRM - ok
19:42:53.0049 0x1c84  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:42:53.0049 0x1c84  WinUsb - ok
19:42:53.0080 0x1c84  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:42:53.0112 0x1c84  Wlansvc - ok
19:42:53.0112 0x1c84  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:42:53.0112 0x1c84  WmiAcpi - ok
19:42:53.0127 0x1c84  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:42:53.0127 0x1c84  wmiApSrv - ok
19:42:53.0127 0x1c84  WMPNetworkSvc - ok
19:42:53.0143 0x1c84  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:42:53.0143 0x1c84  WPCSvc - ok
19:42:53.0143 0x1c84  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:42:53.0158 0x1c84  WPDBusEnum - ok
19:42:53.0158 0x1c84  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:42:53.0158 0x1c84  ws2ifsl - ok
19:42:53.0174 0x1c84  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
19:42:53.0174 0x1c84  wscsvc - ok
19:42:53.0174 0x1c84  WSearch - ok
19:42:53.0252 0x1c84  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:42:53.0314 0x1c84  wuauserv - ok
19:42:53.0330 0x1c84  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:42:53.0330 0x1c84  WudfPf - ok
19:42:53.0346 0x1c84  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:42:53.0346 0x1c84  WUDFRd - ok
19:42:53.0361 0x1c84  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:42:53.0361 0x1c84  wudfsvc - ok
19:42:53.0377 0x1c84  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:42:53.0377 0x1c84  WwanSvc - ok
19:42:53.0392 0x1c84  ================ Scan global ===============================
19:42:53.0392 0x1c84  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:42:53.0408 0x1c84  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:42:53.0424 0x1c84  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:42:53.0439 0x1c84  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:42:53.0455 0x1c84  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:42:53.0455 0x1c84  [ Global ] - ok
19:42:53.0455 0x1c84  ================ Scan MBR ==================================
19:42:53.0455 0x1c84  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:42:53.0486 0x1c84  \Device\Harddisk0\DR0 - ok
19:42:53.0502 0x1c84  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:42:53.0502 0x1c84  \Device\Harddisk1\DR1 - ok
19:42:53.0502 0x1c84  ================ Scan VBR ==================================
19:42:53.0502 0x1c84  [ 725DC4A953FD41FEA032E3F0851DABE6 ] \Device\Harddisk0\DR0\Partition1
19:42:53.0502 0x1c84  \Device\Harddisk0\DR0\Partition1 - ok
19:42:53.0517 0x1c84  [ 8663DE2FAD123B66DC491497F0ACA60F ] \Device\Harddisk0\DR0\Partition2
19:42:53.0517 0x1c84  \Device\Harddisk0\DR0\Partition2 - ok
19:42:53.0517 0x1c84  [ 7725E67B9EBF608F30BCB2AB11231839 ] \Device\Harddisk1\DR1\Partition1
19:42:53.0517 0x1c84  \Device\Harddisk1\DR1\Partition1 - ok
19:42:53.0517 0x1c84  ================ Scan generic autorun ======================
19:42:53.0517 0x1c84  [ EB20EF520619D52C5E861C7DF9F84993, F138703D2AD8A5F6024CEE79109FFAEB93E357B8FAD97A0E9A5D2883EE03DD7D ] C:\Program Files (x86)\Paragon Software\HFS+ for Windows  10.0\apmwinsrv.exe
19:42:53.0517 0x1c84  apmwinapp - ok
19:42:53.0533 0x1c84  [ 4E7196DECFB3B52E67AB3B4F5A3333D9, 06B88ACCD676EFF001AA9802DFD1B9E91F06AAC4474971FAF6020B3BA5D4DFC2 ] C:\Windows\system32\igfxtray.exe
19:42:53.0533 0x1c84  IgfxTray - ok
19:42:53.0548 0x1c84  [ 2C75C174AFCE8DB611DE3826E84C6F43, 431B7C2AA21E109C8ECCBC0C2BE05C2FCC1BF0FBC44C50C91DE29137D0008F6E ] C:\Windows\system32\hkcmd.exe
19:42:53.0564 0x1c84  HotKeysCmds - ok
19:42:53.0580 0x1c84  [ AB31B066602DB66D6FF238B015EC6E58, C75B029B45A44ADFF8ADA2FA14689803CF2889A139F3F8B8925E76AD5EFEF2D6 ] C:\Windows\system32\igfxpers.exe
19:42:53.0595 0x1c84  Persistence - ok
19:42:53.0954 0x1c84  [ 0EB58BB7A9E4711167A16B494FA6EF51, 6BA4A53D27AB322910263EC73DAF44F00D11AAFA2390109951D42E8283976F2D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:42:54.0282 0x1c84  RTHDVCPL - ok
19:42:54.0297 0x1c84  [ 19639B7A5A7644477538CBB6A531A8BC, EBE31C089CC8DD28EDCA21C33A9DFB246DB8FC5A06666758E0B4C529A2931D33 ] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
19:42:54.0313 0x1c84  BtServer - ok
19:42:54.0313 0x1c84  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
19:42:54.0313 0x1c84  IAStorIcon - ok
19:42:54.0328 0x1c84  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
19:42:54.0328 0x1c84  BCSSync - ok
19:42:54.0344 0x1c84  [ 169C7F567E8E7EBA285DDEDD6F002D26, 9F94C0DA6EA1C2EF190498F25D3A9965C09FC0DE6EF76DFA0200903E31F00BD8 ] C:\Program Files (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfsactivator.exe
19:42:54.0344 0x1c84  HFS Activator - ok
19:42:54.0360 0x1c84  [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
19:42:54.0375 0x1c84  USB3MON - ok
19:42:54.0375 0x1c84  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files\iTunes\iTunesHelper.exe
19:42:54.0375 0x1c84  iTunesHelper - ok
19:42:54.0422 0x1c84  [ EF9175A571AA3E73EB765289625FD5B3, 12E405A70DC4B37A527D5B2D17A5179422F3D01D7DD46E67C9FCA769F09AFAB9 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
19:42:54.0453 0x1c84  DBAgent - ok
19:42:54.0484 0x1c84  [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:42:54.0484 0x1c84  SunJavaUpdateSched - ok
19:42:54.0500 0x1c84  [ 7027F35E3AA472EC230DBCF19E4165E6, 3B43EDA9AC096F75871F8D46AE9C825CE7FF48AB0C13A68182358A4E9579AE43 ] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
19:42:54.0500 0x1c84  PWRISOVM.EXE - ok
19:42:54.0609 0x1c84  [ FC1B777E20F3E752CB24357AD68A9E27, 8DCB6EDA8BC4A2FDB70A8406F8D528C356B8FCD223AFE917091F5698519F3862 ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
19:42:54.0687 0x1c84  AVG_UI - ok
19:42:54.0781 0x1c84  [ EEA11C38F881A7DBF817F022F1BB7DD7, 1268B5650A2EA052461C524432C835CCEE67B172FA810B1B7193EE3C49BA7138 ] C:\blp\API\Office Tools\bbxlcmd.exe
19:42:54.0843 0x1c84  CLRHost - ok
19:42:54.0859 0x1c84  [ 45CC262346C3BE6585AA4CB875D6D81B, A001C5EBD3D6572DAB7BC47AD3DBB10E7A247DE77772942114B06FAAAF12008F ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
19:42:54.0859 0x1c84  Uploader - ok
19:42:54.0874 0x1c84  [ 925F39488F2ADD1A1A31AF32B6ECC160, B502778EBED00DD6C486854CB3F6B145023523ACDCDE5C033FBFAC0B840E5579 ] C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
19:42:54.0890 0x1c84  instanteyedropper - ok
19:42:54.0890 0x1c84  Waiting for KSN requests completion. In queue: 324
19:42:55.0904 0x1c84  Waiting for KSN requests completion. In queue: 324
19:42:56.0918 0x1c84  Waiting for KSN requests completion. In queue: 18
19:42:57.0994 0x1c84  AV detected via SS2: AVG Internet Security 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5576 ), 0x40000 ( disabled : updated )
19:42:57.0994 0x1c84  FW detected via SS2: AVG Internet Security 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5576 ), 0x41010 ( enabled )
19:43:00.0600 0x1c84  ============================================================
19:43:00.0600 0x1c84  Scan finished
19:43:00.0600 0x1c84  ============================================================
19:43:00.0615 0x218c  Detected object count: 0
19:43:00.0615 0x218c  Actual detected object count: 0
 

 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 PM

Posted 26 December 2014 - 09:48 PM

Reset both browsers to default

Chrome
 
FireFox
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Chry5alid

Chry5alid
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 26 December 2014 - 09:53 PM

This was already done, just reset Firefox, will do Chrome now.

 

 

# AdwCleaner v4.106 - Report created 26/12/2014 at 19:48:06
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Overlord - MEDIASLAVE
# Running from : C:\Users\Overlord\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Overlord\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
Folder Deleted : C:\Users\Overlord\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


-\\ Google Chrome v39.0.2171.95

[C:\Users\Overlord\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Overlord\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

*************************

AdwCleaner[R0].txt - [2536 octets] - [26/12/2014 15:50:57]
AdwCleaner[R1].txt - [1461 octets] - [26/12/2014 19:45:27]
AdwCleaner[S0].txt - [2629 octets] - [26/12/2014 15:53:35]
AdwCleaner[S1].txt - [1390 octets] - [26/12/2014 19:48:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1450 octets] ##########
 

 



#7 Chry5alid

Chry5alid
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 26 December 2014 - 10:04 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Ultimate x64
Ran by Overlord on Fri 12/26/2014 at 19:57:22.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 12/26/2014 at 20:01:46.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 



#8 Chry5alid

Chry5alid
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 26 December 2014 - 11:20 PM

C:\Users\Overlord\Downloads\~Utilities CD\Copying from Ipod\IPod.Access.for.Windows.v4.0.5.Incl.Keymaker-CORE\IPod.Access.for.Windows.v4.0.5.Incl.Keymaker-CORE.rar    a variant of Win32/Keygen.CP potentially unsafe application
C:\Users\Overlord\Downloads\~Utilities CD\NewsGroup Essentials\NewsGroup Apps\NewShark 1.1.2\advert1.zip    a variant of Win32/Adware.Aureate application



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 PM

Posted 27 December 2014 - 08:37 PM

Looks like a cracked app was downloaded.. This is where the malware comes from. They will trade a free item (loaded with info stealers ) for hopefully your personal info.

How is it running now?

Run one more tool....

Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Double click on downloaded file. OK self extracting prompt.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users