Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 8.1 Redirect Virus Removal Help


  • Please log in to reply
6 replies to this topic

#1 Bransonb3

Bransonb3

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 03 February 2015 - 10:10 PM

I downloaded a keygen and got a virus or two. :( When I ran the program it installed Search Protect, Pro Pc Cleaner, and WebZoom (I think I have completely removed all of these but I'm not 100% sure). When browsing any site after a clicks a new tab will up and start redirecting at least 3 times to a random website (most of the time apx.axonan.com is the first redirect). Also some words have ads on them from NavLinks. I have run AdwCleaner and Junkware Removal Tool (JRT), neither helped fix the problem.
This is the site where I downloaded the file: "hxxp://druzhininevgeniy63.blogspot.com/2014/02/mediashout-45-crack.html"
This is the VirusTotal scan: "https://www.virustotal.com/en/file/5a03df2070bbfeb521d37ed73276537dacc8607b6923d23bcff422f3d33a6e9e/analysis/1423013115/"

Processes
coz32host.exe
coz64host.exe
cozaghost.exe
cozwdhost.exe
 
All of the above processes are located at "C:\ProgramData\makulitsidwe\1.1.0.29". There is an uninstaller in there but when I try to run it, it doesn't do anything.
When I try to close any of the above processes they restart themselves.
 
 
I am going to run a deep scan with Vipre tonight, if it finds anything I will post them.

Edit: Topic moved from Windows 8 to the more appropriate forum. Also the link to a potentially deceptive website deactivated to prevent anyone from inadvertently getting infected. Please do not visit that site without adequate malware protection enabled. ~ Animal

BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:02 PM

Posted 03 February 2015 - 11:20 PM

Hello, The practice of using keygens, hacking tools, cracking tools, warez, torrents or any pirated software is not only considered illegal activity but it is a serious security risk.

 

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

TrendMicro Warning



...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV



...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study



...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware



...a staggering 59% of the key generators and crack tools downloaded from P2P networks represent a security liability since they contain malicious and unwanted code. "25% of the Web sites we accessed offering counterfeit product keys, pirated software, key generators or crack tools attempted to install either malicious software or potentially unwanted software. A significant number of these Web sites attempted to install malicious or unwanted code...In addition to the peer-to-peer networks, 11% of the key generators and crack tools downloaded from Web sites were also plagued by malicious and unwanted software.

Microsoft Reveals the Risks of Using Pirated XP and Office
Whatever You Do, Do Not Download Windows 7 Via Torrent Sites

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

I strongly recommend that you remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so they need to be removed.

Using these types of programs or the websites visited to get them is almost a guaranteed way to get yourself infected!!


>>>>>>

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.
51a46ae42d560-malwarebytes_anti_malware.Malwarebytes Anti-Malware
  • Download MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.

Edited by boopme, 03 February 2015 - 11:22 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Bransonb3

Bransonb3
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 04 February 2015 - 10:36 AM

MiniToolbox Report

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Branson (administrator) on 04-02-2015 at 06:43:04
Running from "C:\Users\Branson\Downloads"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Dell Wireless 1707 802.11b/g/n (2.4GHZ) = Wi-Fi (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 6" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : BT-School-LT
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : triad.rr.com
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 4C-BB-58-2A-79-A4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 1E-BB-58-2A-79-A3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : triad.rr.com
   Description . . . . . . . . . . . : Dell Wireless 1707 802.11b/g/n (2.4GHZ)
   Physical Address. . . . . . . . . : 4C-BB-58-2A-79-A3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : fd23:da9c:3540:0:68a6:d9cf:d2d5:a595(Preferred) 
   Temporary IPv6 Address. . . . . . : fd23:da9c:3540:0:6997:855c:f888:80e4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::68a6:d9cf:d2d5:a595%3(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.132(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, February 3, 2015 10:20:02 PM
   Lease Expires . . . . . . . . . . : Wednesday, February 4, 2015 7:01:28 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 55360344
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-C7-0C-58-9C-EB-E8-17-72-2D
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter VirtualBox Host-Only Network:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
   Physical Address. . . . . . . . . : 08-00-27-00-84-E2
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f944:7752:1622:2d2e%14(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 386400295
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-C7-0C-58-9C-EB-E8-17-72-2D
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.triad.rr.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : triad.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{86529298-BA3C-4562-B542-3C736F35774B}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61
 
Name:    google.com
Addresses:  2607:f8b0:4002:c07::65
 74.125.196.138
 74.125.196.101
 74.125.196.139
 74.125.196.102
 74.125.196.113
 74.125.196.100
 
 
Pinging google.com [74.125.196.113] with 32 bytes of data:
Reply from 74.125.196.113: bytes=32 time=31ms TTL=41
Reply from 74.125.196.113: bytes=32 time=28ms TTL=41
 
Ping statistics for 74.125.196.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 31ms, Average = 29ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=63ms TTL=46
Reply from 98.138.253.109: bytes=32 time=60ms TTL=46
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 60ms, Maximum = 63ms, Average = 61ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  9...4c bb 58 2a 79 a4 ......Bluetooth Device (Personal Area Network)
  5...1e bb 58 2a 79 a3 ......Microsoft Wi-Fi Direct Virtual Adapter
  3...4c bb 58 2a 79 a3 ......Dell Wireless 1707 802.11b/g/n (2.4GHZ)
 14...08 00 27 00 84 e2 ......VirtualBox Host-Only Ethernet Adapter
  1...........................Software Loopback Interface 1
  6...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.132     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.132    281
    192.168.1.132  255.255.255.255         On-link     192.168.1.132    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.132    281
     192.168.56.0    255.255.255.0         On-link      192.168.56.1    276
     192.168.56.1  255.255.255.255         On-link      192.168.56.1    276
   192.168.56.255  255.255.255.255         On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0         On-link     192.168.1.132    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.56.1    276
  255.255.255.255  255.255.255.255         On-link     192.168.1.132    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  3    281 fd23:da9c:3540::/64      On-link
  3    281 fd23:da9c:3540:0:68a6:d9cf:d2d5:a595/128
                                    On-link
  3    281 fd23:da9c:3540:0:6997:855c:f888:80e4/128
                                    On-link
 14    276 fe80::/64                On-link
  3    281 fe80::/64                On-link
  3    281 fe80::68a6:d9cf:d2d5:a595/128
                                    On-link
 14    276 fe80::f944:7752:1622:2d2e/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    276 ff00::/8                 On-link
  3    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/04/2015 04:27:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/03/2015 11:39:50 PM) (Source: Application Hang) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1f04
 
Start Time: 01d04033e400c09c
 
Termination Time: 4294967295
 
Application Path: C:\Windows\syswow64\wwahost.exe
 
Report Id: d893b760-ac27-11e4-8284-4cbb582a79a4
 
Faulting package full name: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
 
Faulting package-relative application ID: App
 
Error: (02/03/2015 11:32:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/03/2015 09:54:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: BT-SCHOOL-LT)
Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/03/2015 09:38:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: BT-SCHOOL-LT)
Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (02/03/2015 10:20:35 PM) (Source: Service Control Manager) (User: )
Description: The cozaghost service failed to start due to the following error: 
%%1053
 
Error: (02/03/2015 10:20:35 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the cozaghost service to connect.
 
Error: (02/03/2015 10:18:50 PM) (Source: DCOM) (User: BT-SCHOOL-LT)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (02/03/2015 10:18:20 PM) (Source: DCOM) (User: BT-SCHOOL-LT)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (02/03/2015 10:17:50 PM) (Source: DCOM) (User: BT-SCHOOL-LT)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (02/03/2015 10:17:20 PM) (Source: DCOM) (User: BT-SCHOOL-LT)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (02/03/2015 10:16:07 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (02/03/2015 10:15:37 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (02/03/2015 10:14:20 PM) (Source: DCOM) (User: BT-SCHOOL-LT)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (02/03/2015 10:13:50 PM) (Source: DCOM) (User: BT-SCHOOL-LT)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
 
Microsoft Office Sessions:
=========================
Error: (02/04/2015 04:27:52 AM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
 
Error: (02/03/2015 11:39:50 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.174151f0401d04033e400c09c4294967295C:\Windows\syswow64\wwahost.exed893b760-ac27-11e4-8284-4cbb582a79a4Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
 
Error: (02/03/2015 11:32:04 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
 
Error: (02/03/2015 09:54:27 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: BT-SCHOOL-LT)
Description: WinStore_cw5n1h2txyewy!Windows.Store-2144927151
 
Error: (02/03/2015 09:38:47 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: BT-SCHOOL-LT)
Description: WinStore_cw5n1h2txyewy!Windows.Store-2144927151
 
 
 
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.356 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
ANDY OS (HKLM-x32\...\Andy OS) (Version: 1.1 - andyroid.net)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.3 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{9E4750A7-90F6-4181-8A8A-B1ADF4216E93}) (Version: 1.0.1059.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
Face Recognition (HKLM\...\{35ECC39B-95C8-4556-AECF-D0EC4E7F7699}) (Version: 4.1.221.1 - Sensible Vision)
GFI Business Agent (HKLM-x32\...\{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}) (Version: 6.2.5530 - GFI Software)
GFI Business Agent (x32 Version: 6.2.5530 - GFI Software) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Message+ (HKLM-x32\...\{1ca30da3-9557-44ec-bdf2-e0887854efd9}) (Version: 1.0.14.0 - Verizon)
Message+ (x32 Version: 1.0.14.0 - Verizon) Hidden
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
MiniGet 1.0.8.2564 (HKLM-x32\...\MiniGet) (Version: 1.0.8.2564 - MiniGet)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
SketchUp 2015 (HKLM\...\{319CD380-1AAB-4CAD-BE1D-59189A780FA6}) (Version: 15.2.685 - Trimble Navigation Limited)
Spotify (HKCU\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Update for Microsoft en-us Dictionary (Version: 16.1.1305.1 - Microsoft Corporation) Hidden
VSee (HKCU\...\VSee) (Version: 14.0.0.1126 - VSee Lab Inc)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinSCP 5.5.6 (HKLM-x32\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 63%
Total physical RAM: 3979.2 MB
Available physical RAM: 1458.48 MB
Total Pagefile: 8075.2 MB
Available Pagefile: 4546.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.84 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:456.81 GB) (Free:370.95 GB) NTFS
2 Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
3 Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.46 GB) NTFS
4 Drive y: (PBR Image) (Fixed) (Total:7.56 GB) (Free:0.74 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\BT-SCHOOL-LT
 
Administrator            Branson                  Guest                    
 
 
**** End of log ****
 

 

TDSSKiller Report
06:44:38.0032 0x1ddc  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
06:44:38.0033 0x1ddc  UEFI system
06:44:42.0821 0x1ddc  ============================================================
06:44:42.0821 0x1ddc  Current date / time: 2015/02/04 06:44:42.0821
06:44:42.0821 0x1ddc  SystemInfo:
06:44:42.0821 0x1ddc  
06:44:42.0821 0x1ddc  OS Version: 6.3.9600 ServicePack: 0.0
06:44:42.0821 0x1ddc  Product type: Workstation
06:44:42.0821 0x1ddc  ComputerName: BT-SCHOOL-LT
06:44:42.0821 0x1ddc  UserName: Branson
06:44:42.0821 0x1ddc  Windows directory: C:\Windows
06:44:42.0821 0x1ddc  System windows directory: C:\Windows
06:44:42.0821 0x1ddc  Running under WOW64
06:44:42.0821 0x1ddc  Processor architecture: Intel x64
06:44:42.0821 0x1ddc  Number of processors: 4
06:44:42.0821 0x1ddc  Page size: 0x1000
06:44:42.0821 0x1ddc  Boot type: Normal boot
06:44:42.0822 0x1ddc  ============================================================
06:44:43.0131 0x1ddc  KLMD registered as C:\Windows\system32\drivers\48141733.sys
06:44:43.0661 0x1ddc  System UUID: {FE7FB19D-C833-3D82-5AC4-C5A0877C2EE7}
06:44:44.0164 0x1ddc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:44:44.0196 0x1ddc  ============================================================
06:44:44.0196 0x1ddc  \Device\Harddisk0\DR0:
06:44:44.0196 0x1ddc  GPT partitions:
06:44:44.0197 0x1ddc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C842F051-2103-4E69-A6B3-446509A44A54}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
06:44:44.0197 0x1ddc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {26D52CAA-DF7B-49F7-BE9E-6EF7179E26B5}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
06:44:44.0197 0x1ddc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D2DD19FD-9AFD-43CB-8242-F3253287CC48}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
06:44:44.0197 0x1ddc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FED4B463-1F1D-450B-A586-0ADB190C47F8}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0x177000
06:44:44.0197 0x1ddc  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {495A8938-8EFC-4B0E-9DA8-2BE352DDD718}, Name: Basic data partition, StartLBA 0x2C5800, BlocksNum 0x391A1000
06:44:44.0197 0x1ddc  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {66181E30-6BDA-4992-B3DC-54249E68BC9D}, Name: Microsoft recovery partition, StartLBA 0x39466800, BlocksNum 0xF1F030
06:44:44.0197 0x1ddc  MBR partitions:
06:44:44.0197 0x1ddc  ============================================================
06:44:44.0216 0x1ddc  C: <-> \Device\Harddisk0\DR0\Partition5
06:44:44.0216 0x1ddc  ============================================================
06:44:44.0216 0x1ddc  Initialize success
06:44:44.0216 0x1ddc  ============================================================
06:44:56.0856 0x1c9c  ============================================================
06:44:56.0856 0x1c9c  Scan started
06:44:56.0856 0x1c9c  Mode: Manual; 
06:44:56.0856 0x1c9c  ============================================================
06:44:56.0856 0x1c9c  KSN ping started
06:44:59.0297 0x1c9c  KSN ping finished: true
06:45:01.0479 0x1c9c  ================ Scan system memory ========================
06:45:01.0480 0x1c9c  System memory - ok
06:45:01.0481 0x1c9c  ================ Scan services =============================
06:45:01.0621 0x1c9c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
06:45:01.0631 0x1c9c  1394ohci - ok
06:45:01.0657 0x1c9c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
06:45:01.0662 0x1c9c  3ware - ok
06:45:01.0719 0x1c9c  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
06:45:01.0738 0x1c9c  ACPI - ok
06:45:01.0762 0x1c9c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
06:45:01.0768 0x1c9c  acpiex - ok
06:45:01.0777 0x1c9c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
06:45:01.0779 0x1c9c  acpipagr - ok
06:45:01.0788 0x1c9c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
06:45:01.0791 0x1c9c  AcpiPmi - ok
06:45:01.0799 0x1c9c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
06:45:01.0801 0x1c9c  acpitime - ok
06:45:01.0868 0x1c9c  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:45:01.0873 0x1c9c  AdobeARMservice - ok
06:45:01.0949 0x1c9c  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:45:01.0958 0x1c9c  AdobeFlashPlayerUpdateSvc - ok
06:45:02.0015 0x1c9c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
06:45:02.0042 0x1c9c  ADP80XX - ok
06:45:02.0085 0x1c9c  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
06:45:02.0093 0x1c9c  AeLookupSvc - ok
06:45:02.0164 0x1c9c  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
06:45:02.0169 0x1c9c  AERTFilters - ok
06:45:02.0210 0x1c9c  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
06:45:02.0232 0x1c9c  AFD - ok
06:45:02.0251 0x1c9c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
06:45:02.0255 0x1c9c  agp440 - ok
06:45:02.0297 0x1c9c  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
06:45:02.0301 0x1c9c  ahcache - ok
06:45:02.0344 0x1c9c  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
06:45:02.0349 0x1c9c  ALG - ok
06:45:02.0373 0x1c9c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
06:45:02.0378 0x1c9c  AmdK8 - ok
06:45:02.0400 0x1c9c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
06:45:02.0407 0x1c9c  AmdPPM - ok
06:45:02.0418 0x1c9c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
06:45:02.0422 0x1c9c  amdsata - ok
06:45:02.0452 0x1c9c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
06:45:02.0462 0x1c9c  amdsbs - ok
06:45:02.0472 0x1c9c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
06:45:02.0474 0x1c9c  amdxata - ok
06:45:02.0510 0x1c9c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
06:45:02.0515 0x1c9c  AppID - ok
06:45:02.0548 0x1c9c  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
06:45:02.0552 0x1c9c  AppIDSvc - ok
06:45:02.0586 0x1c9c  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
06:45:02.0591 0x1c9c  Appinfo - ok
06:45:02.0654 0x1c9c  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
06:45:02.0675 0x1c9c  AppReadiness - ok
06:45:02.0741 0x1c9c  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
06:45:02.0798 0x1c9c  AppXSvc - ok
06:45:02.0825 0x1c9c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
06:45:02.0831 0x1c9c  arcsas - ok
06:45:02.0840 0x1c9c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
06:45:02.0842 0x1c9c  atapi - ok
06:45:02.0875 0x1c9c  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
06:45:02.0880 0x1c9c  AthBTPort - ok
06:45:02.0958 0x1c9c  [ 80D0DABA99C0AFCE1E4B88D81765097B, 04DB7C49E8A5E6B7AA60B2408C007E5D2DE94052A311BDD7152881C45CBE563F ] AtherosSvc      C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
06:45:02.0971 0x1c9c  AtherosSvc - ok
06:45:03.0139 0x1c9c  [ BBE82125AC1E180DA7E3AF98AB4C0DA2, A0723EBC70B861B2F7EEF7CAEBE66DEF044CBCB0D5C8F4441197264EF69E9641 ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
06:45:03.0296 0x1c9c  athr - ok
06:45:03.0329 0x1c9c  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
06:45:03.0358 0x1c9c  AudioEndpointBuilder - ok
06:45:03.0428 0x1c9c  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\Windows\System32\Audiosrv.dll
06:45:03.0461 0x1c9c  Audiosrv - ok
06:45:03.0521 0x1c9c  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
06:45:03.0527 0x1c9c  AxInstSV - ok
06:45:03.0580 0x1c9c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
06:45:03.0600 0x1c9c  b06bdrv - ok
06:45:03.0623 0x1c9c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
06:45:03.0627 0x1c9c  BasicDisplay - ok
06:45:03.0648 0x1c9c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
06:45:03.0651 0x1c9c  BasicRender - ok
06:45:03.0680 0x1c9c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
06:45:03.0683 0x1c9c  bcmfn2 - ok
06:45:03.0725 0x1c9c  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
06:45:03.0739 0x1c9c  BDESVC - ok
06:45:03.0759 0x1c9c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
06:45:03.0763 0x1c9c  Beep - ok
06:45:03.0833 0x1c9c  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
06:45:03.0863 0x1c9c  BFE - ok
06:45:03.0914 0x1c9c  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
06:45:03.0951 0x1c9c  BITS - ok
06:45:04.0000 0x1c9c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
06:45:04.0016 0x1c9c  Bonjour Service - ok
06:45:04.0049 0x1c9c  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
06:45:04.0055 0x1c9c  bowser - ok
06:45:04.0102 0x1c9c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
06:45:04.0113 0x1c9c  BrokerInfrastructure - ok
06:45:04.0149 0x1c9c  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
06:45:04.0157 0x1c9c  Browser - ok
06:45:04.0187 0x1c9c  [ DE8D825D9D45108CC7640C7944E68D60, 554F473BB5CC5DABB125E821BC57A62026E996A6405E8724464B5ABCE50B626F ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
06:45:04.0200 0x1c9c  BTATH_A2DP - ok
06:45:04.0222 0x1c9c  [ 30609197DBF90028615E9CE312C60A14, F7FCA3DB15A02D5EB583DA50132A6C30D59A7D521EA548AD5AACF8D2E2F41E72 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
06:45:04.0228 0x1c9c  btath_avdt - ok
06:45:04.0249 0x1c9c  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS       C:\Windows\system32\drivers\btath_bus.sys
06:45:04.0252 0x1c9c  BTATH_BUS - ok
06:45:04.0271 0x1c9c  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\Windows\System32\drivers\btath_hcrp.sys
06:45:04.0278 0x1c9c  BTATH_HCRP - ok
06:45:04.0294 0x1c9c  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
06:45:04.0298 0x1c9c  BTATH_LWFLT - ok
06:45:04.0318 0x1c9c  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
06:45:04.0325 0x1c9c  BTATH_RCP - ok
06:45:04.0363 0x1c9c  [ 8434237E1EC39E85D8ACE6FA694A5733, CE4261DC6AE5393327DC43D97F35FC9AE86665F89D17CC5708AA3D387B4FFFA5 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
06:45:04.0385 0x1c9c  BtFilter - ok
06:45:04.0400 0x1c9c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
06:45:04.0403 0x1c9c  BthAvrcpTg - ok
06:45:04.0451 0x1c9c  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
06:45:04.0455 0x1c9c  BthEnum - ok
06:45:04.0486 0x1c9c  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
06:45:04.0490 0x1c9c  BthHFEnum - ok
06:45:04.0501 0x1c9c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
06:45:04.0504 0x1c9c  bthhfhid - ok
06:45:04.0553 0x1c9c  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
06:45:04.0566 0x1c9c  BthHFSrv - ok
06:45:04.0599 0x1c9c  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
06:45:04.0608 0x1c9c  BthLEEnum - ok
06:45:04.0625 0x1c9c  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
06:45:04.0629 0x1c9c  BTHMODEM - ok
06:45:04.0661 0x1c9c  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\System32\drivers\bthpan.sys
06:45:04.0666 0x1c9c  BthPan - ok
06:45:04.0747 0x1c9c  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
06:45:04.0803 0x1c9c  BTHPORT - ok
06:45:04.0850 0x1c9c  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
06:45:04.0856 0x1c9c  bthserv - ok
06:45:04.0890 0x1c9c  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
06:45:04.0895 0x1c9c  BTHUSB - ok
06:45:04.0919 0x1c9c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
06:45:04.0924 0x1c9c  cdfs - ok
06:45:04.0943 0x1c9c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
06:45:04.0951 0x1c9c  cdrom - ok
06:45:04.0986 0x1c9c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
06:45:04.0994 0x1c9c  CertPropSvc - ok
06:45:05.0020 0x1c9c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
06:45:05.0023 0x1c9c  circlass - ok
06:45:05.0055 0x1c9c  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
06:45:05.0069 0x1c9c  CLFS - ok
06:45:05.0221 0x1c9c  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
06:45:05.0291 0x1c9c  ClickToRunSvc - ok
06:45:05.0336 0x1c9c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
06:45:05.0339 0x1c9c  CmBatt - ok
06:45:05.0401 0x1c9c  [ 114AAF528D3D87D306F3682E618E8091, A030AC04AF042F8F4BB95A9CE2B442D31432C4EEE60502279F169B0FA2E52AAB ] CNG             C:\Windows\system32\Drivers\cng.sys
06:45:05.0423 0x1c9c  CNG - ok
06:45:05.0454 0x1c9c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
06:45:05.0457 0x1c9c  CompositeBus - ok
06:45:05.0465 0x1c9c  COMSysApp - ok
06:45:05.0479 0x1c9c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
06:45:05.0482 0x1c9c  condrv - ok
06:45:05.0590 0x1c9c  [ FA3035A79D0F0AE155DD9214074C2C48, AC060F8559CE511512730F7B539D60CAC6EEC0229053048D52751B4839D7388D ] cozaghost       C:\ProgramData\makulitsidwe\1.1.0.29\cozaghost.exe
06:45:05.0608 0x1c9c  cozaghost - ok
06:45:05.0628 0x1c9c  [ FB0856AF79FC0604656C8649941DC666, 91557F83AF12349F0D2E161A8EE5FB55477C193FE0717FA8ABFC08CC14A4E204 ] cozwdhost       C:\ProgramData\makulitsidwe\1.1.0.29\cozwdhost.exe
06:45:05.0639 0x1c9c  cozwdhost - ok
06:45:05.0721 0x1c9c  [ AAF700D554D4A66FD0146FF98D0798BD, 3FF70095DF159BE425A1439496B3D8765584419D38D82D161A1FCA7F3A420EB2 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
06:45:05.0733 0x1c9c  cphs - ok
06:45:05.0784 0x1c9c  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
06:45:05.0791 0x1c9c  CryptSvc - ok
06:45:05.0807 0x1c9c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
06:45:05.0811 0x1c9c  dam - ok
06:45:05.0879 0x1c9c  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
06:45:05.0910 0x1c9c  DcomLaunch - ok
06:45:05.0953 0x1c9c  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
06:45:05.0973 0x1c9c  defragsvc - ok
06:45:06.0041 0x1c9c  [ EDC701B55802DE6B5A27546991D6900D, 65D0A86B210C401EF01EE032F80B0EB04E036146DC1902EA52462A12ED89E3FE ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
06:45:06.0049 0x1c9c  DellDigitalDelivery - ok
06:45:06.0102 0x1c9c  [ 0B7F51B13AFB88B5D35FC6BF326F2A4E, 4285D7E3698A3CA45E43AD499F6512BF6AAB8CA20B00978BA12A7F452AFD22EE ] DellProdRegManager C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
06:45:06.0114 0x1c9c  DellProdRegManager - ok
06:45:06.0147 0x1c9c  [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn        C:\Windows\System32\drivers\DellRbtn.sys
06:45:06.0150 0x1c9c  DellRbtn - ok
06:45:06.0200 0x1c9c  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
06:45:06.0216 0x1c9c  DeviceAssociationService - ok
06:45:06.0255 0x1c9c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
06:45:06.0264 0x1c9c  DeviceInstall - ok
06:45:06.0296 0x1c9c  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
06:45:06.0303 0x1c9c  Dfsc - ok
06:45:06.0340 0x1c9c  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
06:45:06.0372 0x1c9c  dg_ssudbus - ok
06:45:06.0423 0x1c9c  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
06:45:06.0438 0x1c9c  Dhcp - ok
06:45:06.0463 0x1c9c  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
06:45:06.0468 0x1c9c  disk - ok
06:45:06.0484 0x1c9c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
06:45:06.0487 0x1c9c  dmvsc - ok
06:45:06.0533 0x1c9c  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
06:45:06.0544 0x1c9c  Dnscache - ok
06:45:06.0587 0x1c9c  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
06:45:06.0599 0x1c9c  dot3svc - ok
06:45:06.0656 0x1c9c  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
06:45:06.0665 0x1c9c  DPS - ok
06:45:06.0699 0x1c9c  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
06:45:06.0702 0x1c9c  drmkaud - ok
06:45:06.0745 0x1c9c  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
06:45:06.0754 0x1c9c  DsmSvc - ok
06:45:06.0851 0x1c9c  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
06:45:06.0919 0x1c9c  DXGKrnl - ok
06:45:06.0963 0x1c9c  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
06:45:06.0969 0x1c9c  Eaphost - ok
06:45:07.0116 0x1c9c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
06:45:07.0250 0x1c9c  ebdrv - ok
06:45:07.0294 0x1c9c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
06:45:07.0300 0x1c9c  EFS - ok
06:45:07.0317 0x1c9c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
06:45:07.0322 0x1c9c  EhStorClass - ok
06:45:07.0344 0x1c9c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
06:45:07.0350 0x1c9c  EhStorTcgDrv - ok
06:45:07.0359 0x1c9c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
06:45:07.0361 0x1c9c  ErrDev - ok
06:45:07.0422 0x1c9c  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
06:45:07.0442 0x1c9c  EventSystem - ok
06:45:07.0467 0x1c9c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
06:45:07.0476 0x1c9c  exfat - ok
06:45:07.0504 0x1c9c  [ FD8B6A351CAFB7FA8F20F0263D0124A6, A0F0294FA5AF1CAB395411D7EF0D02EA5199621FE5B6F46003225B0F60CE023F ] facap           C:\Windows\system32\DRIVERS\facap.sys
06:45:07.0508 0x1c9c  facap - ok
06:45:07.0651 0x1c9c  [ C49A756D21A513DAC8FC0673F30C6B29, 2FBCFCDDA4B9595B00B819132BF489099C68C99E258A23E25B597C1B50EA0690 ] FAService       C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
06:45:07.0733 0x1c9c  FAService - ok
06:45:07.0778 0x1c9c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
06:45:07.0787 0x1c9c  fastfat - ok
06:45:07.0848 0x1c9c  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
06:45:07.0873 0x1c9c  Fax - ok
06:45:07.0890 0x1c9c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
06:45:07.0893 0x1c9c  fdc - ok
06:45:07.0930 0x1c9c  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
06:45:07.0934 0x1c9c  fdPHost - ok
06:45:07.0977 0x1c9c  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
06:45:07.0982 0x1c9c  FDResPub - ok
06:45:08.0022 0x1c9c  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
06:45:08.0029 0x1c9c  fhsvc - ok
06:45:08.0046 0x1c9c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
06:45:08.0050 0x1c9c  FileInfo - ok
06:45:08.0070 0x1c9c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
06:45:08.0074 0x1c9c  Filetrace - ok
06:45:08.0095 0x1c9c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
06:45:08.0098 0x1c9c  flpydisk - ok
06:45:08.0149 0x1c9c  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
06:45:08.0163 0x1c9c  FltMgr - ok
06:45:08.0255 0x1c9c  [ 7269C9013FCFA3C6E70F03E2630DBFC3, AAB282B4444CC17D197974D05063C7C97E5202E604681DD2DC3BCF0AE77D6057 ] FontCache       C:\Windows\system32\FntCache.dll
06:45:08.0312 0x1c9c  FontCache - ok
06:45:08.0400 0x1c9c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:45:08.0405 0x1c9c  FontCache3.0.0.0 - ok
06:45:08.0449 0x1c9c  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
06:45:08.0454 0x1c9c  FsDepends - ok
06:45:08.0476 0x1c9c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
06:45:08.0480 0x1c9c  Fs_Rec - ok
06:45:08.0526 0x1c9c  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
06:45:08.0547 0x1c9c  fvevol - ok
06:45:08.0565 0x1c9c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
06:45:08.0569 0x1c9c  FxPPM - ok
06:45:08.0586 0x1c9c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
06:45:08.0590 0x1c9c  gagp30kx - ok
06:45:08.0604 0x1c9c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
06:45:08.0606 0x1c9c  gencounter - ok
06:45:08.0665 0x1c9c  [ 4EA5458FCA8518344686C543749365B1, 52D4D2392C80A4C57C74B09FE04E9DFF6CB01521F03132EB7523BE52B8BF7A50 ] gfiark          C:\Windows\system32\drivers\gfiark.sys
06:45:08.0668 0x1c9c  gfiark - ok
06:45:08.0711 0x1c9c  [ 16A23FF8621929ADC5B18DCCD5E206EE, 6204E3110503F76DC5970FDBD7340CE1265EE57196759E4D4DB187BAF119FF22 ] gfiutil         C:\Windows\system32\drivers\gfiutil.sys
06:45:08.0714 0x1c9c  gfiutil - ok
06:45:08.0780 0x1c9c  [ AD826942E10F8D18C29E365CE426A21B, 54AA8C21AAA495B4E6D15651A50F3FB4E585834875DF230EB551BC1BD0BE3484 ] gfi_lanss10_attservice C:\Program Files (x86)\GFI Software\LanGuard 10 Agent\lnssatt.exe
06:45:08.0785 0x1c9c  gfi_lanss10_attservice - ok
06:45:08.0828 0x1c9c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
06:45:08.0835 0x1c9c  GPIOClx0101 - ok
06:45:08.0940 0x1c9c  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
06:45:08.0997 0x1c9c  gpsvc - ok
06:45:09.0048 0x1c9c  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:45:09.0052 0x1c9c  gupdate - ok
06:45:09.0062 0x1c9c  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:45:09.0067 0x1c9c  gupdatem - ok
06:45:09.0119 0x1c9c  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:45:09.0133 0x1c9c  HdAudAddService - ok
06:45:09.0173 0x1c9c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
06:45:09.0178 0x1c9c  HDAudBus - ok
06:45:09.0198 0x1c9c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
06:45:09.0202 0x1c9c  HidBatt - ok
06:45:09.0214 0x1c9c  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
06:45:09.0220 0x1c9c  HidBth - ok
06:45:09.0240 0x1c9c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
06:45:09.0243 0x1c9c  hidi2c - ok
06:45:09.0258 0x1c9c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
06:45:09.0261 0x1c9c  HidIr - ok
06:45:09.0299 0x1c9c  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
06:45:09.0304 0x1c9c  hidserv - ok
06:45:09.0328 0x1c9c  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
06:45:09.0331 0x1c9c  HidUsb - ok
06:45:09.0370 0x1c9c  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
06:45:09.0377 0x1c9c  hkmsvc - ok
06:45:09.0423 0x1c9c  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:45:09.0437 0x1c9c  HomeGroupListener - ok
06:45:09.0487 0x1c9c  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:45:09.0507 0x1c9c  HomeGroupProvider - ok
06:45:09.0543 0x1c9c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
06:45:09.0547 0x1c9c  HpSAMD - ok
06:45:09.0598 0x1c9c  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
06:45:09.0633 0x1c9c  HTTP - ok
06:45:09.0664 0x1c9c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
06:45:09.0667 0x1c9c  hwpolicy - ok
06:45:09.0676 0x1c9c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
06:45:09.0678 0x1c9c  hyperkbd - ok
06:45:09.0687 0x1c9c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
06:45:09.0690 0x1c9c  HyperVideo - ok
06:45:09.0729 0x1c9c  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
06:45:09.0735 0x1c9c  i8042prt - ok
06:45:09.0770 0x1c9c  [ A7CFF798E71C93EA6C3232F550F12E4A, BF9A6CBBF4C1311D0EBBE015D12772109902ED38C86A36351B853B0B8B898B4B ] iaioi2c         C:\Windows\System32\drivers\iaioi2ce.sys
06:45:09.0774 0x1c9c  iaioi2c - ok
06:45:09.0787 0x1c9c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
06:45:09.0790 0x1c9c  iaLPSSi_GPIO - ok
06:45:09.0802 0x1c9c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
06:45:09.0807 0x1c9c  iaLPSSi_I2C - ok
06:45:09.0852 0x1c9c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
06:45:09.0876 0x1c9c  iaStorAV - ok
06:45:09.0910 0x1c9c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
06:45:09.0926 0x1c9c  iaStorV - ok
06:45:09.0956 0x1c9c  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
06:45:09.0964 0x1c9c  ICCS - ok
06:45:09.0973 0x1c9c  IEEtwCollectorService - ok
06:45:10.0152 0x1c9c  [ E786FA74AA145ECB7FA3467A362B1AF5, 4A84AA3595ADC586EB03526750735219B16629C9372B4A606F352424656AE6D3 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
06:45:10.0325 0x1c9c  igfx - ok
06:45:10.0414 0x1c9c  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
06:45:10.0459 0x1c9c  IKEEXT - ok
06:45:10.0492 0x1c9c  [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
06:45:10.0495 0x1c9c  intaud_WaveExtensible - ok
06:45:10.0672 0x1c9c  [ C4BFD7FD1F9DABA3DEBDD39D815707D1, 71EEB03D5412754AF8828F7E6D10F74134678A011D5D2A9982B32ED378318507 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
06:45:10.0830 0x1c9c  IntcAzAudAddService - ok
06:45:11.0001 0x1c9c  [ EC80E6B9E27DC3E22ED5B2E0E75A39C0, 8EEC89F88AE79DA256BB651983397773F6B25139006C8A7C8F77960F47774CF5 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
06:45:11.0018 0x1c9c  IntcDAud - ok
06:45:11.0037 0x1c9c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
06:45:11.0040 0x1c9c  intelide - ok
06:45:11.0078 0x1c9c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
06:45:11.0081 0x1c9c  intelpep - ok
06:45:11.0116 0x1c9c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
06:45:11.0122 0x1c9c  intelppm - ok
06:45:11.0132 0x1c9c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:45:11.0136 0x1c9c  IpFilterDriver - ok
06:45:11.0210 0x1c9c  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
06:45:11.0244 0x1c9c  iphlpsvc - ok
06:45:11.0283 0x1c9c  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
06:45:11.0297 0x1c9c  IPMIDRV - ok
06:45:11.0325 0x1c9c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
06:45:11.0332 0x1c9c  IPNAT - ok
06:45:11.0352 0x1c9c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
06:45:11.0355 0x1c9c  IRENUM - ok
06:45:11.0374 0x1c9c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
06:45:11.0377 0x1c9c  isapnp - ok
06:45:11.0418 0x1c9c  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
06:45:11.0430 0x1c9c  iScsiPrt - ok
06:45:11.0463 0x1c9c  [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
06:45:11.0466 0x1c9c  iwdbus - ok
06:45:11.0503 0x1c9c  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
06:45:11.0507 0x1c9c  kbdclass - ok
06:45:11.0546 0x1c9c  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
06:45:11.0549 0x1c9c  kbdhid - ok
06:45:11.0575 0x1c9c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
06:45:11.0577 0x1c9c  kdnic - ok
06:45:11.0600 0x1c9c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
06:45:11.0605 0x1c9c  KeyIso - ok
06:45:11.0651 0x1c9c  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
06:45:11.0656 0x1c9c  KSecDD - ok
06:45:11.0705 0x1c9c  [ CA3F19E4B0765135B0F3C99384C535B9, 16441986C4E91F272E5876121272366476DB0496117C5AB4FBC82B07A06C0EC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
06:45:11.0714 0x1c9c  KSecPkg - ok
06:45:11.0735 0x1c9c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
06:45:11.0738 0x1c9c  ksthunk - ok
06:45:11.0776 0x1c9c  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
06:45:11.0793 0x1c9c  KtmRm - ok
06:45:11.0843 0x1c9c  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
06:45:11.0859 0x1c9c  LanmanServer - ok
06:45:11.0910 0x1c9c  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:45:11.0926 0x1c9c  LanmanWorkstation - ok
06:45:11.0983 0x1c9c  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
06:45:12.0004 0x1c9c  lfsvc - ok
06:45:12.0033 0x1c9c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
06:45:12.0037 0x1c9c  lltdio - ok
06:45:12.0068 0x1c9c  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
06:45:12.0081 0x1c9c  lltdsvc - ok
06:45:12.0119 0x1c9c  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
06:45:12.0123 0x1c9c  lmhosts - ok
06:45:12.0150 0x1c9c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
06:45:12.0156 0x1c9c  LSI_SAS - ok
06:45:12.0180 0x1c9c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
06:45:12.0186 0x1c9c  LSI_SAS2 - ok
06:45:12.0197 0x1c9c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
06:45:12.0201 0x1c9c  LSI_SAS3 - ok
06:45:12.0214 0x1c9c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
06:45:12.0219 0x1c9c  LSI_SSS - ok
06:45:12.0287 0x1c9c  [ 9B231CD3E52DF29EE50086FF676D3D6F, A47449CA6C88FE089A6953D05FA33A55A55E0306335A7A102A4CD75429FF0515 ] LSM             C:\Windows\System32\lsm.dll
06:45:12.0316 0x1c9c  LSM - ok
06:45:12.0340 0x1c9c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
06:45:12.0346 0x1c9c  luafv - ok
06:45:12.0366 0x1c9c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
06:45:12.0370 0x1c9c  megasas - ok
06:45:12.0406 0x1c9c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
06:45:12.0427 0x1c9c  megasr - ok
06:45:12.0473 0x1c9c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
06:45:12.0479 0x1c9c  MMCSS - ok
06:45:12.0489 0x1c9c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
06:45:12.0492 0x1c9c  Modem - ok
06:45:12.0515 0x1c9c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
06:45:12.0517 0x1c9c  monitor - ok
06:45:12.0551 0x1c9c  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
06:45:12.0555 0x1c9c  mouclass - ok
06:45:12.0591 0x1c9c  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
06:45:12.0595 0x1c9c  mouhid - ok
06:45:12.0627 0x1c9c  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
06:45:12.0632 0x1c9c  mountmgr - ok
06:45:12.0669 0x1c9c  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
06:45:12.0674 0x1c9c  mpsdrv - ok
06:45:12.0743 0x1c9c  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
06:45:12.0778 0x1c9c  MpsSvc - ok
06:45:12.0821 0x1c9c  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
06:45:12.0828 0x1c9c  MRxDAV - ok
06:45:12.0879 0x1c9c  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
06:45:12.0894 0x1c9c  mrxsmb - ok
06:45:12.0949 0x1c9c  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:45:12.0961 0x1c9c  mrxsmb10 - ok
06:45:13.0008 0x1c9c  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:45:13.0017 0x1c9c  mrxsmb20 - ok
06:45:13.0051 0x1c9c  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
06:45:13.0056 0x1c9c  MsBridge - ok
06:45:13.0092 0x1c9c  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
06:45:13.0102 0x1c9c  MSDTC - ok
06:45:13.0142 0x1c9c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
06:45:13.0145 0x1c9c  Msfs - ok
06:45:13.0169 0x1c9c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
06:45:13.0173 0x1c9c  msgpiowin32 - ok
06:45:13.0194 0x1c9c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
06:45:13.0197 0x1c9c  mshidkmdf - ok
06:45:13.0215 0x1c9c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
06:45:13.0218 0x1c9c  mshidumdf - ok
06:45:13.0239 0x1c9c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
06:45:13.0242 0x1c9c  msisadrv - ok
06:45:13.0277 0x1c9c  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
06:45:13.0286 0x1c9c  MSiSCSI - ok
06:45:13.0294 0x1c9c  msiserver - ok
06:45:13.0312 0x1c9c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
06:45:13.0314 0x1c9c  MSKSSRV - ok
06:45:13.0357 0x1c9c  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
06:45:13.0361 0x1c9c  MsLldp - ok
06:45:13.0376 0x1c9c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
06:45:13.0439 0x1c9c  MSPCLOCK - ok
06:45:13.0448 0x1c9c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
06:45:13.0451 0x1c9c  MSPQM - ok
06:45:13.0485 0x1c9c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
06:45:13.0499 0x1c9c  MsRPC - ok
06:45:13.0520 0x1c9c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
06:45:13.0523 0x1c9c  mssmbios - ok
06:45:13.0532 0x1c9c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
06:45:13.0534 0x1c9c  MSTEE - ok
06:45:13.0556 0x1c9c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
06:45:13.0559 0x1c9c  MTConfig - ok
06:45:13.0585 0x1c9c  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
06:45:13.0590 0x1c9c  Mup - ok
06:45:13.0609 0x1c9c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
06:45:13.0613 0x1c9c  mvumis - ok
06:45:13.0656 0x1c9c  [ B33ADB58AC6439501964EE0082E585D7, 3E4484B43AE7DAC6AD45FF8A0D8D889C9B8794A1408559D45357E3518CB1EC0E ] My Dell Client Framework C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
06:45:13.0664 0x1c9c  My Dell Client Framework - ok
06:45:13.0721 0x1c9c  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
06:45:13.0741 0x1c9c  napagent - ok
06:45:13.0798 0x1c9c  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
06:45:13.0815 0x1c9c  NativeWifiP - ok
06:45:13.0849 0x1c9c  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
06:45:13.0859 0x1c9c  NcaSvc - ok
06:45:13.0888 0x1c9c  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
06:45:13.0897 0x1c9c  NcbService - ok
06:45:13.0932 0x1c9c  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
06:45:13.0939 0x1c9c  NcdAutoSetup - ok
06:45:14.0012 0x1c9c  [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS            C:\Windows\system32\drivers\ndis.sys
06:45:14.0057 0x1c9c  NDIS - ok
06:45:14.0116 0x1c9c  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
06:45:14.0120 0x1c9c  NdisCap - ok
06:45:14.0158 0x1c9c  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
06:45:14.0164 0x1c9c  NdisImPlatform - ok
06:45:14.0193 0x1c9c  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
06:45:14.0196 0x1c9c  NdisTapi - ok
06:45:14.0232 0x1c9c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
06:45:14.0236 0x1c9c  Ndisuio - ok
06:45:14.0254 0x1c9c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
06:45:14.0257 0x1c9c  NdisVirtualBus - ok
06:45:14.0278 0x1c9c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
06:45:14.0287 0x1c9c  NdisWan - ok
06:45:14.0301 0x1c9c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
06:45:14.0309 0x1c9c  NdisWanLegacy - ok
06:45:14.0347 0x1c9c  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
06:45:14.0352 0x1c9c  NDProxy - ok
06:45:14.0376 0x1c9c  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
06:45:14.0382 0x1c9c  Ndu - ok
06:45:14.0419 0x1c9c  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
06:45:14.0423 0x1c9c  NetBIOS - ok
06:45:14.0455 0x1c9c  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
06:45:14.0466 0x1c9c  NetBT - ok
06:45:14.0484 0x1c9c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
06:45:14.0489 0x1c9c  Netlogon - ok
06:45:14.0540 0x1c9c  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
06:45:14.0553 0x1c9c  Netman - ok
06:45:14.0607 0x1c9c  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
06:45:14.0630 0x1c9c  netprofm - ok
06:45:14.0675 0x1c9c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:45:14.0720 0x1c9c  NetTcpPortSharing - ok
06:45:14.0754 0x1c9c  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
06:45:14.0759 0x1c9c  netvsc - ok
06:45:14.0804 0x1c9c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
06:45:14.0821 0x1c9c  NlaSvc - ok
06:45:14.0842 0x1c9c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
06:45:14.0846 0x1c9c  Npfs - ok
06:45:14.0863 0x1c9c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
06:45:14.0867 0x1c9c  npsvctrig - ok
06:45:14.0901 0x1c9c  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
06:45:14.0907 0x1c9c  nsi - ok
06:45:14.0937 0x1c9c  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
06:45:14.0940 0x1c9c  nsiproxy - ok
06:45:15.0068 0x1c9c  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
06:45:15.0148 0x1c9c  Ntfs - ok
06:45:15.0209 0x1c9c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
06:45:15.0212 0x1c9c  Null - ok
06:45:15.0240 0x1c9c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
06:45:15.0247 0x1c9c  nvraid - ok
06:45:15.0261 0x1c9c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
06:45:15.0269 0x1c9c  nvstor - ok
06:45:15.0281 0x1c9c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
06:45:15.0288 0x1c9c  nv_agp - ok
06:45:15.0338 0x1c9c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:45:15.0345 0x1c9c  ose - ok
06:45:15.0399 0x1c9c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
06:45:15.0417 0x1c9c  p2pimsvc - ok
06:45:15.0470 0x1c9c  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
06:45:15.0489 0x1c9c  p2psvc - ok
06:45:15.0510 0x1c9c  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
06:45:15.0516 0x1c9c  Parport - ok
06:45:15.0549 0x1c9c  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
06:45:15.0554 0x1c9c  partmgr - ok
06:45:15.0609 0x1c9c  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
06:45:15.0630 0x1c9c  PcaSvc - ok
06:45:15.0708 0x1c9c  [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms
06:45:15.0732 0x1c9c  PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok
06:45:15.0771 0x1c9c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
06:45:15.0782 0x1c9c  pci - ok
06:45:15.0797 0x1c9c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
06:45:15.0801 0x1c9c  pciide - ok
06:45:15.0829 0x1c9c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
06:45:15.0834 0x1c9c  pcmcia - ok
06:45:15.0850 0x1c9c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
06:45:15.0854 0x1c9c  pcw - ok
06:45:15.0875 0x1c9c  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
06:45:15.0879 0x1c9c  pdc - ok
06:45:15.0919 0x1c9c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
06:45:15.0943 0x1c9c  PEAUTH - ok
06:45:16.0005 0x1c9c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
06:45:16.0009 0x1c9c  PerfHost - ok
06:45:16.0113 0x1c9c  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
06:45:16.0181 0x1c9c  pla - ok
06:45:16.0219 0x1c9c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
06:45:16.0227 0x1c9c  PlugPlay - ok
06:45:16.0271 0x1c9c  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
06:45:16.0277 0x1c9c  PNRPAutoReg - ok
06:45:16.0332 0x1c9c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
06:45:16.0346 0x1c9c  PNRPsvc - ok
06:45:16.0403 0x1c9c  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
06:45:16.0419 0x1c9c  PolicyAgent - ok
06:45:16.0472 0x1c9c  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
06:45:16.0480 0x1c9c  Power - ok
06:45:16.0633 0x1c9c  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
06:45:16.0758 0x1c9c  PrintNotify - ok
06:45:16.0802 0x1c9c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
06:45:16.0808 0x1c9c  Processor - ok
06:45:16.0856 0x1c9c  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\Windows\system32\profsvc.dll
06:45:16.0867 0x1c9c  ProfSvc - ok
06:45:16.0909 0x1c9c  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
06:45:16.0916 0x1c9c  Psched - ok
06:45:16.0964 0x1c9c  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
06:45:16.0979 0x1c9c  QWAVE - ok
06:45:17.0019 0x1c9c  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
06:45:17.0023 0x1c9c  QWAVEdrv - ok
06:45:17.0046 0x1c9c  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
06:45:17.0050 0x1c9c  RasAcd - ok
06:45:17.0085 0x1c9c  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
06:45:17.0094 0x1c9c  RasAuto - ok
06:45:17.0145 0x1c9c  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
06:45:17.0168 0x1c9c  RasMan - ok
06:45:17.0191 0x1c9c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
06:45:17.0196 0x1c9c  RasPppoe - ok
06:45:17.0225 0x1c9c  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
06:45:17.0241 0x1c9c  rdbss - ok
06:45:17.0268 0x1c9c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
06:45:17.0273 0x1c9c  rdpbus - ok
06:45:17.0297 0x1c9c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
06:45:17.0305 0x1c9c  RDPDR - ok
06:45:17.0348 0x1c9c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
06:45:17.0351 0x1c9c  RdpVideoMiniport - ok
06:45:17.0368 0x1c9c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
06:45:17.0378 0x1c9c  rdyboost - ok
06:45:17.0461 0x1c9c  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
06:45:17.0493 0x1c9c  ReFS - ok
06:45:17.0532 0x1c9c  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
06:45:17.0544 0x1c9c  RemoteAccess - ok
06:45:17.0576 0x1c9c  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
06:45:17.0586 0x1c9c  RemoteRegistry - ok
06:45:17.0635 0x1c9c  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
06:45:17.0644 0x1c9c  RFCOMM - ok
06:45:17.0662 0x1c9c  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
06:45:17.0670 0x1c9c  RpcEptMapper - ok
06:45:17.0700 0x1c9c  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
06:45:17.0704 0x1c9c  RpcLocator - ok
06:45:17.0773 0x1c9c  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
06:45:17.0801 0x1c9c  RpcSs - ok
06:45:17.0823 0x1c9c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
06:45:17.0828 0x1c9c  rspndr - ok
06:45:17.0865 0x1c9c  [ 2EDF3B52A6FEFDF9F90B56AAC16C47A4, F8B77ADD8CC507D973673732B3A55D94F2868971181E0289245F8B9F1F710F75 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
06:45:17.0877 0x1c9c  RSUSBSTOR - ok
06:45:17.0948 0x1c9c  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
06:45:17.0960 0x1c9c  RtkAudioService - ok
06:45:17.0993 0x1c9c  [ AAC76DA735718DB96E95509BCFCD75CB, A025881110479EE1150FBBA339CA71CF50E2B1568B9933DECE9D7CB5B5BD8666 ] RTLU3E8023-W8-64 C:\Windows\system32\DRIVERS\rtu30x64w8.sys
06:45:17.0999 0x1c9c  RTLU3E8023-W8-64 - ok
06:45:18.0026 0x1c9c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
06:45:18.0029 0x1c9c  s3cap - ok
06:45:18.0069 0x1c9c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
06:45:18.0073 0x1c9c  SamSs - ok
06:45:18.0284 0x1c9c  [ E03558402C6D6D6C89F2345EB6609806, EAD820040372483BA7E29E3EC8DBC131F37E79F8E38BA3F2C2BE81B681EA72D1 ] SBAMSvc         C:\Program Files (x86)\GFI Software\GFIAgent\SBAMSvc.exe
06:45:18.0418 0x1c9c  SBAMSvc - ok
06:45:18.0463 0x1c9c  [ 8B913D432C6D150CB4CC0328D11E2AEC, EBCA08D79DD8DA3D3850D23B048F91A3F0080B4D6888BF3F9E743B382E9E0500 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
06:45:18.0477 0x1c9c  sbapifs - ok
06:45:18.0510 0x1c9c  [ 0C7C36B6EADB5D61F3E18C46E72CD418, 25872D82114DC920177A278DD0A7D12BEF391E5014B5F36FCE1D0C70F9C56A52 ] SbFw            C:\Windows\system32\drivers\SbFw.sys
06:45:18.0522 0x1c9c  SbFw - ok
06:45:18.0545 0x1c9c  [ 9AEF0F267553FD9C900E9449B61586B7, 32209344D29310250854877998CBB12B4F44165960104ED8596F0C46E07F445E ] SBFWIMCL        C:\Windows\system32\DRIVERS\sbfwim.sys
06:45:18.0552 0x1c9c  SBFWIMCL - ok
06:45:18.0563 0x1c9c  [ 9AEF0F267553FD9C900E9449B61586B7, 32209344D29310250854877998CBB12B4F44165960104ED8596F0C46E07F445E ] SBFWIMCLMP      C:\Windows\system32\DRIVERS\SBFWIM.sys
06:45:18.0568 0x1c9c  SBFWIMCLMP - ok
06:45:18.0606 0x1c9c  [ B4B77B3C4DBD45527ED10C29B2614923, 8FF4D188C864CC1FDCE36018C21B895AD1F5A511B0292EE73CC47D359510ED81 ] SBHIPS          C:\Windows\system32\drivers\sbhips.sys
06:45:18.0610 0x1c9c  SBHIPS - ok
06:45:18.0637 0x1c9c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
06:45:18.0643 0x1c9c  sbp2port - ok
06:45:18.0676 0x1c9c  [ 4CA01460348FED47188AC0C3494E6646, 5996A92C1995E4506F1FDE7E3F0FC6D2B422B3B978B814E9A5D0C1896DDE706E ] SBPIMSvc        C:\Program Files (x86)\GFI Software\GFIAgent\SBPIMSvc.exe
06:45:18.0683 0x1c9c  SBPIMSvc - ok
06:45:18.0713 0x1c9c  [ 97ECCE37DBAA0A871B4504CEF53EE76B, 4D319B238DC7968C17D977C1C02DE0F350C07CF721788A84E56EF19C2C4A2D4B ] sbwtis          C:\Windows\system32\DRIVERS\sbwtis.sys
06:45:18.0718 0x1c9c  sbwtis - ok
06:45:18.0763 0x1c9c  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
06:45:18.0774 0x1c9c  SCardSvr - ok
06:45:18.0809 0x1c9c  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
06:45:18.0818 0x1c9c  ScDeviceEnum - ok
06:45:18.0848 0x1c9c  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
06:45:18.0851 0x1c9c  scfilter - ok
06:45:18.0929 0x1c9c  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
06:45:18.0987 0x1c9c  Schedule - ok
06:45:19.0023 0x1c9c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
06:45:19.0029 0x1c9c  SCPolicySvc - ok
06:45:19.0075 0x1c9c  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
06:45:19.0086 0x1c9c  sdbus - ok
06:45:19.0113 0x1c9c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
06:45:19.0118 0x1c9c  sdstor - ok
06:45:19.0136 0x1c9c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
06:45:19.0139 0x1c9c  secdrv - ok
06:45:19.0180 0x1c9c  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
06:45:19.0186 0x1c9c  seclogon - ok
06:45:19.0224 0x1c9c  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
06:45:19.0232 0x1c9c  SENS - ok
06:45:19.0267 0x1c9c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsHIDClassDriver C:\Windows\System32\drivers\WUDFRd.sys
06:45:19.0277 0x1c9c  SensorsHIDClassDriver - ok
06:45:19.0291 0x1c9c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsServiceDriver C:\Windows\System32\drivers\WUDFRd.sys
06:45:19.0298 0x1c9c  SensorsServiceDriver - ok
06:45:19.0346 0x1c9c  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
06:45:19.0359 0x1c9c  SensrSvc - ok
06:45:19.0381 0x1c9c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
06:45:19.0386 0x1c9c  SerCx - ok
06:45:19.0422 0x1c9c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
06:45:19.0429 0x1c9c  SerCx2 - ok
06:45:19.0438 0x1c9c  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
06:45:19.0441 0x1c9c  Serenum - ok
06:45:19.0451 0x1c9c  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
06:45:19.0456 0x1c9c  Serial - ok
06:45:19.0510 0x1c9c  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
06:45:19.0513 0x1c9c  sermouse - ok
06:45:19.0574 0x1c9c  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
06:45:19.0591 0x1c9c  SessionEnv - ok
06:45:19.0600 0x1c9c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
06:45:19.0603 0x1c9c  sfloppy - ok
06:45:19.0719 0x1c9c  [ 9F9D5D67E746D9B509EE8E23B3723652, B6C8191FFADFB356753A8DDB99CF196FB0C3C3C5399B42BA1678742E04508628 ] SftService      C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
06:45:19.0774 0x1c9c  SftService - ok
06:45:19.0830 0x1c9c  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
06:45:19.0848 0x1c9c  SharedAccess - ok
06:45:19.0890 0x1c9c  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:45:19.0916 0x1c9c  ShellHWDetection - ok
06:45:19.0937 0x1c9c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
06:45:19.0941 0x1c9c  SiSRaid2 - ok
06:45:19.0976 0x1c9c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
06:45:19.0981 0x1c9c  SiSRaid4 - ok
06:45:20.0013 0x1c9c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
06:45:20.0019 0x1c9c  smphost - ok
06:45:20.0049 0x1c9c  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
06:45:20.0054 0x1c9c  SNMPTRAP - ok
06:45:20.0108 0x1c9c  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
06:45:20.0124 0x1c9c  spaceport - ok
06:45:20.0146 0x1c9c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
06:45:20.0151 0x1c9c  SpbCx - ok
06:45:20.0203 0x1c9c  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
06:45:20.0236 0x1c9c  Spooler - ok
06:45:20.0505 0x1c9c  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
06:45:20.0754 0x1c9c  sppsvc - ok
06:45:20.0825 0x1c9c  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
06:45:20.0840 0x1c9c  srv - ok
06:45:20.0880 0x1c9c  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
06:45:20.0905 0x1c9c  srv2 - ok
06:45:20.0951 0x1c9c  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
06:45:20.0961 0x1c9c  srvnet - ok
06:45:21.0006 0x1c9c  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
06:45:21.0020 0x1c9c  SSDPSRV - ok
06:45:21.0059 0x1c9c  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
06:45:21.0069 0x1c9c  SstpSvc - ok
06:45:21.0118 0x1c9c  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
06:45:21.0128 0x1c9c  ssudmdm - ok
06:45:21.0167 0x1c9c  [ F03B03AA7A18DEB0538D242F1DA01481, F1BF74979660F4AB004EBA6BB91EB0E66890BD2C76371ED017574F1F32228D7C ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
06:45:21.0171 0x1c9c  stdcfltn - ok
06:45:21.0239 0x1c9c  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
06:45:21.0268 0x1c9c  Steam Client Service - ok
06:45:21.0296 0x1c9c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
06:45:21.0299 0x1c9c  stexstor - ok
06:45:21.0365 0x1c9c  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
06:45:21.0393 0x1c9c  stisvc - ok
06:45:21.0413 0x1c9c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
06:45:21.0417 0x1c9c  storahci - ok
06:45:21.0457 0x1c9c  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
06:45:21.0461 0x1c9c  storflt - ok
06:45:21.0483 0x1c9c  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
06:45:21.0487 0x1c9c  stornvme - ok
06:45:21.0520 0x1c9c  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
06:45:21.0526 0x1c9c  StorSvc - ok
06:45:21.0553 0x1c9c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
06:45:21.0556 0x1c9c  storvsc - ok
06:45:21.0583 0x1c9c  [ AEC5F3FB97EC26C64FC8F8341B2D689E, F4E835F90B1C729F894FEF39EED4E64B55E253D34716674EE2D59BE541852144 ] ST_ACCEL        C:\Windows\system32\DRIVERS\ST_Accel.sys
06:45:21.0587 0x1c9c  ST_ACCEL - ok
06:45:21.0621 0x1c9c  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
06:45:21.0626 0x1c9c  svsvc - ok
06:45:21.0658 0x1c9c  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
06:45:21.0661 0x1c9c  swenum - ok
06:45:21.0722 0x1c9c  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
06:45:21.0750 0x1c9c  swprv - ok
06:45:21.0784 0x1c9c  [ 72193025FFC199E4E279E63CE0AA9CDA, 56108AAA7BA447A31F6B74A7BA53747CF497D25486D5A93A4625FD7B9A7815A4 ] SynRMIHID       C:\Windows\system32\DRIVERS\SynRMIHID.sys
06:45:21.0787 0x1c9c  SynRMIHID - ok
06:45:21.0839 0x1c9c  [ 7DAFF2CCCF3DF798A7F9248FC5BC6C42, 5C462A8E4CB7215125BFF554BEE1B552ECAB9F7869365C15202A445256FA9C68 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
06:45:21.0859 0x1c9c  SynTP - ok
06:45:21.0940 0x1c9c  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\Windows\system32\sysmain.dll
06:45:21.0997 0x1c9c  SysMain - ok
06:45:22.0052 0x1c9c  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
06:45:22.0066 0x1c9c  SystemEventsBroker - ok
06:45:22.0104 0x1c9c  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:45:22.0115 0x1c9c  TabletInputService - ok
06:45:22.0161 0x1c9c  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
06:45:22.0177 0x1c9c  TapiSrv - ok
06:45:22.0309 0x1c9c  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
06:45:22.0410 0x1c9c  Tcpip - ok
06:45:22.0520 0x1c9c  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
06:45:22.0591 0x1c9c  TCPIP6 - ok
06:45:22.0629 0x1c9c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
06:45:22.0634 0x1c9c  tcpipreg - ok
06:45:22.0669 0x1c9c  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
06:45:22.0676 0x1c9c  tdx - ok
06:45:22.0926 0x1c9c  [ C0C121B537DA3AD87481C0502CACE462, E0FC2AC71B60C796DCD03217A510C47425FB7783713FCCC477130E69715D2B8D ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
06:45:23.0150 0x1c9c  TeamViewer - ok
06:45:23.0203 0x1c9c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
06:45:23.0207 0x1c9c  terminpt - ok
06:45:23.0282 0x1c9c  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
06:45:23.0338 0x1c9c  TermService - ok
06:45:23.0376 0x1c9c  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
06:45:23.0385 0x1c9c  Themes - ok
06:45:23.0425 0x1c9c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
06:45:23.0430 0x1c9c  THREADORDER - ok
06:45:23.0479 0x1c9c  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
06:45:23.0510 0x1c9c  TimeBroker - ok
06:45:23.0548 0x1c9c  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
06:45:23.0556 0x1c9c  TPM - ok
06:45:23.0582 0x1c9c  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
06:45:23.0592 0x1c9c  TrkWks - ok
06:45:23.0645 0x1c9c  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:45:23.0651 0x1c9c  TrustedInstaller - ok
06:45:23.0699 0x1c9c  [ 5A0B4CF8851252027AE97CC117315C71, EC08CBBBA7CED0FC83224507E4E046410702E30612BA4E6EC9FC04B96ED8B6C3 ] TsLwWfF         C:\Windows\system32\DRIVERS\TsLwWfF.sys
06:45:23.0703 0x1c9c  TsLwWfF - ok
06:45:23.0726 0x1c9c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
06:45:23.0730 0x1c9c  TsUsbFlt - ok
06:45:23.0760 0x1c9c  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
06:45:23.0764 0x1c9c  TsUsbGD - ok
06:45:23.0797 0x1c9c  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
06:45:23.0804 0x1c9c  tunnel - ok
06:45:23.0841 0x1c9c  [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64         C:\Windows\System32\drivers\TXEIx64.sys
06:45:23.0846 0x1c9c  TXEIx64 - ok
06:45:23.0870 0x1c9c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
06:45:23.0875 0x1c9c  uagp35 - ok
06:45:23.0884 0x1c9c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
06:45:23.0889 0x1c9c  UASPStor - ok
06:45:23.0943 0x1c9c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
06:45:23.0951 0x1c9c  UCX01000 - ok
06:45:23.0984 0x1c9c  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
06:45:23.0997 0x1c9c  udfs - ok
06:45:24.0020 0x1c9c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
06:45:24.0024 0x1c9c  UEFI - ok
06:45:24.0073 0x1c9c  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
06:45:24.0080 0x1c9c  UI0Detect - ok
06:45:24.0104 0x1c9c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
06:45:24.0108 0x1c9c  uliagpkx - ok
06:45:24.0130 0x1c9c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
06:45:24.0134 0x1c9c  umbus - ok
06:45:24.0153 0x1c9c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
06:45:24.0156 0x1c9c  UmPass - ok
06:45:24.0207 0x1c9c  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
06:45:24.0222 0x1c9c  UmRdpService - ok
06:45:24.0244 0x0b48  Object required for P2P: [ 043A0F37631BF453F16D478B71320F46 ] bthserv
06:45:24.0268 0x1c9c  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
06:45:24.0288 0x1c9c  upnphost - ok
06:45:24.0335 0x1c9c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
06:45:24.0342 0x1c9c  usbccgp - ok
06:45:24.0380 0x1c9c  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
06:45:24.0385 0x1c9c  usbcir - ok
06:45:24.0427 0x1c9c  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
06:45:24.0432 0x1c9c  usbehci - ok
06:45:24.0482 0x1c9c  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
06:45:24.0498 0x1c9c  usbhub - ok
06:45:24.0587 0x1c9c  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
06:45:24.0605 0x1c9c  USBHUB3 - ok
06:45:24.0656 0x1c9c  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
06:45:24.0670 0x1c9c  usbohci - ok
06:45:24.0679 0x1c9c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
06:45:24.0682 0x1c9c  usbprint - ok
06:45:24.0721 0x1c9c  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
06:45:24.0728 0x1c9c  USBSTOR - ok
06:45:24.0765 0x1c9c  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
06:45:24.0768 0x1c9c  usbuhci - ok
06:45:24.0812 0x1c9c  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
06:45:24.0821 0x1c9c  usbvideo - ok
06:45:24.0850 0x1c9c  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
06:45:24.0863 0x1c9c  USBXHCI - ok
06:45:24.0881 0x1c9c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
06:45:24.0886 0x1c9c  VaultSvc - ok
06:45:24.0950 0x1c9c  [ 301F11B8BC2208D4F4867D2103DA7CE2, FD844240D349AF3CD34AE2F30DCABB1327DBDCB6DB3336A379CFFF65F72EB642 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
06:45:24.0982 0x1c9c  VBoxDrv - ok
06:45:25.0038 0x1c9c  [ C64AD70CCCB0CED8925BE4E2C889DE3A, 0E25202639B10F66BDFEA867594508977112ADCCF51054E82C0C14475A1F18F5 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
06:45:25.0045 0x1c9c  VBoxNetAdp - ok
06:45:25.0068 0x1c9c  [ 712724A7C726CA15AD2FC8C40D56AE6D, 221DB97E433629660C704667FA7BCAA9037063DC4C8CE8CB67C7AF6AFD87B005 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
06:45:25.0077 0x1c9c  VBoxNetFlt - ok
06:45:25.0103 0x1c9c  [ 3FB968D261CE6A51454CE0C65E43B205, 2860554CC35495CC1A1D14DF002AAAE985E9C37650384B1D1524263D27DD68C5 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
06:45:25.0110 0x1c9c  VBoxUSBMon - ok
06:45:25.0138 0x1c9c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
06:45:25.0141 0x1c9c  vdrvroot - ok
06:45:25.0225 0x1c9c  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
06:45:25.0282 0x1c9c  vds - ok
06:45:25.0314 0x1c9c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
06:45:25.0322 0x1c9c  VerifierExt - ok
06:45:25.0389 0x1c9c  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
06:45:25.0410 0x1c9c  vhdmp - ok
06:45:25.0445 0x1c9c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
06:45:25.0448 0x1c9c  viaide - ok
06:45:25.0478 0x1c9c  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
06:45:25.0484 0x1c9c  vmbus - ok
06:45:25.0493 0x1c9c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
06:45:25.0496 0x1c9c  VMBusHID - ok
06:45:25.0534 0x1c9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
06:45:25.0556 0x1c9c  vmicguestinterface - ok
06:45:25.0582 0x1c9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
06:45:25.0600 0x1c9c  vmicheartbeat - ok
06:45:25.0626 0x1c9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
06:45:25.0644 0x1c9c  vmickvpexchange - ok
06:45:25.0672 0x1c9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
06:45:25.0690 0x1c9c  vmicrdv - ok
06:45:25.0715 0x1c9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
06:45:25.0733 0x1c9c  vmicshutdown - ok
06:45:25.0757 0x1c9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
06:45:25.0775 0x1c9c  vmictimesync - ok
06:45:25.0800 0x1c9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
06:45:25.0819 0x1c9c  vmicvss - ok
06:45:25.0841 0x1c9c  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
06:45:25.0847 0x1c9c  volmgr - ok
06:45:25.0881 0x1c9c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
06:45:25.0895 0x1c9c  volmgrx - ok
06:45:25.0952 0x1c9c  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
06:45:25.0964 0x1c9c  volsnap - ok
06:45:25.0989 0x1c9c  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
06:45:25.0994 0x1c9c  vpci - ok
06:45:26.0021 0x1c9c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
06:45:26.0030 0x1c9c  vsmraid - ok
06:45:26.0112 0x1c9c  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
06:45:26.0181 0x1c9c  VSS - ok
06:45:26.0207 0x1c9c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
06:45:26.0220 0x1c9c  VSTXRAID - ok
06:45:26.0240 0x1c9c  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
06:45:26.0243 0x1c9c  vwifibus - ok
06:45:26.0277 0x1c9c  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
06:45:26.0282 0x1c9c  vwififlt - ok
06:45:26.0302 0x1c9c  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
06:45:26.0306 0x1c9c  vwifimp - ok
06:45:26.0352 0x1c9c  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
06:45:26.0371 0x1c9c  W32Time - ok
06:45:26.0388 0x1c9c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
06:45:26.0392 0x1c9c  WacomPen - ok
06:45:26.0495 0x1c9c  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
06:45:26.0563 0x1c9c  wbengine - ok
06:45:26.0606 0x1c9c  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
06:45:26.0626 0x1c9c  WbioSrvc - ok
06:45:26.0683 0x1c9c  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
06:45:26.0700 0x1c9c  Wcmsvc - ok
06:45:26.0760 0x1c9c  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
06:45:26.0781 0x1c9c  wcncsvc - ok
06:45:26.0811 0x1c9c  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:45:26.0818 0x1c9c  WcsPlugInService - ok
06:45:26.0849 0x1c9c  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
06:45:26.0852 0x1c9c  WdBoot - ok
06:45:26.0875 0x0b48  Object send P2P result: true
06:45:26.0881 0x0b48  Object required for P2P: [ B99CB575986789A93A683DCF292A43A1 ] DPS
06:45:26.0911 0x1c9c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
06:45:26.0941 0x1c9c  Wdf01000 - ok
06:45:26.0971 0x1c9c  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
06:45:26.0982 0x1c9c  WdFilter - ok
06:45:27.0015 0x1c9c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
06:45:27.0023 0x1c9c  WdiServiceHost - ok
06:45:27.0032 0x1c9c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
06:45:27.0040 0x1c9c  WdiSystemHost - ok
06:45:27.0075 0x1c9c  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
06:45:27.0081 0x1c9c  WdNisDrv - ok
06:45:27.0110 0x1c9c  WdNisSvc - ok
06:45:27.0148 0x1c9c  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\Windows\System32\webclnt.dll
06:45:27.0161 0x1c9c  WebClient - ok
06:45:27.0197 0x1c9c  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
06:45:27.0209 0x1c9c  Wecsvc - ok
06:45:27.0240 0x1c9c  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
06:45:27.0247 0x1c9c  WEPHOSTSVC - ok
06:45:27.0269 0x1c9c  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
06:45:27.0277 0x1c9c  wercplsupport - ok
06:45:27.0315 0x1c9c  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
06:45:27.0324 0x1c9c  WerSvc - ok
06:45:27.0373 0x1c9c  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
06:45:27.0380 0x1c9c  WFPLWFS - ok
06:45:27.0418 0x1c9c  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
06:45:27.0426 0x1c9c  WiaRpc - ok
06:45:27.0448 0x1c9c  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
06:45:27.0451 0x1c9c  WIMMount - ok
06:45:27.0457 0x1c9c  WinDefend - ok
06:45:27.0533 0x1c9c  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
06:45:27.0560 0x1c9c  WinHttpAutoProxySvc - ok
06:45:27.0626 0x1c9c  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
06:45:27.0651 0x1c9c  Winmgmt - ok
06:45:27.0781 0x1c9c  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
06:45:27.0898 0x1c9c  WinRM - ok
06:45:27.0943 0x1c9c  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
06:45:27.0948 0x1c9c  WinUsb - ok
06:45:28.0027 0x1c9c  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
06:45:28.0106 0x1c9c  WlanSvc - ok
06:45:28.0188 0x1c9c  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
06:45:28.0267 0x1c9c  wlidsvc - ok
06:45:28.0284 0x1c9c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
06:45:28.0287 0x1c9c  WmiAcpi - ok
06:45:28.0339 0x1c9c  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
06:45:28.0347 0x1c9c  wmiApSrv - ok
06:45:28.0375 0x1c9c  WMPNetworkSvc - ok
06:45:28.0405 0x1c9c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
06:45:28.0413 0x1c9c  Wof - ok
06:45:28.0525 0x1c9c  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
06:45:28.0615 0x1c9c  workfolderssvc - ok
06:45:28.0666 0x1c9c  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
06:45:28.0671 0x1c9c  wpcfltr - ok
06:45:28.0697 0x1c9c  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
06:45:28.0703 0x1c9c  WPCSvc - ok
06:45:28.0745 0x1c9c  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
06:45:28.0755 0x1c9c  WPDBusEnum - ok
06:45:28.0783 0x1c9c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
06:45:28.0786 0x1c9c  WpdUpFltr - ok
06:45:28.0800 0x1c9c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
06:45:28.0803 0x1c9c  ws2ifsl - ok
06:45:28.0839 0x1c9c  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
06:45:28.0849 0x1c9c  wscsvc - ok
06:45:28.0879 0x1c9c  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
06:45:28.0882 0x1c9c  WSDPrintDevice - ok
06:45:28.0890 0x1c9c  WSearch - ok
06:45:29.0063 0x1c9c  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
06:45:29.0210 0x1c9c  WSService - ok
06:45:29.0380 0x1c9c  [ 1B24547C96E1C656ED9A8E6B6F6FA03B, A15D1180D8A9011F0D5A2C8D801D34974D5AEA367FFFB96BD335448B17A2C142 ] wuauserv        C:\Windows\system32\wuaueng.dll
06:45:29.0528 0x1c9c  wuauserv - ok
06:45:29.0580 0x1c9c  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
06:45:29.0587 0x1c9c  WudfPf - ok
06:45:29.0608 0x1c9c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
06:45:29.0615 0x1c9c  WUDFRd - ok
06:45:29.0648 0x1c9c  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
06:45:29.0657 0x1c9c  wudfsvc - ok
06:45:29.0672 0x1c9c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
06:45:29.0681 0x1c9c  WUDFWpdFs - ok
06:45:29.0697 0x1c9c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
06:45:29.0704 0x1c9c  WUDFWpdMtp - ok
06:45:29.0751 0x1c9c  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
06:45:29.0774 0x1c9c  WwanSvc - ok
06:45:29.0809 0x1c9c  ================ Scan global ===============================
06:45:29.0853 0x1c9c  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
06:45:29.0902 0x1c9c  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
06:45:29.0926 0x1c9c  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
06:45:29.0980 0x1c9c  [ 5BF02EBEFEDC706318C96E2E60EDCB91, DC866C5BC3A887CAAA7169AB9BB2992F6F877B3EA04B62B4F95B6BD54943155F ] C:\Windows\system32\services.exe
06:45:29.0998 0x1c9c  [ Global ] - ok
06:45:30.0000 0x1c9c  ================ Scan MBR ==================================
06:45:30.0011 0x1c9c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
06:45:30.0019 0x1c9c  \Device\Harddisk0\DR0 - ok
06:45:30.0021 0x1c9c  ================ Scan VBR ==================================
06:45:30.0029 0x1c9c  [ 9B981AB805CCC24D9F09E70D2675D567 ] \Device\Harddisk0\DR0\Partition1
06:45:30.0040 0x1c9c  \Device\Harddisk0\DR0\Partition1 - ok
06:45:30.0053 0x1c9c  [ 1D8212169791F339F725504F8E59866E ] \Device\Harddisk0\DR0\Partition2
06:45:30.0070 0x1c9c  \Device\Harddisk0\DR0\Partition2 - ok
06:45:30.0088 0x1c9c  [ EFF26B698ACB9D9662A33D6C59A3F459 ] \Device\Harddisk0\DR0\Partition3
06:45:30.0089 0x1c9c  \Device\Harddisk0\DR0\Partition3 - ok
06:45:30.0100 0x1c9c  [ 8D7132A4EDB0060A25C64B818ADBDF8B ] \Device\Harddisk0\DR0\Partition4
06:45:30.0110 0x1c9c  \Device\Harddisk0\DR0\Partition4 - ok
06:45:30.0121 0x1c9c  [ E6287ABFF0E0D005E0F562DF09EBBDB5 ] \Device\Harddisk0\DR0\Partition5
06:45:30.0134 0x1c9c  \Device\Harddisk0\DR0\Partition5 - ok
06:45:30.0167 0x1c9c  [ 72D17683E20C458E5F8D8EE2AA414DCF ] \Device\Harddisk0\DR0\Partition6
06:45:30.0170 0x1c9c  \Device\Harddisk0\DR0\Partition6 - ok
06:45:30.0171 0x1c9c  ================ Scan generic autorun ======================
06:45:30.0553 0x1c9c  [ 73092E801AE28B08E07A7A8F1294907C, 6E240241D6A6D5E30CE73419CCC73A886ED18C75BA46B7D474D29F3B97FE3FBA ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
06:45:30.0838 0x1c9c  RTHDVCPL - ok
06:45:30.0927 0x1c9c  [ 8A5E8BDE4A124E860A40780BE41234F6, 4A737CEDA36B4B127DAED7D4FEE25C93BF3C59176D0D84AF8D82DA43283BCDA9 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
06:45:30.0982 0x1c9c  RtHDVBg - ok
06:45:31.0020 0x1c9c  [ C1F24E96BCF43327BC6D47F4A72092F7, 2FC02DC2763D9486F93D37C69F19C646D61DCF2446D1DAC50F1DA8BB47FD70D0 ] C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
06:45:31.0039 0x1c9c  WavesSvc - ok
06:45:31.0084 0x1c9c  [ F6F9A3AA31365EAC8E284C06DA6846A7, A3F5827740D1C8B504BFB3FFC7F0EC0FEBE5F44AABF88C64EF84D9D09BF27FB2 ] C:\Windows\system32\igfxtray.exe
06:45:31.0099 0x1c9c  IgfxTray - ok
06:45:31.0175 0x1c9c  [ 582DDD91D5C423DAA8B316F62DB7C97E, 3D5822FEFFEBC4A108C151E0D6C4ADC836AC0A452EEB9BBAA30EE55397026C84 ] C:\Windows\system32\hkcmd.exe
06:45:31.0212 0x1c9c  HotKeysCmds - ok
06:45:31.0249 0x1c9c  [ A574AEF460CF9DD51FB85E6769BF7E5E, A3325EC0A2EE3985F11708C520F852049FDE051D15270C9880CE91FE4EA4690E ] C:\Windows\system32\igfxpers.exe
06:45:31.0277 0x1c9c  Persistence - ok
06:45:31.0457 0x1c9c  [ 1393CF3DF2B4514D4FB45CC2A28FFBBC, 1A44BCB14AACA75A8E67A138D343707CF6D9255BD44143D325F0F816741EC113 ] c:\Program Files\Dell\QuickSet\QuickSet.exe
06:45:31.0599 0x1c9c  QuickSet - ok
06:45:31.0676 0x1c9c  [ 690EB331346D7ADFDA18E50042DEA4B4, 0C219D7A5FCD4E0252C815373E67F843DBD7356FAE7AB836C451068B51438FE7 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
06:45:31.0683 0x1c9c  Classic Start Menu - ok
06:45:31.0714 0x1c9c  [ B9343F8E67A15516ADB3ACB18685C6DA, 119F3D5C6B2F4E805B417CA344DD994DF15E67C9386105B68F23E1DF2C559547 ] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
06:45:31.0719 0x1c9c  FATrayAlert - ok
06:45:31.0770 0x1c9c  [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
06:45:31.0785 0x1c9c  SunJavaUpdateSched - ok
06:45:31.0854 0x1c9c  [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
06:45:31.0888 0x1c9c  Adobe ARM - ok
06:45:31.0980 0x1c9c  [ C8778749D38057BFF1120545877BCC13, 5370B0A35101C06F4BB15369AE8958DB122AF47D43DE10D196A0FE0C7FD4A12C ] C:\Program Files\Andy\HandyAndy.exe
06:45:32.0010 0x1c9c  Andy - ok
06:45:32.0255 0x1c9c  [ E93099D7F322B45F2DA41B2A90A3F3DD, 9D7C15F940216F7BDE6AEE20A5A2820AF379B45B25C33ADA122B562A87927C84 ] C:\Program Files (x86)\GFI Software\GFIAgent\SBAMTray.exe
06:45:32.0346 0x1c9c  SBAMTray - ok
06:45:32.0422 0x1c9c  [ 749E4BF1FA6DB8C3F9C2B7F29A544F95, 3A1A599B60A78CB2BAA782AEE22DCE4B6FC59907733A5D204C46A8C6A120BAFC ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
06:45:32.0445 0x1c9c  GoogleChromeAutoLaunch_48D4EA35AFBC9E4E577390F8484B5F83 - ok
06:45:32.0586 0x1c9c  [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Branson\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
06:45:32.0606 0x0b48  Object send P2P result: true
06:45:32.0611 0x0b48  Object required for P2P: [ F152D55E497E12256290C43B31C7D0CE ] fvevol
06:45:32.0652 0x1c9c  Spotify Web Helper - ok
06:45:33.0178 0x1c9c  [ 53D29B5CE5AABDEF4BFDC3E94B51824D, F3A06F9C492A9342FF010D60F51D069901B07F59050773F7DA2559845999B9DA ] C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe
06:45:33.0659 0x1c9c  AutoStartVMA - ok
06:45:33.0693 0x1c9c  Adobe Speed Launcher - ok
06:45:33.0695 0x1c9c  Waiting for KSN requests completion. In queue: 372
06:45:34.0696 0x1c9c  Waiting for KSN requests completion. In queue: 372
06:45:35.0243 0x0b48  Object send P2P result: true
06:45:35.0251 0x0b48  Object required for P2P: [ A5800036E4EA06697A34742A24ACFBE1 ] iphlpsvc
06:45:35.0697 0x1c9c  Waiting for KSN requests completion. In queue: 329
06:45:36.0339 0x1d14  Object required for P2P: [ 2180DBCE75B914E5E5BBFFFAAE97AA21 ] Themes
06:45:36.0698 0x1c9c  Waiting for KSN requests completion. In queue: 316
06:45:37.0698 0x1c9c  Waiting for KSN requests completion. In queue: 316
06:45:38.0698 0x1c9c  Waiting for KSN requests completion. In queue: 316
06:45:39.0699 0x1c9c  Waiting for KSN requests completion. In queue: 316
06:45:39.0906 0x1d14  Object send P2P result: true
06:45:39.0906 0x1d14  Object required for P2P: [ B5ED9CC61798C7D44BD535D40B89EFB5 ] TimeBroker
06:45:40.0700 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:41.0700 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:42.0701 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:43.0702 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:44.0703 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:45.0703 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:46.0703 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:47.0704 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:48.0704 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:49.0705 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:50.0705 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:51.0706 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:52.0706 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:53.0706 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:54.0707 0x1c9c  Waiting for KSN requests completion. In queue: 315
06:45:55.0258 0x0b48  Object send P2P result: false
06:45:55.0260 0x0b48  Object required for P2P: [ CA3F19E4B0765135B0F3C99384C535B9 ] KSecPkg
06:45:55.0708 0x1c9c  Waiting for KSN requests completion. In queue: 304
06:45:56.0708 0x1c9c  Waiting for KSN requests completion. In queue: 304
06:45:57.0709 0x1c9c  Waiting for KSN requests completion. In queue: 304
06:45:57.0895 0x0b48  Object send P2P result: true
06:45:57.0895 0x0b48  Object required for P2P: [ CA2828DDE4B09FEFFDB7CE68B3D8D00A ] LanmanServer
06:45:58.0710 0x1c9c  Waiting for KSN requests completion. In queue: 301
06:45:59.0711 0x1c9c  Waiting for KSN requests completion. In queue: 301
06:45:59.0910 0x1d14  Object send P2P result: false
06:45:59.0912 0x1d14  Object required for P2P: [ C98493DD8E6A50154FAC75C15E1C36BB ] upnphost
06:46:00.0524 0x0b48  Object send P2P result: true
06:46:00.0525 0x0b48  Object required for P2P: [ 3DBD9100745F9B8506B8FEC6FE6CCDE3 ] LanmanWorkstation
06:46:00.0711 0x1c9c  Waiting for KSN requests completion. In queue: 281
06:46:01.0712 0x1c9c  Waiting for KSN requests completion. In queue: 281
06:46:02.0713 0x1c9c  Waiting for KSN requests completion. In queue: 281
06:46:03.0160 0x0b48  Object send P2P result: true
06:46:03.0163 0x0b48  Object required for P2P: [ C18AA14126ADC66478E8E962B2DFAA98 ] MpsSvc
06:46:03.0713 0x1c9c  Waiting for KSN requests completion. In queue: 260
06:46:04.0714 0x1c9c  Waiting for KSN requests completion. In queue: 260
06:46:05.0715 0x1c9c  Waiting for KSN requests completion. In queue: 260
06:46:05.0809 0x0b48  Object send P2P result: true
06:46:05.0810 0x0b48  Object required for P2P: [ 915747E010A9414B069173284A9B93F4 ] MSDTC
06:46:06.0715 0x1c9c  Waiting for KSN requests completion. In queue: 254
06:46:07.0716 0x1c9c  Waiting for KSN requests completion. In queue: 254
06:46:08.0451 0x0b48  Object send P2P result: true
06:46:08.0451 0x0b48  Object required for P2P: [ 4EAEEBAC8CFF4E0D717DFA920BC58A90 ] MSiSCSI
06:46:08.0716 0x1c9c  Waiting for KSN requests completion. In queue: 248
06:46:09.0717 0x1c9c  Waiting for KSN requests completion. In queue: 248
06:46:10.0718 0x1c9c  Waiting for KSN requests completion. In queue: 248
06:46:11.0086 0x0b48  Object send P2P result: true
06:46:11.0087 0x0b48  Object required for P2P: [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp
06:46:11.0718 0x1c9c  Waiting for KSN requests completion. In queue: 246
06:46:12.0719 0x1c9c  Waiting for KSN requests completion. In queue: 246
06:46:13.0719 0x1c9c  Waiting for KSN requests completion. In queue: 246
06:46:13.0723 0x0b48  Object send P2P result: true
06:46:13.0727 0x0b48  Object required for P2P: [ D4DCE03870314D3354F3501F9DDD4123 ] netvsc
06:46:14.0720 0x1c9c  Waiting for KSN requests completion. In queue: 216
06:46:15.0721 0x1c9c  Waiting for KSN requests completion. In queue: 216
06:46:16.0380 0x0b48  Object send P2P result: true
06:46:16.0397 0x0b48  Object required for P2P: [ CF6C3037839CF78421A94F9060C2886F ] SSDPSRV
06:46:16.0721 0x1c9c  Waiting for KSN requests completion. In queue: 115
06:46:17.0722 0x1c9c  Waiting for KSN requests completion. In queue: 115
06:46:18.0723 0x1c9c  Waiting for KSN requests completion. In queue: 115
06:46:19.0050 0x0b48  Object send P2P result: true
06:46:19.0050 0x0b48  Object required for P2P: [ 198A737DBA666F4808D62E9A8277A6B7 ] SstpSvc
06:46:19.0723 0x1c9c  Waiting for KSN requests completion. In queue: 114
06:46:19.0917 0x1d14  Object send P2P result: false
06:46:19.0919 0x1d14  Object required for P2P: [ 712724A7C726CA15AD2FC8C40D56AE6D ] VBoxNetFlt
06:46:20.0723 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:21.0723 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:22.0724 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:23.0725 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:24.0726 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:25.0727 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:26.0727 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:27.0728 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:28.0728 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:29.0729 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:30.0729 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:31.0730 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:32.0730 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:33.0731 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:34.0731 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:35.0732 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:36.0733 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:37.0734 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:38.0734 0x1c9c  Waiting for KSN requests completion. In queue: 100
06:46:39.0053 0x0b48  Object send P2P result: false
06:46:39.0054 0x0b48  Object required for P2P: [ A45F5AC9D8069D0EC66E3CA73103073B ] StorSvc
06:46:39.0734 0x1c9c  Waiting for KSN requests completion. In queue: 91
06:46:39.0922 0x1d14  Object send P2P result: false
06:46:39.0930 0x1d14  Object required for P2P: [ 185E4111627F7AA6799E1366B5E91D65 ] WebClient
06:46:40.0735 0x1c9c  Waiting for KSN requests completion. In queue: 52
06:46:41.0725 0x0b48  Object send P2P result: true
06:46:41.0735 0x1c9c  Waiting for KSN requests completion. In queue: 46
06:46:42.0736 0x1c9c  Waiting for KSN requests completion. In queue: 46
06:46:42.0995 0x1d14  Object send P2P result: true
06:46:42.0995 0x1d14  Object required for P2P: [ 455014F4E48B67EBE0F032E2B0E06BF2 ] WEPHOSTSVC
06:46:43.0736 0x1c9c  Waiting for KSN requests completion. In queue: 44
06:46:44.0737 0x1c9c  Waiting for KSN requests completion. In queue: 44
06:46:45.0629 0x1d14  Object send P2P result: true
06:46:45.0633 0x1d14  Object required for P2P: [ 2ADE11F3D84709C5F6781E4C59F11683 ] WPDBusEnum
06:46:45.0737 0x1c9c  Waiting for KSN requests completion. In queue: 26
06:46:46.0738 0x1c9c  Waiting for KSN requests completion. In queue: 26
06:46:47.0738 0x1c9c  Waiting for KSN requests completion. In queue: 26
06:46:48.0276 0x1d14  Object send P2P result: true
06:46:48.0787 0x1c9c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
06:46:48.0787 0x1c9c  AV detected via SS2: GFI Software VIPRE, C:\Program Files (x86)\GFI Software\GFIAgent\SBAMWSC.EXE (  ), 0x41000 ( enabled : updated )
06:46:48.0789 0x1c9c  FW detected via SS2: GFI Software VIPRE, C:\Program Files (x86)\GFI Software\GFIAgent\SBAMWSC.EXE (  ), 0x41010 ( enabled )
06:46:51.0286 0x1c9c  ============================================================
06:46:51.0286 0x1c9c  Scan finished
06:46:51.0286 0x1c9c  ============================================================
06:46:51.0323 0x1a34  Detected object count: 0
06:46:51.0323 0x1a34  Actual detected object count: 0
06:48:58.0688 0x1a50  Deinitialize success
 
AdwCleaner Reports
# AdwCleaner v4.109 - Report created 03/02/2015 at 21:12:22
# Updated 24/01/2015 by Xplode
# Database : 2015-02-03.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Branson - BT-SCHOOL-LT
# Running from : C:\Users\Branson\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : SPPD
 
***** [ Files / Folders ] *****
 
Folder Found : C:\Users\Branson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
Folder Found : C:\Users\Branson\AppData\Local\Pro_PC_Cleaner
Folder Found : C:\Users\Branson\AppData\Local\SearchProtect
Folder Found : C:\Users\Branson\Documents\ProPCCleaner
 
***** [ Scheduled Tasks ] *****
 
Task Found : ProPCCleaner_Start
Task Found : ProPCCleaner_Popup
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\ProPCCleanerLanguage
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\ProPCCleanerLanguage
Key Found : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3333531&octid=EB_ORIGINAL_CTID&ISID=MF5A9BB38-434F-46D7-A6F5-70E107DCEAA5&SearchSource=55&CUI=&UM=8&UP=SP0C601E0A-673E-48AE-AA00-44D70D061FBB&SSPV=
 
-\\ Google Chrome v40.0.2214.94
 
 
*************************
 
AdwCleaner[R0].txt - [1849 octets] - [03/02/2015 21:12:22]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1909 octets] ##########
 
# AdwCleaner v4.109 - Report created 03/02/2015 at 21:19:09
# Updated 24/01/2015 by Xplode
# Database : 2015-02-03.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Branson - BT-SCHOOL-LT
# Running from : C:\Users\Branson\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Branson\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Branson\AppData\Local\Pro_PC_Cleaner
Folder Deleted : C:\Users\Branson\Documents\ProPCCleaner
Folder Deleted : C:\Users\Branson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : ProPCCleaner_Start
Task Deleted : ProPCCleaner_Popup
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\ProPCCleanerLanguage
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v40.0.2214.94
 
 
*************************
 
AdwCleaner[R0].txt - [2001 octets] - [03/02/2015 21:12:22]
AdwCleaner[S0].txt - [1462 octets] - [03/02/2015 21:19:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1522 octets] ##########
 
 
# AdwCleaner v4.109 - Report created 04/02/2015 at 06:49:13
# Updated 24/01/2015 by Xplode
# Database : 2015-02-03.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Branson - BT-SCHOOL-LT
# Running from : C:\Users\Branson\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v40.0.2214.94
 
 
*************************
 
AdwCleaner[R0].txt - [2001 octets] - [03/02/2015 21:12:22]
AdwCleaner[R1].txt - [651 octets] - [04/02/2015 06:49:13]
AdwCleaner[S0].txt - [1606 octets] - [03/02/2015 21:19:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [770 octets] ##########
 
 
Junkware Removal Tool Report
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 x64
Ran by Branson on Wed 02/04/2015 at  7:03:03.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 02/04/2015 at  7:10:02.47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Eset Report
C:\Users\Branson\AppData\Local\Microsoft\Windows\INetCache\IE\EONMGTSY\SearchProtect_1611[1].exe Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\Users\Branson\AppData\Local\Microsoft\Windows\INetCache\IE\KRGYM09X\Stub[1].exe a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Users\Branson\AppData\Local\Microsoft\Windows\INetCache\IE\T4RSOXJ5\Setup[1].exe a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Users\Branson\AppData\Local\Temp\cecabfiicdg.exe a variant of Win32/OutBrowse.BA potentially unwanted application deleted - quarantined
C:\Users\Branson\AppData\Local\Temp\rc73.exe a variant of Win32/OutBrowse.BA potentially unwanted application deleted - quarantined
C:\Users\Branson\AppData\Local\Temp\nscA0D1.tmp\fzy.dll Win32/OutBrowse.BT potentially unwanted application deleted - quarantined
 
 

Edited by Bransonb3, 04 February 2015 - 10:48 AM.


#4 Bransonb3

Bransonb3
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 04 February 2015 - 10:49 AM

Malwarebytes Report
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2/4/2015
Scan Time: 9:49:25 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.02.04.07
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Branson
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 472696
Time Elapsed: 45 min, 29 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 5
PUP.Optional.Zoomify.A, C:\ProgramData\makulitsidwe\1.1.0.29\cozaghost.exe, 4012, Delete-on-Reboot, [591e9f7bf8922d09dadd5235e32057a9]
PUP.Optional.Zoomify.A, C:\ProgramData\makulitsidwe\1.1.0.29\cozwdhost.exe, 1268, Delete-on-Reboot, [ea8d21f94c3e1b1bfeba0780d82b5aa6]
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\coz32host.exe, 4920, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf]
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\coz64host.exe, 1356, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf]
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\cozahost.exe, 4704, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf]
 
Modules: 15
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomutil32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
 
Registry Keys: 12
Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10E1725C-7237-41A9-954A-04DCCB1FD16C}, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\TYPELIB\{3C8BF053-0A65-46FE-A757-2187BD66EF34}, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{49859A6F-2284-4F06-9F8E-BFE56B35BA09}, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{49859A6F-2284-4F06-9F8E-BFE56B35BA09}, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3C8BF053-0A65-46FE-A757-2187BD66EF34}, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\BhoPlugin.MiniGetBHO.1, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\BhoPlugin.MiniGetBHO, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BhoPlugin.MiniGetBHO, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10E1725C-7237-41A9-954A-04DCCB1FD16C}, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BhoPlugin.MiniGetBHO.1, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
PUP.Optional.Zoomify.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cozaghost, Quarantined, [591e9f7bf8922d09dadd5235e32057a9], 
PUP.Optional.Zoomify.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cozwdhost, Quarantined, [ea8d21f94c3e1b1bfeba0780d82b5aa6], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 3
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\content, Quarantined, [ccab70aa1476f83e3d66532c5fa431cf], 
 
Files: 18
Trojan.BHO, C:\Program Files (x86)\MiniGet\MiniGetHelper1.13.dll, Quarantined, [8ee9b8625238f73f04230e18b64d639d], 
PUP.Optional.Zoomify.A, C:\ProgramData\makulitsidwe\1.1.0.29\cozaghost.exe, Delete-on-Reboot, [591e9f7bf8922d09dadd5235e32057a9], 
PUP.Optional.Zoomify.A, C:\ProgramData\makulitsidwe\1.1.0.29\cozwdhost.exe, Delete-on-Reboot, [ea8d21f94c3e1b1bfeba0780d82b5aa6], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\coz32host.exe, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\coz64host.exe, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\cozahost.exe, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\logo.ico, Quarantined, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\Uninstaller.exe, Quarantined, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\utils.exe, Quarantined, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoom.xpi, Quarantined, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomL64.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\webzoomutil32.dll, Delete-on-Reboot, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\content\dgapi.js, Quarantined, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\content\dgmain.js, Quarantined, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\content\dgmain_app_bg.js, Quarantined, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\content\dgmain_app_cs.js, Quarantined, [ccab70aa1476f83e3d66532c5fa431cf], 
PUP.Optional.WebSpeed.A, C:\ProgramData\makulitsidwe\1.1.0.29\content\jquery4toolbar.js, Quarantined, [ccab70aa1476f83e3d66532c5fa431cf], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:02 PM

Posted 04 February 2015 - 12:54 PM

Well that looks great!!.. We got loads off here. If you continue to use those items remember the warning as you will be back and I hope it's not a re format then.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Bransonb3

Bransonb3
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 05 February 2015 - 09:13 AM

Thanks for your help, I believe that you were able to get rid of everything.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:02 PM

Posted 05 February 2015 - 01:00 PM

Cool!! Have a great day!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users