Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CPU runs at 100% when starting up, caused by svchost.exe


  • Please log in to reply
6 replies to this topic

#1 SoriduSnakku

SoriduSnakku

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:54 PM

Posted 13 March 2015 - 07:15 PM

Hi, recently I've been having problems with computer runnin way hotter than it should during idle. There are two main symptoms, and I have temporary solutions for them but not permanent ones.

 

I'm running 64-bit Windows 7 Professional

 

Symptom 1: When my computer starts up, after most of the main services start up (Steam, Logitech Profiler, Geforce Experience) my CPU will run at 100% and hit it's max temperature of 75 degrees celsius. This is before I start running any program myself. I took a look at all the services, and svchost.exe pops up at number one CPU usage at 99 percent.

Temporary solution: Closing down this svchost.exe process stops this from happening. It doesn't reappear until I restart my computer. I believe this might be a trojan.

 

Symptom 2: This started happening a little after the svchost problem, and I'm not so sure if it's a virus. I notice my computer gets physically hot, and I check Speccy, and my computer now running the CPU, RAM, and Videocard hotter than they should be during idle. I checked through Windows services and I couldn't locate anything, nor does my CPU or RAM say it's being used. The CPU runs at about 66C and the Videocard hits the maximum temperature of 75C. So I think it's the video card having the issue here. It might not be a virus, I noticed this symptom specifically twice somewhat after I stopped playing Star Wars: Republic Commando (which I have hex edited in order to play it widescreen). However, it could definitely be a virus.

Temporary solution: Running Combofix generally gets the videocard to not run hot during idle. I won't post the log, but it won't happen again until I restart computer.

 

I think I'm infected, but I'm not 100% sure. Any help would be appreciated.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:54 AM

Posted 24 March 2015 - 03:44 PM

Hello SS,, let's run these first...

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 SoriduSnakku

SoriduSnakku
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:54 PM

Posted 27 March 2015 - 03:35 PM

Okay I've got all my logs ready. Should I post them here?



#4 SoriduSnakku

SoriduSnakku
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:54 PM

Posted 28 March 2015 - 02:39 PM

Mini Tool Box Log:
MiniToolBox by Farbar  Version: 09-03-2015
Ran by Craig (administrator) on 27-03-2015 at 12:28:42
Running from "C:\Users\Craig\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: DX58SO__ Manufacturer: INTEL_
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® 82567LM-2 Gigabit Network Connection = Local Area Connection (Connected)
Evolve Virtual Ethernet Adapter = Evolve Gaming Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=255.255.255.255/32 interface="Evolve Gaming Connection" nexthop=0.0.0.0 metric=1 publish=No
add route prefix=224.0.0.0/4 interface="Evolve Gaming Connection" nexthop=0.0.0.0 metric=1 publish=No


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Craig-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Evolve Gaming Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Evolve Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 00-00-FD-A0-3D-20
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Intel® 82567LM-2 Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-1C-C0-B1-8A-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1523:fb5a:353b:3e92%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, March 27, 2015 12:27:05 PM
   Lease Expires . . . . . . . . . . : Monday, May 03, 2151 6:57:01 PM
   Default Gateway . . . . . . . . . : fe80::ee1a:59ff:fe59:c2ae%10
                                       192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 234888384
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-F1-CB-1F-00-1C-C0-B1-8A-55
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
                                       8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{3F834A6E-B441-4D40-8D16-31FB178190F7}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:2020:f12:3f57:fdf4(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2020:f12:3f57:fdf4%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.Belkin:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    google.com
Addresses:  2607:f8b0:4007:80a::200e
      216.58.217.206


Pinging google.com [216.58.217.206] with 32 bytes of data:
Reply from 216.58.217.206: bytes=32 time=22ms TTL=56
Reply from 216.58.217.206: bytes=32 time=22ms TTL=56

Ping statistics for 216.58.217.206:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 22ms, Maximum = 22ms, Average = 22ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    yahoo.com
Addresses:  98.139.183.24
      98.138.253.109
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=68ms TTL=52
Reply from 206.190.36.45: bytes=32 time=67ms TTL=52

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 67ms, Maximum = 68ms, Average = 67ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...00 00 fd a0 3d 20 ......Evolve Virtual Ethernet Adapter
 10...00 1c c0 b1 8a 55 ......Intel® 82567LM-2 Gigabit Network Connection
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.11     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link      192.168.2.11    276
     192.168.2.11  255.255.255.255         On-link      192.168.2.11    276
    192.168.2.255  255.255.255.255         On-link      192.168.2.11    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.2.11    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.2.11    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
  255.255.255.255  255.255.255.255         On-link        1
        224.0.0.0        240.0.0.0         On-link        1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    276 ::/0                     fe80::ee1a:59ff:fe59:c2ae
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6abd:2020:f12:3f57:fdf4/128
                                    On-link
 10    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 10    276 fe80::1523:fb5a:353b:3e92/128
                                    On-link
 12    306 fe80::2020:f12:3f57:fdf4/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/24/2015 10:54:23 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 36.0.4.5557 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1aa4

Start Time: 01d066c0182a3af3

Termination Time: 19

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 61541e90-d2b3-11e4-8e77-001cc0b18a55

Error: (03/24/2015 10:54:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 36.0.4.5557, time stamp: 0x550d0883
Faulting module name: mozalloc.dll, version: 36.0.4.5557, time stamp: 0x550cfa82
Exception code: 0x80000003
Fault offset: 0x00001e02
Faulting process id: 0x1b4c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (03/22/2015 10:05:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: BinaryDomain.exe, version: 1.0.0.1, time stamp: 0x4fc75178
Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3
Exception code: 0xc0000005
Fault offset: 0x00022a5d
Faulting process id: 0x18a8
Faulting application start time: 0xBinaryDomain.exe0
Faulting application path: BinaryDomain.exe1
Faulting module path: BinaryDomain.exe2
Report Id: BinaryDomain.exe3

Error: (03/17/2015 08:48:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 36.0.1.5542, time stamp: 0x54f851c0
Faulting module name: mozalloc.dll, version: 36.0.1.5542, time stamp: 0x54f8437e
Exception code: 0x80000003
Fault offset: 0x00001e02
Faulting process id: 0x1464
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (03/14/2015 02:02:03 AM) (Source: Application Error) (User: )
Description: Faulting application name: DeSmuME_0.9.9_x64.exe, version: 0.0.0.0, time stamp: 0x517c1082
Faulting module name: DeSmuME_0.9.9_x64.exe, version: 0.0.0.0, time stamp: 0x517c1082
Exception code: 0xc0000005
Fault offset: 0x00000000000d9d2a
Faulting process id: 0xc50
Faulting application start time: 0xDeSmuME_0.9.9_x64.exe0
Faulting application path: DeSmuME_0.9.9_x64.exe1
Faulting module path: DeSmuME_0.9.9_x64.exe2
Report Id: DeSmuME_0.9.9_x64.exe3

Error: (03/14/2015 02:00:01 AM) (Source: Application Error) (User: )
Description: Faulting application name: DeSmuME_0.9.9_x64.exe, version: 0.0.0.0, time stamp: 0x517c1082
Faulting module name: DeSmuME_0.9.9_x64.exe, version: 0.0.0.0, time stamp: 0x517c1082
Exception code: 0xc0000005
Fault offset: 0x00000000000d9cfc
Faulting process id: 0x51a0
Faulting application start time: 0xDeSmuME_0.9.9_x64.exe0
Faulting application path: DeSmuME_0.9.9_x64.exe1
Faulting module path: DeSmuME_0.9.9_x64.exe2
Report Id: DeSmuME_0.9.9_x64.exe3

Error: (03/12/2015 05:33:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 36.0.1.5542, time stamp: 0x54f851c0
Faulting module name: mozalloc.dll, version: 36.0.1.5542, time stamp: 0x54f8437e
Exception code: 0x80000003
Fault offset: 0x00001e02
Faulting process id: 0x3ba4
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (03/10/2015 06:58:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: go_start.exe, version: 1.0.0.1, time stamp: 0x3725bcd7
Faulting module name: go_start.exe, version: 1.0.0.1, time stamp: 0x3725bcd7
Exception code: 0xc0000005
Fault offset: 0x0000b908
Faulting process id: 0x18e4
Faulting application start time: 0xgo_start.exe0
Faulting application path: go_start.exe1
Faulting module path: go_start.exe2
Report Id: go_start.exe3

Error: (03/10/2015 06:58:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: go_start.exe, version: 1.0.0.1, time stamp: 0x3725bcd7
Faulting module name: go_start.exe, version: 1.0.0.1, time stamp: 0x3725bcd7
Exception code: 0xc0000005
Fault offset: 0x0000b908
Faulting process id: 0x1428
Faulting application start time: 0xgo_start.exe0
Faulting application path: go_start.exe1
Faulting module path: go_start.exe2
Report Id: go_start.exe3

Error: (03/10/2015 06:58:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: go_start.exe, version: 1.0.0.1, time stamp: 0x3725bcd7
Faulting module name: go_start.exe, version: 1.0.0.1, time stamp: 0x3725bcd7
Exception code: 0xc0000005
Fault offset: 0x0000b908
Faulting process id: 0x1b9c
Faulting application start time: 0xgo_start.exe0
Faulting application path: go_start.exe1
Faulting module path: go_start.exe2
Report Id: go_start.exe3


System errors:
=============
Error: (03/23/2015 05:13:02 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/23/2015 05:11:31 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/23/2015 04:53:03 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/23/2015 04:52:49 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (03/23/2015 04:52:49 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (03/23/2015 04:51:41 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/21/2015 04:40:04 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{203CC727-4E4A-48FF-9270-E1E3A7B4C777}.
The backup browser is stopping.

Error: (03/21/2015 03:30:04 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (03/21/2015 03:30:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (03/21/2015 02:04:45 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.


Microsoft Office Sessions:
=========================
Error: (03/24/2015 10:54:23 PM) (Source: Application Hang)(User: )
Description: firefox.exe36.0.4.55571aa401d066c0182a3af319C:\Program Files (x86)\Mozilla Firefox\firefox.exe61541e90-d2b3-11e4-8e77-001cc0b18a55

Error: (03/24/2015 10:54:23 PM) (Source: Application Error)(User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e021b4c01d066c01883319aC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll62841755-d2b3-11e4-8e77-001cc0b18a55

Error: (03/22/2015 10:05:09 PM) (Source: Application Error)(User: )
Description: BinaryDomain.exe1.0.0.14fc75178d3d9.dll6.1.7601.175144ce7b7b3c000000500022a5d18a801d0650bc9ee3bc7E:\Steam Library\steamapps\common\Binary Domain\BinaryDomain.exeC:\Windows\system32\d3d9.dll2d06c9d6-d11a-11e4-baa3-001cc0b18a55

Error: (03/17/2015 08:48:38 PM) (Source: Application Error)(User: )
Description: plugin-container.exe36.0.1.554254f851c0mozalloc.dll36.0.1.554254f8437e8000000300001e02146401d0612c37fbabccC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla8b05393-cd21-11e4-8efd-001cc0b18a55

Error: (03/14/2015 02:02:03 AM) (Source: Application Error)(User: )
Description: DeSmuME_0.9.9_x64.exe0.0.0.0517c1082DeSmuME_0.9.9_x64.exe0.0.0.0517c1082c000000500000000000d9d2ac5001d05e357fc78579C:\Users\Craig\Downloads\desmume-0.9.9-win64\DeSmuME_0.9.9_x64.exeC:\Users\Craig\Downloads\desmume-0.9.9-win64\DeSmuME_0.9.9_x64.exec76a2ac9-ca28-11e4-9ed2-001cc0b18a55

Error: (03/14/2015 02:00:01 AM) (Source: Application Error)(User: )
Description: DeSmuME_0.9.9_x64.exe0.0.0.0517c1082DeSmuME_0.9.9_x64.exe0.0.0.0517c1082c000000500000000000d9cfc51a001d05e3523a349e6C:\Users\Craig\Downloads\desmume-0.9.9-win64\DeSmuME_0.9.9_x64.exeC:\Users\Craig\Downloads\desmume-0.9.9-win64\DeSmuME_0.9.9_x64.exe7eb3ab2a-ca28-11e4-9ed2-001cc0b18a55

Error: (03/12/2015 05:33:33 PM) (Source: Application Error)(User: )
Description: plugin-container.exe36.0.1.554254f851c0mozalloc.dll36.0.1.554254f8437e8000000300001e023ba401d05d252984eda2C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll93b8a6e4-c918-11e4-ac89-001cc0b18a55

Error: (03/10/2015 06:58:41 PM) (Source: Application Error)(User: )
Description: go_start.exe1.0.0.13725bcd7go_start.exe1.0.0.13725bcd7c00000050000b90818e401d05b9ee5f6b135E:\Other Games\Expendable\go_start.exeE:\Other Games\Expendable\go_start.exe23e2c6ac-c792-11e4-8910-001cc0b18a55

Error: (03/10/2015 06:58:26 PM) (Source: Application Error)(User: )
Description: go_start.exe1.0.0.13725bcd7go_start.exe1.0.0.13725bcd7c00000050000b908142801d05b9edd1093c9E:\Other Games\Expendable\go_start.exeE:\Other Games\Expendable\go_start.exe1afb97cd-c792-11e4-8910-001cc0b18a55

Error: (03/10/2015 06:58:10 PM) (Source: Application Error)(User: )
Description: go_start.exe1.0.0.13725bcd7go_start.exe1.0.0.13725bcd7c00000050000b9081b9c01d05b9ed2e26952E:\Other Games\Expendable\go_start.exeE:\Other Games\Expendable\go_start.exe10efc17b-c792-11e4-8910-001cc0b18a55


CodeIntegrity Errors:
===================================
  Date: 2015-03-23 16:52:49.806
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-23 16:52:49.775
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-23 16:52:49.759
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-23 16:52:49.728
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-21 14:04:31.370
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-21 14:04:31.340
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-21 14:04:31.320
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-21 14:04:31.290
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-20 13:54:25.429
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-20 13:54:25.414
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



=========================== Installed Programs ============================
100% Orange Juice (HKLM-x32\...\Steam App 282800) (Version:  - Orange_Juice)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Abe's Oddysee (HKLM-x32\...\GOGPACKABESODDYSEE_is1) (Version: 2.0.0.4 - GOG.com)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version:  - Kunos Simulazioni)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
Auslogics Registry Cleaner (HKLM-x32\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 4.0.0.0 - Auslogics Labs Pty Ltd)
Auslogics Registry Defrag (HKLM-x32\...\{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1) (Version: 8.0.0.0 - Auslogics Labs Pty Ltd)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Battlefield 2 (HKLM-x32\...\{A8DBF55D-73C0-4E37-A10E-365BFBB14119}) (Version: 1.5.0.0 - Electronic Arts)
BleachBit (HKLM-x32\...\BleachBit) (Version: 1.6 - BleachBit)
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - Nicalis)
Cloudbuilt (HKLM-x32\...\Steam App 262390) (Version:  - Coilworks)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darkest Hour: A Hearts of Iron Game (HKLM-x32\...\Steam App 73170) (Version:  - Martin Ivanov)
Devil May Cry 4 (HKLM-x32\...\Steam App 45700) (Version:  - Capcom)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
Dungeons of Dredmor (HKLM-x32\...\Steam App 98800) (Version:  - Gaslamp Games, Inc.)
Epic Games Launcher (HKLM\...\{8727C279-A122-40B8-8ACA-271E1809DAA5}) (Version: 1.1.23.0 - Epic Games, Inc.)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 0.9.1 - )
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.11 - Echobit, LLC)
Expeditions: Conquistador (HKLM-x32\...\Steam App 237430) (Version:  - Logic Artists)
f.lux (HKCU\...\Flux) (Version:  - )
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Forged Alliance Forever (HKLM-x32\...\{EF37C7C0-1281-4452-8A3F-D71215478D63}) (Version: 240.10.122 - FAF Community)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Unreal Gold (HKLM\...\{819e9b41-7e72-45ff-975e-0b9a8c1d1ec2}.sdb) (Version:  - )
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
GTA IV: San Andreas (HKLM-x32\...\{20D5BD7A-758F-4837-ABD8-64C638BFEB1B}) (Version: 0.5.4.0 - GTA IV: San Andreas Mod Team)
Hitman -  Contracts (HKLM-x32\...\GOGPACKHITMAN3_is1) (Version: 2.0.0.11 - GOG.com)
Homeworld Remastered Collection (HKLM-x32\...\SG9tZXdvcmxkUmVtYXN0ZXJlZENvbGxlY3Rpb24=_is1) (Version: 1 - )
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intruder (HKLM-x32\...\{F9687E06-72EC-4E3F-BCF1-49CD1012319D}) (Version: 448 - Superboss Games)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.31.13 - Oracle Corporation) Hidden
King's Bounty: Armored Princess (HKLM-x32\...\Steam App 3170) (Version:  - Katauri Interactive)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Legacy of Kain: Soul Reaver (HKLM-x32\...\Steam App 224920) (Version:  - Crystal Dynamics)
Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version:  - Almost Human Games)
LibreOffice 4.3.3.2 (HKLM-x32\...\{87C753BB-81E3-403B-BD87-6293F870B20B}) (Version: 4.3.3.2 - The Document Foundation)
Little Big Adventure 2 (HKLM-x32\...\1207658974_is1) (Version: 2.1.0.8 - GOG.com)
Livestreamer 1.11.1 (HKLM-x32\...\Livestreamer) (Version:  - )
Logitech Gaming Software (Version: 8.30.28 - Logitech Inc.) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Lost Horizon (HKLM-x32\...\Steam App 40350) (Version:  - Animation Arts)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Men of War: Assault Squad 2 (HKLM-x32\...\Steam App 244450) (Version:  - Digitalmindsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2010 (HKLM-x32\...\{FA8E7AF5-C70E-3274-9740-9E697FBD5BB7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.3 - Mozilla)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
NVIDIA Control Panel 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.173.1392 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.2 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Update 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.27 (Version: 1.2.27 - NVIDIA Corporation) Hidden
Overseer (HKLM-x32\...\GOGPACKTEX5_is1) (Version: 2.0.0.21 - GOG.com)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.2 - Project Reality)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
qBittorrent 3.1.12 (HKLM-x32\...\qBittorrent) (Version: 3.1.12 - The qBittorrent project)
RE_BH 6 AIO [W.B] (x32 Version: 1.0 - Warlord Blade) Hidden
Recettear: An Item Shop's Tale (HKLM-x32\...\Steam App 70400) (Version:  - EasyGameStation)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Red Faction: Guerrilla Steam Edition (HKLM-x32\...\Steam App 20500) (Version:  - Volition)
resident evil 4 / biohazard 4 (HKLM-x32\...\Steam App 254700) (Version:  - Capcom)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
REVOLVER360 RE:ACTOR (HKLM-x32\...\Steam App 313400) (Version:  - Cross Eaglet)
rFactor (remove only) (HKLM-x32\...\rFactor) (Version:  - )
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
S.T.A.L.K.E.R.: Call of Pripyat (HKLM-x32\...\Steam App 41700) (Version:  - GSC Game World)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
Sengoku (HKLM-x32\...\Steam App 73210) (Version:  - Paradox Development Studio)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version:  - Croteam)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\Steam App 250760) (Version:  - Yacht Club Games)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Slave Zero (HKLM-x32\...\Steam App 328470) (Version:  - Accolade, Inc.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version:  - LucasArts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg VST Classics 1 64bit (HKLM\...\{AA322103-FC2B-4D86-BA6C-67D4DDB4209C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
Supreme Commander (HKLM-x32\...\Steam App 9350) (Version:  - Gas Powered Games)
Supreme Commander: Forged Alliance (HKLM-x32\...\Steam App 9420) (Version:  - Gas Powered Games)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Chronicles of Riddick: Assault on Dark Athena (HKLM-x32\...\Steam App 9860) (Version:  - Starbreeze Studios AB)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version:  - SQUARE ENIX)
The Misadventures of P.B. Winterbottom (HKLM-x32\...\Steam App 40930) (Version:  - The Odd Gentlemen)
TikiOne Steam Cleaner (HKLM-x32\...\TikiOneSteamCleaner) (Version:  - Jonathan Lermitage)
Tom Clancy's Rainbow Six 3: Athena Sword (HKLM-x32\...\Steam App 19840) (Version:  - Ubisoft)
Tom Clancy's Rainbow Six 3: Gold Edition (HKLM-x32\...\Steam App 19830) (Version:  - Red Storm Entertainment)
Transistor (HKLM-x32\...\Steam App 237930) (Version:  - Supergiant Games)
Tribes 2 (HKLM-x32\...\Tribes 2) (Version: 1.0.0.0 - Sierra On-Line)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 4.2.1 - Universal Media Server)
Unreal Engine version 4.3.0 (HKLM-x32\...\Unreal Engine_is1) (Version: 4.3.0 - Unreal Engine 4.3.0)
Unreal Gold (HKLM-x32\...\GOGPACKUNREAL_is1) (Version: 2.0.0.6 - GOG.com)
Unreal Tournament 2004 (HKLM-x32\...\GOGPACKUT2004_is1) (Version: 2.0.0.6 - GOG.com)
Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version:  - SEGA)
Vegas Pro 13.0 (64-bit) (HKLM\...\{3814DB30-091D-11E4-BDE0-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Victoria II (HKLM-x32\...\Steam App 42960) (Version:  - Paradox Development Studio)
Visual Basic 5.0 (HKLM-x32\...\ST5UNST #1) (Version:  - )
Wargame: Red Dragon (HKLM-x32\...\Steam App 251060) (Version:  - Eugen Systems)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
X-COM: UFO Defense (HKLM-x32\...\Steam App 7760) (Version:  - MicroProse Software, Inc)
Ys: The Oath in Felghana (HKLM-x32\...\Steam App 207320) (Version:  - Nihon Falcom)
YTD Video Downloader 4.8.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL)

========================= Memory info: ===================================

Percentage of memory in use: 17%
Total physical RAM: 8180.5 MB
Available physical RAM: 6718.12 MB
Total Pagefile: 16359.18 MB
Available Pagefile: 14775.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.07 MB

========================= Partitions: =====================================

1 Drive c: (Main Drive) (Fixed) (Total:119.14 GB) (Free:31.49 GB) NTFS
3 Drive e: (Large Data) (Fixed) (Total:931.51 GB) (Free:413.82 GB) NTFS

========================= Users: ========================================

User accounts for \\CRAIG-PC

Administrator            Craig                    Guest                    


**** End of log ****

TDSSKiller Log

 

12:30:52.0199 0x1018  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:30:57.0250 0x1018  ============================================================
12:30:57.0250 0x1018  Current date / time: 2015/03/27 12:30:57.0250
12:30:57.0250 0x1018  SystemInfo:
12:30:57.0250 0x1018  
12:30:57.0250 0x1018  OS Version: 6.1.7601 ServicePack: 1.0
12:30:57.0250 0x1018  Product type: Workstation
12:30:57.0250 0x1018  ComputerName: CRAIG-PC
12:30:57.0251 0x1018  UserName: Craig
12:30:57.0251 0x1018  Windows directory: C:\Windows
12:30:57.0251 0x1018  System windows directory: C:\Windows
12:30:57.0251 0x1018  Running under WOW64
12:30:57.0251 0x1018  Processor architecture: Intel x64
12:30:57.0251 0x1018  Number of processors: 8
12:30:57.0251 0x1018  Page size: 0x1000
12:30:57.0251 0x1018  Boot type: Normal boot
12:30:57.0251 0x1018  ============================================================
12:30:58.0046 0x1018  KLMD registered as C:\Windows\system32\drivers\77976598.sys
12:30:58.0075 0x1018  System UUID: {53EAFB4F-AF00-D6DB-0655-F90D0928BAEB}
12:30:58.0334 0x1018  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:30:58.0340 0x1018  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:30:58.0343 0x1018  ============================================================
12:30:58.0343 0x1018  \Device\Harddisk0\DR0:
12:30:58.0344 0x1018  MBR partitions:
12:30:58.0344 0x1018  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:30:58.0344 0x1018  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
12:30:58.0344 0x1018  \Device\Harddisk1\DR1:
12:30:58.0345 0x1018  MBR partitions:
12:30:58.0345 0x1018  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:30:58.0345 0x1018  ============================================================
12:30:58.0346 0x1018  C: <-> \Device\Harddisk0\DR0\Partition2
12:30:58.0390 0x1018  E: <-> \Device\Harddisk1\DR1\Partition1
12:30:58.0390 0x1018  ============================================================
12:30:58.0390 0x1018  Initialize success
12:30:58.0390 0x1018  ============================================================
12:31:19.0019 0x13c4  ============================================================
12:31:19.0019 0x13c4  Scan started
12:31:19.0019 0x13c4  Mode: Manual; SigCheck; TDLFS;
12:31:19.0019 0x13c4  ============================================================
12:31:19.0019 0x13c4  KSN ping started
12:31:21.0879 0x13c4  KSN ping finished: true
12:31:23.0981 0x13c4  ================ Scan system memory ========================
12:31:23.0981 0x13c4  System memory - ok
12:31:23.0981 0x13c4  ================ Scan services =============================
12:31:24.0011 0x13c4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:31:24.0058 0x13c4  1394ohci - ok
12:31:24.0075 0x13c4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:31:24.0098 0x13c4  ACPI - ok
12:31:24.0101 0x13c4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:31:24.0126 0x13c4  AcpiPmi - ok
12:31:24.0149 0x13c4  [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:31:24.0167 0x13c4  AdobeFlashPlayerUpdateSvc - ok
12:31:24.0185 0x13c4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:31:24.0211 0x13c4  adp94xx - ok
12:31:24.0226 0x13c4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:31:24.0249 0x13c4  adpahci - ok
12:31:24.0257 0x13c4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:31:24.0273 0x13c4  adpu320 - ok
12:31:24.0279 0x13c4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:31:24.0339 0x13c4  AeLookupSvc - ok
12:31:24.0356 0x13c4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:31:24.0384 0x13c4  AFD - ok
12:31:24.0388 0x13c4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:31:24.0400 0x13c4  agp440 - ok
12:31:24.0406 0x13c4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:31:24.0427 0x13c4  ALG - ok
12:31:24.0430 0x13c4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:31:24.0440 0x13c4  aliide - ok
12:31:24.0443 0x13c4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:31:24.0453 0x13c4  amdide - ok
12:31:24.0458 0x13c4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:31:24.0474 0x13c4  AmdK8 - ok
12:31:24.0479 0x13c4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:31:24.0491 0x13c4  AmdPPM - ok
12:31:24.0497 0x13c4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:31:24.0512 0x13c4  amdsata - ok
12:31:24.0522 0x13c4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:31:24.0539 0x13c4  amdsbs - ok
12:31:24.0543 0x13c4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:31:24.0552 0x13c4  amdxata - ok
12:31:24.0556 0x13c4  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
12:31:24.0570 0x13c4  AppID - ok
12:31:24.0575 0x13c4  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:31:24.0587 0x13c4  AppIDSvc - ok
12:31:24.0592 0x13c4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:31:24.0608 0x13c4  Appinfo - ok
12:31:24.0617 0x13c4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:31:24.0630 0x13c4  arc - ok
12:31:24.0636 0x13c4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:31:24.0648 0x13c4  arcsas - ok
12:31:24.0659 0x13c4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:31:24.0675 0x13c4  aspnet_state - ok
12:31:24.0679 0x13c4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:31:24.0717 0x13c4  AsyncMac - ok
12:31:24.0721 0x13c4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:31:24.0731 0x13c4  atapi - ok
12:31:24.0754 0x13c4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:31:24.0791 0x13c4  AudioEndpointBuilder - ok
12:31:24.0816 0x13c4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:31:24.0843 0x13c4  AudioSrv - ok
12:31:24.0851 0x13c4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:31:24.0878 0x13c4  AxInstSV - ok
12:31:24.0897 0x13c4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:31:24.0926 0x13c4  b06bdrv - ok
12:31:24.0937 0x13c4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:31:24.0958 0x13c4  b57nd60a - ok
12:31:24.0968 0x13c4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:31:24.0984 0x13c4  BDESVC - ok
12:31:24.0988 0x13c4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:31:25.0024 0x13c4  Beep - ok
12:31:25.0060 0x13c4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:31:25.0100 0x13c4  BFE - ok
12:31:25.0126 0x13c4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:31:25.0237 0x13c4  BITS - ok
12:31:25.0243 0x13c4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:31:25.0255 0x13c4  blbdrive - ok
12:31:25.0261 0x13c4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:31:25.0274 0x13c4  bowser - ok
12:31:25.0278 0x13c4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:31:25.0302 0x13c4  BrFiltLo - ok
12:31:25.0309 0x13c4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:31:25.0323 0x13c4  BrFiltUp - ok
12:31:25.0329 0x13c4  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:31:25.0368 0x13c4  BridgeMP - ok
12:31:25.0375 0x13c4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:31:25.0392 0x13c4  Browser - ok
12:31:25.0405 0x13c4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:31:25.0428 0x13c4  Brserid - ok
12:31:25.0433 0x13c4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:31:25.0448 0x13c4  BrSerWdm - ok
12:31:25.0451 0x13c4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:31:25.0466 0x13c4  BrUsbMdm - ok
12:31:25.0470 0x13c4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:31:25.0482 0x13c4  BrUsbSer - ok
12:31:25.0488 0x13c4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:31:25.0504 0x13c4  BTHMODEM - ok
12:31:25.0511 0x13c4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:31:25.0547 0x13c4  bthserv - ok
12:31:25.0595 0x13c4  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
12:31:25.0653 0x13c4  c2cautoupdatesvc - ok
12:31:25.0711 0x13c4  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
12:31:25.0783 0x13c4  c2cpnrsvc - ok
12:31:25.0791 0x13c4  catchme - ok
12:31:25.0797 0x13c4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:31:25.0835 0x13c4  cdfs - ok
12:31:25.0842 0x13c4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
12:31:25.0861 0x13c4  cdrom - ok
12:31:25.0866 0x13c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:31:25.0902 0x13c4  CertPropSvc - ok
12:31:25.0907 0x13c4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:31:25.0921 0x13c4  circlass - ok
12:31:25.0936 0x13c4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:31:25.0958 0x13c4  CLFS - ok
12:31:25.0965 0x13c4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:31:25.0978 0x13c4  clr_optimization_v2.0.50727_32 - ok
12:31:25.0985 0x13c4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:31:25.0999 0x13c4  clr_optimization_v2.0.50727_64 - ok
12:31:26.0009 0x13c4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:31:26.0035 0x13c4  clr_optimization_v4.0.30319_32 - ok
12:31:26.0042 0x13c4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:31:26.0061 0x13c4  clr_optimization_v4.0.30319_64 - ok
12:31:26.0065 0x13c4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:31:26.0076 0x13c4  CmBatt - ok
12:31:26.0080 0x13c4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:31:26.0089 0x13c4  cmdide - ok
12:31:26.0107 0x13c4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
12:31:26.0142 0x13c4  CNG - ok
12:31:26.0147 0x13c4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:31:26.0157 0x13c4  Compbatt - ok
12:31:26.0162 0x13c4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:31:26.0176 0x13c4  CompositeBus - ok
12:31:26.0179 0x13c4  COMSysApp - ok
12:31:26.0184 0x13c4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:31:26.0194 0x13c4  crcdisk - ok
12:31:26.0204 0x13c4  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:31:26.0223 0x13c4  CryptSvc - ok
12:31:26.0245 0x13c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:31:26.0306 0x13c4  DcomLaunch - ok
12:31:26.0320 0x13c4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:31:26.0366 0x13c4  defragsvc - ok
12:31:26.0372 0x13c4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:31:26.0410 0x13c4  DfsC - ok
12:31:26.0423 0x13c4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:31:26.0445 0x13c4  Dhcp - ok
12:31:26.0450 0x13c4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:31:26.0492 0x13c4  discache - ok
12:31:26.0497 0x13c4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:31:26.0510 0x13c4  Disk - ok
12:31:26.0519 0x13c4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:31:26.0535 0x13c4  Dnscache - ok
12:31:26.0546 0x13c4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:31:26.0590 0x13c4  dot3svc - ok
12:31:26.0600 0x13c4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:31:26.0640 0x13c4  DPS - ok
12:31:26.0643 0x13c4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:31:26.0654 0x13c4  drmkaud - ok
12:31:26.0665 0x13c4  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:31:26.0683 0x13c4  dtsoftbus01 - ok
12:31:26.0719 0x13c4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:31:26.0754 0x13c4  DXGKrnl - ok
12:31:26.0767 0x13c4  [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
12:31:26.0787 0x13c4  e1yexpress - ok
12:31:26.0793 0x13c4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:31:26.0833 0x13c4  EapHost - ok
12:31:26.0928 0x13c4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:31:27.0048 0x13c4  ebdrv - ok
12:31:27.0057 0x13c4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\Windows\System32\lsass.exe
12:31:27.0071 0x13c4  EFS - ok
12:31:27.0098 0x13c4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:31:27.0136 0x13c4  ehRecvr - ok
12:31:27.0143 0x13c4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:31:27.0159 0x13c4  ehSched - ok
12:31:27.0182 0x13c4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:31:27.0211 0x13c4  elxstor - ok
12:31:27.0215 0x13c4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:31:27.0225 0x13c4  ErrDev - ok
12:31:27.0244 0x13c4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:31:27.0295 0x13c4  EventSystem - ok
12:31:27.0299 0x13c4  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
12:31:27.0307 0x13c4  EvolveVirtualAdapter - ok
12:31:27.0357 0x13c4  [ 3B022733109DDFFEF2AD4EEDE66306A3, B886DC42DA83D66C4E3CCF52D09661D284906B02E5FA6BB23588C84825C82A13 ] EvoSvc          C:\Program Files\Echobit\Evolve\EvoSvc.exe
12:31:27.0419 0x13c4  EvoSvc - ok
12:31:27.0431 0x13c4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:31:27.0475 0x13c4  exfat - ok
12:31:27.0484 0x13c4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:31:27.0528 0x13c4  fastfat - ok
12:31:27.0552 0x13c4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:31:27.0591 0x13c4  Fax - ok
12:31:27.0596 0x13c4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:31:27.0607 0x13c4  fdc - ok
12:31:27.0610 0x13c4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:31:27.0647 0x13c4  fdPHost - ok
12:31:27.0652 0x13c4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:31:27.0689 0x13c4  FDResPub - ok
12:31:27.0695 0x13c4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:31:27.0705 0x13c4  FileInfo - ok
12:31:27.0709 0x13c4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:31:27.0746 0x13c4  Filetrace - ok
12:31:27.0750 0x13c4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:31:27.0764 0x13c4  flpydisk - ok
12:31:27.0775 0x13c4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:31:27.0793 0x13c4  FltMgr - ok
12:31:27.0829 0x13c4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:31:27.0885 0x13c4  FontCache - ok
12:31:27.0891 0x13c4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:31:27.0901 0x13c4  FontCache3.0.0.0 - ok
12:31:27.0906 0x13c4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:31:27.0918 0x13c4  FsDepends - ok
12:31:27.0922 0x13c4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:31:27.0932 0x13c4  Fs_Rec - ok
12:31:27.0942 0x13c4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:31:27.0961 0x13c4  fvevol - ok
12:31:27.0966 0x13c4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:31:27.0977 0x13c4  gagp30kx - ok
12:31:28.0015 0x13c4  [ 4DF4ABCA09AF1530D712FA589CE3BE9F, 573C04358BBAEAEDFDC4F265627E8029295C31BB17C13B428D5694119AECEDAD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
12:31:28.0061 0x13c4  GfExperienceService - ok
12:31:28.0091 0x13c4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:31:28.0152 0x13c4  gpsvc - ok
12:31:28.0158 0x13c4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:31:28.0170 0x13c4  hcw85cir - ok
12:31:28.0186 0x13c4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:31:28.0213 0x13c4  HdAudAddService - ok
12:31:28.0220 0x13c4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:31:28.0236 0x13c4  HDAudBus - ok
12:31:28.0239 0x13c4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:31:28.0250 0x13c4  HidBatt - ok
12:31:28.0256 0x13c4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:31:28.0274 0x13c4  HidBth - ok
12:31:28.0279 0x13c4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:31:28.0294 0x13c4  HidIr - ok
12:31:28.0299 0x13c4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
12:31:28.0345 0x13c4  hidserv - ok
12:31:28.0349 0x13c4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:31:28.0360 0x13c4  HidUsb - ok
12:31:28.0366 0x13c4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:31:28.0405 0x13c4  hkmsvc - ok
12:31:28.0415 0x13c4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:31:28.0432 0x13c4  HomeGroupListener - ok
12:31:28.0441 0x13c4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:31:28.0458 0x13c4  HomeGroupProvider - ok
12:31:28.0463 0x13c4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:31:28.0477 0x13c4  HpSAMD - ok
12:31:28.0503 0x13c4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:31:28.0565 0x13c4  HTTP - ok
12:31:28.0569 0x13c4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:31:28.0578 0x13c4  hwpolicy - ok
12:31:28.0584 0x13c4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:31:28.0597 0x13c4  i8042prt - ok
12:31:28.0612 0x13c4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:31:28.0635 0x13c4  iaStorV - ok
12:31:28.0666 0x13c4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:31:28.0707 0x13c4  idsvc - ok
12:31:28.0721 0x13c4  IEEtwCollectorService - ok
12:31:28.0726 0x13c4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:31:28.0737 0x13c4  iirsp - ok
12:31:28.0783 0x13c4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:31:28.0826 0x13c4  IKEEXT - ok
12:31:28.0832 0x13c4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:31:28.0842 0x13c4  intelide - ok
12:31:28.0847 0x13c4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:31:28.0857 0x13c4  intelppm - ok
12:31:28.0864 0x13c4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:31:28.0904 0x13c4  IPBusEnum - ok
12:31:28.0910 0x13c4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:31:28.0948 0x13c4  IpFilterDriver - ok
12:31:28.0969 0x13c4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:31:29.0006 0x13c4  iphlpsvc - ok
12:31:29.0012 0x13c4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:31:29.0024 0x13c4  IPMIDRV - ok
12:31:29.0031 0x13c4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:31:29.0070 0x13c4  IPNAT - ok
12:31:29.0074 0x13c4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:31:29.0098 0x13c4  IRENUM - ok
12:31:29.0102 0x13c4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:31:29.0112 0x13c4  isapnp - ok
12:31:29.0123 0x13c4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:31:29.0143 0x13c4  iScsiPrt - ok
12:31:29.0148 0x13c4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:31:29.0158 0x13c4  kbdclass - ok
12:31:29.0163 0x13c4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:31:29.0175 0x13c4  kbdhid - ok
12:31:29.0179 0x13c4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\Windows\system32\lsass.exe
12:31:29.0189 0x13c4  KeyIso - ok
12:31:29.0195 0x13c4  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:31:29.0208 0x13c4  KSecDD - ok
12:31:29.0217 0x13c4  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:31:29.0230 0x13c4  KSecPkg - ok
12:31:29.0234 0x13c4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:31:29.0271 0x13c4  ksthunk - ok
12:31:29.0285 0x13c4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:31:29.0335 0x13c4  KtmRm - ok
12:31:29.0346 0x13c4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:31:29.0389 0x13c4  LanmanServer - ok
12:31:29.0396 0x13c4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:31:29.0436 0x13c4  LanmanWorkstation - ok
12:31:29.0441 0x13c4  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
12:31:29.0448 0x13c4  LGBusEnum - ok
12:31:29.0453 0x13c4  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
12:31:29.0459 0x13c4  LGVirHid - ok
12:31:29.0463 0x13c4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:31:29.0499 0x13c4  lltdio - ok
12:31:29.0512 0x13c4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:31:29.0558 0x13c4  lltdsvc - ok
12:31:29.0563 0x13c4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:31:29.0599 0x13c4  lmhosts - ok
12:31:29.0607 0x13c4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:31:29.0620 0x13c4  LSI_FC - ok
12:31:29.0626 0x13c4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:31:29.0638 0x13c4  LSI_SAS - ok
12:31:29.0643 0x13c4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:31:29.0654 0x13c4  LSI_SAS2 - ok
12:31:29.0660 0x13c4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:31:29.0673 0x13c4  LSI_SCSI - ok
12:31:29.0680 0x13c4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:31:29.0722 0x13c4  luafv - ok
12:31:29.0725 0x13c4  MBAMSwissArmy - ok
12:31:29.0730 0x13c4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:31:29.0743 0x13c4  Mcx2Svc - ok
12:31:29.0748 0x13c4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:31:29.0758 0x13c4  megasas - ok
12:31:29.0771 0x13c4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:31:29.0793 0x13c4  MegaSR - ok
12:31:29.0801 0x13c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:31:29.0839 0x13c4  MMCSS - ok
12:31:29.0844 0x13c4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:31:29.0881 0x13c4  Modem - ok
12:31:29.0886 0x13c4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:31:29.0899 0x13c4  monitor - ok
12:31:29.0905 0x13c4  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
12:31:29.0920 0x13c4  MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
12:31:32.0617 0x13c4  Detect skipped due to KSN trusted
12:31:32.0617 0x13c4  MotioninJoyXFilter - ok
12:31:32.0621 0x13c4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:31:32.0631 0x13c4  mouclass - ok
12:31:32.0636 0x13c4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:31:32.0646 0x13c4  mouhid - ok
12:31:32.0653 0x13c4  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:31:32.0664 0x13c4  mountmgr - ok
12:31:32.0675 0x13c4  [ 0A68B3E37961CEC327EED518F6D62530, EDEB16545ECDDEA2ADFF73E4DF3E9FD87E4B7126C8CFB037ABAF883D157103DE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:31:32.0692 0x13c4  MozillaMaintenance - ok
12:31:32.0700 0x13c4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:31:32.0715 0x13c4  mpio - ok
12:31:32.0720 0x13c4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:31:32.0756 0x13c4  mpsdrv - ok
12:31:32.0783 0x13c4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:31:32.0847 0x13c4  MpsSvc - ok
12:31:32.0855 0x13c4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:31:32.0873 0x13c4  MRxDAV - ok
12:31:32.0882 0x13c4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:31:32.0898 0x13c4  mrxsmb - ok
12:31:32.0910 0x13c4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:31:32.0929 0x13c4  mrxsmb10 - ok
12:31:32.0936 0x13c4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:31:32.0949 0x13c4  mrxsmb20 - ok
12:31:32.0954 0x13c4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:31:32.0965 0x13c4  msahci - ok
12:31:32.0973 0x13c4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:31:32.0988 0x13c4  msdsm - ok
12:31:32.0996 0x13c4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:31:33.0012 0x13c4  MSDTC - ok
12:31:33.0020 0x13c4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:31:33.0057 0x13c4  Msfs - ok
12:31:33.0060 0x13c4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:31:33.0096 0x13c4  mshidkmdf - ok
12:31:33.0100 0x13c4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:31:33.0109 0x13c4  msisadrv - ok
12:31:33.0118 0x13c4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:31:33.0160 0x13c4  MSiSCSI - ok
12:31:33.0163 0x13c4  msiserver - ok
12:31:33.0167 0x13c4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:31:33.0202 0x13c4  MSKSSRV - ok
12:31:33.0205 0x13c4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:31:33.0241 0x13c4  MSPCLOCK - ok
12:31:33.0245 0x13c4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:31:33.0279 0x13c4  MSPQM - ok
12:31:33.0293 0x13c4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:31:33.0318 0x13c4  MsRPC - ok
12:31:33.0325 0x13c4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:31:33.0335 0x13c4  mssmbios - ok
12:31:33.0338 0x13c4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:31:33.0373 0x13c4  MSTEE - ok
12:31:33.0376 0x13c4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:31:33.0387 0x13c4  MTConfig - ok
12:31:33.0392 0x13c4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:31:33.0404 0x13c4  Mup - ok
12:31:33.0423 0x13c4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:31:33.0475 0x13c4  napagent - ok
12:31:33.0487 0x13c4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:31:33.0514 0x13c4  NativeWifiP - ok
12:31:33.0545 0x13c4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:31:33.0588 0x13c4  NDIS - ok
12:31:33.0595 0x13c4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:31:33.0632 0x13c4  NdisCap - ok
12:31:33.0635 0x13c4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:31:33.0673 0x13c4  NdisTapi - ok
12:31:33.0678 0x13c4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:31:33.0713 0x13c4  Ndisuio - ok
12:31:33.0722 0x13c4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:31:33.0763 0x13c4  NdisWan - ok
12:31:33.0769 0x13c4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:31:33.0804 0x13c4  NDProxy - ok
12:31:33.0808 0x13c4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:31:33.0846 0x13c4  NetBIOS - ok
12:31:33.0858 0x13c4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:31:33.0901 0x13c4  NetBT - ok
12:31:33.0905 0x13c4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\Windows\system32\lsass.exe
12:31:33.0915 0x13c4  Netlogon - ok
12:31:33.0930 0x13c4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:31:33.0981 0x13c4  Netman - ok
12:31:33.0989 0x13c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:31:34.0006 0x13c4  NetMsmqActivator - ok
12:31:34.0013 0x13c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:31:34.0027 0x13c4  NetPipeActivator - ok
12:31:34.0046 0x13c4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:31:34.0099 0x13c4  netprofm - ok
12:31:34.0106 0x13c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:31:34.0120 0x13c4  NetTcpActivator - ok
12:31:34.0127 0x13c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:31:34.0141 0x13c4  NetTcpPortSharing - ok
12:31:34.0147 0x13c4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:31:34.0158 0x13c4  nfrd960 - ok
12:31:34.0171 0x13c4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:31:34.0193 0x13c4  NlaSvc - ok
12:31:34.0198 0x13c4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:31:34.0235 0x13c4  Npfs - ok
12:31:34.0239 0x13c4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:31:34.0275 0x13c4  nsi - ok
12:31:34.0279 0x13c4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:31:34.0317 0x13c4  nsiproxy - ok
12:31:34.0371 0x13c4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:31:34.0441 0x13c4  Ntfs - ok
12:31:34.0448 0x13c4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:31:34.0482 0x13c4  Null - ok
12:31:34.0491 0x13c4  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:31:34.0504 0x13c4  NVHDA - ok
12:31:34.0782 0x13c4  [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:31:35.0078 0x13c4  nvlddmkm - ok
12:31:35.0144 0x13c4  [ EC4F787905DC5753C46A4C05CEBADF45, 334E7E277A6FDABD91108DC4FE0D861DE6C00616CCFDC5E2D390CDDED62AF5D5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:31:35.0210 0x13c4  NvNetworkService - ok
12:31:35.0221 0x13c4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:31:35.0236 0x13c4  nvraid - ok
12:31:35.0244 0x13c4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:31:35.0258 0x13c4  nvstor - ok
12:31:35.0262 0x13c4  [ D92F4ED189C8207D0274B8B6BB494892, 8F7656662D3F26BE51AED9B7368278B18915F98A627E70021F914016BF3E22DB ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:31:35.0269 0x13c4  NvStreamKms - ok
12:31:35.0272 0x13c4  NvStreamSvc - ok
12:31:35.0303 0x13c4  [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:31:35.0343 0x13c4  nvsvc - ok
12:31:35.0348 0x13c4  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:31:35.0355 0x13c4  nvvad_WaveExtensible - ok
12:31:35.0362 0x13c4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:31:35.0375 0x13c4  nv_agp - ok
12:31:35.0380 0x13c4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:31:35.0393 0x13c4  ohci1394 - ok
12:31:35.0406 0x13c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:31:35.0432 0x13c4  p2pimsvc - ok
12:31:35.0449 0x13c4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:31:35.0473 0x13c4  p2psvc - ok
12:31:35.0479 0x13c4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:31:35.0492 0x13c4  Parport - ok
12:31:35.0497 0x13c4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:31:35.0510 0x13c4  partmgr - ok
12:31:35.0519 0x13c4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:31:35.0538 0x13c4  PcaSvc - ok
12:31:35.0547 0x13c4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:31:35.0562 0x13c4  pci - ok
12:31:35.0565 0x13c4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:31:35.0574 0x13c4  pciide - ok
12:31:35.0583 0x13c4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:31:35.0599 0x13c4  pcmcia - ok
12:31:35.0603 0x13c4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:31:35.0615 0x13c4  pcw - ok
12:31:35.0639 0x13c4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:31:35.0672 0x13c4  PEAUTH - ok
12:31:35.0689 0x13c4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:31:35.0701 0x13c4  PerfHost - ok
12:31:35.0749 0x13c4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:31:35.0829 0x13c4  pla - ok
12:31:35.0846 0x13c4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:31:35.0869 0x13c4  PlugPlay - ok
12:31:35.0872 0x13c4  PnkBstrA - ok
12:31:35.0876 0x13c4  PnkBstrB - ok
12:31:35.0880 0x13c4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:31:35.0893 0x13c4  PNRPAutoReg - ok
12:31:35.0907 0x13c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:31:35.0925 0x13c4  PNRPsvc - ok
12:31:35.0944 0x13c4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:31:35.0995 0x13c4  PolicyAgent - ok
12:31:36.0006 0x13c4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:31:36.0048 0x13c4  Power - ok
12:31:36.0056 0x13c4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:31:36.0094 0x13c4  PptpMiniport - ok
12:31:36.0100 0x13c4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:31:36.0112 0x13c4  Processor - ok
12:31:36.0121 0x13c4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:31:36.0140 0x13c4  ProfSvc - ok
12:31:36.0145 0x13c4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:31:36.0157 0x13c4  ProtectedStorage - ok
12:31:36.0165 0x13c4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:31:36.0204 0x13c4  Psched - ok
12:31:36.0250 0x13c4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:31:36.0313 0x13c4  ql2300 - ok
12:31:36.0321 0x13c4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:31:36.0333 0x13c4  ql40xx - ok
12:31:36.0343 0x13c4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:31:36.0369 0x13c4  QWAVE - ok
12:31:36.0374 0x13c4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:31:36.0392 0x13c4  QWAVEdrv - ok
12:31:36.0397 0x13c4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:31:36.0432 0x13c4  RasAcd - ok
12:31:36.0437 0x13c4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:31:36.0474 0x13c4  RasAgileVpn - ok
12:31:36.0480 0x13c4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:31:36.0524 0x13c4  RasAuto - ok
12:31:36.0531 0x13c4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:31:36.0570 0x13c4  Rasl2tp - ok
12:31:36.0583 0x13c4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:31:36.0630 0x13c4  RasMan - ok
12:31:36.0636 0x13c4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:31:36.0675 0x13c4  RasPppoe - ok
12:31:36.0680 0x13c4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:31:36.0718 0x13c4  RasSstp - ok
12:31:36.0739 0x13c4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:31:36.0783 0x13c4  rdbss - ok
12:31:36.0787 0x13c4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:31:36.0801 0x13c4  rdpbus - ok
12:31:36.0805 0x13c4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:31:36.0841 0x13c4  RDPCDD - ok
12:31:36.0846 0x13c4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:31:36.0881 0x13c4  RDPENCDD - ok
12:31:36.0886 0x13c4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:31:36.0923 0x13c4  RDPREFMP - ok
12:31:36.0929 0x13c4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:31:36.0941 0x13c4  RdpVideoMiniport - ok
12:31:36.0952 0x13c4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:31:36.0970 0x13c4  RDPWD - ok
12:31:36.0981 0x13c4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:31:36.0998 0x13c4  rdyboost - ok
12:31:37.0004 0x13c4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:31:37.0043 0x13c4  RemoteAccess - ok
12:31:37.0051 0x13c4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:31:37.0095 0x13c4  RemoteRegistry - ok
12:31:37.0100 0x13c4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:31:37.0138 0x13c4  RpcEptMapper - ok
12:31:37.0142 0x13c4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:31:37.0154 0x13c4  RpcLocator - ok
12:31:37.0175 0x13c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:31:37.0222 0x13c4  RpcSs - ok
12:31:37.0228 0x13c4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:31:37.0266 0x13c4  rspndr - ok
12:31:37.0271 0x13c4  [ 0988FECD9D924F5B4855D049E68BAAD3, 788B379B01F26C7C46DF0D3E9E37F9964831AAFD0762DDD17345478A97ADE83D ] rzdaendpt       C:\Windows\system32\DRIVERS\rzdaendpt.sys
12:31:37.0279 0x13c4  rzdaendpt - ok
12:31:37.0284 0x13c4  [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk         C:\Windows\system32\drivers\rzpmgrk.sys
12:31:37.0292 0x13c4  rzpmgrk - ok
12:31:37.0298 0x13c4  [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk           C:\Windows\system32\drivers\rzpnk.sys
12:31:37.0308 0x13c4  rzpnk - ok
12:31:37.0316 0x13c4  [ C2A49525F6CEEED97A1D9FC950AAF863, DAA57C1C446861C733D3BE668EB247E40CE3871EF8FA0BB91CEB074B7357E0D8 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
12:31:37.0330 0x13c4  rzudd - ok
12:31:37.0335 0x13c4  [ 2AD977273D8B3F2169411E8AED7C8702, FCC3D579AFC9958C0CE3FB202061D36C66FC6803AFD7B99DBFC41412F9131E34 ] rzvkeyboard     C:\Windows\system32\DRIVERS\rzvkeyboard.sys
12:31:37.0344 0x13c4  rzvkeyboard - ok
12:31:37.0348 0x13c4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\Windows\system32\lsass.exe
12:31:37.0359 0x13c4  SamSs - ok
12:31:37.0365 0x13c4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:31:37.0378 0x13c4  sbp2port - ok
12:31:37.0386 0x13c4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:31:37.0428 0x13c4  SCardSvr - ok
12:31:37.0433 0x13c4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:31:37.0470 0x13c4  scfilter - ok
12:31:37.0503 0x13c4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:31:37.0579 0x13c4  Schedule - ok
12:31:37.0586 0x13c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:31:37.0622 0x13c4  SCPolicySvc - ok
12:31:37.0631 0x13c4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:31:37.0649 0x13c4  SDRSVC - ok
12:31:37.0653 0x13c4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:31:37.0688 0x13c4  secdrv - ok
12:31:37.0693 0x13c4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:31:37.0728 0x13c4  seclogon - ok
12:31:37.0734 0x13c4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
12:31:37.0772 0x13c4  SENS - ok
12:31:37.0776 0x13c4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:31:37.0788 0x13c4  SensrSvc - ok
12:31:37.0792 0x13c4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:31:37.0804 0x13c4  Serenum - ok
12:31:37.0810 0x13c4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:31:37.0822 0x13c4  Serial - ok
12:31:37.0826 0x13c4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:31:37.0837 0x13c4  sermouse - ok
12:31:37.0848 0x13c4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:31:37.0889 0x13c4  SessionEnv - ok
12:31:37.0893 0x13c4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:31:37.0907 0x13c4  sffdisk - ok
12:31:37.0911 0x13c4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:31:37.0924 0x13c4  sffp_mmc - ok
12:31:37.0927 0x13c4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:31:37.0941 0x13c4  sffp_sd - ok
12:31:37.0944 0x13c4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:31:37.0955 0x13c4  sfloppy - ok
12:31:37.0970 0x13c4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:31:38.0018 0x13c4  SharedAccess - ok
12:31:38.0032 0x13c4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:31:38.0081 0x13c4  ShellHWDetection - ok
12:31:38.0086 0x13c4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:31:38.0098 0x13c4  SiSRaid2 - ok
12:31:38.0104 0x13c4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:31:38.0116 0x13c4  SiSRaid4 - ok
12:31:38.0128 0x13c4  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:31:38.0147 0x13c4  SkypeUpdate - ok
12:31:38.0153 0x13c4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:31:38.0193 0x13c4  Smb - ok
12:31:38.0201 0x13c4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:31:38.0214 0x13c4  SNMPTRAP - ok
12:31:38.0219 0x13c4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:31:38.0228 0x13c4  spldr - ok
12:31:38.0249 0x13c4  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
12:31:38.0305 0x13c4  Spooler - ok
12:31:38.0406 0x13c4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:31:38.0557 0x13c4  sppsvc - ok
12:31:38.0565 0x13c4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:31:38.0604 0x13c4  sppuinotify - ok
12:31:38.0621 0x13c4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:31:38.0646 0x13c4  srv - ok
12:31:38.0662 0x13c4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:31:38.0688 0x13c4  srv2 - ok
12:31:38.0698 0x13c4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:31:38.0715 0x13c4  srvnet - ok
12:31:38.0722 0x13c4  [ ED161B91FDF7EAA39469D72D463D5F4E, FC793E378FB709313D0AC44F59BF5C9488D73235AA2B1A21C50C3DED91C6BE62 ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
12:31:38.0734 0x13c4  sscdbus - ok
12:31:38.0737 0x13c4  [ 4CB09E77593DBD8D7AF33B37375CA715, 7B14851A8EDAA996D28335FD4DA812C6114DD5012E1E929F4813797CDC77E5BC ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
12:31:38.0744 0x13c4  sscdmdfl - ok
12:31:38.0753 0x13c4  [ C7B4CF53497A6E5363F3439427663882, 993278ADAAC18F12FE00CCF76681461451DA335F67BB581FC7326045048EC085 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
12:31:38.0765 0x13c4  sscdmdm - ok
12:31:38.0772 0x13c4  [ 05FFA552F578E27AB2D41B6828DB477F, F3292A431D656C039F4300AA584FA13F26A69B351C2F903B3E47CEF464A6233A ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
12:31:38.0784 0x13c4  sscdserd - ok
12:31:38.0794 0x13c4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:31:38.0839 0x13c4  SSDPSRV - ok
12:31:38.0844 0x13c4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:31:38.0882 0x13c4  SstpSvc - ok
12:31:38.0913 0x13c4  [ EDA26D54F7EC580C8E6A5555FC442A63, 40C79714A0C761A7CD1869A91E35D564383990C612E8311F2ED70C941628ED21 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:31:38.0949 0x13c4  Steam Client Service - ok
12:31:38.0954 0x13c4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:31:38.0964 0x13c4  stexstor - ok
12:31:38.0988 0x13c4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:31:39.0025 0x13c4  stisvc - ok
12:31:39.0030 0x13c4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:31:39.0039 0x13c4  swenum - ok
12:31:39.0056 0x13c4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:31:39.0112 0x13c4  swprv - ok
12:31:39.0168 0x13c4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:31:39.0242 0x13c4  SysMain - ok
12:31:39.0251 0x13c4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:31:39.0271 0x13c4  TabletInputService - ok
12:31:39.0283 0x13c4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:31:39.0329 0x13c4  TapiSrv - ok
12:31:39.0334 0x13c4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:31:39.0374 0x13c4  TBS - ok
12:31:39.0432 0x13c4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:31:39.0504 0x13c4  Tcpip - ok
12:31:39.0562 0x13c4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:31:39.0624 0x13c4  TCPIP6 - ok
12:31:39.0632 0x13c4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:31:39.0643 0x13c4  tcpipreg - ok
12:31:39.0648 0x13c4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:31:39.0659 0x13c4  TDPIPE - ok
12:31:39.0663 0x13c4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:31:39.0674 0x13c4  TDTCP - ok
12:31:39.0681 0x13c4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:31:39.0720 0x13c4  tdx - ok
12:31:39.0725 0x13c4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:31:39.0735 0x13c4  TermDD - ok
12:31:39.0759 0x13c4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:31:39.0799 0x13c4  TermService - ok
12:31:39.0805 0x13c4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:31:39.0822 0x13c4  Themes - ok
12:31:39.0827 0x13c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:31:39.0862 0x13c4  THREADORDER - ok
12:31:39.0868 0x13c4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:31:39.0910 0x13c4  TrkWks - ok
12:31:39.0918 0x13c4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:31:39.0958 0x13c4  TrustedInstaller - ok
12:31:39.0964 0x13c4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:31:39.0976 0x13c4  tssecsrv - ok
12:31:39.0981 0x13c4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:31:39.0993 0x13c4  TsUsbFlt - ok
12:31:40.0000 0x13c4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:31:40.0037 0x13c4  tunnel - ok
12:31:40.0042 0x13c4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:31:40.0055 0x13c4  uagp35 - ok
12:31:40.0069 0x13c4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:31:40.0116 0x13c4  udfs - ok
12:31:40.0124 0x13c4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:31:40.0138 0x13c4  UI0Detect - ok
12:31:40.0144 0x13c4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:31:40.0156 0x13c4  uliagpkx - ok
12:31:40.0160 0x13c4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
12:31:40.0172 0x13c4  umbus - ok
12:31:40.0175 0x13c4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:31:40.0185 0x13c4  UmPass - ok
12:31:40.0200 0x13c4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:31:40.0249 0x13c4  upnphost - ok
12:31:40.0255 0x13c4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:31:40.0268 0x13c4  usbaudio - ok
12:31:40.0273 0x13c4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:31:40.0286 0x13c4  usbccgp - ok
12:31:40.0292 0x13c4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:31:40.0305 0x13c4  usbcir - ok
12:31:40.0311 0x13c4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:31:40.0323 0x13c4  usbehci - ok
12:31:40.0338 0x13c4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:31:40.0359 0x13c4  usbhub - ok
12:31:40.0363 0x13c4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:31:40.0373 0x13c4  usbohci - ok
12:31:40.0378 0x13c4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:31:40.0392 0x13c4  usbprint - ok
12:31:40.0398 0x13c4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
12:31:40.0411 0x13c4  USBSTOR - ok
12:31:40.0415 0x13c4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:31:40.0427 0x13c4  usbuhci - ok
12:31:40.0431 0x13c4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:31:40.0469 0x13c4  UxSms - ok
12:31:40.0472 0x13c4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\Windows\system32\lsass.exe
12:31:40.0482 0x13c4  VaultSvc - ok
12:31:40.0486 0x13c4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:31:40.0495 0x13c4  vdrvroot - ok
12:31:40.0515 0x13c4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:31:40.0569 0x13c4  vds - ok
12:31:40.0573 0x13c4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:31:40.0587 0x13c4  vga - ok
12:31:40.0591 0x13c4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:31:40.0626 0x13c4  VgaSave - ok
12:31:40.0635 0x13c4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:31:40.0651 0x13c4  vhdmp - ok
12:31:40.0656 0x13c4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:31:40.0666 0x13c4  viaide - ok
12:31:40.0672 0x13c4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:31:40.0684 0x13c4  volmgr - ok
12:31:40.0699 0x13c4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:31:40.0720 0x13c4  volmgrx - ok
12:31:40.0731 0x13c4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:31:40.0750 0x13c4  volsnap - ok
12:31:40.0760 0x13c4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:31:40.0776 0x13c4  vsmraid - ok
12:31:40.0823 0x13c4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:31:40.0911 0x13c4  VSS - ok
12:31:40.0916 0x13c4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:31:40.0930 0x13c4  vwifibus - ok
12:31:40.0944 0x13c4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:31:40.0992 0x13c4  W32Time - ok
12:31:40.0998 0x13c4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:31:41.0008 0x13c4  WacomPen - ok
12:31:41.0015 0x13c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:31:41.0054 0x13c4  WANARP - ok
12:31:41.0059 0x13c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:31:41.0093 0x13c4  Wanarpv6 - ok
12:31:41.0137 0x13c4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:31:41.0188 0x13c4  WatAdminSvc - ok
12:31:41.0240 0x13c4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:31:41.0301 0x13c4  wbengine - ok
12:31:41.0313 0x13c4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:31:41.0336 0x13c4  WbioSrvc - ok
12:31:41.0349 0x13c4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:31:41.0377 0x13c4  wcncsvc - ok
12:31:41.0381 0x13c4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:31:41.0394 0x13c4  WcsPlugInService - ok
12:31:41.0399 0x13c4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:31:41.0410 0x13c4  Wd - ok
12:31:41.0436 0x13c4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:31:41.0474 0x13c4  Wdf01000 - ok
12:31:41.0481 0x13c4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:31:41.0520 0x13c4  WdiServiceHost - ok
12:31:41.0526 0x13c4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:31:41.0543 0x13c4  WdiSystemHost - ok
12:31:41.0554 0x13c4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:31:41.0573 0x13c4  WebClient - ok
12:31:41.0584 0x13c4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:31:41.0630 0x13c4  Wecsvc - ok
12:31:41.0636 0x13c4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:31:41.0673 0x13c4  wercplsupport - ok
12:31:41.0678 0x13c4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:31:41.0719 0x13c4  WerSvc - ok
12:31:41.0722 0x13c4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:31:41.0757 0x13c4  WfpLwf - ok
12:31:41.0761 0x13c4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:31:41.0770 0x13c4  WIMMount - ok
12:31:41.0773 0x13c4  WinDefend - ok
12:31:41.0780 0x13c4  WinHttpAutoProxySvc - ok
12:31:41.0795 0x13c4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:31:41.0839 0x13c4  Winmgmt - ok
12:31:41.0902 0x13c4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:31:42.0002 0x13c4  WinRM - ok
12:31:42.0036 0x13c4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:31:42.0087 0x13c4  Wlansvc - ok
12:31:42.0092 0x13c4  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
12:31:42.0098 0x13c4  WmBEnum - ok
12:31:42.0103 0x13c4  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
12:31:42.0110 0x13c4  WmFilter - ok
12:31:42.0115 0x13c4  [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo         C:\Windows\system32\drivers\WmHidLo.sys
12:31:42.0123 0x13c4  WmHidLo - ok
12:31:42.0127 0x13c4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:31:42.0137 0x13c4  WmiAcpi - ok
12:31:42.0148 0x13c4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:31:42.0169 0x13c4  wmiApSrv - ok
12:31:42.0172 0x13c4  WMPNetworkSvc - ok
12:31:42.0177 0x13c4  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
12:31:42.0184 0x13c4  WmVirHid - ok
12:31:42.0188 0x13c4  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
12:31:42.0196 0x13c4  WmXlCore - ok
12:31:42.0199 0x13c4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:31:42.0210 0x13c4  WPCSvc - ok
12:31:42.0216 0x13c4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:31:42.0232 0x13c4  WPDBusEnum - ok
12:31:42.0236 0x13c4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:31:42.0274 0x13c4  ws2ifsl - ok
12:31:42.0280 0x13c4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
12:31:42.0297 0x13c4  wscsvc - ok
12:31:42.0300 0x13c4  WSearch - ok
12:31:42.0376 0x13c4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:31:42.0470 0x13c4  wuauserv - ok
12:31:42.0479 0x13c4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:31:42.0492 0x13c4  WudfPf - ok
12:31:42.0497 0x13c4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:31:42.0510 0x13c4  wudfsvc - ok
12:31:42.0520 0x13c4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:31:42.0540 0x13c4  WwanSvc - ok
12:31:42.0566 0x13c4  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
12:31:42.0603 0x13c4  xnacc - ok
12:31:42.0610 0x13c4  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
12:31:42.0620 0x13c4  xusb21 - ok
12:31:42.0624 0x13c4  ================ Scan global ===============================
12:31:42.0628 0x13c4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:31:42.0640 0x13c4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:31:42.0657 0x13c4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:31:42.0666 0x13c4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:31:42.0680 0x13c4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:31:42.0690 0x13c4  [ Global ] - ok
12:31:42.0690 0x13c4  ================ Scan MBR ==================================
12:31:42.0692 0x13c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:31:42.0752 0x13c4  \Device\Harddisk0\DR0 - ok
12:31:42.0780 0x13c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:31:42.0842 0x13c4  \Device\Harddisk1\DR1 - ok
12:31:42.0842 0x13c4  ================ Scan VBR ==================================
12:31:42.0845 0x13c4  [ AC3014858A992246124C65E8BE7F1795 ] \Device\Harddisk0\DR0\Partition1
12:31:42.0847 0x13c4  \Device\Harddisk0\DR0\Partition1 - ok
12:31:42.0849 0x13c4  [ 8C98F1D1B1C3120FB50444CC7C51D9B1 ] \Device\Harddisk0\DR0\Partition2
12:31:42.0850 0x13c4  \Device\Harddisk0\DR0\Partition2 - ok
12:31:42.0852 0x13c4  [ 9AA59308A19BBA6D52C56752E9550DCB ] \Device\Harddisk1\DR1\Partition1
12:31:42.0884 0x13c4  \Device\Harddisk1\DR1\Partition1 - ok
12:31:42.0884 0x13c4  ================ Scan generic autorun ======================
12:31:42.0958 0x13c4  [ 1F441326CD77B3F1532D487004B180FF, FD2FE6EECE1EF99F800DAF7B0C825C94FACE4C6D5806A2335B4D3C41F1E87F7F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:31:43.0052 0x13c4  NvBackend - ok
12:31:43.0058 0x13c4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:31:43.0070 0x13c4  ShadowPlay - ok
12:31:43.0442 0x13c4  [ 19ECAAEA3CC248489FE987C10B688C0D, 967CB23A8176B3181EE2A55DFBB04A69988AB22105D4C450C5B5E729B91FAD5A ] C:\Program Files\Logitech Gaming Software\LCore.exe
12:31:43.0867 0x13c4  Launch LCore - ok
12:31:43.0887 0x13c4  [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
12:31:43.0899 0x13c4  Start WingMan Profiler - ok
12:31:43.0933 0x13c4  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Craig\AppData\Local\FluxSoftware\Flux\flux.exe
12:31:43.0969 0x13c4  f.lux - ok
12:31:44.0052 0x13c4  [ 32E6162E6DD6D25EEA08F926151F22F6, 0160C1738C79DAC3D7C3C72B5B00D08570B3D6051E171C9978EA8D55A528CE5E ] C:\Program Files (x86)\Steam\steam.exe
12:31:44.0136 0x13c4  Steam - ok
12:31:44.0239 0x13c4  [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
12:31:44.0365 0x13c4  DAEMON Tools Lite - ok
12:31:44.0369 0x13c4  Waiting for KSN requests completion. In queue: 244
12:31:45.0369 0x13c4  Waiting for KSN requests completion. In queue: 244
12:31:46.0369 0x13c4  Waiting for KSN requests completion. In queue: 244
12:31:47.0383 0x13c4  Win FW state via NFP2: enabled
12:31:49.0947 0x13c4  ============================================================
12:31:49.0947 0x13c4  Scan finished
12:31:49.0947 0x13c4  ============================================================
12:31:49.0953 0x135c  Detected object count: 0
12:31:49.0953 0x135c  Actual detected object count: 0
12:32:16.0180 0x1014  Deinitialize success

AdwCleaner Log

 

# AdwCleaner v4.113 - Logfile created 27/03/2015 at 12:36:46
# Updated 22/03/2015 by Xplode
# Database : 2015-03-27.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Craig - CRAIG-PC
# Running from : C:\Users\Craig\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Found : C:\ProgramData\ytd video downloader

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v36.0.4 (x86 en-US)


-\\ Chromium v

*************************

AdwCleaner[R0].txt - [1825 bytes] - [07/02/2015 15:04:31]
AdwCleaner[R1].txt - [1884 bytes] - [07/02/2015 15:51:55]
AdwCleaner[R2].txt - [956 bytes] - [11/03/2015 20:28:58]
AdwCleaner[R3].txt - [1261 bytes] - [27/03/2015 12:32:34]
AdwCleaner[R4].txt - [1123 bytes] - [27/03/2015 12:36:46]
AdwCleaner[S0].txt - [1859 bytes] - [07/02/2015 15:53:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1241 bytes] ##########

JRT Log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 7 Home Premium x64
Ran by Craig on Fri 03/27/2015 at 12:41:42.65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Program Files (x86)\ytd"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"



~~~ FireFox

Successfully deleted: [File] C:\Users\Craig\AppData\Roaming\mozilla\firefox\profiles\as12kwpu.default\searchplugins\youtube-video-search.xml
Emptied folder: C:\Users\Craig\AppData\Roaming\mozilla\firefox\profiles\as12kwpu.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/27/2015 at 12:44:45.55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ESET Online Scanner Log

 

C:\ProgramData\Origin\update.vbe    VBS/Kryptik.DC trojan   
 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:54 AM

Posted 29 March 2015 - 09:10 PM

Remove what ADWcleaner found.
Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
>>>>
Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 SoriduSnakku

SoriduSnakku
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:54 PM

Posted 30 March 2015 - 07:02 PM

# AdwCleaner v4.200 - Logfile created 30/03/2015 at 16:47:21
# Updated 29/03/2015 by Xplode
# Database : 2015-03-29.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Craig - CRAIG-PC
# Running from : C:\Users\Craig\Downloads\adwcleaner_4.200.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v36.0.4 (x86 en-US)


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [1825 bytes] - [07/02/2015 15:04:31]
AdwCleaner[R1].txt - [1884 bytes] - [07/02/2015 15:51:55]
AdwCleaner[R2].txt - [956 bytes] - [11/03/2015 20:28:58]
AdwCleaner[R3].txt - [1261 bytes] - [27/03/2015 12:32:34]
AdwCleaner[R4].txt - [1320 bytes] - [27/03/2015 12:36:46]
AdwCleaner[R5].txt - [1245 bytes] - [30/03/2015 16:38:33]
AdwCleaner[R6].txt - [1304 bytes] - [30/03/2015 16:47:01]
AdwCleaner[S0].txt - [1859 bytes] - [07/02/2015 15:53:25]
AdwCleaner[S1].txt - [1231 bytes] - [30/03/2015 16:47:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1290  bytes] ##########
 

 

There's the AdwCleaner log.

 

As for the state of the computer, both problems including the svchost.exe 99% usage, and the videocard at maximum heat are still occuring.


Edited by SoriduSnakku, 30 March 2015 - 07:15 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:54 AM

Posted 31 March 2015 - 01:59 PM

OK,looks like there is a protected rootkit in here. We should get a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users