Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

some kind of junkware is mangling my computer


  • This topic is locked This topic is locked
11 replies to this topic

#1 Charlie123

Charlie123

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:12:58 PM

Posted 15 May 2015 - 04:12 AM

I downloaded some software and I think it came bundled with something special. I couldn't start MBAM without the Chameleon, but then it didn't find anything. I guess I need to root out whatever is on my PC. What should I use?


Edited by hamluis, 15 May 2015 - 06:22 AM.
Moved from Win 8 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 PM

Posted 15 May 2015 - 02:39 PM

Hi Charlie, let's see how it is after these.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Charlie123

Charlie123
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:12:58 PM

Posted 03 June 2015 - 05:15 PM

When I tried to run Eset it says "Cannot get update. Is Proxy configured?".

 

Here are the reports from Minitoobox, TDS Killer, Adware Clearner and Junkware Removal tool.  Much obliged.

 

MiniToolBox by Farbar  Version: 11-05-2015 01

Ran by JamesTrevor (administrator) on 04-06-2015 at 04:48:55

Running from "C:\Users\JamesTrevor\Desktop\Computer fix"

Microsoft Windows 8  (X64)

Model: Aspire V5-571PG Manufacturer: Acer

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

 

 

========================= IP Configuration: ================================

 

Qualcomm Atheros AR5BWB222 Wireless Network Adapter = Wi-Fi (Connected)

Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)

Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

TAP-Windows Adapter V9 = Local Area Connection (Media disconnected)

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

reset

set global icmpredirects=enabled

set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled

ignoredefaultroutes=disabled

set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled

 

ignoredefaultroutes=disabled

set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled

ignoredefaultroutes=disabled

set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

 

popd

# End of IPv4 configuration

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : Trevor

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Mixed

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

 

PPP adapter PureVPN:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : PureVPN

   Physical Address. . . . . . . . . :

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv4 Address. . . . . . . . . . . : 155.94.195.73(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.255

   Default Gateway . . . . . . . . . : 0.0.0.0

   DNS Servers . . . . . . . . . . . : 208.67.222.222

                                       8.8.8.8

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Local Area Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : TAP-Windows Adapter V9

   Physical Address. . . . . . . . . : 00-FF-9C-1F-75-CF

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter

   Physical Address. . . . . . . . . : 12-16-D8-69-E4-0F

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Ethernet adapter Bluetooth Network Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)

   Physical Address. . . . . . . . . : 20-16-D8-6A-1B-D7

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

   Physical Address. . . . . . . . . : 20-6A-8A-EE-F7-74

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wi-Fi:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Qualcomm Atheros AR5BWB222 Wireless Network Adapter

   Physical Address. . . . . . . . . : 20-16-D8-69-E4-0F

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   IPv4 Address. . . . . . . . . . . : 183.173.28.229(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.240.0

   Lease Obtained. . . . . . . . . . : Wednesday, June 3, 2015 3:01:10 AM

   Lease Expires . . . . . . . . . . : Thursday, June 4, 2015 4:54:53 AM

   Default Gateway . . . . . . . . . : 183.173.16.1

   DHCP Server . . . . . . . . . . . : 1.1.1.1

   DNS Servers . . . . . . . . . . . : 8.8.8.8

                                       208.67.222.222

   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{A92AAFAE-0DBB-4D2C-8FD2-2A804598F115}:

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{22802237-47EE-473A-BB2D-00ECD604302F}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2002:9b5e:c349::9b5e:c349(Preferred)

   IPv6 Address. . . . . . . . . . . : 2002:b7ad:1ce5::b7ad:1ce5(Preferred)

   Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301

   DNS Servers . . . . . . . . . . . : 8.8.8.8

                                       208.67.222.222

   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

DNS request timed out.

    timeout was 2 seconds.

Server:  UnKnown

Address:  208.67.222.222

 

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

Pinging google.com [216.58.217.206] with 32 bytes of data:

Reply from 216.58.217.206: bytes=32 time=171ms TTL=58

Reply from 216.58.217.206: bytes=32 time=187ms TTL=58

Ping statistics for 216.58.217.206:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 171ms, Maximum = 187ms, Average = 179ms

Server:  resolver1.opendns.com

Address:  208.67.222.222

 

Name:    yahoo.com

Addresses:  98.139.183.24

98.138.253.109

206.190.36.45

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=288ms TTL=53

Reply from 98.139.183.24: bytes=32 time=238ms TTL=53

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 238ms, Maximum = 288ms, Average = 263ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

45...........................PureVPN

22...00 ff 9c 1f 75 cf ......TAP-Windows Adapter V9

16...12 16 d8 69 e4 0f ......Microsoft Wi-Fi Direct Virtual Adapter

14...20 16 d8 6a 1b d7 ......Bluetooth Device (Personal Area Network)

12...20 6a 8a ee f7 74 ......Realtek PCIe GBE Family Controller

11...20 16 d8 69 e4 0f ......Qualcomm Atheros AR5BWB222 Wireless Network Adapter

  1...........................Software Loopback Interface 1

26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7

21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5

24...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2

25...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0     183.173.16.1   183.173.28.229   4250

          0.0.0.0          0.0.0.0         On-link     155.94.195.73     21

        127.0.0.0        255.0.0.0         On-link         127.0.0.1   4531

        127.0.0.1  255.255.255.255         On-link         127.0.0.1   4531

  127.255.255.255  255.255.255.255         On-link         127.0.0.1   4531

     155.94.195.3  255.255.255.255     183.173.16.1   183.173.28.229   4251

    155.94.195.73  255.255.255.255         On-link     155.94.195.73    276

     183.173.16.0    255.255.240.0         On-link    183.173.28.229   4506

   183.173.28.229  255.255.255.255         On-link    183.173.28.229   4506

   183.173.31.255  255.255.255.255         On-link    183.173.28.229   4506

        224.0.0.0        240.0.0.0         On-link         127.0.0.1   4531

        224.0.0.0        240.0.0.0         On-link    183.173.28.229   4506

        224.0.0.0        240.0.0.0         On-link     155.94.195.73     21

  255.255.255.255  255.255.255.255         On-link         127.0.0.1   4531

  255.255.255.255  255.255.255.255         On-link    183.173.28.229   4506

  255.255.255.255  255.255.255.255         On-link     155.94.195.73    276

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination      Gateway

24   1572 ::/0                     2002:c058:6301::c058:6301

  1    306 ::1/128                  On-link

24   1025 2002::/16                On-link

24    281 2002:9b5e:c349::9b5e:c349/128

                                    On-link

24    281 2002:b7ad:1ce5::b7ad:1ce5/128

                                    On-link

  1    306 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)

Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)

Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)

x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)

x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (06/04/2015 04:38:41 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\Windows

\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2"

on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (06/04/2015 04:38:41 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\Windows

 

\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2"

 

on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

 

Error: (06/04/2015 04:38:12 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\Windows

\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2"

on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (06/04/2015 04:33:34 AM) (Source: Application Error) (User: )

Description: Faulting application name: svchost.exe, version: 6.2.9200.16420, time stamp: 0x505a9a4e

Faulting module name: ntdll.dll, version: 6.2.9200.16420, time stamp: 0x505ab405

Exception code: 0xc000000d

Fault offset: 0x00000000000f49e8

Faulting process id: 0x788

Faulting application start time: 0xsvchost.exe0

Faulting application path: svchost.exe1

Faulting module path: svchost.exe2

Report Id: svchost.exe3

Faulting package full name: svchost.exe4

Faulting package-relative application ID: svchost.exe5

 

Error: (06/04/2015 04:32:09 AM) (Source: Application Hang) (User: )

Description: The program chrome.exe version 43.0.2357.81 stopped interacting with Windows and was closed. To see if more

information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 27d0

Start Time: 01d09d6a009406d6

Termination Time: 35685

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 83aefd78-0a2f-11e5-bf2a-2016d86a1bd7

Faulting package full name:

Faulting package-relative application ID:

Error: (06/03/2015 10:00:34 PM) (Source: Microsoft-Windows-EapHost) (User: TREVOR)

Description: Skipping: Eap method DLL path validation failed. Error: typeId=254, authorId=311, vendorId=14122,

 

vendorType=1

 

Error: (06/03/2015 10:00:34 PM) (Source: Microsoft-Windows-EapHost) (User: TREVOR)

Description: Skipping: Eap method DLL path validation failed. Error: typeId=254, authorId=311, vendorId=14122,

vendorType=1

Error: (06/03/2015 05:47:09 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\Windows

 

\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2"

 

on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

 

Error: (06/03/2015 05:47:07 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\Windows

\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2"

on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (06/03/2015 05:47:03 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\Windows

 

\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2"

 

on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

 

System errors:

=============

Error: (06/03/2015 09:12:01 PM) (Source: DCOM) (User: TREVOR)

Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}

 

Error: (06/03/2015 01:48:47 AM) (Source: Service Control Manager) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275

 

Error: (06/03/2015 01:48:47 AM) (Source: Application Popup) (User: )

Description: \??\C:\Users\JAMEST~1\AppData\Local\Temp\ehdrv.sys

Error: (06/03/2015 01:48:46 AM) (Source: Service Control Manager) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275

Error: (06/03/2015 01:48:46 AM) (Source: Application Popup) (User: )

Description: \??\C:\Users\JAMEST~1\AppData\Local\Temp\ehdrv.sys

 

Error: (06/03/2015 01:48:45 AM) (Source: Service Control Manager) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275

 

Error: (06/03/2015 01:48:45 AM) (Source: Application Popup) (User: )

Description: \??\C:\Users\JAMEST~1\AppData\Local\Temp\ehdrv.sys

Error: (06/03/2015 01:34:48 AM) (Source: Service Control Manager) (User: )

Description: The ScRegSetValueExW call failed for Description with the following error:

%%5

Error: (06/03/2015 01:34:48 AM) (Source: Service Control Manager) (User: )

Description: The ScRegSetValueExW call failed for Start with the following error:

%%5

Error: (06/03/2015 01:34:48 AM) (Source: Service Control Manager) (User: )

Description: The ScRegSetValueExW call failed for Description with the following error:

%%5

 

Microsoft Office Sessions:

=========================

Error: (06/04/2015 04:38:41 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests

\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\JamesTrevor

\Desktop\Computer fix\esetsmartinstaller_enu.exe

Error: (06/04/2015 04:38:41 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests

 

\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\JamesTrevor

 

\Desktop\Computer fix\esetsmartinstaller_enu.exe

 

Error: (06/04/2015 04:38:12 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests

\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\JamesTrevor

\Downloads\esetsmartinstaller_enu.exe

Error: (06/04/2015 04:33:34 AM) (Source: Application Error)(User: )

Description:

 

svchost.exe6.2.9200.16420505a9a4entdll.dll6.2.9200.16420505ab405c000000d00000000000f49e878801d09e3c43b3eefeC:\Windows

 

\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllcde74bab-0a2f-11e5-bf2a-2016d86a1bd7

 

Error: (06/04/2015 04:32:09 AM) (Source: Application Hang)(User: )

Description: chrome.exe43.0.2357.8127d001d09d6a009406d635685C:\Program Files (x86)\Google\Chrome\Application

\chrome.exe83aefd78-0a2f-11e5-bf2a-2016d86a1bd7

Error: (06/03/2015 10:00:34 PM) (Source: Microsoft-Windows-EapHost)(User: TREVOR)

Description: Eap method DLL path254311141221

 

Error: (06/03/2015 10:00:34 PM) (Source: Microsoft-Windows-EapHost)(User: TREVOR)

Description: Eap method DLL path254311141221

Error: (06/03/2015 05:47:09 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests

 

\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\JamesTrevor

 

\Desktop\Computer fix\esetsmartinstaller_enu.exe

 

Error: (06/03/2015 05:47:07 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests

\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\JamesTrevor

\Desktop\Computer fix\esetsmartinstaller_enu.exe

Error: (06/03/2015 05:47:03 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

 

controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests

 

\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\JamesTrevor

 

\Desktop\Computer fix\esetsmartinstaller_enu.exe

 

========================= Memory info: ===================================

Percentage of memory in use: 50%

Total physical RAM: 7987.59 MB

Available physical RAM: 3987.66 MB

Total Pagefile: 16179.59 MB

Available Pagefile: 11914.52 MB

Total Virtual: 4095.88 MB

Available Virtual: 3976.5 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:916.05 GB) (Free:44.25 GB) NTFS

========================= Users: ========================================

User accounts for \\TREVOR

Administrator            Guest                    JamesTrevor             

UpdatusUser             

 

**** End of log ****

 

________________________________________________________________

 

 

 

 

 

 

04:56:14.0387 0x3ef8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04

04:56:14.0403 0x3ef8  UEFI system

04:56:17.0742 0x3ef8  ============================================================

04:56:17.0742 0x3ef8  Current date / time: 2015/06/04 04:56:17.0742

04:56:17.0742 0x3ef8  SystemInfo:

04:56:17.0742 0x3ef8 

04:56:17.0742 0x3ef8  OS Version: 6.2.9200 ServicePack: 0.0

04:56:17.0742 0x3ef8  Product type: Workstation

04:56:17.0742 0x3ef8  ComputerName: TREVOR

04:56:17.0742 0x3ef8  UserName: JamesTrevor

04:56:17.0742 0x3ef8  Windows directory: C:\Windows

04:56:17.0742 0x3ef8  System windows directory: C:\Windows

04:56:17.0742 0x3ef8  Running under WOW64

04:56:17.0742 0x3ef8  Processor architecture: Intel x64

04:56:17.0742 0x3ef8  Number of processors: 4

04:56:17.0742 0x3ef8  Page size: 0x1000

04:56:17.0742 0x3ef8  Boot type: Normal boot

04:56:17.0742 0x3ef8  ============================================================

04:56:18.0886 0x3ef8  KLMD registered as C:\Windows\system32\drivers\58782748.sys

04:56:19.0168 0x3ef8  System UUID: {078C08E5-187F-C004-E0F1-1DFABD644B7A}

04:56:19.0564 0x3ef8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders:

 

0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

04:56:19.0569 0x3ef8  ============================================================

04:56:19.0569 0x3ef8  \Device\Harddisk0\DR0:

04:56:19.0582 0x3ef8  GPT partitions:

04:56:19.0582 0x3ef8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID:

 

{C07D11E1-4D75-4924-8629-91F507886A4B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000

04:56:19.0582 0x3ef8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID:

{5DAB6398-5D37-4D61-8843-7698A8D35A03}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000

04:56:19.0582 0x3ef8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID:

 

{DCB85EC6-AA4D-4219-BC99-10CFE7C25D50}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000

04:56:19.0582 0x3ef8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID:

{01DCBFC5-E94B-44AF-93B2-7C74D19754DF}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x7281B800

04:56:19.0582 0x3ef8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID:

 

{B1488AE5-FB29-4EFB-810B-D93D899B22EE}, Name: Basic data partition, StartLBA 0x729BA000, BlocksNum 0x1D4C800

04:56:19.0583 0x3ef8  MBR partitions:

04:56:19.0583 0x3ef8  ============================================================

04:56:19.0750 0x3ef8  C: <-> \Device\Harddisk0\DR0\Partition4

04:56:19.0750 0x3ef8  ============================================================

04:56:19.0750 0x3ef8  Initialize success

04:56:19.0750 0x3ef8  ============================================================

04:56:21.0441 0x2d3c  ============================================================

04:56:21.0441 0x2d3c  Scan started

04:56:21.0441 0x2d3c  Mode: Manual;

04:56:21.0441 0x2d3c  ============================================================

04:56:21.0441 0x2d3c  KSN ping started

04:56:24.0320 0x2d3c  KSN ping finished: true

04:56:25.0450 0x2d3c  ================ Scan system memory ========================

04:56:25.0450 0x2d3c  System memory - ok

04:56:25.0450 0x2d3c  ================ Scan services =============================

04:56:25.0575 0x2d3c  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B

 

] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

04:56:25.0575 0x2d3c  !SASCORE - ok

04:56:25.0779 0x2d3c  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902

 

] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys

04:56:25.0779 0x2d3c  1394ohci - ok

04:56:25.0810 0x2d3c  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6

 

] 3ware           C:\Windows\system32\drivers\3ware.sys

04:56:25.0810 0x2d3c  3ware - ok

04:56:25.0888 0x2d3c  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD

 

] ACPI            C:\Windows\system32\drivers\ACPI.sys

04:56:25.0904 0x2d3c  ACPI - ok

04:56:25.0982 0x2d3c  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B

 

] acpiex          C:\Windows\system32\Drivers\acpiex.sys

04:56:25.0982 0x2d3c  acpiex - ok

04:56:26.0013 0x2d3c  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442

 

] acpipagr        C:\Windows\System32\drivers\acpipagr.sys

04:56:26.0013 0x2d3c  acpipagr - ok

04:56:26.0013 0x2d3c  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439

 

] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys

04:56:26.0013 0x2d3c  AcpiPmi - ok

04:56:26.0029 0x2d3c  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21

 

] acpitime        C:\Windows\System32\drivers\acpitime.sys

04:56:26.0029 0x2d3c  acpitime - ok

04:56:26.0247 0x2d3c  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520

 

] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

04:56:26.0247 0x2d3c  AdobeARMservice - ok

04:56:26.0279 0x2d3c  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB

 

] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

04:56:26.0294 0x2d3c  adp94xx - ok

04:56:26.0310 0x2d3c  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E

 

] adpahci         C:\Windows\system32\drivers\adpahci.sys

04:56:26.0325 0x2d3c  adpahci - ok

04:56:26.0341 0x2d3c  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6

 

] adpu320         C:\Windows\system32\drivers\adpu320.sys

04:56:26.0357 0x2d3c  adpu320 - ok

04:56:26.0388 0x2d3c  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F

 

] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

04:56:26.0404 0x2d3c  AeLookupSvc - ok

04:56:26.0435 0x2d3c  [ 9E975BDC89C83900B2C534C4E1B018F8, 5413577284FDD7840915CC29C3DD78E514F0E6227384636695CF8B46FAA541DC

 

] AFD             C:\Windows\system32\drivers\afd.sys

04:56:26.0450 0x2d3c  AFD - ok

04:56:26.0466 0x2d3c  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84

 

] agp440          C:\Windows\system32\drivers\agp440.sys

04:56:26.0466 0x2d3c  agp440 - ok

04:56:26.0580 0x2d3c  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB

 

] ALG             C:\Windows\System32\alg.exe

04:56:26.0580 0x2d3c  ALG - ok

04:56:26.0658 0x2d3c  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070

 

] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll

04:56:26.0658 0x2d3c  AllUserInstallAgent - ok

04:56:26.0705 0x2d3c  [ FB88D16B55F788EEB7590584FE2D8F1A, 96DDFF3D0139FC268E43C5CB2F1455BC1EAD99883453933B4B639166AAB0ED38

 

] AmdK8           C:\Windows\System32\drivers\amdk8.sys

04:56:26.0705 0x2d3c  AmdK8 - ok

04:56:26.0751 0x2d3c  [ 81402FF3373CE4DF77D5C874E369A985, 83F2091A6D97314CD3216176365ABD1D0FB74686BA457022712DE8F355AD1D90

 

] AmdPPM          C:\Windows\System32\drivers\amdppm.sys

04:56:26.0751 0x2d3c  AmdPPM - ok

04:56:26.0767 0x2d3c  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C

 

] amdsata         C:\Windows\system32\drivers\amdsata.sys

04:56:26.0767 0x2d3c  amdsata - ok

04:56:26.0783 0x2d3c  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6

 

] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

04:56:26.0783 0x2d3c  amdsbs - ok

04:56:26.0876 0x2d3c  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49

 

] amdxata         C:\Windows\system32\drivers\amdxata.sys

04:56:26.0876 0x2d3c  amdxata - ok

04:56:26.0955 0x2d3c  [ 3CF7A4350C9646D92F147D620EC0D363, 0C09A5B3656BCC98151BF3F1F6B827DD5189D89AFFE0730187E5FDB2D84EC4B4

 

] androidusb      C:\Windows\System32\Drivers\ssadadb.sys

04:56:26.0955 0x2d3c  androidusb - ok

04:56:27.0001 0x2d3c  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F

 

] AppID           C:\Windows\system32\drivers\appid.sys

04:56:27.0001 0x2d3c  AppID - ok

04:56:27.0156 0x2d3c  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F

 

] AppIDSvc        C:\Windows\System32\appidsvc.dll

04:56:27.0156 0x2d3c  AppIDSvc - ok

04:56:27.0172 0x2d3c  [ D64C4AFEE8277F35EF729A2B924666B0, 543AA2B2CD09820437646CFE01AFDBA6B764AA588E663759DEB93CB4F25E09D7

 

] Appinfo         C:\Windows\System32\appinfo.dll

04:56:27.0172 0x2d3c  Appinfo - ok

04:56:27.0265 0x2d3c  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173

 

] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

04:56:27.0265 0x2d3c  Apple Mobile Device Service - ok

04:56:27.0328 0x2d3c  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323

 

] arc             C:\Windows\system32\drivers\arc.sys

04:56:27.0328 0x2d3c  arc - ok

04:56:27.0344 0x2d3c  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6

 

] arcsas          C:\Windows\system32\drivers\arcsas.sys

04:56:27.0344 0x2d3c  arcsas - ok

04:56:27.0359 0x2d3c  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474

 

] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

04:56:27.0359 0x2d3c  AsyncMac - ok

04:56:27.0375 0x2d3c  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24

 

] atapi           C:\Windows\system32\drivers\atapi.sys

04:56:27.0375 0x2d3c  atapi - ok

04:56:27.0422 0x2d3c  [ 51C6777AD7649F6C3ED389151CFD9DE6, B010089D83A9D96DC5D1C525B8EA913CF2F80FA0254684A16DD29CCA9BE84620

 

] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys

04:56:27.0422 0x2d3c  AthBTPort - ok

04:56:27.0453 0x2d3c  [ 67EC05E67E1416A51C478A5DAA59302E, 1957D9978603088481089075DC2D4AE88B9152B9517EA2768429B9955D8D448E

 

] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

04:56:27.0453 0x2d3c  AtherosSvc - ok

04:56:27.0562 0x2d3c  [ 221F28472FB210E2D4A7B4488BC798F9, 1AB0224EBA40E3CA1347AAB571FE40D744F1F67851C660F9F25C5FEA1EF155C1

 

] athr            C:\Windows\system32\DRIVERS\athw8x.sys

04:56:27.0609 0x2d3c  athr - ok

04:56:27.0656 0x2d3c  [ 8A814F4CBF6AA28A8F0212592824C927, 9688BA88E744B231CC13F28CE40AE64AA121F943BADE4D0BA5A83487AF6C01CF

 

] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll

04:56:27.0656 0x2d3c  AudioEndpointBuilder - ok

04:56:27.0797 0x2d3c  [ 01E8E96251900BCEFAB34FBC1FCEB552, 63D4B17967545586BEFD76FCB507AFDE3F7454CAADAE1EDE615D81204AF275CE

 

] Audiosrv        C:\Windows\System32\Audiosrv.dll

04:56:27.0812 0x2d3c  Audiosrv - ok

04:56:27.0828 0x2d3c  [ 555C879F7CD2A5E476F2F46D3FBD5537, 11054B2421ECA28AF302E459455CC6F5184F8206100BA6DE26117E44490FFEF7

 

] AX88772         C:\Windows\system32\DRIVERS\ax88772.sys

04:56:27.0828 0x2d3c  AX88772 - ok

04:56:27.0875 0x2d3c  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461

 

] AxInstSV        C:\Windows\System32\AxInstSV.dll

04:56:27.0875 0x2d3c  AxInstSV - ok

04:56:27.0937 0x2d3c  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905

 

] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

04:56:27.0937 0x2d3c  b06bdrv - ok

04:56:28.0031 0x2d3c  [ 1D55E5313E44FB7968AB2D8758E74D68, 6B8C1099E34F364E3E7026205EEF676AC1C682E3969D41F4CE35066B805515C7

 

] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

04:56:28.0047 0x2d3c  b57nd60a - ok

04:56:28.0078 0x2d3c  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B

 

] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys

04:56:28.0078 0x2d3c  BasicDisplay - ok

04:56:28.0078 0x2d3c  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435

 

] BasicRender     C:\Windows\System32\drivers\BasicRender.sys

04:56:28.0078 0x2d3c  BasicRender - ok

04:56:28.0078 0x2d3c  BASSVC - ok

04:56:28.0125 0x2d3c  [ 558F6EEF46EC2642C8F72D34CBB5612E, DA192AB0C645200E7135C994866589DB6ACA451CC3F2BC903C95E5ABCD7391CC

] BDESVC          C:\Windows\System32\bdesvc.dll

04:56:28.0125 0x2d3c  BDESVC - ok

04:56:28.0156 0x2d3c  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB

] Beep            C:\Windows\system32\drivers\Beep.sys

04:56:28.0156 0x2d3c  Beep - ok

04:56:28.0297 0x2d3c  [ 407F85D5387EDBB665A7969DF4D4712B, 56E103CDCDFB07E54ABF7F7AD898E7E989B0D9CD73352E6AB89D7AE52AA46C9D

] BFE             C:\Windows\System32\bfe.dll

04:56:28.0312 0x2d3c  BFE - ok

04:56:28.0390 0x2d3c  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0

] BITS            C:\Windows\System32\qmgr.dll

04:56:28.0406 0x2d3c  BITS - ok

04:56:28.0520 0x2d3c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122

] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

04:56:28.0520 0x2d3c  Bonjour Service - ok

04:56:28.0566 0x2d3c  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5

] bowser          C:\Windows\system32\DRIVERS\bowser.sys

04:56:28.0566 0x2d3c  bowser - ok

04:56:28.0613 0x2d3c  [ 975398A3D2C1FEA73FC93931978DF354, 623E66E79BF16AC82E5DD579B1D50AA1A884FAFC042C3C8A1B503C97A84098DF

] BrokerInfrastructure C:\Windows\System32\bisrv.dll

04:56:28.0613 0x2d3c  BrokerInfrastructure - ok

04:56:28.0723 0x2d3c  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E

] Browser         C:\Windows\System32\browser.dll

04:56:28.0723 0x2d3c  Browser - ok

04:56:28.0770 0x2d3c  [ B600D86961C6DF87EEB637D4C4ABB663, 1847B661373AFC14607682C51A786D5E450E10A10ADCEE4A3951055552531301

] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys

04:56:28.0770 0x2d3c  BTATH_A2DP - ok

04:56:28.0770 0x2d3c  [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1

] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys

04:56:28.0770 0x2d3c  btath_avdt - ok

04:56:28.0801 0x2d3c  [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9

] BTATH_BUS       C:\Windows\System32\drivers\btath_bus.sys

04:56:28.0801 0x2d3c  BTATH_BUS - ok

04:56:28.0816 0x2d3c  [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F

] BTATH_HCRP      C:\Windows\System32\drivers\btath_hcrp.sys

04:56:28.0816 0x2d3c  BTATH_HCRP - ok

04:56:28.0816 0x2d3c  [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A

] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys

04:56:28.0832 0x2d3c  BTATH_LWFLT - ok

04:56:28.0832 0x2d3c  [ 057DA8351AD21AE485A11A8237DC9263, 151C0A591A26E26C7700F00EC8E95C6D8A5406869109A0CA01A3C38D1C5FBA2A

] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys

04:56:28.0832 0x2d3c  BTATH_RCP - ok

04:56:28.0863 0x2d3c  [ 185C8FCF6FD4D263AB1AC5A32ADD86AD, 900EE5B8DBEED4CBF51EF7A95203018EA6766D67251E494EB9816E109023F6EB

] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys

04:56:28.0879 0x2d3c  BtFilter - ok

04:56:28.0926 0x2d3c  [ FC79BE6D8FBC8699E9980F657D281BE9, 02D3233719E1DB059ABFB0F5D534114E70208D1339BC53EADC5C78424A3E7117

] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys

04:56:28.0926 0x2d3c  BthAvrcpTg - ok

04:56:29.0020 0x2d3c  [ 8DE53C3B497D58C7D3E52F54D28E7D86, 1063973F6B0125E1209AE012E218AD9E7AABA5DBB03D883050F25C9D4F68B99B

] BthEnum         C:\Windows\System32\drivers\BthEnum.sys

04:56:29.0020 0x2d3c  BthEnum - ok

04:56:29.0066 0x2d3c  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB

] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys

04:56:29.0082 0x2d3c  BthHFEnum - ok

04:56:29.0098 0x2d3c  [ 6F7368071FCDDB96C0527A6E5D7C1906, 0406CDEC064D644F38950FF26234F006D59F5E3265614D50F5D9C7CEC8475B48

] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys

04:56:29.0098 0x2d3c  bthhfhid - ok

04:56:29.0129 0x2d3c  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF

] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys

04:56:29.0145 0x2d3c  BthLEEnum - ok

04:56:29.0223 0x2d3c  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA

] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys

04:56:29.0223 0x2d3c  BTHMODEM - ok

04:56:29.0270 0x2d3c  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D

] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys

04:56:29.0270 0x2d3c  BthPan - ok

04:56:29.0379 0x2d3c  [ 427510B95603B24A0E1DDB47EFC4BA44, D90ED0D0313FB1517D3645AA01E5422351AE2BB3778325EFD6D0A0ACD1DC7E7C

] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys

04:56:29.0457 0x2d3c  BTHPORT - ok

04:56:29.0504 0x2d3c  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70

] bthserv         C:\Windows\system32\bthserv.dll

04:56:29.0504 0x2d3c  bthserv - ok

04:56:29.0582 0x2d3c  [ 0BB16201253AA87015EFFECAF157225F, 1B5B38275828B82B06D24018A8965DA58866C05E3847AA1B55BFF6F13FD9E235

] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys

04:56:29.0598 0x2d3c  BTHUSB - ok

04:56:30.0580 0x2d3c  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6

] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

04:56:30.0705 0x2d3c  c2cautoupdatesvc - ok

04:56:33.0787 0x2d3c  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B

] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

04:56:33.0818 0x2d3c  c2cpnrsvc - ok

04:56:34.0339 0x2d3c  [ CFA963D67CF8791B2145ED9E2B89ED95, 8A325E8257C3D948C4571B4386282C0A7102235C1202BED1654AE037BEAD0B49

] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe

04:56:34.0390 0x2d3c  CCDMonitorService - ok

04:56:34.0441 0x2d3c  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3

] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

04:56:34.0441 0x2d3c  cdfs - ok

04:56:34.0459 0x2d3c  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5

] cdrom           C:\Windows\System32\drivers\cdrom.sys

04:56:34.0462 0x2d3c  cdrom - ok

04:56:34.0489 0x2d3c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7

] CertPropSvc     C:\Windows\System32\certprop.dll

04:56:34.0492 0x2d3c  CertPropSvc - ok

04:56:34.0511 0x2d3c  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB

] circlass        C:\Windows\System32\drivers\circlass.sys

04:56:34.0511 0x2d3c  circlass - ok

04:56:34.0532 0x2d3c  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A

] CLFS            C:\Windows\system32\drivers\CLFS.sys

04:56:34.0532 0x2d3c  CLFS - ok

04:56:34.0688 0x2d3c  [ 42C5B8010D47EF3F4BAE6D1B427E80F4, 721C24522C43D50081EA01FD521D68EB365B91561CCF2E7AD1F091FBD61E67FB

] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe

04:56:34.0735 0x2d3c  ClickToRunSvc - ok

04:56:34.0766 0x2d3c  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA

] CmBatt          C:\Windows\System32\drivers\CmBatt.sys

04:56:34.0766 0x2d3c  CmBatt - ok

04:56:34.0782 0x2d3c  [ 1894FD2D5966A81D3B07A7C4D8724D59, 18DCE6DF0DE39DFD1358A1E061AD97099699CE430BCB906AFB7F51277681461D

] CNG             C:\Windows\system32\Drivers\cng.sys

04:56:34.0797 0x2d3c  CNG - ok

04:56:34.0797 0x2d3c  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8

] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys

04:56:34.0813 0x2d3c  CompositeBus - ok

04:56:34.0813 0x2d3c  COMSysApp - ok

04:56:34.0829 0x2d3c  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C

 

] condrv          C:\Windows\system32\drivers\condrv.sys

04:56:34.0829 0x2d3c  condrv - ok

04:56:34.0985 0x2d3c  [ 78AF1C499BF02F9814DF959A04A4F9C9, 9D569A57551C7ACE032C3ECC7BEB8C7606D6BAF58AC1660B4E9FBE907F47E274

 

] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe

04:56:34.0985 0x2d3c  cphs - ok

04:56:35.0032 0x2d3c  [ A97CB38F511E9A19296F94957F3D4823, 6330568F27ABA2D6306BA503C76B9D5DC85979BE3815D6455721E3A988EF984E

 

] CrypKey License C:\Windows\system32\crypserv.exe

04:56:35.0032 0x2d3c  CrypKey License - ok

04:56:35.0063 0x2d3c  [ F0E78B119D12BA81F163D48C0FF30B9A, 9622A2F36F03A33E7D145C439BD62D5AEFD53064D60BCC787555D1AF8CB936A9

 

] CryptSvc        C:\Windows\system32\cryptsvc.dll

04:56:35.0063 0x2d3c  CryptSvc - ok

04:56:35.0094 0x2d3c  [ A4CCA7289C1A6223D61FD27BF2FC413F, DCDA516FE602690802A8D2A854E607FFCB0BCFDFCDB1F1AC6B30CBAED2663726

 

] dam             C:\Windows\system32\drivers\dam.sys

04:56:35.0094 0x2d3c  dam - ok

04:56:35.0141 0x2d3c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4

 

] DcomLaunch      C:\Windows\system32\rpcss.dll

04:56:35.0157 0x2d3c  DcomLaunch - ok

04:56:35.0219 0x2d3c  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B

 

] defragsvc       C:\Windows\System32\defragsvc.dll

04:56:35.0235 0x2d3c  defragsvc - ok

04:56:35.0266 0x2d3c  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D

 

] DeviceAssociationService C:\Windows\system32\das.dll

04:56:35.0266 0x2d3c  DeviceAssociationService - ok

04:56:35.0282 0x2d3c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3

 

] DeviceInstall   C:\Windows\system32\umpnpmgr.dll

04:56:35.0297 0x2d3c  DeviceInstall - ok

04:56:35.0313 0x2d3c  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E

 

] Dfsc            C:\Windows\system32\Drivers\dfsc.sys

04:56:35.0329 0x2d3c  Dfsc - ok

04:56:35.0360 0x2d3c  [ CFB72DF4B2364AF6D4D685DCD310E942, 89C72E1008B92B85A275B9F37D96481C3EFCABE9ACD28B698D5A04E0DDA0DF8F

 

] Dhcp            C:\Windows\system32\dhcpcore.dll

04:56:35.0375 0x2d3c  Dhcp - ok

04:56:35.0375 0x2d3c  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615

 

] discache        C:\Windows\system32\drivers\discache.sys

04:56:35.0375 0x2d3c  discache - ok

04:56:35.0375 0x2d3c  [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6

 

] disk            C:\Windows\system32\drivers\disk.sys

04:56:35.0391 0x2d3c  disk - ok

04:56:35.0407 0x2d3c  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86

 

] dmvsc           C:\Windows\System32\drivers\dmvsc.sys

04:56:35.0407 0x2d3c  dmvsc - ok

04:56:35.0422 0x2d3c  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB

 

] Dnscache        C:\Windows\System32\dnsrslvr.dll

04:56:35.0438 0x2d3c  Dnscache - ok

04:56:35.0485 0x2d3c  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A

 

] dot3svc         C:\Windows\System32\dot3svc.dll

04:56:35.0485 0x2d3c  dot3svc - ok

04:56:35.0516 0x2d3c  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851

 

] DPS             C:\Windows\system32\dps.dll

04:56:35.0516 0x2d3c  DPS - ok

04:56:35.0610 0x2d3c  [ B123656688D67DF3A08FE5912203F71B, 2F1452F5D89D65901681AFECC6277E12AFBE4C4D5676611FED1C643C3D7A8921

 

] DragonSvc       C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

04:56:35.0610 0x2d3c  DragonSvc - ok

04:56:35.0641 0x2d3c  [ 84D07E4E4FBE72DA3EC1C1E77C49B53C, 81846E3E91080EA3E21FDC1120B5CC2265258AC78AF654DCD1A05E3966AA923A

 

] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

04:56:35.0641 0x2d3c  drmkaud - ok

04:56:35.0704 0x2d3c  [ 97FF36062963F8C818506E6A8201C5EF, D64EAEBC156185AA4ADBF752AFCCEB269D36CAF024B8A2EF3258F4D74ADDF3D5

 

] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe

04:56:35.0719 0x2d3c  DsiWMIService - ok

04:56:35.0750 0x2d3c  [ BF48F32EE248C3D371DA5DC93BBEADA7, C8E9B685A8F2F99140382557F11E362D899E7EC6693ADEFE762F0A3850585C63

 

] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll

04:56:35.0750 0x2d3c  DsmSvc - ok

04:56:35.0813 0x2d3c  [ 898BF1647BBF012B38EF45C7F9F7A67E, 800EF0CF107B5F29702FA50D448E20D3EB19984C38D1AA0197636A80629A3160

 

] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

04:56:35.0844 0x2d3c  DXGKrnl - ok

04:56:35.0875 0x2d3c  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12

 

] Eaphost         C:\Windows\System32\eapsvc.dll

04:56:35.0875 0x2d3c  Eaphost - ok

04:56:36.0032 0x2d3c  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD

 

] ebdrv           C:\Windows\system32\drivers\evbda.sys

04:56:36.0094 0x2d3c  ebdrv - ok

04:56:36.0141 0x2d3c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08

 

] EFS             C:\Windows\System32\lsass.exe

04:56:36.0141 0x2d3c  EFS - ok

04:56:36.0188 0x2d3c  [ AD23FC5DB336CA89A6FC2DA1F70E421C, 8C543A0057873B71F19D4D94249D6690F27708FB4D6F4056EC87DF33D7D120EF

 

] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

04:56:36.0188 0x2d3c  EgisTec Ticket Service - ok

04:56:36.0219 0x2d3c  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF

 

] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys

04:56:36.0219 0x2d3c  EhStorClass - ok

04:56:36.0235 0x2d3c  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD

 

] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys

04:56:36.0235 0x2d3c  EhStorTcgDrv - ok

04:56:36.0369 0x2d3c  [ B4FAD52C897255AFFADC43F3221533A1, 586BA6A865B84434BE6D49817529DEEA2693EB421872BC019D402C7BBFEB9B8C

 

] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

04:56:36.0385 0x2d3c  ePowerSvc - ok

04:56:36.0400 0x2d3c  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912

 

] ErrDev          C:\Windows\System32\drivers\errdev.sys

04:56:36.0400 0x2d3c  ErrDev - ok

04:56:36.0447 0x2d3c  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E

 

] EventSystem     C:\Windows\system32\es.dll

04:56:36.0463 0x2d3c  EventSystem - ok

04:56:36.0494 0x2d3c  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC

 

] exfat           C:\Windows\system32\drivers\exfat.sys

04:56:36.0494 0x2d3c  exfat - ok

04:56:36.0510 0x2d3c  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749

 

] fastfat         C:\Windows\system32\drivers\fastfat.sys

04:56:36.0510 0x2d3c  fastfat - ok

04:56:36.0577 0x2d3c  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C

 

] Fax             C:\Windows\system32\fxssvc.exe

04:56:36.0593 0x2d3c  Fax - ok

04:56:36.0608 0x2d3c  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6

 

] fdc             C:\Windows\System32\drivers\fdc.sys

04:56:36.0608 0x2d3c  fdc - ok

04:56:36.0624 0x2d3c  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2

 

] fdPHost         C:\Windows\system32\fdPHost.dll

04:56:36.0624 0x2d3c  fdPHost - ok

04:56:36.0640 0x2d3c  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704

 

] FDResPub        C:\Windows\system32\fdrespub.dll

04:56:36.0640 0x2d3c  FDResPub - ok

04:56:36.0702 0x2d3c  [ 2E1FBB0769DF4C56B527A4000820A8D0, 6FA0541A9A1BD5586E1E99F4BA4C4442C9407891675F756BCB75EEE5C67FDE15

 

] ffusb2audio     C:\Windows\system32\DRIVERS\ffusb2audio.sys

04:56:36.0702 0x2d3c  ffusb2audio - ok

04:56:36.0765 0x2d3c  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A

 

] fhsvc           C:\Windows\system32\fhsvc.dll

04:56:36.0765 0x2d3c  fhsvc - ok

04:56:36.0816 0x2d3c  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1

 

] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

04:56:36.0817 0x2d3c  FileInfo - ok

04:56:36.0833 0x2d3c  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211

 

] Filetrace       C:\Windows\system32\drivers\filetrace.sys

04:56:36.0834 0x2d3c  Filetrace - ok

04:56:36.0837 0x2d3c  FLEXnet Licensing Service - ok

04:56:36.0853 0x2d3c  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583

] flpydisk        C:\Windows\System32\drivers\flpydisk.sys

04:56:36.0854 0x2d3c  flpydisk - ok

04:56:36.0865 0x2d3c  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2

] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

04:56:36.0871 0x2d3c  FltMgr - ok

04:56:36.0944 0x2d3c  [ 305CB1E16576F436BC8797E629A3D46D, E3644AE3FA8F755D306D9C4177262CEC451B33731074508B139F3F86AC1B5AE6

] FontCache       C:\Windows\system32\FntCache.dll

04:56:36.0975 0x2d3c  FontCache - ok

04:56:37.0069 0x2d3c  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0

] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

04:56:37.0070 0x2d3c  FontCache3.0.0.0 - ok

04:56:37.0193 0x2d3c  [ E54DA03A8EEB8C002C6F2E709B08651A, 82B46688494AD687D1256D6B48F86699467419D0D0A980E9F639764EA4792CE7

] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

04:56:37.0194 0x2d3c  FreemakeVideoCapture - ok

04:56:37.0239 0x2d3c  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC

] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

04:56:37.0241 0x2d3c  FsDepends - ok

04:56:37.0263 0x2d3c  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87

] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

04:56:37.0264 0x2d3c  Fs_Rec - ok

04:56:37.0301 0x2d3c  [ FA228F4BB10DC7ED7E7D131C034E2331, 0463B1DB8BB2B5AF95EAD988EA9DEB5483D9E78C07E07BAC1E3CC46C086B3BB0

] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

04:56:37.0308 0x2d3c  fvevol - ok

04:56:37.0336 0x2d3c  [ 3EF3FCCC0E70EEC5C2AD996F32BBA642, AC452FD68519DD1EFC971D223CBB3702F38146CB4203E2F6A4302EE3F76144EB

] FxPPM           C:\Windows\System32\drivers\fxppm.sys

04:56:37.0339 0x2d3c  FxPPM - ok

04:56:37.0360 0x2d3c  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286

] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

04:56:37.0376 0x2d3c  gagp30kx - ok

04:56:37.0454 0x2d3c  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12

] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

04:56:37.0485 0x2d3c  GamesAppService - ok

04:56:37.0532 0x2d3c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4

] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

04:56:37.0532 0x2d3c  GEARAspiWDM - ok

04:56:37.0564 0x2d3c  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6

] gencounter      C:\Windows\System32\drivers\vmgencounter.sys

04:56:37.0564 0x2d3c  gencounter - ok

04:56:37.0642 0x2d3c  [ CA18ECFCFFDD638ECE80799A9056B238, FEA6778443253CBAA9FF43A980D576A3F449B036151F91495F04CE0C54F02254

] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys

04:56:37.0642 0x2d3c  GPIOClx0101 - ok

04:56:37.0798 0x2d3c  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52

] gpsvc           C:\Windows\System32\gpsvc.dll

04:56:37.0876 0x2d3c  gpsvc - ok

04:56:37.0923 0x2d3c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A

] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

04:56:37.0923 0x2d3c  gupdate - ok

04:56:37.0939 0x2d3c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A

] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

04:56:37.0954 0x2d3c  gupdatem - ok

04:56:38.0048 0x2d3c  [ 9FC1F11D4D19F61DFE5CC878B4557D3A, 17A0EC253D04FBD25C2113FD96FBF9D822E8295623C1B1DDA712FB102D42E956

] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

04:56:38.0064 0x2d3c  HdAudAddService - ok

04:56:38.0126 0x2d3c  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5

] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys

04:56:38.0126 0x2d3c  HDAudBus - ok

04:56:38.0157 0x2d3c  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD

] HidBatt         C:\Windows\System32\drivers\HidBatt.sys

04:56:38.0173 0x2d3c  HidBatt - ok

04:56:38.0204 0x2d3c  [ A25BAE8C1F2830C8E5625EC7E4E968BE, 81D441B6616094C604453D8EC289C29D9B84A323B5C7C312C96C8380D51538DA

] HidBth          C:\Windows\System32\drivers\hidbth.sys

04:56:38.0204 0x2d3c  HidBth - ok

04:56:38.0236 0x2d3c  [ AC0526C4E3A7954F750B8F8D95EFB340, BE5180F60761F513B3CD5FC395BB8BCF6EAB6D7A910E0C824FFBEC128285F7A7

] hidi2c          C:\Windows\System32\drivers\hidi2c.sys

04:56:38.0251 0x2d3c  hidi2c - ok

04:56:38.0267 0x2d3c  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086

] HidIr           C:\Windows\System32\drivers\hidir.sys

04:56:38.0267 0x2d3c  HidIr - ok

04:56:38.0314 0x2d3c  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC

] hidserv         C:\Windows\system32\hidserv.dll

04:56:38.0314 0x2d3c  hidserv - ok

04:56:38.0329 0x2d3c  [ 590B6F71BCDA4368B4BF7D8DF22B60F7, 5CED8ACCBBF373607A8CEC81E9F9856C450A73A969E07DF3218B85F444CA7D3F

] HidUsb          C:\Windows\System32\drivers\hidusb.sys

04:56:38.0329 0x2d3c  HidUsb - ok

04:56:38.0454 0x2d3c  [ 59451F21B0F2CFA61719CF3DE7C4372A, 993288B57A2C7172323D0E8488D8CBF89F9F0C4F2092BE6209DBF117188B6BFF

] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

04:56:38.0470 0x2d3c  HiPatchService - ok

04:56:38.0532 0x2d3c  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1

] hkmsvc          C:\Windows\system32\kmsvc.dll

04:56:38.0557 0x2d3c  hkmsvc - ok

04:56:38.0604 0x2d3c  [ 6CC1AD7B0E071C317B7FB8FC6AEF0EDA, 2A907E87E491F76B75F13CD921962EA4D1FF4C705E393F8FA3F48EC701E668F5

] HomeGroupListener C:\Windows\system32\ListSvc.dll

04:56:38.0620 0x2d3c  HomeGroupListener - ok

04:56:38.0682 0x2d3c  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D

] HomeGroupProvider C:\Windows\system32\provsvc.dll

04:56:38.0713 0x2d3c  HomeGroupProvider - ok

04:56:38.0745 0x2d3c  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76

] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

04:56:38.0745 0x2d3c  HpSAMD - ok

04:56:38.0838 0x2d3c  [ 47DBBF38E00C3F7404B71F6509241EF1, CBB3B3F46F702605DD47F12C318984937D7E8384C0A6B62556A6961F74305292

] HTTP            C:\Windows\system32\drivers\HTTP.sys

04:56:38.0885 0x2d3c  HTTP - ok

04:56:38.0901 0x2d3c  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14

] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

04:56:38.0901 0x2d3c  hwpolicy - ok

04:56:38.0932 0x2d3c  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C

] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys

04:56:38.0932 0x2d3c  hyperkbd - ok

04:56:38.0963 0x2d3c  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3

] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys

04:56:38.0963 0x2d3c  HyperVideo - ok

04:56:38.0979 0x2d3c  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C

] i8042prt        C:\Windows\System32\drivers\i8042prt.sys

04:56:38.0995 0x2d3c  i8042prt - ok

04:56:39.0088 0x2d3c  [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5

] iaStorA         C:\Windows\system32\drivers\iaStorA.sys

04:56:39.0120 0x2d3c  iaStorA - ok

04:56:39.0182 0x2d3c  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603

] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

04:56:39.0213 0x2d3c  iaStorV - ok

04:56:39.0463 0x2d3c  [ 5AD5A7781BE907D6E2D75CA1DADAA97B, 355234ED6E49A1080CFFC9C18D185DA653A00C6B79B204368A971EACE5A416A9

] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

04:56:39.0596 0x2d3c  IconMan_R - ok

04:56:40.0034 0x2d3c  [ A1CF07D24EDCDC6870535471654D957C, FA0CD2ABA2C15E9FC4A1DEE58F365EC10D9597D521556DC2648B50CE0537926D

] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys

04:56:40.0331 0x2d3c  igfx - ok

04:56:40.0410 0x2d3c  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4

] iirsp           C:\Windows\system32\drivers\iirsp.sys

04:56:40.0415 0x2d3c  iirsp - ok

04:56:40.0517 0x2d3c  [ 45EACE8D94B9CEC746A85154892C4FDC, F2507F1AA4C5D54EC8151B44CD033B231C708B57761432E5EDEE6219122301C2

] IKEEXT          C:\Windows\System32\ikeext.dll

04:56:40.0588 0x2d3c  IKEEXT - ok

04:56:40.0854 0x2d3c  [ 6BDCC85422817FA53CD705ADE312CE6A, 2EBEDF34493B4AE34442A89ACBCDB2C39447F21FBB015BDD7935DE95DD217CD0

] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

04:56:40.0916 0x2d3c  IntcAzAudAddService - ok

04:56:40.0979 0x2d3c  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4

] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys

04:56:40.0979 0x2d3c  IntcDAud - ok

04:56:41.0026 0x2d3c  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C

] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

04:56:41.0041 0x2d3c  Intel® Capability Licensing Service Interface - ok

04:56:41.0073 0x2d3c  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470

] intelide        C:\Windows\system32\drivers\intelide.sys

04:56:41.0073 0x2d3c  intelide - ok

04:56:41.0088 0x2d3c  [ F9E126AA767E2E6E3128434A43C9F713, 1BF023083158DB1D76E89C77D383C082F1CA19F00C8FC3B0C30A93263A32BCEA

] intelppm        C:\Windows\System32\drivers\intelppm.sys

04:56:41.0104 0x2d3c  intelppm - ok

04:56:41.0119 0x2d3c  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D

] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

04:56:41.0119 0x2d3c  IpFilterDriver - ok

04:56:41.0182 0x2d3c  [ CAC5202757EF68C4849B0DFFA75F6D3C, D68EDCED68DB7755AA8BE5EC2784C124888BA4ED33B3E366FD83C3E64E42B770

] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

04:56:41.0198 0x2d3c  iphlpsvc - ok

04:56:41.0213 0x2d3c  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF

] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys

04:56:41.0213 0x2d3c  IPMIDRV - ok

04:56:41.0244 0x2d3c  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089

] IPNAT           C:\Windows\system32\drivers\ipnat.sys

04:56:41.0244 0x2d3c  IPNAT - ok

04:56:41.0276 0x2d3c  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529

] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

04:56:41.0291 0x2d3c  iPod Service - ok

04:56:41.0307 0x2d3c  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB

] IRENUM          C:\Windows\system32\drivers\irenum.sys

04:56:41.0307 0x2d3c  IRENUM - ok

04:56:41.0323 0x2d3c  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D

] isapnp          C:\Windows\system32\drivers\isapnp.sys

04:56:41.0323 0x2d3c  isapnp - ok

04:56:41.0385 0x2d3c  [ F5F0DE1B7F256997501EECECE9648108, F9B602EA6B278980A299BB7A393ED09388761DE56162AC998398AB95B5A4EC3E

] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys

04:56:41.0385 0x2d3c  iScsiPrt - ok

04:56:41.0479 0x2d3c  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE

] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

04:56:41.0479 0x2d3c  jhi_service - ok

04:56:41.0494 0x2d3c  JRSKD24 - ok

04:56:41.0557 0x2d3c  [ FF349AFA241F4AE0F6C37F5E8803BFAC, 35576A55E3B47257B79092E22130F846C306F80797CA60E722319E0E32EE0A51

 

] JRSUKD25        C:\Windows\system32\JRSUKD25.SYS

04:56:41.0557 0x2d3c  JRSUKD25 - ok

04:56:41.0573 0x2d3c  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4

 

] kbdclass        C:\Windows\System32\drivers\kbdclass.sys

04:56:41.0573 0x2d3c  kbdclass - ok

04:56:41.0573 0x2d3c  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E

 

] kbdhid          C:\Windows\System32\drivers\kbdhid.sys

04:56:41.0573 0x2d3c  kbdhid - ok

04:56:41.0604 0x2d3c  [ B2023B8C0ACA7A4FF75A69E877DFB2D4, D8628B1C2B9103F80447B28082D7E59AAB1D763C740AB9C4A5269B49651A300B

 

] kcrtx64         C:\Windows\system32\kcrtx64.sys

04:56:41.0620 0x2d3c  kcrtx64 - ok

04:56:41.0635 0x2d3c  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF

 

] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys

04:56:41.0635 0x2d3c  kdnic - ok

04:56:41.0651 0x2d3c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08

 

] KeyIso          C:\Windows\system32\lsass.exe

04:56:41.0651 0x2d3c  KeyIso - ok

04:56:41.0698 0x2d3c  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF

 

] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

04:56:41.0698 0x2d3c  KSecDD - ok

04:56:41.0713 0x2d3c  [ E427D299CFE267A2465D3AAF81440ED9, 78F2649FDFF78C358E4FF8EB9772F726A23457658C1CCEABA4D4DEF6927A0423

 

] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

04:56:41.0713 0x2d3c  KSecPkg - ok

04:56:41.0713 0x2d3c  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9

 

] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

04:56:41.0713 0x2d3c  ksthunk - ok

04:56:41.0776 0x2d3c  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541

 

] KtmRm           C:\Windows\system32\msdtckrm.dll

04:56:41.0776 0x2d3c  KtmRm - ok

04:56:41.0823 0x2d3c  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126

 

] LanmanServer    C:\Windows\system32\srvsvc.dll

04:56:41.0823 0x2d3c  LanmanServer - ok

04:56:41.0854 0x2d3c  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00

 

] LanmanWorkstation C:\Windows\System32\wkssvc.dll

04:56:41.0870 0x2d3c  LanmanWorkstation - ok

04:56:41.0885 0x2d3c  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691

 

] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

04:56:41.0885 0x2d3c  lltdio - ok

04:56:41.0916 0x2d3c  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141

 

] lltdsvc         C:\Windows\System32\lltdsvc.dll

04:56:41.0932 0x2d3c  lltdsvc - ok

04:56:41.0963 0x2d3c  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142

 

] lmhosts         C:\Windows\System32\lmhsvc.dll

04:56:41.0963 0x2d3c  lmhosts - ok

04:56:41.0995 0x2d3c  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19

 

] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

04:56:42.0010 0x2d3c  LMS - ok

04:56:42.0026 0x2d3c  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0

 

] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

04:56:42.0026 0x2d3c  LSI_SAS - ok

04:56:42.0041 0x2d3c  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C

 

] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

04:56:42.0041 0x2d3c  LSI_SAS2 - ok

04:56:42.0104 0x2d3c  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212

 

] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

04:56:42.0104 0x2d3c  LSI_SCSI - ok

04:56:42.0182 0x2d3c  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851

 

] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys

04:56:42.0182 0x2d3c  LSI_SSS - ok

04:56:42.0276 0x2d3c  [ 8FEFDCEE40B75FD23B4BC60DA6576113, 1C3B690B00D95F6A4DB9225A42B1E5BF5A586785A3E097A9D46D35D580490924

 

] LSM             C:\Windows\System32\lsm.dll

04:56:42.0291 0x2d3c  LSM - ok

04:56:42.0307 0x2d3c  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180

 

] luafv           C:\Windows\system32\drivers\luafv.sys

04:56:42.0323 0x2d3c  luafv - ok

04:56:42.0385 0x2d3c  [ 54D70409DE6932E9EFA117779611E7A9, 4FF4328CEB222160664633D361D06EAEF4B27E2A5AE515CF7D425650A6A23136

 

] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys

04:56:42.0385 0x2d3c  mbamchameleon - ok

04:56:42.0416 0x2d3c  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A

 

] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

04:56:42.0416 0x2d3c  MBAMProtector - ok

04:56:42.0578 0x2d3c  [ 516E29AD03BDF610CC36A95AE692FE42, 09F913B169AD775FF587AE59AEC5DD2A2D8646803F48BF616C74EEC0DE3BE7A2

 

] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

04:56:42.0609 0x2d3c  MBAMScheduler - ok

04:56:42.0718 0x2d3c  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F

 

] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

04:56:42.0734 0x2d3c  MBAMService - ok

04:56:42.0781 0x2d3c  [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980

 

] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

04:56:42.0781 0x2d3c  MBAMSwissArmy - ok

04:56:42.0843 0x2d3c  [ 28B597A61C9AC9B59BC0573D70A62CBF, 032C095ECDAEEE800BD9C7AB08C089E7530A9DD09AE577D1612035F2BFFAA61C

 

] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys

04:56:42.0843 0x2d3c  MBAMWebAccessControl - ok

04:56:42.0859 0x2d3c  McAfee SiteAdvisor Service - ok

04:56:42.0859 0x2d3c  McAPExe - ok

04:56:42.0890 0x2d3c  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3

 

] megasas         C:\Windows\system32\drivers\megasas.sys

04:56:42.0890 0x2d3c  megasas - ok

04:56:42.0937 0x2d3c  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6

 

] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

04:56:42.0937 0x2d3c  MegaSR - ok

04:56:42.0984 0x2d3c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9

 

] MEIx64          C:\Windows\System32\drivers\HECIx64.sys

04:56:42.0984 0x2d3c  MEIx64 - ok

04:56:43.0015 0x2d3c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962

 

] MMCSS           C:\Windows\system32\mmcss.dll

04:56:43.0015 0x2d3c  MMCSS - ok

04:56:43.0031 0x2d3c  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446

 

] Modem           C:\Windows\system32\drivers\modem.sys

04:56:43.0031 0x2d3c  Modem - ok

04:56:43.0046 0x2d3c  [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935, CC3F4E09F8834C7293B607446FECFE3CBB9B9151E65AAD38E2A4A8B30244DE14

 

] monitor         C:\Windows\system32\DRIVERS\monitor.sys

04:56:43.0046 0x2d3c  monitor - ok

04:56:43.0046 0x2d3c  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16

 

] mouclass        C:\Windows\System32\drivers\mouclass.sys

04:56:43.0062 0x2d3c  mouclass - ok

04:56:43.0062 0x2d3c  [ CB2527B8B87D83E56FBF3944BBB6F606, F8DA5AF97B91099C58E14D1DACBCA02AF8F193E53A88DDC8CC4C0655A2E4F90B

 

] mouhid          C:\Windows\System32\drivers\mouhid.sys

04:56:43.0062 0x2d3c  mouhid - ok

04:56:43.0078 0x2d3c  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054

 

] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

04:56:43.0078 0x2d3c  mountmgr - ok

04:56:43.0203 0x2d3c  [ 269BDB3CB77EB77BABE2862BEAB1F208, EC693365C73D59244CB77E181042128A9901BA5C1109CD4F1B9A2008DF1F9582

 

] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

04:56:43.0203 0x2d3c  MozillaMaintenance - ok

04:56:43.0218 0x2d3c  [ 36BF4D86F166ACBC14F0B8B8F90CBCEA, 9127DB0ABCCF57DEEB6447EEE33C5F4724472763DB1941D6FA74C745512D0DA2

 

] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

04:56:43.0218 0x2d3c  mpsdrv - ok

04:56:43.0265 0x2d3c  [ 411EA973A1961C287927DF13891EB41E, 1DA42631346FF8B43443A4DCE838AEB3C7166FBB272FC47740B09A1A1CE5CCBC

 

] MpsSvc          C:\Windows\system32\mpssvc.dll

04:56:43.0281 0x2d3c  MpsSvc - ok

04:56:43.0328 0x2d3c  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF

 

] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

04:56:43.0328 0x2d3c  MRxDAV - ok

04:56:43.0343 0x2d3c  [ 1EEAA5A62E8C49DDF58798F06F78BFFA, D5F37463EC4E4E5F538DCB4B98BFE1415A7CCFA9641BED0621B5BCEBEA91E184

 

] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

04:56:43.0343 0x2d3c  mrxsmb - ok

04:56:43.0390 0x2d3c  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6

 

] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

04:56:43.0390 0x2d3c  mrxsmb10 - ok

04:56:43.0406 0x2d3c  [ BFBE1EA55ECC15733933D429E384BCA4, 01B2C5B5D92E8F33F5F86A372AE0AFF22779E70377B0C904BEFD0998906DD8B7

 

] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

04:56:43.0406 0x2d3c  mrxsmb20 - ok

04:56:43.0437 0x2d3c  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD

 

] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys

04:56:43.0437 0x2d3c  MsBridge - ok

04:56:43.0468 0x2d3c  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E

 

] MSDTC           C:\Windows\System32\msdtc.exe

04:56:43.0468 0x2d3c  MSDTC - ok

04:56:43.0484 0x2d3c  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9

 

] Msfs            C:\Windows\system32\drivers\Msfs.sys

04:56:43.0484 0x2d3c  Msfs - ok

04:56:43.0500 0x2d3c  [ C9BFB0353099B071E70299549C18C8AE, 5BEB200A6B824F63E2F39BA4F0693DBAC948BEA3B5A56AC9715716F1CE387566

 

] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys

04:56:43.0500 0x2d3c  msgpiowin32 - ok

04:56:43.0515 0x2d3c  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF

 

] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

04:56:43.0515 0x2d3c  mshidkmdf - ok

04:56:43.0531 0x2d3c  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1

 

] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys

04:56:43.0531 0x2d3c  mshidumdf - ok

04:56:43.0531 0x2d3c  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A

 

] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

04:56:43.0546 0x2d3c  msisadrv - ok

04:56:43.0578 0x2d3c  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B

 

] MSiSCSI         C:\Windows\system32\iscsiexe.dll

04:56:43.0578 0x2d3c  MSiSCSI - ok

04:56:43.0578 0x2d3c  msiserver - ok

04:56:43.0609 0x2d3c  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28

] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

04:56:43.0609 0x2d3c  MSKSSRV - ok

04:56:43.0625 0x2d3c  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB

] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys

04:56:43.0625 0x2d3c  MsLldp - ok

04:56:43.0640 0x2d3c  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F

] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

04:56:43.0640 0x2d3c  MSPCLOCK - ok

04:56:43.0656 0x2d3c  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278

] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

04:56:43.0656 0x2d3c  MSPQM - ok

04:56:43.0671 0x2d3c  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE

] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

04:56:43.0687 0x2d3c  MsRPC - ok

04:56:43.0687 0x2d3c  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC

] mssmbios        C:\Windows\System32\drivers\mssmbios.sys

04:56:43.0687 0x2d3c  mssmbios - ok

04:56:43.0797 0x2d3c  MSSQL$QSRNVIVO10 - ok

04:56:43.0937 0x2d3c  [ 04EF36EAF5C4DBCE424D81B76F1E9231, ABA97C3004903852357264291613649D823F5BB24806E6CF9952AB3AA0E97C15

 

] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

04:56:43.0937 0x2d3c  MSSQLServerADHelper100 - ok

04:56:43.0953 0x2d3c  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562

 

] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

04:56:43.0953 0x2d3c  MSTEE - ok

04:56:43.0968 0x2d3c  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C

 

] MTConfig        C:\Windows\System32\drivers\MTConfig.sys

04:56:43.0968 0x2d3c  MTConfig - ok

04:56:43.0984 0x2d3c  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C

 

] Mup             C:\Windows\system32\Drivers\mup.sys

04:56:43.0984 0x2d3c  Mup - ok

04:56:44.0000 0x2d3c  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7

 

] mvumis          C:\Windows\system32\drivers\mvumis.sys

04:56:44.0000 0x2d3c  mvumis - ok

04:56:44.0031 0x2d3c  [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863

 

] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

04:56:44.0031 0x2d3c  mwlPSDFilter - ok

04:56:44.0031 0x2d3c  [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4

 

] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

04:56:44.0031 0x2d3c  mwlPSDNServ - ok

04:56:44.0031 0x2d3c  [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA

 

] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

04:56:44.0031 0x2d3c  mwlPSDVDisk - ok

04:56:44.0062 0x2d3c  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167

 

] napagent        C:\Windows\system32\qagentRT.dll

04:56:44.0078 0x2d3c  napagent - ok

04:56:44.0109 0x2d3c  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D

 

] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

04:56:44.0125 0x2d3c  NativeWifiP - ok

04:56:44.0156 0x2d3c  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0

 

] NcaSvc          C:\Windows\System32\ncasvc.dll

04:56:44.0172 0x2d3c  NcaSvc - ok

04:56:44.0187 0x2d3c  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5

 

] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll

04:56:44.0187 0x2d3c  NcdAutoSetup - ok

04:56:44.0250 0x2d3c  [ FE6463C1574610E26ED8DE2054DF59A4, 736680A9B567709A32D668D84A1AD630AD5CE048BBC3005826EB8F7E40C6ABA2

 

] NDIS            C:\Windows\system32\drivers\ndis.sys

04:56:44.0265 0x2d3c  NDIS - ok

04:56:44.0297 0x2d3c  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68

 

] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

04:56:44.0312 0x2d3c  NdisCap - ok

04:56:44.0343 0x2d3c  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3

 

] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys

04:56:44.0359 0x2d3c  NdisImPlatform - ok

04:56:44.0390 0x2d3c  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8

 

] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

04:56:44.0390 0x2d3c  NdisTapi - ok

04:56:44.0422 0x2d3c  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD

 

] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

04:56:44.0422 0x2d3c  Ndisuio - ok

04:56:44.0437 0x2d3c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC

 

] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

04:56:44.0453 0x2d3c  NdisWan - ok

04:56:44.0484 0x2d3c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC

 

] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys

04:56:44.0484 0x2d3c  NDISWANLEGACY - ok

04:56:44.0531 0x2d3c  [ CE6EBC0AD38CC6482D8FBB744FF15CE2, B8712DB2E574ECFBC840FAAFB874644AB56909382BA2A5A8BC599874BBEAA543

 

] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

04:56:44.0531 0x2d3c  NDProxy - ok

04:56:44.0562 0x2d3c  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD

 

] Ndu             C:\Windows\system32\drivers\Ndu.sys

04:56:44.0562 0x2d3c  Ndu - ok

04:56:44.0589 0x2d3c  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62

 

] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

04:56:44.0592 0x2d3c  NetBIOS - ok

04:56:44.0639 0x2d3c  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42

 

] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

04:56:44.0654 0x2d3c  NetBT - ok

04:56:44.0686 0x2d3c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08

 

] Netlogon        C:\Windows\system32\lsass.exe

04:56:44.0686 0x2d3c  Netlogon - ok

04:56:44.0795 0x2d3c  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD

 

] Netman          C:\Windows\System32\netman.dll

04:56:44.0826 0x2d3c  Netman - ok

04:56:44.0904 0x2d3c  [ 20F6FD63E6D456114BC8056D62792786, 12EDB8DD4D647F8CF680ABD1A36704EE9BEBE5F65C821E6D76F798441AF2C199

 

] netprofm        C:\Windows\System32\netprofmsvc.dll

04:56:44.0936 0x2d3c  netprofm - ok

04:56:45.0014 0x2d3c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E

 

] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:56:45.0029 0x2d3c  NetTcpPortSharing - ok

04:56:45.0092 0x2d3c  [ FBA7ACE8BE16E9F94215CDD72F49F529, 495E8796D239DCBEE494D1332B702CBD4814A5B39DB171B2CDF1F64F6299C113

 

] NetworkX        C:\Windows\System32\ckldrv.sys

04:56:45.0107 0x2d3c  NetworkX - ok

04:56:45.0139 0x2d3c  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B

 

] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

04:56:45.0154 0x2d3c  nfrd960 - ok

04:56:45.0232 0x2d3c  [ EEECC4C67144A39BA5B9B6E351932606, C3CB9042D00559893EA37969898840D3D437703E6B13BCF21253AB40F6071446

 

] NIWinCDEmu      C:\Windows\System32\drivers\NIWinCDEmu.sys

04:56:45.0232 0x2d3c  NIWinCDEmu - ok

04:56:45.0295 0x2d3c  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9

 

] NlaSvc          C:\Windows\System32\nlasvc.dll

04:56:45.0322 0x2d3c  NlaSvc - ok

04:56:45.0388 0x2d3c  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E

 

] npf             C:\Windows\system32\drivers\npf.sys

04:56:45.0392 0x2d3c  npf - ok

04:56:45.0405 0x2d3c  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3

 

] Npfs            C:\Windows\system32\drivers\Npfs.sys

04:56:45.0421 0x2d3c  Npfs - ok

04:56:45.0436 0x2d3c  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B

 

] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys

04:56:45.0436 0x2d3c  npsvctrig - ok

04:56:45.0468 0x2d3c  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93

 

] nsi             C:\Windows\system32\nsisvc.dll

04:56:45.0483 0x2d3c  nsi - ok

04:56:45.0499 0x2d3c  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F

 

] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

04:56:45.0515 0x2d3c  nsiproxy - ok

04:56:45.0687 0x2d3c  [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD, 4F9872ACF27D9C7D52256CAB09AEEC760402B69088789018D0736F16236C1FE3

 

] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

04:56:45.0843 0x2d3c  Ntfs - ok

04:56:46.0015 0x2d3c  [ 24802A206925A340DBA52ABF83C21315, 39E6FD63C7C93A833E3D5CC928AFF9286059538798DBF77C16ADDE64112E2661

 

] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

04:56:46.0046 0x2d3c  NTI IScheduleSvc - ok

04:56:46.0077 0x2d3c  [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21

 

] NTIDrvr         C:\windows\system32\drivers\NTIDrvr.sys

04:56:46.0077 0x2d3c  NTIDrvr - ok

04:56:46.0140 0x2d3c  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20

 

] Null            C:\Windows\system32\drivers\Null.sys

04:56:46.0155 0x2d3c  Null - ok

04:56:47.0284 0x2d3c  [ 076C32433B06AAAD72742774E56FB854, 198D522AABA406EB0C36BEF25FD48A1BD914D877A7E8534605957F4FF3A3135B

 

] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

04:56:47.0503 0x2d3c  nvlddmkm - ok

04:56:48.0174 0x2d3c  [ 0AFB4857ADD1D11012E6B38C9F4B625B, 08FFD7DF327462CC2BFCBC251A075603B46E338156396C6A3AFD5896E9A9B8A1

 

] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys

04:56:48.0174 0x2d3c  nvpciflt - ok

04:56:48.0362 0x2d3c  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4

 

] nvraid          C:\Windows\system32\drivers\nvraid.sys

04:56:48.0362 0x2d3c  nvraid - ok

04:56:48.0867 0x2d3c  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98

 

] nvstor          C:\Windows\system32\drivers\nvstor.sys

04:56:48.0976 0x2d3c  nvstor - ok

04:56:50.0539 0x2d3c  [ A9495A3AAAB5E470F2460F85849A5F66, C84675F39BD07E2A7B0FB491709A2D83476208D235CD78F4ECB947BED82CE01C

 

] nvsvc           C:\Windows\system32\nvvsvc.exe

04:56:50.0669 0x2d3c  nvsvc - ok

04:56:51.0075 0x2d3c  [ FAA2048284D763409F7BB84F61601C80, 9ED505AC0D0E124D2EBD2AC7EF463FC4640F67B54533FA560DF47A6CBB86E623

 

] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

04:56:51.0091 0x2d3c  nvUpdatusService - ok

04:56:51.0138 0x2d3c  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5

 

] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

04:56:51.0153 0x2d3c  nv_agp - ok

04:56:51.0341 0x2d3c  [ AD630F092CE4D999E48E29D2FFBE9E46, F0F8397B67CDBF7B1A80A4B58B32470AF07E15D81EF7E2744693AA8C0818540A

 

] OpenVPNService  C:\Program Files (x86)\PureVPN\bin\openvpnserv.exe

04:56:51.0341 0x2d3c  OpenVPNService - ok

04:56:51.0482 0x2d3c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83

 

] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

04:56:51.0482 0x2d3c  ose - ok

04:56:51.0528 0x2d3c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D

 

] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

04:56:51.0544 0x2d3c  p2pimsvc - ok

04:56:51.0607 0x2d3c  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE

 

] p2psvc          C:\Windows\system32\p2psvc.dll

04:56:51.0622 0x2d3c  p2psvc - ok

04:56:51.0700 0x2d3c  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D

 

] Parport         C:\Windows\System32\drivers\parport.sys

04:56:51.0700 0x2d3c  Parport - ok

04:56:51.0716 0x2d3c  [ C1D7BA7F0DE487DFEEB51BF8D3EC5562, 72F38D6C6FD1ED6E1BC47B781A06FFBE29C99A70382D38759B53A184F61B6643

 

] partmgr         C:\Windows\system32\drivers\partmgr.sys

04:56:51.0716 0x2d3c  partmgr - ok

04:56:51.0732 0x2d3c  [ 19E41F140A6ADBD38943710DA7FF0E38, AF9FDBEB0E519B7EA034C76077E514FE27138204E9874F4DDEA0B1CB26A45BA0

 

] PcaSvc          C:\Windows\System32\pcasvc.dll

04:56:51.0747 0x2d3c  PcaSvc - ok

04:56:51.0763 0x2d3c  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C

 

] pci             C:\Windows\system32\drivers\pci.sys

04:56:51.0763 0x2d3c  pci - ok

04:56:51.0778 0x2d3c  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D

 

] pciide          C:\Windows\system32\drivers\pciide.sys

04:56:51.0778 0x2d3c  pciide - ok

04:56:51.0825 0x2d3c  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F

 

] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

04:56:51.0841 0x2d3c  pcmcia - ok

04:56:51.0841 0x2d3c  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B

 

] pcw             C:\Windows\system32\drivers\pcw.sys

04:56:51.0841 0x2d3c  pcw - ok

04:56:51.0872 0x2d3c  [ A192B9FC67F181A78B05175EE0A244FA, CC62F12062066AAF0BD96163448FA5599F3B468E7DFE5704FF5288F32F01391B

 

] pdc             C:\Windows\system32\drivers\pdc.sys

04:56:51.0888 0x2d3c  pdc - ok

04:56:51.0982 0x2d3c  [ 70DBB6A8B52B3830922F1C5789E1BEEB, 30288885789753FE19B51A200137E916E10BCD4211EFF50931C19E88824EADC0

 

] PEAUTH          C:\Windows\system32\drivers\peauth.sys

04:56:51.0982 0x2d3c  PEAUTH - ok

04:56:52.0044 0x2d3c  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD

 

] PerfHost        C:\Windows\SysWow64\perfhost.exe

04:56:52.0044 0x2d3c  PerfHost - ok

04:56:52.0138 0x2d3c  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14

 

] pla             C:\Windows\system32\pla.dll

04:56:52.0169 0x2d3c  pla - ok

04:56:52.0200 0x2d3c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3

 

] PlugPlay        C:\Windows\system32\umpnpmgr.dll

04:56:52.0216 0x2d3c  PlugPlay - ok

04:56:52.0232 0x2d3c  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461

 

] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

04:56:52.0232 0x2d3c  PNRPAutoReg - ok

04:56:52.0247 0x2d3c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D

 

] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

04:56:52.0263 0x2d3c  PNRPsvc - ok

04:56:52.0403 0x2d3c  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D

 

] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

04:56:52.0419 0x2d3c  PolicyAgent - ok

04:56:52.0466 0x2d3c  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0

 

] Power           C:\Windows\system32\umpo.dll

04:56:52.0466 0x2d3c  Power - ok

04:56:52.0497 0x2d3c  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0

 

] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

04:56:52.0497 0x2d3c  PptpMiniport - ok

04:56:52.0737 0x2d3c  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE, 878E46E308BC3AC689CFC401BAA12D217BFB9911C29A10DB5DFFAC250A58CE55

 

] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll

04:56:52.0768 0x2d3c  PrintNotify - ok

04:56:52.0815 0x2d3c  [ 8DA167F8967AB35A2487095CB1B879A0, 78FD1D87F0A52254DFD71B76BEEA4179CECF830D1CF623A12FBD991B7C1CDDC1

 

] Processor       C:\Windows\System32\drivers\processr.sys

04:56:52.0815 0x2d3c  Processor - ok

04:56:52.0924 0x2d3c  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B

 

] ProfSvc         C:\Windows\system32\profsvc.dll

04:56:52.0940 0x2d3c  ProfSvc - ok

04:56:52.0971 0x2d3c  [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386

 

] Ps2Kb2Hid       C:\Windows\System32\drivers\aPs2Kb2Hid.sys

04:56:52.0971 0x2d3c  Ps2Kb2Hid - ok

04:56:53.0002 0x2d3c  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46

 

] Psched          C:\Windows\system32\DRIVERS\pacer.sys

04:56:53.0002 0x2d3c  Psched - ok

04:56:53.0049 0x2d3c  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510

 

] QWAVE           C:\Windows\system32\qwave.dll

04:56:53.0049 0x2d3c  QWAVE - ok

04:56:53.0065 0x2d3c  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15

 

] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

04:56:53.0065 0x2d3c  QWAVEdrv - ok

04:56:53.0080 0x2d3c  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48

 

] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

04:56:53.0080 0x2d3c  RasAcd - ok

04:56:53.0112 0x2d3c  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100

 

] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

04:56:53.0112 0x2d3c  RasAgileVpn - ok

04:56:53.0127 0x2d3c  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3

 

] RasAuto         C:\Windows\System32\rasauto.dll

04:56:53.0143 0x2d3c  RasAuto - ok

04:56:53.0174 0x2d3c  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04

 

] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

04:56:53.0174 0x2d3c  Rasl2tp - ok

04:56:53.0190 0x2d3c  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073

 

] RasMan          C:\Windows\System32\rasmans.dll

04:56:53.0205 0x2d3c  RasMan - ok

04:56:53.0205 0x2d3c  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1

 

] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

04:56:53.0205 0x2d3c  RasPppoe - ok

04:56:53.0221 0x2d3c  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE

 

] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

04:56:53.0221 0x2d3c  RasSstp - ok

04:56:53.0237 0x2d3c  [ B72C33DBD5326B3864CF2091AF8B906B, 85A22311FA870CE43CF70F69D7D101D96B9095A992DCF5FA1587886F6D4282DC

 

] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

04:56:53.0268 0x2d3c  rdbss - ok

04:56:53.0346 0x2d3c  [ 8E32ED4F775041446578247C00BC4AB2, 58F8E303808CD00B40219A1BA5DF2F72D09DA3E1228069582C6112AF3A81D158

 

] RDID1100        C:\Windows\system32\Drivers\rdwm1100.sys

04:56:53.0346 0x2d3c  RDID1100 - ok

04:56:53.0377 0x2d3c  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8

 

] rdpbus          C:\Windows\System32\drivers\rdpbus.sys

04:56:53.0377 0x2d3c  rdpbus - ok

04:56:53.0424 0x2d3c  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439

 

] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

04:56:53.0440 0x2d3c  RDPDR - ok

04:56:53.0487 0x2d3c  [ 3B4F32CA8B37584ECF98BCE136E38B96, 2B39224FEF5C0AE000FF667B3D6C3C279DBEE8EABAE2F5C40BBCF6DDFFD4DE3C

 

] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

04:56:53.0487 0x2d3c  RdpVideoMiniport - ok

04:56:53.0534 0x2d3c  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2

 

] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

04:56:53.0549 0x2d3c  RDPWD - ok

04:56:53.0580 0x2d3c  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE

 

] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

04:56:53.0596 0x2d3c  rdyboost - ok

04:56:53.0659 0x2d3c  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293

 

] RemoteAccess    C:\Windows\System32\mprdim.dll

04:56:53.0674 0x2d3c  RemoteAccess - ok

04:56:53.0737 0x2d3c  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45

 

] RemoteRegistry  C:\Windows\system32\regsvc.dll

04:56:53.0752 0x2d3c  RemoteRegistry - ok

04:56:53.0784 0x2d3c  [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984

 

] RfButtonDriverService C:\Windows\RfBtnSvc64.exe

04:56:53.0799 0x2d3c  RfButtonDriverService - ok

04:56:53.0830 0x2d3c  [ 17EF582CBC4809F96B9E6D0543480763, 7097ACDC565A50C7F3F8659693356EE9CAA6B922124C27C4F9D7C89526A87481

 

] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys

04:56:53.0830 0x2d3c  RFCOMM - ok

04:56:53.0877 0x2d3c  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B

 

] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

04:56:53.0893 0x2d3c  RpcEptMapper - ok

04:56:53.0924 0x2d3c  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13

 

] RpcLocator      C:\Windows\system32\locator.exe

04:56:53.0924 0x2d3c  RpcLocator - ok

04:56:54.0002 0x2d3c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4

 

] RpcSs           C:\Windows\system32\rpcss.dll

04:56:54.0049 0x2d3c  RpcSs - ok

04:56:54.0096 0x2d3c  [ 49EEC19C34A6906883E1279EF8EDA361, 333E9A0A5A497B54D32AFF5D4E2E655FE849E73B8E2AE46CFC5E4E638617AE85

 

] RSBASTOR        C:\Windows\system32\DRIVERS\RtsBaStor.sys

04:56:54.0127 0x2d3c  RSBASTOR - ok

04:56:54.0221 0x2d3c  [ C606C5F712A3761896CEFFA4AF6B1268, 8E6411B0E818DF621B7E1AB271684712CAF741C38B57C0609D6978FA0198523C

 

] RsFx0151        C:\Windows\system32\DRIVERS\RsFx0151.sys

04:56:54.0252 0x2d3c  RsFx0151 - ok

04:56:54.0299 0x2d3c  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952

 

] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

04:56:54.0299 0x2d3c  rspndr - ok

04:56:54.0346 0x2d3c  rssasnt - ok

04:56:54.0440 0x2d3c  [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2

] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys

04:56:54.0502 0x2d3c  RTL8168 - ok

04:56:54.0534 0x2d3c  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8

] s3cap           C:\Windows\System32\drivers\vms3cap.sys

04:56:54.0549 0x2d3c  s3cap - ok

04:56:54.0596 0x2d3c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08

] SamSs           C:\Windows\system32\lsass.exe

04:56:54.0596 0x2d3c  SamSs - ok

04:56:54.0812 0x2d3c  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124

] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

04:56:54.0828 0x2d3c  SASDIFSV - ok

04:56:54.0844 0x2d3c  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1

] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

04:56:54.0844 0x2d3c  SASKUTIL - ok

04:56:54.0922 0x2d3c  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2

] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

04:56:54.0937 0x2d3c  sbp2port - ok

04:56:55.0015 0x2d3c  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287

] SCardSvr        C:\Windows\System32\SCardSvr.dll

04:56:55.0031 0x2d3c  SCardSvr - ok

04:56:55.0062 0x2d3c  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A

] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

04:56:55.0062 0x2d3c  scfilter - ok

04:56:55.0172 0x2d3c  [ EDCDF4DB82EF825B94B190D544C8C58B, 65E316CB66893FBA852D44F6ACE0F1DA415DBADADCA838B31DF3AB6B681E33B6

] Schedule        C:\Windows\system32\schedsvc.dll

04:56:55.0297 0x2d3c  Schedule - ok

04:56:55.0344 0x2d3c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7

] SCPolicySvc     C:\Windows\System32\certprop.dll

04:56:55.0359 0x2d3c  SCPolicySvc - ok

04:56:55.0406 0x2d3c  [ A27CF856218B1B1442A7A3B5CF94B4B9, A3BBF36034BBF92E81FDDB9E22370D9AF132997593452BEAAEDCBA43BC5F5D79

] sdbus           C:\Windows\System32\drivers\sdbus.sys

04:56:55.0422 0x2d3c  sdbus - ok

04:56:55.0500 0x2d3c  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899

] SDRSVC          C:\Windows\System32\SDRSVC.dll

04:56:55.0515 0x2d3c  SDRSVC - ok

04:56:55.0547 0x2d3c  [ 74369A913837FB46C3B27373DA2ADF4E, 30CB6AD90520D410D914C5D654C8838DF13B2FC850EB7F0BFB2B937F9BC14E2E

] sdstor          C:\Windows\System32\drivers\sdstor.sys

04:56:55.0547 0x2d3c  sdstor - ok

04:56:55.0578 0x2d3c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D

] secdrv          C:\Windows\system32\drivers\secdrv.sys

04:56:55.0578 0x2d3c  secdrv - ok

04:56:55.0594 0x2d3c  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5

] seclogon        C:\Windows\system32\seclogon.dll

04:56:55.0609 0x2d3c  seclogon - ok

04:56:55.0625 0x2d3c  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE

] SENS            C:\Windows\System32\sens.dll

04:56:55.0625 0x2d3c  SENS - ok

04:56:55.0672 0x2d3c  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46

] SensrSvc        C:\Windows\system32\sensrsvc.dll

04:56:55.0687 0x2d3c  SensrSvc - ok

04:56:55.0734 0x2d3c  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9

] SerCx           C:\Windows\system32\drivers\SerCx.sys

04:56:55.0734 0x2d3c  SerCx - ok

04:56:55.0765 0x2d3c  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639

] Serenum         C:\Windows\System32\drivers\serenum.sys

04:56:55.0781 0x2d3c  Serenum - ok

04:56:55.0812 0x2d3c  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950

] Serial          C:\Windows\System32\drivers\serial.sys

04:56:55.0812 0x2d3c  Serial - ok

04:56:55.0844 0x2d3c  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4

] sermouse        C:\Windows\System32\drivers\sermouse.sys

04:56:55.0844 0x2d3c  sermouse - ok

04:56:55.0937 0x2d3c  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D

] SessionEnv      C:\Windows\system32\sessenv.dll

04:56:55.0969 0x2d3c  SessionEnv - ok

04:56:56.0000 0x2d3c  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A

] sfloppy         C:\Windows\System32\drivers\sfloppy.sys

04:56:56.0015 0x2d3c  sfloppy - ok

04:56:56.0109 0x2d3c  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029

] SharedAccess    C:\Windows\System32\ipnathlp.dll

04:56:56.0140 0x2d3c  SharedAccess - ok

04:56:56.0250 0x2d3c  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15

] ShellHWDetection C:\Windows\System32\shsvcs.dll

04:56:56.0297 0x2d3c  ShellHWDetection - ok

04:56:56.0344 0x2d3c  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED

] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

04:56:56.0359 0x2d3c  SiSRaid2 - ok

04:56:56.0391 0x2d3c  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC

] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

04:56:56.0391 0x2d3c  SiSRaid4 - ok

04:56:56.0562 0x2d3c  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8

] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

04:56:56.0578 0x2d3c  SkypeUpdate - ok

04:56:56.0609 0x2d3c  [ D7D05F0E9DE755165279CD62799ECAF3, C151C6F5F62C83C037A7B3A3E953A5233BC1410A289386C562505EBFC9DB5FED

] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys

04:56:56.0625 0x2d3c  SmbDrvI - ok

04:56:56.0671 0x2d3c  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1

] SNMPTRAP        C:\Windows\System32\snmptrap.exe

04:56:56.0676 0x2d3c  SNMPTRAP - ok

04:56:56.0707 0x2d3c  [ 465F3C355CE5ED2779B8F460F14C5A78, 4CDFBACBC2C228D6655DFE151249725D72D58DAE3299E15EAAEBC26FE0F712DC

] spaceport       C:\Windows\system32\drivers\spaceport.sys

04:56:56.0723 0x2d3c  spaceport - ok

04:56:56.0739 0x2d3c  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB

] SpbCx           C:\Windows\system32\drivers\SpbCx.sys

04:56:56.0739 0x2d3c  SpbCx - ok

04:56:56.0786 0x2d3c  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD

] Spooler         C:\Windows\System32\spoolsv.exe

04:56:56.0801 0x2d3c  Spooler - ok

04:56:56.0973 0x2d3c  [ EC84D961501054F87A6878EC5D53388F, C69F3542B182BED4260EE1906361B72B9FFDE47FD92A161850E28BC6ED7505CC

] sppsvc          C:\Windows\system32\sppsvc.exe

04:56:57.0051 0x2d3c  sppsvc - ok

04:56:57.0192 0x2d3c  [ 3420E0482AD95120B471B7328A8D7D08, D3D8C45EC601B59ACBE7FE76B7C8478256DD29ADBF9A22938BFD4098E593B682

] SQLAgent$QSRNVIVO10 c:\Program Files\Microsoft SQL Server\MSSQL10_50.QSRNVIVO10\MSSQL\Binn\SQLAGENT.EXE

04:56:57.0192 0x2d3c  SQLAgent$QSRNVIVO10 - ok

04:56:57.0286 0x2d3c  [ 7D67C07C63796775CC5492BCFEAFF125, BAEFF806F656FA252D1DBC1E21603CF5F7D54C5AFB3FC91F2723729A7740DF8A

] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

04:56:57.0286 0x2d3c  SQLBrowser - ok

04:56:57.0379 0x2d3c  [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150

] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

04:56:57.0379 0x2d3c  SQLWriter - ok

04:56:57.0442 0x2d3c  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E

] srv             C:\Windows\system32\DRIVERS\srv.sys

04:56:57.0457 0x2d3c  srv - ok

04:56:57.0473 0x2d3c  [ 0DE224F7B8041B17AA53D00327A86396, 283AD5E9EE8F0C2F47B81FF246BC42ED0656026DA760CAB9EA25611785BBFED8

] srv2            C:\Windows\system32\DRIVERS\srv2.sys

04:56:57.0489 0x2d3c  srv2 - ok

04:56:57.0504 0x2d3c  [ 9400C71F5A1A380B494B6922F007D485, 66C293974BA4A61A06DC26EF48D5FA5E75377F66AD1CD774AA6827FA20A5F46E

] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

04:56:57.0504 0x2d3c  srvnet - ok

04:56:57.0582 0x2d3c  [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2

] ssadbus         C:\Windows\System32\drivers\ssadbus.sys

04:56:57.0582 0x2d3c  ssadbus - ok

04:56:57.0598 0x2d3c  [ D6CFD3B2EABCF9327DE39C62BABFA1E3, C748AF55B07FCB9C5A3E3E0CB783CE6387A2C5D646BCA6B5F5FFF37ACCE82AD3

] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys

04:56:57.0598 0x2d3c  ssadmdfl - ok

04:56:57.0661 0x2d3c  [ 5EB01E6148742C3EC2185AC92F6D16FD, 5BD22C745D9BD47C60929F9C556E4B262F9415866EFE9F9263EAD916D74ECAE0

] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys

04:56:57.0676 0x2d3c  ssadmdm - ok

04:56:57.0692 0x2d3c  [ FF20F67DD5644BD1D2E7FCD95AF7F03B, 23615E776D6A8C406C7DDF0E694ED3B5A2D30913AFD3C0F86A788C5004299845

] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys

04:56:57.0692 0x2d3c  ssadserd - ok

04:56:57.0723 0x2d3c  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61

] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

04:56:57.0723 0x2d3c  SSDPSRV - ok

04:56:57.0739 0x2d3c  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747

] SstpSvc         C:\Windows\system32\sstpsvc.dll

04:56:57.0739 0x2d3c  SstpSvc - ok

04:56:57.0754 0x2d3c  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE

] stexstor        C:\Windows\system32\drivers\stexstor.sys

04:56:57.0754 0x2d3c  stexstor - ok

04:56:57.0832 0x2d3c  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8

] stisvc          C:\Windows\System32\wiaservc.dll

04:56:57.0848 0x2d3c  stisvc - ok

04:56:57.0879 0x2d3c  [ C588BBD37B432CE3204E5765B459E6B2, 6A30570C82390C4D6668137D05C7EFBE243CAC243CBE405D308E3F7B2BC5729D

] storahci        C:\Windows\system32\drivers\storahci.sys

04:56:57.0879 0x2d3c  storahci - ok

04:56:57.0895 0x2d3c  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE

] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys

04:56:57.0895 0x2d3c  storflt - ok

04:56:57.0926 0x2d3c  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F

] StorSvc         C:\Windows\system32\storsvc.dll

04:56:57.0926 0x2d3c  StorSvc - ok

04:56:57.0957 0x2d3c  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E

] storvsc         C:\Windows\system32\drivers\storvsc.sys

04:56:57.0957 0x2d3c  storvsc - ok

04:56:57.0973 0x2d3c  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0

] svsvc           C:\Windows\system32\svsvc.dll

04:56:57.0973 0x2d3c  svsvc - ok

04:56:57.0989 0x2d3c  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF

] swenum          C:\Windows\System32\drivers\swenum.sys

04:56:57.0989 0x2d3c  swenum - ok

04:56:58.0020 0x2d3c  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6

] swprv           C:\Windows\System32\swprv.dll

04:56:58.0036 0x2d3c  swprv - ok

04:56:58.0080 0x2d3c  [ FAE28BFEFC2257A2340A29321309E812, D71C8436D6173A121686AFE6DC2CD34AF7C72A6AC161B132628572689DD1E351

] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

04:56:58.0080 0x2d3c  SynTP - ok

04:56:58.0158 0x2d3c  [ DC21E1F06343773D7E24362DCEF7944B, E5C13A2D4DEEBEDC6E0E4882FFC56322EA0474A3BD8B1C8A077293F433854F9B

] SysMain         C:\Windows\system32\sysmain.dll

04:56:58.0174 0x2d3c  SysMain - ok

04:56:58.0205 0x2d3c  [ 079244F281621FEDCC161D3923E858FE, A9997FF335B2A81CD9C1DFF8177FBBD4E36360BC1F3E7CD260144806EB12BC5E

] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll

04:56:58.0205 0x2d3c  SystemEventsBroker - ok

04:56:58.0221 0x2d3c  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F

] TabletInputService C:\Windows\System32\TabSvc.dll

04:56:58.0221 0x2d3c  TabletInputService - ok

04:56:58.0283 0x2d3c  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B

] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys

04:56:58.0283 0x2d3c  tap0901 - ok

04:56:58.0299 0x2d3c  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02

] TapiSrv         C:\Windows\System32\tapisrv.dll

04:56:58.0299 0x2d3c  TapiSrv - ok

04:56:58.0392 0x2d3c  [ 1D644E2D0FC395A055AB1C23C3B43631, 2AF96480449756C76C2466E546912D1EBB2847490BF611FEBE842CC25EA98765

] Tcpip           C:\Windows\system32\drivers\tcpip.sys

04:56:58.0439 0x2d3c  Tcpip - ok

04:56:58.0502 0x2d3c  [ 1D644E2D0FC395A055AB1C23C3B43631, 2AF96480449756C76C2466E546912D1EBB2847490BF611FEBE842CC25EA98765

] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

04:56:58.0533 0x2d3c  TCPIP6 - ok

04:56:58.0596 0x2d3c  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1

] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

04:56:58.0596 0x2d3c  tcpipreg - ok

04:56:58.0627 0x2d3c  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817

] tdx             C:\Windows\system32\DRIVERS\tdx.sys

04:56:58.0627 0x2d3c  tdx - ok

04:56:58.0850 0x2d3c  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532

] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

04:56:58.0928 0x2d3c  TeamViewer9 - ok

04:56:58.0975 0x2d3c  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991

] terminpt        C:\Windows\System32\drivers\terminpt.sys

04:56:58.0975 0x2d3c  terminpt - ok

04:56:59.0100 0x2d3c  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728

] TermService     C:\Windows\System32\termsrv.dll

04:56:59.0115 0x2d3c  TermService - ok

04:56:59.0131 0x2d3c  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7

] Themes          C:\Windows\system32\themeservice.dll

04:56:59.0146 0x2d3c  Themes - ok

04:56:59.0162 0x2d3c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962

] THREADORDER     C:\Windows\system32\mmcss.dll

04:56:59.0162 0x2d3c  THREADORDER - ok

04:56:59.0178 0x2d3c  [ 52066C139CC189468845D5BE557B25EB, 65A6828240CC06435C1A5FD48B443C3023CE2E8A0A6BDEF67795612457B0CF60

] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll

04:56:59.0178 0x2d3c  TimeBroker - ok

04:56:59.0225 0x2d3c  [ B44EFE254C0B3719E4037088D24FE4B5, 5AC07658A599470C2BCB2813E644B132DDF886510470F5CC636113CEC48DC0F3

] TPM             C:\Windows\system32\drivers\tpm.sys

04:56:59.0225 0x2d3c  TPM - ok

04:56:59.0256 0x2d3c  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00

] TrkWks          C:\Windows\System32\trkwks.dll

04:56:59.0256 0x2d3c  TrkWks - ok

04:56:59.0271 0x2d3c  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8

] truecrypt       C:\Windows\system32\drivers\truecrypt.sys

04:56:59.0287 0x2d3c  truecrypt - ok

04:56:59.0334 0x2d3c  [ 8D516AEF3C1DF980664CF17BB1FF6093, D68A82D7DE647EAD68D5B8F3E8174B520C7FC6387EC68C8685B3E161C6020488

] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

04:56:59.0334 0x2d3c  TrustedInstaller - ok

04:56:59.0365 0x2d3c  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7

] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

04:56:59.0365 0x2d3c  TsUsbFlt - ok

04:56:59.0381 0x2d3c  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B

] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys

04:56:59.0381 0x2d3c  TsUsbGD - ok

04:56:59.0396 0x2d3c  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273

] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

04:56:59.0396 0x2d3c  tunnel - ok

04:56:59.0428 0x2d3c  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D

] uagp35          C:\Windows\system32\drivers\uagp35.sys

04:56:59.0428 0x2d3c  uagp35 - ok

04:56:59.0443 0x2d3c  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED

] UASPStor        C:\Windows\System32\drivers\uaspstor.sys

04:56:59.0459 0x2d3c  UASPStor - ok

04:56:59.0475 0x2d3c  [ 69CC6087483FCE6AEBF1DF5AE791044F, 64A2699447049F77A4A5469537F81124114978BF356C079B123B79782EDC760A

] UBHelper        C:\windows\system32\drivers\UBHelper.sys

04:56:59.0475 0x2d3c  UBHelper - ok

04:56:59.0506 0x2d3c  [ 1ED222DFE6C13DA50FE081ABF90CAFE1, B3DFAE29D2E08E2A5ABEF8B4D2C03CD25EE22B11D6E0B6BFCAC2D09B8D73AD49

] UCX01000        C:\Windows\System32\drivers\ucx01000.sys

04:56:59.0521 0x2d3c  UCX01000 - ok

04:56:59.0563 0x2d3c  [ DC5A461591C71AF7F19DC048A81E3F88, C6689C70B6CDE5A5707C06ABDC9CABF87CCE549BD23B96969EF3AA177A889320

] udfs            C:\Windows\system32\DRIVERS\udfs.sys

04:56:59.0568 0x2d3c  udfs - ok

04:56:59.0610 0x2d3c  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D

] UI0Detect       C:\Windows\system32\UI0Detect.exe

04:56:59.0612 0x2d3c  UI0Detect - ok

04:56:59.0636 0x2d3c  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D

] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

04:56:59.0639 0x2d3c  uliagpkx - ok

04:56:59.0644 0x2d3c  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2

] umbus           C:\Windows\System32\drivers\umbus.sys

04:56:59.0646 0x2d3c  umbus - ok

04:56:59.0657 0x2d3c  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3

] UmPass          C:\Windows\System32\drivers\umpass.sys

04:56:59.0657 0x2d3c  UmPass - ok

04:56:59.0688 0x2d3c  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7

] UmRdpService    C:\Windows\System32\umrdp.dll

04:56:59.0688 0x2d3c  UmRdpService - ok

04:56:59.0813 0x2d3c  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229

] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

04:56:59.0844 0x2d3c  UNS - ok

04:56:59.0922 0x2d3c  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458

] upnphost        C:\Windows\System32\upnphost.dll

04:56:59.0969 0x2d3c  upnphost - ok

04:57:00.0032 0x2d3c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A

] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys

04:57:00.0032 0x2d3c  USBAAPL64 - ok

04:57:00.0094 0x2d3c  [ 3FBE0784E42E7BA93FCC5201D2BAFE23, B0B45103EA209DE5B75396C5A25CBBBFAF05E199C7B5092342DC3AFEB70A0CE6

] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

04:57:00.0110 0x2d3c  usbaudio - ok

04:57:00.0188 0x2d3c  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B, AADB8991174CCDA3ADE14AF3EFB3A9826EC17A0F989F449FF43010A99D8CAA1F

] usbccgp         C:\Windows\System32\drivers\usbccgp.sys

04:57:00.0204 0x2d3c  usbccgp - ok

04:57:00.0251 0x2d3c  [ B395B62B62F28106218FA6FB17F4C797, 231CA3512B02BBE70E630A6304E899BCB741CE411FB10C2B3DE48E52034F24BB

] usbcir          C:\Windows\System32\drivers\usbcir.sys

04:57:00.0266 0x2d3c  usbcir - ok

04:57:00.0313 0x2d3c  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86, 93E2CC1D4A56A3BBDD85020A8F4AD1B9B119953DB83A155C56D667924D5D8A02

] usbehci         C:\Windows\System32\drivers\usbehci.sys

04:57:00.0329 0x2d3c  usbehci - ok

04:57:00.0438 0x2d3c  [ FBB6794E3BBAD92D66D59D206C1F849F, CEA5B07518699F09B2ABA372312FF0769B913DC4C43CC142BDB25274B52825DA

] usbhub          C:\Windows\System32\drivers\usbhub.sys

04:57:00.0469 0x2d3c  usbhub - ok

04:57:00.0516 0x2d3c  [ 7B886003CEEBF3C8E4FDF3586DCB3787, 7206C2F264EE3339460D5E1218B0A83E222CB670AB100A4FEB67AAF2FD6CC6C9

] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys

04:57:00.0547 0x2d3c  USBHUB3 - ok

04:57:00.0563 0x2d3c  [ EC1303E3DBF312B846377A84C0D15F27, D710EA9DC98FD157DF6B312AF5D716DD0AD2F3DF2351571DEA399642BC023EDD

] usbohci         C:\Windows\System32\drivers\usbohci.sys

04:57:00.0579 0x2d3c  usbohci - ok

04:57:00.0594 0x2d3c  [ BA3ABE0CD1C14B3295BAD0F076B84CAC, 19E0679D44A9BD9DDCC336C7DE784147D6CFC3DE4250D5CA31CE49867D51A414

] usbprint        C:\Windows\System32\drivers\usbprint.sys

04:57:00.0610 0x2d3c  usbprint - ok

04:57:00.0641 0x2d3c  [ F77177F6C95B2116EE7AD23B5EF57007, 646E345DE5AFF26B338E17BC9D03D0EDA5608DF77D7685DE7AFF6E4113B9EB87

] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS

04:57:00.0641 0x2d3c  USBSTOR - ok

04:57:00.0673 0x2d3c  [ D25EF4A6EC244C5DE85D88A05B7C149D, A08793945D5FDC2CCCB2C621853A69941F1A108DF6CB559F3E8A21A047A8CCB3

] usbuhci         C:\Windows\System32\drivers\usbuhci.sys

04:57:00.0673 0x2d3c  usbuhci - ok

04:57:00.0719 0x2d3c  [ 09799E701B4327097E9F63D3FE221083, CF2B97D5B3D434D8E5547B2A86771C69A6F7F4857CAD70865B50462A04A27A48

] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

04:57:00.0735 0x2d3c  usbvideo - ok

04:57:00.0782 0x2d3c  [ 9CD4259AD15F84DE27B94A956C978D6C, F3289BBB1C52E49D8F76D07877541A74DFB7AD3E950C2E58A2C6CDC443F824CF

] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS

04:57:00.0797 0x2d3c  USBXHCI - ok

04:57:00.0813 0x2d3c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08

] VaultSvc        C:\Windows\system32\lsass.exe

04:57:00.0813 0x2d3c  VaultSvc - ok

04:57:00.0844 0x2d3c  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8

] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

04:57:00.0844 0x2d3c  vdrvroot - ok

04:57:00.0922 0x2d3c  [ 00FBA165A1167738802DA5D0EE78EF10, 3BA85214F881AB2629CAD73BA0F8D7B1BD18831344FE4A56476B97591602B99B

] vds             C:\Windows\System32\vds.exe

04:57:00.0969 0x2d3c  vds - ok

04:57:00.0985 0x2d3c  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8

] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys

04:57:01.0000 0x2d3c  VerifierExt - ok

04:57:01.0063 0x2d3c  [ 8628FA679F0EC4B709CCD1F6B6A3233B, E8A99795BB7956BFB9FDF6D24209280917FE6500E52F82F50C9FAD2EA6EDFA88

] vhdmp           C:\Windows\System32\drivers\vhdmp.sys

04:57:01.0094 0x2d3c  vhdmp - ok

04:57:01.0125 0x2d3c  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0

] viaide          C:\Windows\system32\drivers\viaide.sys

04:57:01.0141 0x2d3c  viaide - ok

04:57:01.0188 0x2d3c  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9

] vmbus           C:\Windows\system32\drivers\vmbus.sys

04:57:01.0204 0x2d3c  vmbus - ok

04:57:01.0235 0x2d3c  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D

] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys

04:57:01.0235 0x2d3c  VMBusHID - ok

04:57:01.0360 0x2d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D

] vmicheartbeat   C:\Windows\System32\ICSvc.dll

04:57:01.0375 0x2d3c  vmicheartbeat - ok

04:57:01.0422 0x2d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D

] vmickvpexchange C:\Windows\System32\ICSvc.dll

04:57:01.0454 0x2d3c  vmickvpexchange - ok

04:57:01.0532 0x2d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D

] vmicrdv         C:\Windows\System32\ICSvc.dll

04:57:01.0563 0x2d3c  vmicrdv - ok

04:57:01.0579 0x2d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D

] vmicshutdown    C:\Windows\System32\ICSvc.dll

04:57:01.0610 0x2d3c  vmicshutdown - ok

04:57:01.0641 0x2d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D

] vmictimesync    C:\Windows\System32\ICSvc.dll

04:57:01.0672 0x2d3c  vmictimesync - ok

04:57:01.0704 0x2d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D

] vmicvss         C:\Windows\System32\ICSvc.dll

04:57:01.0735 0x2d3c  vmicvss - ok

04:57:01.0782 0x2d3c  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33

] volmgr          C:\Windows\system32\drivers\volmgr.sys

04:57:01.0797 0x2d3c  volmgr - ok

04:57:01.0829 0x2d3c  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7

] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

04:57:01.0860 0x2d3c  volmgrx - ok

04:57:01.0907 0x2d3c  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE, 26FD9DBCFAEDE0F945D80B11769741A3A837F84461263217A43C458B674566EE

] volsnap         C:\Windows\system32\drivers\volsnap.sys

04:57:01.0922 0x2d3c  volsnap - ok

04:57:01.0954 0x2d3c  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586

] vpci            C:\Windows\System32\drivers\vpci.sys

04:57:01.0969 0x2d3c  vpci - ok

04:57:02.0000 0x2d3c  [ DDF7522FBEF8D50E015E743813595801, F4839D7BC540219463A52E85370B6CD77CFDD8E3068869BAF52DB9F7FAC0C2EB

] vrvd5           C:\Windows\system32\DRIVERS\vrvd5.sys

04:57:02.0000 0x2d3c  vrvd5 - ok

04:57:02.0047 0x2d3c  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D

] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

04:57:02.0047 0x2d3c  vsmraid - ok

04:57:02.0188 0x2d3c  [ EA658570314042C914964FC72AB50E6B, 0B10E16D5136BF71EAF68F0D9A8B25F92F6D686BF9F80FEEB9F291221C6B8284

] VSS             C:\Windows\system32\vssvc.exe

04:57:02.0282 0x2d3c  VSS - ok

04:57:02.0344 0x2d3c  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29

] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys

04:57:02.0360 0x2d3c  VSTXRAID - ok

04:57:02.0407 0x2d3c  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824

] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

04:57:02.0407 0x2d3c  vwifibus - ok

04:57:02.0438 0x2d3c  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041

] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

04:57:02.0454 0x2d3c  vwififlt - ok

04:57:02.0454 0x2d3c  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C

] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

04:57:02.0469 0x2d3c  vwifimp - ok

04:57:02.0547 0x2d3c  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C

] W32Time         C:\Windows\system32\w32time.dll

04:57:02.0579 0x2d3c  W32Time - ok

04:57:02.0610 0x2d3c  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F

] WacomPen        C:\Windows\System32\drivers\wacompen.sys

04:57:02.0610 0x2d3c  WacomPen - ok

04:57:02.0657 0x2d3c  [ 6081CEC9EF9EB145D8B46655C7708D51, 34E421501185BDE9049AC68F0604F4AD694AF6DA1D52A7D75C2BD050B5817ADF

] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

04:57:02.0657 0x2d3c  Wanarp - ok

04:57:02.0672 0x2d3c  [ 6081CEC9EF9EB145D8B46655C7708D51, 34E421501185BDE9049AC68F0604F4AD694AF6DA1D52A7D75C2BD050B5817ADF

] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

04:57:02.0688 0x2d3c  Wanarpv6 - ok

04:57:02.0742 0x2d3c  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF

] wbengine        C:\Windows\system32\wbengine.exe

04:57:02.0773 0x2d3c  wbengine - ok

04:57:02.0820 0x2d3c  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B

] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

04:57:02.0836 0x2d3c  WbioSrvc - ok

04:57:02.0836 0x2d3c  [ D9C1E82651BF19C6FF69CEC6FD400124, 93B96481A5B26F5617B16DD775AF0F8CE9001B30251FFF58D6EF9044D5EE91CD

] Wcmsvc          C:\Windows\System32\wcmsvc.dll

04:57:02.0851 0x2d3c  Wcmsvc - ok

04:57:02.0917 0x2d3c  [ 4507D89FA9E4283100948C91E867D130, 7DEEE18C903752A46D9B23B8C8F50A0028E6682321B365EC87F87D1E7EFB8621

] wcncsvc         C:\Windows\System32\wcncsvc.dll

04:57:02.0917 0x2d3c  wcncsvc - ok

04:57:02.0948 0x2d3c  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15

] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

04:57:02.0964 0x2d3c  WcsPlugInService - ok

04:57:02.0995 0x2d3c  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46

] Wd              C:\Windows\system32\drivers\wd.sys

04:57:02.0995 0x2d3c  Wd - ok

04:57:03.0011 0x2d3c  [ 260F8DFC4D5748F4CCB9B19CFB0E58EA, 36A6B264677A8A5A4E4785C9BE49E39C82B552460C46026964B700CCBA51FBB0

] WdBoot          C:\Windows\system32\drivers\WdBoot.sys

04:57:03.0011 0x2d3c  WdBoot - ok

04:57:03.0042 0x2d3c  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F

] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

04:57:03.0057 0x2d3c  Wdf01000 - ok

04:57:03.0104 0x2d3c  [ 880FFFC4D5BBBB4187B6B04AB2E8C32A, 406363087976285481A8401FC5A8BBAF0DDCCC8D9228F39702D5B80ADC61EEA9

] WdFilter        C:\Windows\system32\drivers\WdFilter.sys

04:57:03.0104 0x2d3c  WdFilter - ok

04:57:03.0151 0x2d3c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412

] WdiServiceHost  C:\Windows\system32\wdi.dll

04:57:03.0151 0x2d3c  WdiServiceHost - ok

04:57:03.0167 0x2d3c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412

] WdiSystemHost   C:\Windows\system32\wdi.dll

04:57:03.0167 0x2d3c  WdiSystemHost - ok

04:57:03.0214 0x2d3c  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6

] WebClient       C:\Windows\System32\webclnt.dll

04:57:03.0214 0x2d3c  WebClient - ok

04:57:03.0245 0x2d3c  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773

] Wecsvc          C:\Windows\system32\wecsvc.dll

04:57:03.0261 0x2d3c  Wecsvc - ok

04:57:03.0276 0x2d3c  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7

] wercplsupport   C:\Windows\System32\wercplsupport.dll

04:57:03.0276 0x2d3c  wercplsupport - ok

04:57:03.0292 0x2d3c  [ 8E2426162ED6749A127B35D235F21E11, 3B92CE177DE926CC801B71EACC2901DB11BDBF4A1269A004BFFECB3047E17E4C

] WerSvc          C:\Windows\System32\WerSvc.dll

04:57:03.0292 0x2d3c  WerSvc - ok

04:57:03.0307 0x2d3c  [ FE762D3498719C3A23471BBA62F747B4, 7F9390D5B0133BF1FA66BFC5FD933E17AADEB7845F141948EE4A52AB779A69F8

] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys

04:57:03.0307 0x2d3c  WFPLWFS - ok

04:57:03.0323 0x2d3c  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6

] WiaRpc          C:\Windows\System32\wiarpc.dll

04:57:03.0339 0x2d3c  WiaRpc - ok

04:57:03.0354 0x2d3c  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94

] WIMMount        C:\Windows\system32\drivers\wimmount.sys

04:57:03.0354 0x2d3c  WIMMount - ok

04:57:03.0386 0x2d3c  WinDefend - ok

04:57:03.0464 0x2d3c  [ 1369928779943B5C7AABA263E6E2BBC1, 5DB4E77912051839B842F43B01933A07D72BD9E772F129573B1504361A9AA6A4

 

] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll

04:57:03.0464 0x2d3c  WinHttpAutoProxySvc - ok

04:57:03.0526 0x2d3c  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF

 

] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

04:57:03.0542 0x2d3c  Winmgmt - ok

04:57:03.0682 0x2d3c  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911

 

] WinRM           C:\Windows\system32\WsmSvc.dll

04:57:03.0729 0x2d3c  WinRM - ok

04:57:03.0776 0x2d3c  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E

 

] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

04:57:03.0776 0x2d3c  WinUsb - ok

04:57:03.0823 0x2d3c  [ 19B3CFB1D6516AB2C54772CB75426AD4, 9DB10D2BE984AC665562FB6095F32E0A9E7FDCCF1580C87A7F5DCEAA3EC4C463

 

] WlanSvc         C:\Windows\System32\wlansvc.dll

04:57:03.0854 0x2d3c  WlanSvc - ok

04:57:03.0917 0x2d3c  [ 08EFA13A2234C8C3B8A99E4B88BE7E9B, 460ACD1687A2E5443A1B0E1786A517E67DB876403AC3498555848BD16DA08929

 

] wlidsvc         C:\Windows\system32\wlidsvc.dll

04:57:03.0964 0x2d3c  wlidsvc - ok

04:57:03.0995 0x2d3c  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0

 

] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys

04:57:03.0995 0x2d3c  WmiAcpi - ok

04:57:04.0026 0x2d3c  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0

 

] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

04:57:04.0042 0x2d3c  wmiApSrv - ok

04:57:04.0073 0x2d3c  WMPNetworkSvc - ok

04:57:04.0089 0x2d3c  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE

] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys

04:57:04.0089 0x2d3c  wpcfltr - ok

04:57:04.0136 0x2d3c  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8

] WPCSvc          C:\Windows\System32\wpcsvc.dll

04:57:04.0136 0x2d3c  WPCSvc - ok

04:57:04.0151 0x2d3c  [ 94AA5150E35B3ABB7191FE641E3C2473, 48CC776E92579188FF75BADFABF7BDBED0092AF5EE2BDBDEF9C3834A01E39CAB

] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

04:57:04.0151 0x2d3c  WPDBusEnum - ok

04:57:04.0183 0x2d3c  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F

] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys

04:57:04.0183 0x2d3c  WpdUpFltr - ok

04:57:04.0214 0x2d3c  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D

] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

04:57:04.0214 0x2d3c  ws2ifsl - ok

04:57:04.0276 0x2d3c  [ FB0C1B7F94FA08E72F19F6F2CE7210E1, DC5475E9172BD732A654838CDB8057FCD83A02060C0C79B141F74A74D4C77555

] wscsvc          C:\Windows\System32\wscsvc.dll

04:57:04.0276 0x2d3c  wscsvc - ok

04:57:04.0276 0x2d3c  WSearch - ok

04:57:04.0433 0x2d3c  [ C10BFFEE7E0D7A1366E84F251796C51D, E1FD1DF5F5C5934F9A8584D54F35720655AC4F5D4CFD69CD1E063C0BBEC4D33D

 

] WSService       C:\Windows\System32\WSService.dll

04:57:04.0479 0x2d3c  WSService - ok

04:57:04.0604 0x2d3c  [ 69DDDAF7BB4D39A4CC928EA434A3E258, 3C3335682C53C283E9C2C42EBB557944C4808F8C0F1781A8B2C4CA24D1677531

 

] wuauserv        C:\Windows\system32\wuaueng.dll

04:57:04.0667 0x2d3c  wuauserv - ok

04:57:04.0698 0x2d3c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6

 

] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

04:57:04.0698 0x2d3c  WudfPf - ok

04:57:04.0719 0x2d3c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978

 

] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys

04:57:04.0719 0x2d3c  WUDFRd - ok

04:57:04.0734 0x2d3c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978

 

] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys

04:57:04.0734 0x2d3c  WUDFSensorLP - ok

04:57:04.0766 0x2d3c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65

 

] wudfsvc         C:\Windows\System32\WUDFSvc.dll

04:57:04.0781 0x2d3c  wudfsvc - ok

04:57:04.0781 0x2d3c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978

 

] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys

04:57:04.0781 0x2d3c  WUDFWpdFs - ok

04:57:04.0797 0x2d3c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978

 

] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys

04:57:04.0797 0x2d3c  WUDFWpdMtp - ok

04:57:04.0844 0x2d3c  [ F9D8D2E6ECE08B278621D5BF3A7240A6, 99EEEE51EA6CE8909713CA81A2AFA5102774AE9C8554F422F4D9A1D8B0ABDB09

 

] WwanSvc         C:\Windows\System32\wwansvc.dll

04:57:04.0859 0x2d3c  WwanSvc - ok

04:57:04.0922 0x2d3c  [ BB1842E3AA602B401F7692718B0D0F9A, 6DE508F6CC917D046E61730706C70EF2965B12A7A31F180C22DF8BFA30C0CF67

 

] ZAtheros Wlan Agent C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

04:57:04.0922 0x2d3c  ZAtheros Wlan Agent - ok

04:57:04.0938 0x2d3c  ================ Scan global ===============================

04:57:05.0000 0x2d3c  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050

] C:\Windows\system32\basesrv.dll

04:57:05.0031 0x2d3c  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D

 

] C:\Windows\system32\winsrv.dll

04:57:05.0063 0x2d3c  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06

] C:\Windows\system32\sxssrv.dll

04:57:05.0109 0x2d3c  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA

 

] C:\Windows\system32\services.exe

04:57:05.0109 0x2d3c  [ Global ] - ok

04:57:05.0109 0x2d3c  ================ Scan MBR ==================================

04:57:05.0125 0x2d3c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

04:57:05.0125 0x2d3c  \Device\Harddisk0\DR0 - ok

04:57:05.0125 0x2d3c  ================ Scan VBR ==================================

04:57:05.0141 0x2d3c  [ 63691DF7923662997379862A9A6CF654 ] \Device\Harddisk0\DR0\Partition1

04:57:05.0219 0x2d3c  \Device\Harddisk0\DR0\Partition1 - ok

04:57:05.0234 0x2d3c  [ 341859B010EC019BF754DF635C10E327 ] \Device\Harddisk0\DR0\Partition2

04:57:05.0281 0x2d3c  \Device\Harddisk0\DR0\Partition2 - ok

04:57:05.0313 0x2d3c  [ 1DEC8F6338BF63839C2FEF02B9AD644E ] \Device\Harddisk0\DR0\Partition3

04:57:05.0313 0x2d3c  \Device\Harddisk0\DR0\Partition3 - ok

04:57:05.0313 0x2d3c  [ AF59A622416799ABE0E648318C2F81AA ] \Device\Harddisk0\DR0\Partition4

04:57:05.0396 0x2d3c  \Device\Harddisk0\DR0\Partition4 - ok

04:57:05.0428 0x2d3c  [ B9050A18A9524EB444DC3691FDFAC748 ] \Device\Harddisk0\DR0\Partition5

04:57:05.0444 0x2d3c  \Device\Harddisk0\DR0\Partition5 - ok

04:57:05.0444 0x2d3c  ================ Scan generic autorun ======================

04:57:05.0491 0x2d3c  [ 483BAA4246B80BDE1EA562C618BBA4A1, 0340A483F2F00A329ADC625940E5B2E951E1AA362CB088477EFC92D245207CEA

] C:\Windows\system32\igfxtray.exe

04:57:05.0506 0x2d3c  IgfxTray - ok

04:57:05.0506 0x2d3c  [ 40CAEC9DBC892ED1915704CC54CB382E, 38976A5EF1461027FF8F07397793A9BEFD0B3B47EB1B86F0F3FB88818E5917C9

] C:\Windows\system32\hkcmd.exe

04:57:05.0522 0x2d3c  HotKeysCmds - ok

04:57:05.0553 0x2d3c  [ C88B01661694F2013F8DF1BD66B8B39E, 5BB40F448A85EE00FC090D61BFAB2D15874946E355F92B4FA40482153F0EB83E

] C:\Windows\system32\igfxpers.exe

04:57:05.0553 0x2d3c  Persistence - ok

04:57:06.0553 0x2d3c  [ 9AC062437035B077C0F3B1BD738EC82A, DAC42AA903C3A6F7CB196D3D738FFDDADC8BD2138F0703F1DB035337540D53B7

] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

04:57:07.0337 0x2d3c  RtHDVCpl - ok

04:57:07.0477 0x2d3c  [ 5E53A66C680A06E26B1234CB0C3CD99B, D782E724FF487459704BFA2BC5BA5E6E7E85BC9D71ECF68BE78F9C74449EB207

] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

04:57:07.0555 0x2d3c  RtHDVBg_Dolby - ok

04:57:07.0587 0x2d3c  [ E9F9AAF6C3C6EE13148B7E03BCD1E8E9, 00810CF4D45624985E2E8EE336294B35C970EA96E76E5704BCACF3E94B79DCEE

] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe

04:57:07.0587 0x2d3c  BtPreLoad - ok

04:57:07.0649 0x2d3c  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07

] C:\Program Files\iTunes\iTunesHelper.exe

04:57:07.0665 0x2d3c  iTunesHelper - ok

04:57:07.0665 0x2d3c  mcui_exe - ok

04:57:07.0754 0x2d3c  [ 51B22E0B6BEDD384FD13446A670E2011, F22B0D1479B1C6AA41677F2F1CF265B9BB9F7D25D0055EBCA2537C5E9B6EB60E

 

] C:\Dolby PCEE4\pcee4.exe

04:57:07.0785 0x2d3c  Dolby Advanced Audio v2 - ok

04:57:07.0926 0x2d3c  [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B

 

] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

04:57:07.0926 0x2d3c  APSDaemon - ok

04:57:08.0066 0x2d3c  [ BF739971EC9B05DAFEC793767B632BA9, 3C2AD01C5842936E0BE81E872F4551A7243189B618FDBEF42B748011B604A65B

 

] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

04:57:08.0082 0x2d3c  KiesTrayAgent - ok

04:57:08.0207 0x2d3c  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B

 

] C:\Program Files (x86)\QuickTime\QTTask.exe

04:57:08.0238 0x2d3c  QuickTime Task - ok

04:57:08.0363 0x2d3c  [ 63C0C3C8A846CB655CD512234959196F, 1827892481A4670D3EAA055C22BDF5BB6EE41597EF0E8F076E42482FA4FC6401

 

] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe

04:57:08.0383 0x2d3c  DNS7reminder - ok

04:57:08.0578 0x2d3c  [ D3F0452392C45081D8866A92C86D1C7C, A746ED0D69FC51D974B445AB387C7315B70D7555B7499945A1D64F3E8A865340

 

] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe

04:57:08.0610 0x2d3c  ISUSPM - ok

04:57:08.0797 0x2d3c  [ 33E7824BD9A4D774E0D161FFDD6FF9AA, 18E556163E1C33C8D097E5D0BEE8BD94254566CAA9C67EBE08770DEE27D1DAA5

 

] C:\Program Files (x86)\Nuance\OmniPage18\OmniPage18.exe

04:57:08.0844 0x2d3c  OmniPage Preload - ok

04:57:09.0000 0x2d3c  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546

 

] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

04:57:09.0016 0x2d3c  Adobe ARM - ok

04:57:09.0063 0x2d3c  [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07

 

] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

04:57:09.0078 0x2d3c  SunJavaUpdateSched - ok

04:57:09.0282 0x2d3c  [ 3A4F8327EFD360EB3557F5CF23158B4E, 9678C8AC4E7EFBD16D11DCD0E765FC9D4E1FA86095A545B1F9421C16AF055FCC

 

] C:\Users\JamesTrevor\AppData\Local\770bc6656ddf6c8f26bf2a92e4b368e3\770bc6656ddf6c8f26bf2a92e4b368e3.exe

04:57:09.0297 0x2d3c  {0D5AF2B5-F3AE-4fb4-A7F9-0DC68E21E8B4} - ok

04:57:09.0313 0x2d3c  IsMyWinLockerReboot - ok

04:57:09.0313 0x2d3c  IsMyWinLockerReboot - ok

04:57:09.0313 0x2d3c  IsMyWinLockerReboot - ok

04:57:09.0391 0x2d3c  [ 0049D80BAB72557E9DD09C223FD71E58, AE98C428233E1494A860013638EE1FF1CE609EA17D2EB2D5829757071C273717

] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

04:57:09.0407 0x2d3c  Spotify Web Helper - ok

04:57:09.0500 0x2d3c  [ 8CFAFCD10B661D5770A32111EB4CD266, 7B4B4EEDA5F77BF1D24C35EBD4B14B4FCBE6B424C47E41CCAE9718345554E283

] C:\Program Files (x86)\Samsung\Kies\Kies.exe

04:57:09.0532 0x2d3c  KiesPreload - ok

04:57:09.0532 0x2d3c  KiesAirMessage - ok

04:57:09.0563 0x2d3c  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9

 

] C:\Windows\system32\cmd.exe

04:57:09.0579 0x2d3c  Uninstall C:\Users\JamesTrevor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64 - ok

04:57:09.0594 0x2d3c  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9

 

] C:\Windows\system32\cmd.exe

04:57:09.0594 0x2d3c  Uninstall C:\Users\JamesTrevor\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64 - ok

04:57:09.0625 0x2d3c  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9

 

] C:\Windows\system32\cmd.exe

04:57:09.0625 0x2d3c  Uninstall C:\Users\JamesTrevor\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64 - ok

04:57:09.0657 0x2d3c  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9

 

] C:\Windows\system32\cmd.exe

04:57:09.0657 0x2d3c  Uninstall C:\Users\JamesTrevor\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64 - ok

04:57:09.0672 0x2d3c  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9

 

] C:\Windows\system32\cmd.exe

04:57:09.0672 0x2d3c  Uninstall C:\Users\JamesTrevor\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64 - ok

04:57:09.0672 0x2d3c  Waiting for KSN requests completion. In queue: 153

04:57:10.0688 0x2d3c  Waiting for KSN requests completion. In queue: 153

04:57:11.0692 0x2d3c  Waiting for KSN requests completion. In queue: 153

04:57:12.0708 0x2d3c  Waiting for KSN requests completion. In queue: 153

04:57:13.0775 0x2d3c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe (

 

4.0.9200.16384 ), 0x60110 ( disabled : outofdate )

04:57:13.0791 0x2d3c  Win FW state via NFP2: disabled

04:57:16.0956 0x2d3c  ============================================================

04:57:16.0956 0x2d3c  Scan finished

04:57:16.0956 0x2d3c  ============================================================

04:57:16.0956 0x3d84  Detected object count: 0

04:57:16.0956 0x3d84  Actual detected object count: 0

 

_______________________________________________________________

 

 

 

# AdwCleaner v4.206 - Logfile created 04/06/2015 at 05:12:15

# Updated 01/06/2015 by Xplode

# Database : 2015-06-01.1 [Server]

# Operating system : Windows 8  (x64)

# Username : JamesTrevor - TREVOR

# Running from : C:\Users\JamesTrevor\Desktop\Computer fix\adwcleaner_4.206.exe

# Option : Cleaning

 

***** [ Services ] *****

 

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\JamesTrevor\AppData\Local\Google\Chrome\User Data\Default\Extensions

\fhadcpjgjandiokfnmeefdcimniinhpe

***** [ Scheduled tasks ] *****

 

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

 

***** [ Web browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16384

 

-\\ Mozilla Firefox v37.0.1 (x86 en-US)

 

-\\ Google Chrome v43.0.2357.81

 

*************************

AdwCleaner[R0].txt - [2317 bytes] - [26/07/2014 21:23:21]

AdwCleaner[R1].txt - [2468 bytes] - [22/01/2015 11:18:34]

AdwCleaner[R2].txt - [3008 bytes] - [16/05/2015 06:50:54]

AdwCleaner[R3].txt - [1274 bytes] - [04/06/2015 05:01:43]

AdwCleaner[S0].txt - [2381 bytes] - [26/07/2014 21:31:21]

AdwCleaner[S1].txt - [2530 bytes] - [22/01/2015 11:50:46]

AdwCleaner[S2].txt - [3102 bytes] - [16/05/2015 08:00:07]

AdwCleaner[S3].txt - [1202 bytes] - [04/06/2015 05:12:15]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1261  bytes] ##########

 

 

 

___________________________________________________________________________

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.8.8 (06.03.2015:1)

OS: Windows 8 x64

Ran by JamesTrevor on Thu 06/04/2015 at  5:37:09.33

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~ Services

 

Successfully stopped: [Service] bassvc

Failed to delete: [Service] bassvc

 

~~~ Tasks

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\

\GoogleChromeAutoLaunch_C8A0F9A04EE362D44F8817B4AFF21A65

 

~~~ Registry Keys

 

~~~ Files

Failed to delete: [File] C:\Users\JamesTrevor\appdata\local\770bc6656ddf6c8f26bf2a92e4b368e3

Successfully deleted: [File] C:\Users\JamesTrevor\appdata\local\google\chrome\user data\default\local storage

 

\https_static.olark.com_0.localstorage

Successfully deleted: [File] C:\Users\JamesTrevor\appdata\local\google\chrome\user data\default\local storage

\https_static.olark.com_0.localstorage-journal

 

~~~ Folders

 

~~~ Chrome

 

[C:\Users\JamesTrevor\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

 

[C:\Users\JamesTrevor\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

 

[C:\Users\JamesTrevor\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

 

[C:\Users\JamesTrevor\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

[

  lbfehkoinhhcknnbdgnnmjhiladcgbol

]

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 06/04/2015 at  5:41:26.27

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.8.8 (06.03.2015:1)

OS: Windows 8 x64

Ran by JamesTrevor on Thu 06/04/2015 at  5:37:09.33

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~ Services

Successfully stopped: [Service] bassvc

Failed to delete: [Service] bassvc

 

 

~~~ Tasks

 

 

~~~ Registry Values

 

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_C8A0F9A04EE362D44F8817B4AFF21A65

 

 

~~~ Registry Keys

 

 

~~~ Files

 

Failed to delete: [File] C:\Users\JamesTrevor\appdata\local\770bc6656ddf6c8f26bf2a92e4b368e3

Successfully deleted: [File] C:\Users\JamesTrevor\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage

Successfully deleted: [File] C:\Users\JamesTrevor\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal

 

 

~~~ Folders

 

 

~~~ Chrome

 

[C:\Users\JamesTrevor\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\JamesTrevor\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\JamesTrevor\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\JamesTrevor\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

[

  lbfehkoinhhcknnbdgnnmjhiladcgbol

]

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 06/04/2015 at  5:41:26.27

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Edited by Charlie123, 03 June 2015 - 11:29 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 PM

Posted 04 June 2015 - 07:36 PM

Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.



WIN8.. Please Download this file, Click Me
Right-click on winsockfix.bat and click on Run as Administrator.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Charlie123

Charlie123
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:12:58 PM

Posted 04 June 2015 - 08:01 PM

Okay. Am I done?



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 PM

Posted 04 June 2015 - 08:05 PM

TRy ESET now
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Charlie123

Charlie123
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:12:58 PM

Posted 05 June 2015 - 01:48 PM

TRy ESET now

 

No change, It still asks if proxy is configured.

 

Also, just got a message that Windows Defender could not update virus definitions. 


Edited by Charlie123, 05 June 2015 - 01:53 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 PM

Posted 05 June 2015 - 01:57 PM

We may have a protected Malware her. Let's get a deeper look and see.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Charlie123

Charlie123
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:12:58 PM

Posted 05 June 2015 - 02:29 PM

Hmmm...It looks like that preparation guide wants me to backup all my data and then create a log...estimated time....about the same as doing a clean install, as far as I can tell. The preparation guide doesn't give any estimate on what direction this is headed, meaning that I have no way of knowing if I am just going to have to do a clean install anyway.

 

Can you give me your perspective on the above? I'm thinking just start all over. 



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 PM

Posted 05 June 2015 - 02:42 PM

Ok, well the install may be faster as even if you just post the log it may take a day or two for analysis. On the other hand is it s quite rare you have something we cannot safely remove.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Charlie123

Charlie123
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:12:58 PM

Posted 05 June 2015 - 02:52 PM

It's not so much waiting for you to look at the log, it is the number of hours I have to spend, cumulatively, fiddling around with it. I am thinking of selling this box anyway, which would involve a clean install. I'll sleep on it. Thanks for your help.



#12 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,284 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:09:58 AM

Posted 06 June 2015 - 07:06 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/578655/posting-a-frst-log-possible-protected-malware/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users