Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Malware/Virus Infection on Machine?


  • Please log in to reply
9 replies to this topic

#1 JGVT75

JGVT75

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 PM

Posted 12 November 2015 - 12:52 PM

To Whom It May Concern:

 

I have always had one all-in-one security solution running on my machine (e.g. Norton, McAfee, Kaspersky, etc…). I have also always used a variety of on-demand and real-time anti-adware, anti-malware, anti-spyware and antivirus solutions on my machine. Typically I allow my all-in-one solution to do most of the work in protecting my machine. In addition to this I use the on-demand and real-time solution weekly to deal with anything that the all-in-one solution missed or couldn't handle. Up until recently this general scheme has worked well for me as I have not had any major issues. However, over the last few months I have become rather lacking in my efforts to maintain the security of my machine.

 

About one month ago I start to notice issues in the performance of my machine; including a few odd error messages,  several random program crashes, slow operation in general, web browser pop-ups (which are blocked, supposedly), OS crash (one time), and odd hard drive activity. At this point it occurred to me that my lackadaisical approach to machine security might have allowed some unwanted programs to infect my machine. Unfortunately, I did not copy the error messages I received when they occurred because I did not think much of them at the time. 

 

To eliminate the possibility of a malware/virus infection I ran all of my security software (all-in-one, on-demand, and real-time) to identify and eliminate any possible problems. A number of issues were identified and removed from my machine with these programs; however, I was still experiencing some issues. This led me to run a few additional scans with other software I do not usually use. These scan revealed some questionable results.

 

Various Other Scan Results That Appear Suspicious

 

aswMBR: Disk 0 unknown MBR code

AVG AntiVirus command line scanner: Found infections - 95, Found info severity - 96

AVZ Antiviral Toolkit: Files scanned: 838841, extracted from archives: 426690, malicious software found 0, suspicions - 1

 

Obviously these are excerpts from the scan logs. I do not pretend to know exactly what the results mean, but these things caught my attention as they seem to be of concern.

 

So at this point, I am unsure if my machine is indeed infected with something or in need of a fresh/clean install to clean out the junk.

 

System Details

 

OS: Windows 8.1

 

All-In-One Security Solution: Norton Security Suite

 

On-Demand and Real-Time Anti-Adware, Anti-Malware, Anti-Spyware and Antivirus Solutions: Spybot – Search & Destroy, Ad-Aware, Kaspersky Security Scan, Malwarebytes Anti-Malware, Trusteer Endpoint Protection.

 

Please let me know if I forgot something that I should have included.

 

Best,

James



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 PM

Posted 12 November 2015 - 04:27 PM

Hello, please post the full ASWmbr log.

also do these.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 JGVT75

JGVT75
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 PM

Posted 14 November 2015 - 01:29 PM

Thank you for yur quick reply. I apologize for the slow response.

 

What follows are the log files you requested. If you have nay questions or need additional information please let me know. 

 

aswMBR Log

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software

Run date: 2015-11-04 10:53:04

-----------------------------

10:53:04.982    OS Version: Windows x64 6.3.9600 

10:53:04.982    Number of processors: 4 586 0x1301

10:53:04.982    ComputerName: WORKSTATION  UserName: James

10:53:06.076    Initialize success

10:53:48.482    AVAST engine defs: 15110400

10:54:08.576    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000027

10:54:08.576    Disk 0 Vendor: TOSHIBA_DT01ACA100 MS2OA7L0 Size: 953869MB BusType: 11

10:54:08.685    Disk 0 MBR read successfully

10:54:08.701    Disk 0 MBR scan

10:54:08.701    Disk 0 unknown MBR code

10:54:08.701    Disk 0 Partition 1 00     EE            GPT           2097151 MB offset 1

10:54:08.716    Disk 0 scanning C:\Windows\system32\drivers

10:54:22.654    Service scanning

10:54:34.716    Service hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys **LOCKED**

10:55:02.826    Modules scanning

10:55:02.826    Disk 0 trace - called modules:

10:55:02.841    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 

10:55:02.841    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001037fd2a0]

10:55:03.341    3 CLASSPNP.SYS[fffff8016157d170] -> nt!IofCallDriver -> [0xffffe0010354cb30]

10:55:03.341    5 amd_xata.sys[fffff8016247f594] -> nt!IofCallDriver -> \Device\00000027[0xffffe00103522280]

10:55:06.591    AVAST engine scan C:\Windows

10:55:13.716    AVAST engine scan C:\Windows\system32

11:03:09.388    AVAST engine scan C:\Windows\system32\drivers

11:03:41.450    AVAST engine scan C:\Users\James

11:24:19.324    AVAST engine scan C:\ProgramData

11:27:21.621    Disk 0 statistics 4666326/0/0 @ 1.33 MB/s

11:27:21.636    Scan finished successfully

13:54:33.116    Disk 0 MBR has been saved successfully to "C:\Users\James\Desktop\New folder\MBR.dat"

13:54:33.116    The log file has been saved successfully to "C:\Users\James\Desktop\New folder\aswMBR.txt"

13:54:38.069    Disk 0 MBR fix error

13:54:43.132    Disk 0 MBR fix error

13:54:43.757    Disk 0 MBR fix error

13:55:09.320    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000027

13:55:09.320    Disk 0 Vendor: TOSHIBA_DT01ACA100 MS2OA7L0 Size: 953869MB BusType: 11

13:55:09.597    Disk 0 MBR read successfully

13:55:09.601    Disk 0 MBR scan

13:55:09.604    Disk 0 unknown MBR code

13:55:09.604    Disk 0 Partition 1 00     EE            GPT           2097151 MB offset 1

13:55:09.854    Disk 0 scanning C:\Windows\system32\drivers

13:55:48.377    Service scanning

13:56:14.858    Modules scanning

13:56:14.858    Disk 0 trace - called modules:

13:56:14.936    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 

13:56:14.936    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001037fd2a0]

13:56:14.936    3 CLASSPNP.SYS[fffff8016157d170] -> nt!IofCallDriver -> [0xffffe0010354cb30]

13:56:14.952    5 amd_xata.sys[fffff8016247f594] -> nt!IofCallDriver -> \Device\00000027[0xffffe00103522280]

13:56:16.795    AVAST engine scan D:\

14:18:00.293    Disk 0 statistics 6376164/0/0 @ 1.18 MB/s

14:18:00.293    Scan stopped

14:18:05.809    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000027

14:18:05.809    Disk 0 Vendor: TOSHIBA_DT01ACA100 MS2OA7L0 Size: 953869MB BusType: 11

14:18:05.856    Disk 0 MBR read successfully

14:18:05.856    Disk 0 MBR scan

14:18:05.871    Disk 0 unknown MBR code

14:18:05.887    Disk 0 Partition 1 00     EE            GPT           2097151 MB offset 1

14:18:05.903    Disk 0 scanning C:\Windows\system32\drivers

14:18:05.903    Service scanning

14:18:50.762    Modules scanning

14:18:50.762    Disk 0 trace - called modules:

14:18:50.778    

14:18:54.403    AVAST engine scan D:\

15:49:03.441    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

15:49:03.441    Scan finished successfully

18:25:59.444    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:25:59.444    Scan stopped

18:26:02.476    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:02.476    Scan stopped

18:26:05.507    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:05.507    Scan stopped

18:26:08.538    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:08.538    Scan stopped

18:26:11.569    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:11.569    Scan stopped

18:26:14.601    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:14.601    Scan stopped

18:26:17.632    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:17.632    Scan stopped

18:26:20.663    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:20.663    Scan stopped

18:26:23.710    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:23.710    Scan stopped

18:26:26.741    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:26.741    Scan stopped

18:26:29.773    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:29.773    Scan stopped

18:26:32.804    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:32.804    Scan stopped

18:26:35.835    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:35.835    Scan stopped

18:26:38.866    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:38.866    Scan stopped

18:26:41.898    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:41.898    Scan stopped

18:26:44.929    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:44.929    Scan stopped

18:26:47.960    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:47.960    Scan stopped

18:26:50.991    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:50.991    Scan stopped

18:26:54.023    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:54.023    Scan stopped

18:26:57.054    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:26:57.054    Scan stopped

18:27:00.085    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:27:00.085    Scan stopped

18:27:03.116    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:27:03.116    Scan stopped

18:27:06.148    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:27:06.148    Scan stopped

18:27:09.179    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:27:09.179    Scan stopped

18:27:12.210    Disk 0 statistics 9315101/0/0 @ 0.62 MB/s

18:27:12.210    Scan stopped

18:57:14.307    Disk 0 MBR has been saved successfully to "C:\Users\James\Desktop\New folder\MBR.dat"

18:57:14.307    The log file has been saved successfully to "C:\Users\James\Desktop\New folder\aswMBR2.txt"

 

Mini Toolbox Log

 

MiniToolBox by Farbar  Version: 02-11-2015

Ran by James (administrator) on 14-11-2015 at 10:29:07

Running from "C:\Users\James\Desktop"

Microsoft Windows 8.1  (X64)

Model: M11BB Manufacturer: ASUSTeK COMPUTER INC.

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ============================== 

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

 

Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC = Wi-Fi (Connected)

Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)

Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled

set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : Workstation

   Primary Dns Suffix  . . . . . . . : 

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

   DNS Suffix Search List. . . . . . : hsd1.vt.comcast.net.

 

Wireless LAN adapter Local Area Connection* 3:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter

   Physical Address. . . . . . . . . : 24-0A-64-F6-20-D3

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wi-Fi:

 

   Connection-specific DNS Suffix  . : hsd1.vt.comcast.net.

   Description . . . . . . . . . . . : Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC

   Physical Address. . . . . . . . . : 24-0A-64-F6-20-D3

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::6c8a:6343:c086:6f5c%6(Preferred) 

   IPv4 Address. . . . . . . . . . . : 10.0.1.6(Preferred) 

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : Saturday, November 14, 2015 10:25:00 AM

   Lease Expires . . . . . . . . . . : Sunday, November 15, 2015 10:25:00 AM

   Default Gateway . . . . . . . . . : 10.0.1.1

   DHCP Server . . . . . . . . . . . : 10.0.1.1

   DHCPv6 IAID . . . . . . . . . . . : 103025252

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-9A-70-71-BC-EE-7B-DC-06-74

   DNS Servers . . . . . . . . . . . : 10.0.1.1

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Bluetooth Network Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)

   Physical Address. . . . . . . . . : 24-0A-64-F6-20-D2

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Ethernet adapter Ethernet:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : sz-image

   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

   Physical Address. . . . . . . . . : BC-EE-7B-DC-06-74

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.hsd1.vt.comcast.net.:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : hsd1.vt.comcast.net.

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:74:5013:b66a:11e7(Preferred) 

   Link-local IPv6 Address . . . . . : fe80::74:5013:b66a:11e7%9(Preferred) 

   Default Gateway . . . . . . . . . : ::

   DHCPv6 IAID . . . . . . . . . . . : 352321536

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-9A-70-71-BC-EE-7B-DC-06-74

   NetBIOS over Tcpip. . . . . . . . : Disabled

DNS request timed out.

    timeout was 2 seconds.

Server:  UnKnown

Address:  10.0.1.1

 

Name:    google.com

Addresses:  2607:f8b0:4004:809::1008

 173.194.123.64

 173.194.123.66

 173.194.123.78

 173.194.123.70

 173.194.123.73

 173.194.123.68

 173.194.123.65

 173.194.123.72

 173.194.123.69

 173.194.123.67

 173.194.123.71

 

 

Pinging google.com [173.194.123.64] with 32 bytes of data:

Reply from 173.194.123.64: bytes=32 time=27ms TTL=55

Reply from 173.194.123.64: bytes=32 time=26ms TTL=55

 

Ping statistics for 173.194.123.64:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 26ms, Maximum = 27ms, Average = 26ms

Server:  UnKnown

Address:  10.0.1.1

 

Name:    yahoo.com

Addresses:  2001:4998:c:a06::2:4008

 2001:4998:58:c02::a9

 2001:4998:44:204::a7

 98.139.183.24

 206.190.36.45

 98.138.253.109

 

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=32ms TTL=49

Reply from 98.139.183.24: bytes=32 time=48ms TTL=49

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 32ms, Maximum = 48ms, Average = 40ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

  7...24 0a 64 f6 20 d3 ......Microsoft Wi-Fi Direct Virtual Adapter

  6...24 0a 64 f6 20 d3 ......Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC

  5...24 0a 64 f6 20 d2 ......Bluetooth Device (Personal Area Network)

  3...bc ee 7b dc 06 74 ......Realtek PCIe GBE Family Controller

  1...........................Software Loopback Interface 1

  8...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

  9...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0         10.0.1.1         10.0.1.6     25

         10.0.1.0    255.255.255.0         On-link          10.0.1.6    281

         10.0.1.6  255.255.255.255         On-link          10.0.1.6    281

       10.0.1.255  255.255.255.255         On-link          10.0.1.6    281

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link          10.0.1.6    281

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link          10.0.1.6    281

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

 If Metric Network Destination      Gateway

  9    306 ::/0                     On-link

  1    306 ::1/128                  On-link

  9    306 2001::/32                On-link

  9    306 2001:0:9d38:6ab8:74:5013:b66a:11e7/128

                                    On-link

  6    281 fe80::/64                On-link

  9    306 fe80::/64                On-link

  9    306 fe80::74:5013:b66a:11e7/128

                                    On-link

  6    281 fe80::6c8a:6343:c086:6f5c/128

                                    On-link

  1    306 ff00::/8                 On-link

  6    281 ff00::/8                 On-link

  9    306 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)

Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)

Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)

x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)

x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (11/14/2015 10:25:22 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

 

Error: (11/14/2015 10:20:31 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

 

Error: (11/14/2015 10:20:03 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

 

Error: (11/14/2015 10:01:11 AM) (Source: Application Hang) (User: )

Description: The program WORDPAD.EXE version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 1ddc

 

Start Time: 01d11eed0c3ec4d9

 

Termination Time: 31

 

Application Path: C:\Program Files\Windows NT\Accessories\WORDPAD.EXE

 

Report Id: 87af396d-8ae0-11e5-8288-240a64f620d2

 

Faulting package full name: 

 

Faulting package-relative application ID:

 

Error: (11/14/2015 09:59:09 AM) (Source: Application Hang) (User: )

Description: The program WORDPAD.EXE version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 1a60

 

Start Time: 01d11eecb9fda35c

 

Termination Time: 31

 

Application Path: C:\Program Files\Windows NT\Accessories\WORDPAD.EXE

 

Report Id: 3dec7a53-8ae0-11e5-8288-240a64f620d2

 

Faulting package full name: 

 

Faulting package-relative application ID:

 

Error: (11/14/2015 12:09:48 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1515

 

Error: (11/14/2015 12:09:48 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1515

 

Error: (11/14/2015 12:09:48 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/13/2015 04:14:47 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4735

 

Error: (11/13/2015 04:14:47 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 4735

 

 

System errors:

=============

Error: (11/14/2015 10:27:14 AM) (Source: DCOM) (User: NT AUTHORITY)

Description: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

 

Error: (11/14/2015 10:23:29 AM) (Source: DCOM) (User: Workstation)

Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

 

Error: (11/14/2015 10:23:25 AM) (Source: DCOM) (User: Workstation)

Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (11/14/2015 10:22:32 AM) (Source: DCOM) (User: Workstation)

Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

 

Error: (11/14/2015 10:22:32 AM) (Source: DCOM) (User: Workstation)

Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

 

Error: (11/14/2015 10:22:32 AM) (Source: DCOM) (User: Workstation)

Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

 

Error: (11/14/2015 10:22:32 AM) (Source: DCOM) (User: Workstation)

Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

 

Error: (11/14/2015 10:22:31 AM) (Source: DCOM) (User: Workstation)

Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

 

Error: (11/14/2015 10:22:31 AM) (Source: DCOM) (User: Workstation)

Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

 

Error: (11/14/2015 10:22:31 AM) (Source: DCOM) (User: Workstation)

Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

 

 

Microsoft Office Sessions:

=========================

Error: (11/14/2015 10:25:22 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifestC:\Users\James\Desktop\esetsmartinstaller_enu.exe

 

Error: (11/14/2015 10:20:31 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifestC:\Users\James\Desktop\esetsmartinstaller_enu.exe

 

Error: (11/14/2015 10:20:03 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifestD:\esetsmartinstaller_enu.exe

 

Error: (11/14/2015 10:01:11 AM) (Source: Application Hang)(User: )

Description: WORDPAD.EXE6.3.9600.174151ddc01d11eed0c3ec4d931C:\Program Files\Windows NT\Accessories\WORDPAD.EXE87af396d-8ae0-11e5-8288-240a64f620d2

 

Error: (11/14/2015 09:59:09 AM) (Source: Application Hang)(User: )

Description: WORDPAD.EXE6.3.9600.174151a6001d11eecb9fda35c31C:\Program Files\Windows NT\Accessories\WORDPAD.EXE3dec7a53-8ae0-11e5-8288-240a64f620d2

 

Error: (11/14/2015 12:09:48 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1515

 

Error: (11/14/2015 12:09:48 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1515

 

Error: (11/14/2015 12:09:48 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/13/2015 04:14:47 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4735

 

Error: (11/13/2015 04:14:47 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 4735

 

 

CodeIntegrity Errors:

===================================

  Date: 2015-11-14 10:27:12.764

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-14 10:07:31.954

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-14 10:07:31.814

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-14 10:07:30.283

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-14 10:07:30.126

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-14 10:07:21.267

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-14 10:07:21.111

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-14 10:06:54.548

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-14 10:06:54.298

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-14 09:58:06.619

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

 

=========================== Installed Programs ============================

 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.13 - Adobe Systems)

AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)

Alcor Micro USB Card Reader Driver  (HKLM-x32\...\{07CCA4AC-FCC6-4A0A-B87A-26F6F50A7E31}) (Version: 20.2.44.03548 - Alcor Micro Corp.) Hidden

Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{07CCA4AC-FCC6-4A0A-B87A-26F6F50A7E31}) (Version: 20.2.44.03548 - Alcor Micro Corp.)

AMD Catalyst Install Manager (HKLM\...\{BCF4DA9E-A219-2BFF-8A17-81BB135E9BCA}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.12 - ASUSTeK Computer Inc.)

ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.10 - ASUSTeK Computer Inc.)

ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.03 - ASUSTeK Computer Inc.)

ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.08 - ASUSTeK Computer Inc.)

ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.02 - ASUSTeK Computer Inc.)

ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.04 - ASUSTeK Computer Inc.)

ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.08.00 - ASUSTeK Computer Inc.)

ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.3.8 - ASUSTeK Computer Inc.)

AVG (HKLM\...\{A5977E04-0EA7-431B-BD70-D410CF95EADE}) (Version: 16.7.7227 - AVG Technologies) Hidden

AVG 2016 (HKLM\...\{C95CF442-7229-4025-A4F0-E970BF801432}) (Version: 16.0.4450 - AVG Technologies) Hidden

AVG Protection (HKLM\...\AVG) (Version: 2016.7.7227 - AVG Technologies)

Backblaze (HKLM-x32\...\Backblaze) (Version:  - Backblaze, Inc)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Bring To OneNote 2010 v13.3.0.93 (HKLM-x32\...\{D0ED4BE1-6685-4F83-B7CF-2CD42D6ED7F7}_is1) (Version: 13.3.0.93 - James.Linton)

Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)

Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - Canon Inc.)

Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )

Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version:  - )

Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )

Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)

Evince 2.32.0.145 (HKLM-x32\...\{AA38CC00-F12C-495E-AF00-7EE413D3BFB2}) (Version: 2.32.0.145 - (Custom build))

ExactFile 1.0.0.15 (HKLM-x32\...\ExactFile_is1) (Version:  - StudyLamp Software LLC)

FMW 1 (HKLM\...\{FE787B85-D93D-48FC-A974-0A70CACBAC35}) (Version: 1.22.2 - AVG Technologies) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden

HWiNFO64 Version 5.06 (HKLM\...\HWiNFO64_is1) (Version: 5.06 - Martin Malík - REALiX)

Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)

Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Kaspersky Security Scan (HKLM-x32\...\{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.737 - Kaspersky Lab) Hidden

Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.737 - Kaspersky Lab)

Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)

Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

NirSoft ProduKey (HKLM-x32\...\NirSoft ProduKey) (Version:  - )

Norton Security Suite (HKLM-x32\...\N360) (Version: 22.5.4.24 - Symantec Corporation)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)

Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1507.77 - Trusteer) Hidden

REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7035 - Realtek Semiconductor Corp.)

REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

RW-Everything v1.6.8.1 (HKLM\...\RW-Everything_is1) (Version:  - )

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)

Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.16 - TOSHIBA Corporation)

Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.77 - Trusteer)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

Volume Activation Management Tool 2.0 (HKLM-x32\...\{EE010C18-9A1A-4F0E-B46E-884CA113232E}) (Version: 2.0.67.0 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

Wireshark 1.12.7 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.7 - The Wireshark developer community, http://www.wireshark.org)

XMind 6 (v3.5.3) (HKLM-x32\...\XMind_is1) (Version: 3.5.3.201506180105 - XMind Ltd.)

 

========================= Memory info: ===================================

 

Percentage of memory in use: 27%

Total physical RAM: 7367.65 MB

Available physical RAM: 5377.1 MB

Total Virtual: 14791.65 MB

Available Virtual: 12700.22 MB

 

========================= Partitions: =====================================

 

1 Drive c: (Windows) (Fixed) (Total:917.05 GB) (Free:819.71 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\WORKSTATION

 

Administrator            Guest                    James                    

 

 

**** End of log ****

 
TDSSKiller Log
 
10:35:56.0359 0x1628  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
10:35:56.0359 0x1628  UEFI system
10:36:05.0031 0x1628  ============================================================
10:36:05.0031 0x1628  Current date / time: 2015/11/14 10:36:05.0031
10:36:05.0031 0x1628  SystemInfo:
10:36:05.0031 0x1628  
10:36:05.0031 0x1628  OS Version: 6.3.9600 ServicePack: 0.0
10:36:05.0031 0x1628  Product type: Workstation
10:36:05.0031 0x1628  ComputerName: WORKSTATION
10:36:05.0031 0x1628  UserName: James
10:36:05.0031 0x1628  Windows directory: C:\Windows
10:36:05.0031 0x1628  System windows directory: C:\Windows
10:36:05.0031 0x1628  Running under WOW64
10:36:05.0031 0x1628  Processor architecture: Intel x64
10:36:05.0031 0x1628  Number of processors: 4
10:36:05.0031 0x1628  Page size: 0x1000
10:36:05.0031 0x1628  Boot type: Normal boot
10:36:05.0031 0x1628  ============================================================
10:36:07.0171 0x1628  KLMD registered as C:\Windows\system32\drivers\62804641.sys
10:36:10.0171 0x1628  System UUID: {45C0E602-3F00-046F-0BAA-232FCE1B8E78}
10:36:16.0234 0x1628  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:36:16.0249 0x1628  ============================================================
10:36:16.0249 0x1628  \Device\Harddisk0\DR0:
10:36:16.0249 0x1628  GPT partitions:
10:36:16.0249 0x1628  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {697149CF-76BC-4488-9021-176C4CEC736A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x190000
10:36:16.0249 0x1628  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D8D2E8AA-38EF-4F67-BAD0-F90520D5C5F2}, Name: EFI system partition, StartLBA 0x190800, BlocksNum 0x82000
10:36:16.0249 0x1628  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4F793193-9DEE-461D-8097-8663E6D4828F}, Name: Microsoft reserved partition, StartLBA 0x212800, BlocksNum 0x40000
10:36:16.0249 0x1628  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {500F4F32-77D5-47C4-816F-CC3C29F7B1CE}, Name: Basic data partition, StartLBA 0x252800, BlocksNum 0x72A1C000
10:36:16.0249 0x1628  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {09CAE19E-A3E1-4D27-B9AC-3E1503C72B9B}, Name: Basic data partition, StartLBA 0x72C6E800, BlocksNum 0x1A98000
10:36:16.0249 0x1628  MBR partitions:
10:36:16.0249 0x1628  ============================================================
10:36:16.0265 0x1628  C: <-> \Device\Harddisk0\DR0\Partition4
10:36:16.0265 0x1628  ============================================================
10:36:16.0265 0x1628  Initialize success
10:36:16.0265 0x1628  ============================================================
10:36:23.0234 0x1424  ============================================================
10:36:23.0234 0x1424  Scan started
10:36:23.0234 0x1424  Mode: Manual; 
10:36:23.0234 0x1424  ============================================================
10:36:23.0234 0x1424  KSN ping started
10:36:25.0625 0x1424  KSN ping finished: true
10:36:28.0828 0x1424  ================ Scan system memory ========================
10:36:28.0828 0x1424  System memory - ok
10:36:28.0828 0x1424  ================ Scan services =============================
10:36:29.0031 0x1424  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
10:36:29.0031 0x1424  1394ohci - ok
10:36:29.0078 0x1424  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
10:36:29.0078 0x1424  3ware - ok
10:36:29.0125 0x1424  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:36:29.0140 0x1424  ACPI - ok
10:36:29.0156 0x1424  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
10:36:29.0156 0x1424  acpiex - ok
10:36:29.0234 0x1424  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
10:36:29.0265 0x1424  acpipagr - ok
10:36:29.0281 0x1424  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
10:36:29.0281 0x1424  AcpiPmi - ok
10:36:29.0296 0x1424  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
10:36:29.0296 0x1424  acpitime - ok
10:36:29.0390 0x1424  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:36:29.0390 0x1424  AdobeARMservice - ok
10:36:29.0484 0x1424  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
10:36:29.0515 0x1424  ADP80XX - ok
10:36:29.0593 0x1424  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:36:29.0625 0x1424  AeLookupSvc - ok
10:36:29.0687 0x1424  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
10:36:29.0687 0x1424  AFD - ok
10:36:29.0734 0x1424  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:36:29.0734 0x1424  agp440 - ok
10:36:29.0765 0x1424  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
10:36:29.0765 0x1424  ahcache - ok
10:36:29.0796 0x1424  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
10:36:29.0796 0x1424  ALG - ok
10:36:29.0828 0x1424  [ 497D44465C4FD98FD8F2C5C951595AC7, 7A2382C8C3C9D917961AD56880C47F2DD46B9A40FF30E5FA37EA9B245D7031BF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:36:29.0828 0x1424  AMD External Events Utility - ok
10:36:29.0875 0x1424  AMD FUEL Service - ok
10:36:29.0937 0x1424  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
10:36:29.0937 0x1424  AmdK8 - ok
10:36:30.0203 0x1424  [ 7045BFC51C38EBCD1FC91E7447552689, 70D0BB983CAD762F1CBEACAA0E22A2129C1A587BCFB8BAE97F2CB65E7426D964 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:36:30.0406 0x1424  amdkmdag - ok
10:36:30.0453 0x1424  [ 6A41403A294608E4B047BD2774EFF5D4, C82DA9F39F299AB8EC11CFF5B3CD4FEE628B98BAB1A88F3D6D099C22A52AA576 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:36:30.0468 0x1424  amdkmdap - ok
10:36:30.0531 0x1424  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
10:36:30.0546 0x1424  AmdPPM - ok
10:36:30.0578 0x1424  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:36:30.0578 0x1424  amdsata - ok
10:36:30.0609 0x1424  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:36:30.0609 0x1424  amdsbs - ok
10:36:30.0625 0x1424  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:36:30.0625 0x1424  amdxata - ok
10:36:30.0656 0x1424  [ 9F10670B87E493CB7E91FC28A3CBFB39, 80AB4212AA655240E9B699467BB1A40C57E4016E3B898128B773782824E0A26E ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
10:36:30.0656 0x1424  amd_sata - ok
10:36:30.0671 0x1424  [ CB456201A3893830162F9894A5868952, 569510E46B188B24C16D7132B0ECCAA4CE60A5DAE733ECBB3D8A1595A5962AA3 ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
10:36:30.0671 0x1424  amd_xata - ok
10:36:30.0781 0x1424  [ 4126D30992B26303E47E8981313FD6D6, 4C8DB2DDDB88FBEA87CDBFB93D9855B40043778878AF4A5571C174434F9C0D4C ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
10:36:30.0781 0x1424  AmUStor - ok
10:36:30.0796 0x1424  [ F2154A205F4B784B61A72AEBC72BDC5F, A1D962BCF952FAD8016D9210327E7C1044BF4D3D035C7443F8671DDA16E0A390 ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:36:30.0796 0x1424  AODDriver4.2 - ok
10:36:30.0875 0x1424  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
10:36:30.0890 0x1424  AppID - ok
10:36:30.0906 0x1424  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:36:30.0906 0x1424  AppIDSvc - ok
10:36:30.0953 0x1424  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
10:36:30.0953 0x1424  Appinfo - ok
10:36:31.0000 0x1424  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
10:36:31.0015 0x1424  AppReadiness - ok
10:36:31.0140 0x1424  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
10:36:31.0171 0x1424  AppXSvc - ok
10:36:31.0234 0x1424  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:36:31.0250 0x1424  arcsas - ok
10:36:31.0312 0x1424  [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
10:36:31.0312 0x1424  asComSvc - ok
10:36:31.0390 0x1424  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
10:36:31.0390 0x1424  AsIO - ok
10:36:31.0421 0x1424  [ BD9FC3FA74C8927262FDB8A286449732, 9B0671DF1F09409061A340E561B60AE9D67121BF965A6658618CF232326123D2 ] assdv2          C:\Windows\system32\drivers\assdv2.sys
10:36:31.0421 0x1424  assdv2 - ok
10:36:31.0515 0x1424  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
10:36:31.0515 0x1424  AsUpIO - ok
10:36:31.0531 0x1424  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:36:31.0546 0x1424  atapi - ok
10:36:31.0562 0x1424  [ AEB8BC801F11E436EBD8D347F866F7A1, 5C1DBFDD1D705E8CD8680DA3AC933EE47676FFB5FB0800CD0FCDAB5C379356B3 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWB6.sys
10:36:31.0562 0x1424  AtiHDAudioService - ok
10:36:31.0609 0x1424  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
10:36:31.0625 0x1424  AudioEndpointBuilder - ok
10:36:31.0703 0x1424  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:36:31.0718 0x1424  Audiosrv - ok
10:36:31.0828 0x1424  [ 843A45EBB934EB33992CE8C72927DA21, B65E0FA7E654908B72544E4236A0A534AA53153A321877A6CC3A01876FA6FB6D ] AvgAMPS         C:\Program Files (x86)\AVG\Av\avgamps.exe
10:36:31.0843 0x1424  AvgAMPS - ok
10:36:31.0921 0x1424  [ CB0316E55674D69AF814250FD6EAEAB2, 488334E7E4D65D3B739A58C196E3F7FDBC531E0C3B1DCE1F92AA5D50688F7962 ] Avgboota        C:\Windows\system32\DRIVERS\avgboota.sys
10:36:31.0937 0x1424  Avgboota - ok
10:36:31.0953 0x1424  [ 0047D8CDD760C85F0FCEE46FB10F7AF5, 312039D91C71819A58E1970330ED6443CFA462FAA0B2E00B55AC25D523C65722 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
10:36:31.0968 0x1424  Avgdiska - ok
10:36:31.0984 0x1424  [ 7D869864BDA9C5B3D97B77F3FACC24BC, FF148BF9D81C641D9659A57C99E8518CF7D8B2EF75B99CAAA723474122C06F1E ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
10:36:31.0984 0x1424  Avgfwfd - ok
10:36:32.0046 0x1424  [ 9184B268D7C5EB1370FF0B5676E4E264, CFE0ED3CAA1ECD86D12DBF29831C09DF48705B9224EF04B8942A252634D34228 ] avgfws          C:\Program Files (x86)\AVG\Av\avgfws.exe
10:36:32.0062 0x1424  avgfws - ok
10:36:32.0218 0x1424  [ 279A6B916711B54DA2B2913250E5AFF1, 16BE31BB009079AE0C8C3E9CF14354F87578C8AD6502AB2F22D918B174A51EC4 ] AVGIDSAgent     C:\Program Files (x86)\AVG\Av\avgidsagent.exe
10:36:32.0281 0x1424  AVGIDSAgent - ok
10:36:32.0359 0x1424  [ 788FA68A9319CC73413AFE97EFD642A1, C6DF7D4A64D64A6BEAF185CDE7D910ED712A3873786EBCCF28E7E0B95A8E7905 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:36:32.0375 0x1424  AVGIDSDriver - ok
10:36:32.0406 0x1424  [ E9796E2C69DC0D3AEE77EC82B80F83F3, E89011A5CC74AE9FDCCD094C50289E7875A014E537A05338EA6B0152B6E992F4 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
10:36:32.0421 0x1424  AVGIDSHA - ok
10:36:32.0500 0x1424  [ D2E83AA008426FC9408272035E50D40B, 6F3B3385C5E1BDBF29343737C5A72A3C8B671016BC805EC51B4C0728807726E3 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
10:36:32.0515 0x1424  Avgldx64 - ok
10:36:32.0625 0x1424  [ 6BB3E78DE490503540DD93B9A733794D, 18832B066A10EF2CF0A02F0B834B91771DD95CC3FAB24CBACB7B60E46D280B25 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
10:36:32.0640 0x1424  Avgloga - ok
10:36:32.0656 0x1424  [ 0D853D9B288298D3C61D7FC94A659DB2, B4B7C19EDE805B49645EF8A310EB6CED41E46CC606AB57D7496E0CA845161AE1 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
10:36:32.0671 0x1424  Avgmfx64 - ok
10:36:32.0687 0x1424  [ B4551FA74295B9629B8F63B1D54EF4FB, 3C0C798D98AC8B50098ACE634ED4733A2A245D2C03B8C92397899767C11C24DD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
10:36:32.0687 0x1424  Avgrkx64 - ok
10:36:32.0796 0x1424  [ 3FDBE5DF05A61B4418CF086CBDA4E93A, BFD2DA45C444258BA288F7A6374E86A8572217705B5128B342EE93D138A21830 ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
10:36:32.0812 0x1424  avgsvc - ok
10:36:32.0906 0x1424  [ F328F131751BBFC9BBB5EDFE4080158F, 080F05CA0B6F600C27015A0572717FC94C5828847B816F8AEEFFE14A1F1E90C7 ] avgwd           C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
10:36:32.0921 0x1424  avgwd - ok
10:36:32.0953 0x1424  [ 84BCAB9AFA9E787D94E08346F27AB711, BEC8A755CDE397ABC15BE0A57B7DBB8B45BAB8BE6942EF2BDF1FAD7906C3EE57 ] Avgwfpa         C:\Windows\system32\DRIVERS\avgwfpa.sys
10:36:32.0953 0x1424  Avgwfpa - ok
10:36:33.0109 0x1424  [ F9E224D23B9E0527916DD92FDDDCD524, F4DBDA41DFADBD80F05DA5938B4E6C85F7C952DA1B0044957A9D43B9EE138C52 ] AvrcpService    C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
10:36:33.0109 0x1424  AvrcpService - ok
10:36:33.0156 0x1424  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:36:33.0156 0x1424  AxInstSV - ok
10:36:33.0203 0x1424  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:36:33.0203 0x1424  b06bdrv - ok
10:36:33.0218 0x1424  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
10:36:33.0234 0x1424  BasicDisplay - ok
10:36:33.0312 0x1424  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
10:36:33.0312 0x1424  BasicRender - ok
10:36:33.0343 0x1424  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
10:36:33.0343 0x1424  bcmfn2 - ok
10:36:33.0406 0x1424  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:36:33.0406 0x1424  BDESVC - ok
10:36:33.0437 0x1424  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
10:36:33.0437 0x1424  Beep - ok
10:36:33.0562 0x1424  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\Windows\System32\bfe.dll
10:36:33.0593 0x1424  BFE - ok
10:36:33.0781 0x1424  [ 9CF4428D09C73B6F633AF9E58B835689, 173D1A8A3E1B1CA6D0E4773B048B8B6549A8124E87942992BDE30211BEFFBE20 ] BHDrvx64        C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20151102.001\BHDrvx64.sys
10:36:33.0796 0x1424  BHDrvx64 - ok
10:36:33.0859 0x1424  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
10:36:33.0921 0x1424  BITS - ok
10:36:34.0015 0x1424  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:36:34.0031 0x1424  Bonjour Service - ok
10:36:34.0109 0x1424  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:36:34.0125 0x1424  bowser - ok
10:36:34.0187 0x1424  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
10:36:34.0203 0x1424  BrokerInfrastructure - ok
10:36:34.0296 0x1424  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
10:36:34.0296 0x1424  Browser - ok
10:36:34.0328 0x1424  [ EF34418FFEEB881CAF2905989A804864, CD5A79C00ABE8ABDA1204915FB059349C6A8D332F71D211FEFCBE2EAF2E748FC ] BTDevManager    C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
10:36:34.0328 0x1424  BTDevManager - ok
10:36:34.0359 0x1424  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
10:36:34.0359 0x1424  BthAvrcpTg - ok
10:36:34.0390 0x1424  [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
10:36:34.0390 0x1424  BthEnum - ok
10:36:34.0421 0x1424  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
10:36:34.0421 0x1424  BthHFEnum - ok
10:36:34.0437 0x1424  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
10:36:34.0437 0x1424  bthhfhid - ok
10:36:34.0546 0x1424  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
10:36:34.0562 0x1424  BthHFSrv - ok
10:36:34.0593 0x1424  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\System32\drivers\BthLEEnum.sys
10:36:34.0609 0x1424  BthLEEnum - ok
10:36:34.0625 0x1424  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
10:36:34.0625 0x1424  BTHMODEM - ok
10:36:34.0734 0x1424  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
10:36:34.0750 0x1424  BthPan - ok
10:36:34.0812 0x1424  [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
10:36:34.0828 0x1424  BTHPORT - ok
10:36:34.0859 0x1424  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
10:36:34.0859 0x1424  bthserv - ok
10:36:34.0875 0x1424  [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
10:36:34.0875 0x1424  BTHUSB - ok
10:36:34.0968 0x1424  [ 5DBB1980F42D924FE25D249870E1D898, 52013B4BB1B8E4FE2498B31AE347C86A500189000FFB61246BE2A0D79F0E6709 ] bzserv          C:\Program Files (x86)\Backblaze\bzserv.exe
10:36:34.0984 0x1424  bzserv - ok
10:36:35.0078 0x1424  [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1605040.018\ccSetx64.sys
10:36:35.0078 0x1424  ccSet_N360 - ok
10:36:35.0109 0x1424  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:36:35.0109 0x1424  cdfs - ok
10:36:35.0140 0x1424  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
10:36:35.0140 0x1424  cdrom - ok
10:36:35.0218 0x1424  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:36:35.0234 0x1424  CertPropSvc - ok
10:36:35.0281 0x1424  [ 3B6316004C773CFAD5E6C38EC5DDDBD4, 7F8A68A6267E0C8EC11F84A1034F71991DBD78BB1C7440B6D4AE025EFBCBB534 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
10:36:35.0281 0x1424  cfwids - ok
10:36:35.0296 0x1424  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
10:36:35.0312 0x1424  circlass - ok
10:36:35.0343 0x19f4  Object required for P2P: [ 279A6B916711B54DA2B2913250E5AFF1 ] AVGIDSAgent
10:36:35.0359 0x1424  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
10:36:35.0375 0x1424  CLFS - ok
10:36:35.0390 0x1424  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
10:36:35.0390 0x1424  CmBatt - ok
10:36:35.0468 0x1424  [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG             C:\Windows\system32\Drivers\cng.sys
10:36:35.0546 0x1424  CNG - ok
10:36:35.0562 0x1424  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
10:36:35.0562 0x1424  CompositeBus - ok
10:36:35.0562 0x1424  COMSysApp - ok
10:36:35.0593 0x1424  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
10:36:35.0593 0x1424  condrv - ok
10:36:35.0609 0x1424  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:36:35.0625 0x1424  CryptSvc - ok
10:36:35.0656 0x1424  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\Windows\system32\drivers\dam.sys
10:36:35.0656 0x1424  dam - ok
10:36:35.0828 0x1424  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:36:35.0875 0x1424  DcomLaunch - ok
10:36:35.0921 0x1424  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
10:36:35.0937 0x1424  defragsvc - ok
10:36:36.0046 0x1424  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
10:36:36.0062 0x1424  DeviceAssociationService - ok
10:36:36.0093 0x1424  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
10:36:36.0125 0x1424  DeviceInstall - ok
10:36:36.0156 0x1424  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
10:36:36.0156 0x1424  Dfsc - ok
10:36:36.0203 0x1424  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
10:36:36.0203 0x1424  dg_ssudbus - ok
10:36:36.0234 0x1424  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:36:36.0250 0x1424  Dhcp - ok
10:36:36.0328 0x1424  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\Windows\system32\diagtrack.dll
10:36:36.0359 0x1424  DiagTrack - ok
10:36:36.0390 0x1424  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
10:36:36.0390 0x1424  disk - ok
10:36:36.0421 0x1424  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
10:36:36.0421 0x1424  dmvsc - ok
10:36:36.0468 0x1424  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:36:36.0484 0x1424  Dnscache - ok
10:36:36.0531 0x1424  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:36:36.0546 0x1424  dot3svc - ok
10:36:36.0578 0x1424  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
10:36:36.0578 0x1424  DPS - ok
10:36:36.0625 0x1424  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:36:36.0625 0x1424  drmkaud - ok
10:36:36.0671 0x1424  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
10:36:36.0671 0x1424  DsmSvc - ok
10:36:36.0734 0x1424  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:36:36.0765 0x1424  DXGKrnl - ok
10:36:36.0875 0x1424  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
10:36:36.0906 0x1424  Eaphost - ok
10:36:37.0093 0x1424  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:36:37.0156 0x1424  ebdrv - ok
10:36:37.0234 0x1424  [ D3E6B497A7A5B6B361B4E575C90256B2, 421CBB6D0ABAF8EE0AD4D006E4EDFB9228291939B2F80177FE72B5C4B6D0ED16 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:36:37.0234 0x1424  eeCtrl - ok
10:36:37.0265 0x1424  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
10:36:37.0281 0x1424  EFS - ok
10:36:37.0312 0x1424  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
10:36:37.0312 0x1424  EhStorClass - ok
10:36:37.0359 0x1424  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
10:36:37.0375 0x1424  EhStorTcgDrv - ok
10:36:37.0421 0x1424  [ 9F027B93978539BA087851C31D572E39, 1630519013A5082ADE1A515869E3593B6EE71688F12120D03C7DE82015DA436C ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:36:37.0421 0x1424  EraserUtilRebootDrv - ok
10:36:37.0437 0x1424  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
10:36:37.0437 0x1424  ErrDev - ok
10:36:37.0515 0x1424  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
10:36:37.0531 0x1424  EventSystem - ok
10:36:37.0546 0x1424  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:36:37.0562 0x1424  exfat - ok
10:36:37.0578 0x1424  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:36:37.0578 0x1424  fastfat - ok
10:36:37.0625 0x1424  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
10:36:37.0640 0x1424  Fax - ok
10:36:37.0656 0x1424  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
10:36:37.0656 0x1424  fdc - ok
10:36:37.0687 0x1424  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:36:37.0703 0x1424  fdPHost - ok
10:36:37.0734 0x1424  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:36:37.0734 0x1424  FDResPub - ok
10:36:37.0765 0x1424  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
10:36:37.0781 0x1424  fhsvc - ok
10:36:37.0796 0x1424  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:36:37.0812 0x1424  FileInfo - ok
10:36:37.0828 0x1424  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:36:37.0828 0x1424  Filetrace - ok
10:36:37.0843 0x1424  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
10:36:37.0843 0x1424  flpydisk - ok
10:36:37.0875 0x1424  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:36:37.0875 0x1424  FltMgr - ok
10:36:37.0953 0x1424  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\Windows\system32\FntCache.dll
10:36:38.0000 0x1424  FontCache - ok
10:36:38.0015 0x19f4  Object send P2P result: true
10:36:38.0015 0x19f4  Object required for P2P: [ F328F131751BBFC9BBB5EDFE4080158F ] avgwd
10:36:38.0062 0x1424  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:36:38.0078 0x1424  FontCache3.0.0.0 - ok
10:36:38.0109 0x1424  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:36:38.0109 0x1424  FsDepends - ok
10:36:38.0140 0x1424  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:36:38.0140 0x1424  Fs_Rec - ok
10:36:38.0203 0x1424  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:36:38.0203 0x1424  fvevol - ok
10:36:38.0218 0x1424  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
10:36:38.0218 0x1424  FxPPM - ok
10:36:38.0250 0x1424  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:36:38.0250 0x1424  gagp30kx - ok
10:36:38.0265 0x1424  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
10:36:38.0265 0x1424  gencounter - ok
10:36:38.0312 0x1424  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
10:36:38.0312 0x1424  GPIOClx0101 - ok
10:36:38.0375 0x1424  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:36:38.0406 0x1424  gpsvc - ok
10:36:38.0453 0x1424  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:36:38.0453 0x1424  gupdate - ok
10:36:38.0468 0x1424  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:36:38.0468 0x1424  gupdatem - ok
10:36:38.0531 0x1424  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:36:38.0531 0x1424  HdAudAddService - ok
10:36:38.0578 0x1424  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
10:36:38.0593 0x1424  HDAudBus - ok
10:36:38.0593 0x1424  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
10:36:38.0593 0x1424  HidBatt - ok
10:36:38.0640 0x1424  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
10:36:38.0656 0x1424  HidBth - ok
10:36:38.0718 0x1424  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
10:36:38.0718 0x1424  hidi2c - ok
10:36:38.0765 0x1424  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
10:36:38.0765 0x1424  HidIr - ok
10:36:38.0796 0x1424  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
10:36:38.0812 0x1424  hidserv - ok
10:36:38.0843 0x1424  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
10:36:38.0843 0x1424  HidUsb - ok
10:36:38.0875 0x1424  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:36:38.0906 0x1424  hkmsvc - ok
10:36:38.0953 0x1424  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:36:38.0953 0x1424  HomeGroupListener - ok
10:36:39.0015 0x1424  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:36:39.0015 0x1424  HomeGroupProvider - ok
10:36:39.0046 0x1424  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:36:39.0046 0x1424  HpSAMD - ok
10:36:39.0109 0x1424  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:36:39.0125 0x1424  HTTP - ok
10:36:39.0156 0x1424  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO64A.SYS
10:36:39.0156 0x1424  HWiNFO32 - ok
10:36:39.0171 0x1424  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:36:39.0171 0x1424  hwpolicy - ok
10:36:39.0187 0x1424  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
10:36:39.0187 0x1424  hyperkbd - ok
10:36:39.0203 0x1424  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
10:36:39.0203 0x1424  HyperVideo - ok
10:36:39.0296 0x1424  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
10:36:39.0312 0x1424  i8042prt - ok
10:36:39.0343 0x1424  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
10:36:39.0343 0x1424  iaLPSSi_GPIO - ok
10:36:39.0375 0x1424  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
10:36:39.0390 0x1424  iaLPSSi_I2C - ok
10:36:39.0453 0x1424  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
10:36:39.0468 0x1424  iaStorAV - ok
10:36:39.0500 0x1424  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:36:39.0500 0x1424  iaStorV - ok
10:36:39.0593 0x1424  [ 3448DB2B812AA873ED6E5D609B1DB067, E0F9B35FE59713C09BD838FAD5305DF5FDF24DF1D88F8849F7F88466CF93A7F7 ] IDSVia64        C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20151113.001\IDSvia64.sys
10:36:39.0609 0x1424  IDSVia64 - ok
10:36:39.0609 0x1424  IEEtwCollectorService - ok
10:36:39.0718 0x1424  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\Windows\System32\ikeext.dll
10:36:39.0781 0x1424  IKEEXT - ok
10:36:39.0875 0x1424  [ 32E41A65AAA964000D0D908B906BB2DC, 10EB45C419FB3851353FF99CB64077EAE454A0729D8265E0136D3A714B49C1C4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:36:39.0921 0x1424  IntcAzAudAddService - ok
10:36:39.0968 0x1424  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:36:39.0968 0x1424  intelide - ok
10:36:40.0000 0x1424  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
10:36:40.0000 0x1424  intelpep - ok
10:36:40.0031 0x1424  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
10:36:40.0031 0x1424  intelppm - ok
10:36:40.0062 0x1424  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:36:40.0062 0x1424  IpFilterDriver - ok
10:36:40.0125 0x1424  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:36:40.0140 0x1424  iphlpsvc - ok
10:36:40.0171 0x1424  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
10:36:40.0171 0x1424  IPMIDRV - ok
10:36:40.0203 0x1424  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:36:40.0203 0x1424  IPNAT - ok
10:36:40.0218 0x1424  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:36:40.0218 0x1424  IRENUM - ok
10:36:40.0281 0x1424  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:36:40.0296 0x1424  isapnp - ok
10:36:40.0359 0x1424  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
10:36:40.0359 0x1424  iScsiPrt - ok
10:36:40.0406 0x1424  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
10:36:40.0406 0x1424  kbdclass - ok
10:36:40.0421 0x1424  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
10:36:40.0437 0x1424  kbdhid - ok
10:36:40.0453 0x1424  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
10:36:40.0453 0x1424  kdnic - ok
10:36:40.0484 0x1424  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
10:36:40.0484 0x1424  KeyIso - ok
10:36:40.0531 0x1424  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:36:40.0546 0x1424  KSecDD - ok
10:36:40.0578 0x1424  [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:36:40.0578 0x1424  KSecPkg - ok
10:36:40.0640 0x19f4  Object send P2P result: true
10:36:40.0687 0x1424  [ 727926720536735B88CBE2466EA3880B, B637F046BC64A31B3019A55881F3E9385825F90C74B6C4610D7C0271C0785B8A ] kss             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
10:36:40.0703 0x1424  kss - ok
10:36:40.0718 0x1424  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:36:40.0718 0x1424  ksthunk - ok
10:36:40.0750 0x1424  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:36:40.0859 0x1424  KtmRm - ok
10:36:40.0906 0x1424  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:36:40.0906 0x1424  LanmanServer - ok
10:36:40.0953 0x1424  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:36:41.0000 0x1424  LanmanWorkstation - ok
10:36:41.0046 0x1424  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
10:36:41.0062 0x1424  lfsvc - ok
10:36:41.0078 0x1424  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:36:41.0078 0x1424  lltdio - ok
10:36:41.0109 0x1424  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:36:41.0125 0x1424  lltdsvc - ok
10:36:41.0156 0x1424  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:36:41.0156 0x1424  lmhosts - ok
10:36:41.0187 0x1424  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:36:41.0203 0x1424  LSI_SAS - ok
10:36:41.0281 0x1424  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:36:41.0296 0x1424  LSI_SAS2 - ok
10:36:41.0328 0x1424  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
10:36:41.0359 0x1424  LSI_SAS3 - ok
10:36:41.0375 0x1424  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
10:36:41.0390 0x1424  LSI_SSS - ok
10:36:41.0437 0x1424  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
10:36:41.0453 0x1424  LSM - ok
10:36:41.0531 0x1424  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:36:41.0531 0x1424  luafv - ok
10:36:41.0562 0x1424  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
10:36:41.0562 0x1424  MBAMProtector - ok
10:36:41.0625 0x1424  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
10:36:41.0640 0x1424  MBAMService - ok
10:36:41.0656 0x1424  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:36:41.0656 0x1424  MBAMWebAccessControl - ok
10:36:41.0687 0x1424  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
10:36:41.0687 0x1424  megasas - ok
10:36:41.0718 0x1424  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
10:36:41.0734 0x1424  megasr - ok
10:36:41.0843 0x1424  [ 1A0C96A38A888838DF9523C973E3FE87, 9C41EDBFA21DF2684EED81AD56FC440AED002FB5C760DECFF1A454835273637B ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
10:36:41.0875 0x1424  mfeapfk - ok
10:36:41.0921 0x1424  [ 3EAF75ED747B2D60ABA4E45107D96E80, DC8141AAE425417F64D5070D573A0BDA40CF4FBDE041240FB331B2DDF0F8A361 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
10:36:41.0921 0x1424  mfeavfk - ok
10:36:41.0921 0x1424  [ B330B4A4F5E41462AB334A26897856BD, 2ECD4B2F1DF54EFF8FF8EA0FC4529ECD18F70BD14CE8C8680F08D9AE3950575F ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
10:36:41.0937 0x1424  mfeelamk - ok
10:36:41.0953 0x1424  mfefire - ok
10:36:42.0000 0x1424  [ 07CFCE5D75C27474E20DE8715794F229, C20F36B242DB592D2FE1EB43EA339514969BAB9561D76FAC7CA6204F6AFCB8B8 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
10:36:42.0000 0x1424  mfefirek - ok
10:36:42.0046 0x1424  [ 29D0483A9EBB01DB2036A52E3BF23D6B, D4D6FDE489E937634BEA2C2F5DF65C560E5160AD9EA85088A59AE88FD9C06B2E ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
10:36:42.0062 0x1424  mfehidk - ok
10:36:42.0109 0x1424  [ 9A642F163F1FB12DE395A6010A9AD687, A86E092417C0C40E6FB9F6206D82391CEE4495FFA6F8A442BE50D349ACBA44B9 ] mfevtp          C:\Windows\system32\mfevtps.exe
10:36:42.0109 0x1424  mfevtp - ok
10:36:42.0140 0x1424  [ 1134C87CC1184F5B88F0C7002ACFDC99, 9029E15BF5186258CACF7D46F0E182949E93B78B3F17ED680FE8ECF12EFFF646 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
10:36:42.0156 0x1424  mfewfpk - ok
10:36:42.0250 0x1424  MFE_RR - ok
10:36:42.0328 0x1424  Microsoft SharePoint Workspace Audit Service - ok
10:36:42.0359 0x1424  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
10:36:42.0359 0x1424  MMCSS - ok
10:36:42.0375 0x1424  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
10:36:42.0375 0x1424  Modem - ok
10:36:42.0406 0x1424  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
10:36:42.0406 0x1424  monitor - ok
10:36:42.0453 0x1424  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
10:36:42.0453 0x1424  mouclass - ok
10:36:42.0468 0x1424  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
10:36:42.0484 0x1424  mouhid - ok
10:36:42.0515 0x1424  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:36:42.0515 0x1424  mountmgr - ok
10:36:42.0531 0x1424  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:36:42.0546 0x1424  mpsdrv - ok
10:36:42.0593 0x1424  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:36:42.0609 0x1424  MpsSvc - ok
10:36:42.0656 0x1424  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:36:42.0656 0x1424  MRxDAV - ok
10:36:42.0718 0x1424  [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:36:42.0718 0x1424  mrxsmb - ok
10:36:42.0843 0x1424  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:36:42.0859 0x1424  mrxsmb10 - ok
10:36:42.0890 0x1424  [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:36:42.0890 0x1424  mrxsmb20 - ok
10:36:42.0921 0x1424  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
10:36:42.0937 0x1424  MsBridge - ok
10:36:42.0953 0x1424  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
10:36:42.0968 0x1424  MSDTC - ok
10:36:42.0984 0x1424  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:36:42.0984 0x1424  Msfs - ok
10:36:43.0000 0x1424  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
10:36:43.0000 0x1424  msgpiowin32 - ok
10:36:43.0078 0x1424  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:36:43.0078 0x1424  mshidkmdf - ok
10:36:43.0093 0x1424  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
10:36:43.0093 0x1424  mshidumdf - ok
10:36:43.0140 0x1424  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:36:43.0140 0x1424  msisadrv - ok
10:36:43.0187 0x1424  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:36:43.0187 0x1424  MSiSCSI - ok
10:36:43.0203 0x1424  msiserver - ok
10:36:43.0203 0x1424  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:36:43.0203 0x1424  MSKSSRV - ok
10:36:43.0296 0x1424  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
10:36:43.0296 0x1424  MsLldp - ok
10:36:43.0296 0x1424  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:36:43.0296 0x1424  MSPCLOCK - ok
10:36:43.0312 0x1424  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:36:43.0312 0x1424  MSPQM - ok
10:36:43.0359 0x1424  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:36:43.0375 0x1424  MsRPC - ok
10:36:43.0390 0x1424  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
10:36:43.0390 0x1424  mssmbios - ok
10:36:43.0406 0x1424  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:36:43.0406 0x1424  MSTEE - ok
10:36:43.0421 0x1424  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
10:36:43.0421 0x1424  MTConfig - ok
10:36:43.0437 0x1424  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
10:36:43.0453 0x1424  Mup - ok
10:36:43.0453 0x1424  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
10:36:43.0468 0x1424  mvumis - ok
10:36:43.0593 0x1424  [ 86E6E661C3B5FB6BF8E01D94864650F0, D651484002E911F98E55428593F8080FB40A9F0EB11445B1A9986A4F07E76782 ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\N360.exe
10:36:43.0609 0x1424  N360 - ok
10:36:43.0640 0x1424  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
10:36:43.0656 0x1424  napagent - ok
10:36:43.0703 0x1424  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:36:43.0703 0x1424  NativeWifiP - ok
10:36:43.0812 0x1424  [ FE7B38240E86075E6BC5953496B5C2F1, 13CBDCFD5E63A49D6E66D9EBA701037F014EEED9BBFE8588CE2968A35FF2E16E ] NAVENG          C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151113.017\ENG64.SYS
10:36:43.0812 0x1424  NAVENG - ok
10:36:43.0890 0x1424  [ C002FA84570CA35F704ACF0AC4A5EAB0, E4246631E5D7AFD31CE642157A9102CB0DDE5B5051D08C3A5EA736CB3C99C6D9 ] NAVEX15         C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151113.017\EX64.SYS
10:36:43.0921 0x1424  NAVEX15 - ok
10:36:43.0968 0x1424  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
10:36:43.0968 0x1424  NcaSvc - ok
10:36:44.0000 0x1424  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
10:36:44.0000 0x1424  NcbService - ok
10:36:44.0046 0x1424  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
10:36:44.0046 0x1424  NcdAutoSetup - ok
10:36:44.0109 0x1424  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:36:44.0125 0x1424  NDIS - ok
10:36:44.0156 0x1424  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:36:44.0187 0x1424  NdisCap - ok
10:36:44.0218 0x1424  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
10:36:44.0218 0x1424  NdisImPlatform - ok
10:36:44.0250 0x1424  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:36:44.0281 0x1424  NdisTapi - ok
10:36:44.0359 0x1424  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:36:44.0359 0x1424  Ndisuio - ok
10:36:44.0390 0x1424  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
10:36:44.0390 0x1424  NdisVirtualBus - ok
10:36:44.0421 0x1424  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:36:44.0421 0x1424  NdisWan - ok
10:36:44.0437 0x1424  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
10:36:44.0437 0x1424  NdisWanLegacy - ok
10:36:44.0468 0x1424  [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1, 913AEC8A5F735C2EFDCB417E4077AB5A15457C601E6E88A1F4FA52C91E6E0BBF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:36:44.0468 0x1424  NDProxy - ok
10:36:44.0484 0x1424  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
10:36:44.0484 0x1424  Ndu - ok
10:36:44.0515 0x1424  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:36:44.0531 0x1424  NetBIOS - ok
10:36:44.0562 0x1424  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:36:44.0562 0x1424  NetBT - ok
10:36:44.0593 0x1424  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
10:36:44.0593 0x1424  Netlogon - ok
10:36:44.0687 0x1424  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
10:36:44.0703 0x1424  Netman - ok
10:36:44.0750 0x1424  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
10:36:44.0765 0x1424  netprofm - ok
10:36:44.0828 0x1424  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:36:44.0937 0x1424  NetTcpPortSharing - ok
10:36:44.0968 0x1424  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
10:36:44.0968 0x1424  netvsc - ok
10:36:45.0015 0x1424  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:36:45.0031 0x1424  NlaSvc - ok
10:36:45.0062 0x1424  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
10:36:45.0062 0x1424  NPF - ok
10:36:45.0078 0x1424  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:36:45.0078 0x1424  Npfs - ok
10:36:45.0171 0x1424  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
10:36:45.0171 0x1424  npsvctrig - ok
10:36:45.0203 0x1424  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
10:36:45.0218 0x1424  nsi - ok
10:36:45.0281 0x1424  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:36:45.0281 0x1424  nsiproxy - ok
10:36:45.0390 0x1424  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:36:45.0484 0x1424  Ntfs - ok
10:36:45.0515 0x1424  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
10:36:45.0515 0x1424  Null - ok
10:36:45.0531 0x1424  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:36:45.0546 0x1424  nvraid - ok
10:36:45.0562 0x1424  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:36:45.0578 0x1424  nvstor - ok
10:36:45.0578 0x1424  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:36:45.0578 0x1424  nv_agp - ok
10:36:45.0687 0x1424  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:36:45.0687 0x1424  ose - ok
10:36:45.0906 0x1424  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:36:46.0000 0x1424  osppsvc - ok
10:36:46.0062 0x1424  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:36:46.0062 0x1424  p2pimsvc - ok
10:36:46.0093 0x1424  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
10:36:46.0109 0x1424  p2psvc - ok
10:36:46.0125 0x1424  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
10:36:46.0140 0x1424  Parport - ok
10:36:46.0140 0x1424  Partizan - ok
10:36:46.0171 0x1424  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:36:46.0187 0x1424  partmgr - ok
10:36:46.0218 0x1424  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:36:46.0218 0x1424  PcaSvc - ok
10:36:46.0281 0x1424  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
10:36:46.0281 0x1424  pci - ok
10:36:46.0312 0x1424  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:36:46.0312 0x1424  pciide - ok
10:36:46.0328 0x1424  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:36:46.0343 0x1424  pcmcia - ok
10:36:46.0359 0x1424  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:36:46.0359 0x1424  pcw - ok
10:36:46.0406 0x1424  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\Windows\system32\drivers\pdc.sys
10:36:46.0406 0x1424  pdc - ok
10:36:46.0453 0x1424  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:36:46.0453 0x1424  PEAUTH - ok
10:36:46.0546 0x1424  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:36:46.0562 0x1424  PerfHost - ok
10:36:46.0734 0x1424  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
10:36:46.0765 0x1424  pla - ok
10:36:46.0796 0x1424  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:36:46.0796 0x1424  PlugPlay - ok
10:36:46.0843 0x1424  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:36:46.0843 0x1424  PNRPAutoReg - ok
10:36:46.0937 0x1424  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:36:46.0937 0x1424  PNRPsvc - ok
10:36:46.0968 0x1424  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:36:46.0984 0x1424  PolicyAgent - ok
10:36:47.0015 0x1424  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
10:36:47.0015 0x1424  Power - ok
10:36:47.0125 0x1424  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
10:36:47.0187 0x1424  PrintNotify - ok
10:36:47.0203 0x1424  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
10:36:47.0203 0x1424  Processor - ok
10:36:47.0234 0x1424  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
10:36:47.0234 0x1424  ProfSvc - ok
10:36:47.0281 0x1424  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:36:47.0281 0x1424  Psched - ok
10:36:47.0312 0x1424  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
10:36:47.0343 0x1424  QWAVE - ok
10:36:47.0375 0x1424  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:36:47.0375 0x1424  QWAVEdrv - ok
10:36:47.0468 0x1424  [ 4527F0AE9E7D15670977FAFFCCCE138F, 90BC70F58BA5780D1AA50CF5DF7A0FC6D7A7763CE316E867EF88FA93F09DFE5D ] RapportCerberus_1507072 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507072.sys
10:36:47.0500 0x1424  RapportCerberus_1507072 - ok
10:36:47.0687 0x1424  [ D008DDBAF0A7385AF5489C566F79DB60, 12FFB955116B550B8C1AD5AABA1C7E3857E0A963EBEE3FF44DDD526B534E5AFC ] RapportEI64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
10:36:47.0703 0x1424  RapportEI64 - ok
10:36:47.0718 0x1424  [ FEC172AE076AB402E05F3004E5AC2F1C, 74AA2F06AA9733D5C440BCFF1D964BA65745E87779843AF0DE2CB5C681B60F80 ] RapportHades64  C:\Windows\system32\Drivers\RapportHades64.sys
10:36:47.0734 0x1424  RapportHades64 - ok
10:36:47.0796 0x1424  [ 92E2D96BDE2494727FEA43324FE2EACD, D73E13AE417B1F1B5240AC80FF27390C92CEC46DCA0281D1370D028DFB61C8C0 ] RapportKE64     C:\Windows\system32\Drivers\RapportKE64.sys
10:36:47.0796 0x1424  RapportKE64 - ok
10:36:47.0859 0x1424  [ 685590E21D90214CC8CB697E53277B49, 82E6D1FA19F90C7403605C4627B8C582D178E5CE6EB055D4813D2CBB21D09CBF ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
10:36:47.0906 0x1424  RapportMgmtService - ok
10:36:47.0937 0x1424  [ D164A8CF2DA250E65DD6D88DA2C03001, A65A113F174AEBCD211CF9368F07F99A6798CFDBBFF8B0A036233D2E6F7AF9C5 ] RapportPG64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
10:36:47.0953 0x1424  RapportPG64 - ok
10:36:48.0031 0x1424  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:36:48.0046 0x1424  RasAcd - ok
10:36:48.0109 0x1424  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
10:36:48.0125 0x1424  RasAuto - ok
10:36:48.0156 0x1424  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
10:36:48.0171 0x1424  RasMan - ok
10:36:48.0218 0x1424  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:36:48.0218 0x1424  RasPppoe - ok
10:36:48.0312 0x1424  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:36:48.0328 0x1424  rdbss - ok
10:36:48.0343 0x1424  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
10:36:48.0343 0x1424  rdpbus - ok
10:36:48.0375 0x1424  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:36:48.0375 0x1424  RDPDR - ok
10:36:48.0421 0x1424  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:36:48.0421 0x1424  RdpVideoMiniport - ok
10:36:48.0515 0x1424  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:36:48.0531 0x1424  rdyboost - ok
10:36:48.0562 0x1424  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
10:36:48.0593 0x1424  ReFS - ok
10:36:48.0625 0x1424  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:36:48.0640 0x1424  RemoteAccess - ok
10:36:48.0687 0x1424  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:36:48.0687 0x1424  RemoteRegistry - ok
10:36:48.0812 0x1424  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
10:36:48.0812 0x1424  RFCOMM - ok
10:36:48.0921 0x1424  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
10:36:49.0015 0x1424  rpcapd - ok
10:36:49.0062 0x1424  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:36:49.0062 0x1424  RpcEptMapper - ok
10:36:49.0109 0x1424  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
10:36:49.0109 0x1424  RpcLocator - ok
10:36:49.0203 0x1424  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
10:36:49.0218 0x1424  RpcSs - ok
10:36:49.0312 0x1424  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:36:49.0312 0x1424  rspndr - ok
10:36:49.0359 0x1424  [ 078212D920664313F2224C4F1202FAAE, 160B38D7331BA6862CF7287E4F7F0932F9981DD21BB28FB44587FA94E326E930 ] RtkBtFilter     C:\Windows\system32\DRIVERS\RtkBtfilter.sys
10:36:49.0375 0x1424  RtkBtFilter - ok
10:36:49.0437 0x1424  [ 948D5E71CF9DB59961353A355EA45139, A23D012B07A92CC217C67C904CDFBA2BCCDCC2BD49B24FB694BD230D000F2B7B ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
10:36:49.0453 0x1424  RTL8168 - ok
10:36:49.0625 0x1424  [ 109B480DC954126DC272AFDB85C00C6C, 1EC9E071B586F758C4F142E3645E50C217CC6366C8D04AA74034FB0EAC8ACD43 ] RTWlanE         C:\Windows\system32\DRIVERS\rtwlane.sys
10:36:49.0656 0x1424  RTWlanE - ok
10:36:49.0687 0x1424  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
10:36:49.0687 0x1424  s3cap - ok
10:36:49.0718 0x1424  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
10:36:49.0718 0x1424  SamSs - ok
10:36:49.0750 0x1424  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:36:49.0750 0x1424  sbp2port - ok
10:36:49.0796 0x1424  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:36:49.0812 0x1424  SCardSvr - ok
10:36:49.0843 0x1424  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
10:36:49.0859 0x1424  ScDeviceEnum - ok
10:36:49.0906 0x1424  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:36:49.0906 0x1424  scfilter - ok
10:36:50.0046 0x1424  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
10:36:50.0078 0x1424  Schedule - ok
10:36:50.0156 0x1424  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:36:50.0156 0x1424  SCPolicySvc - ok
10:36:50.0203 0x1424  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
10:36:50.0218 0x1424  sdbus - ok
10:36:50.0296 0x1424  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
10:36:50.0328 0x1424  SDScannerService - ok
10:36:50.0375 0x1424  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
10:36:50.0375 0x1424  sdstor - ok
10:36:50.0437 0x1424  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
10:36:50.0468 0x1424  SDUpdateService - ok
10:36:50.0500 0x1424  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
10:36:50.0500 0x1424  SDWSCService - ok
10:36:50.0531 0x1424  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:36:50.0531 0x1424  secdrv - ok
10:36:50.0562 0x1424  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
10:36:50.0578 0x1424  seclogon - ok
10:36:50.0640 0x1424  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
10:36:50.0640 0x1424  SENS - ok
10:36:50.0687 0x1424  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:36:50.0703 0x1424  SensrSvc - ok
10:36:50.0718 0x1424  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
10:36:50.0718 0x1424  SerCx - ok
10:36:50.0781 0x1424  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
10:36:50.0781 0x1424  SerCx2 - ok
10:36:50.0796 0x1424  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
10:36:50.0796 0x1424  Serenum - ok
10:36:50.0812 0x1424  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
10:36:50.0843 0x1424  Serial - ok
10:36:50.0859 0x1424  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
10:36:50.0875 0x1424  sermouse - ok
10:36:50.0890 0x1424  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
10:36:50.0906 0x1424  SessionEnv - ok
10:36:50.0937 0x1424  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
10:36:50.0937 0x1424  sfloppy - ok
10:36:51.0046 0x1424  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:36:51.0046 0x1424  SharedAccess - ok
10:36:51.0109 0x1424  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:36:51.0125 0x1424  ShellHWDetection - ok
10:36:51.0187 0x1424  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:36:51.0203 0x1424  SiSRaid2 - ok
10:36:51.0234 0x1424  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:36:51.0234 0x1424  SiSRaid4 - ok
10:36:51.0281 0x1424  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:36:51.0343 0x1424  SkypeUpdate - ok
10:36:51.0375 0x1424  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
10:36:51.0390 0x1424  smphost - ok
10:36:51.0515 0x1424  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:36:51.0546 0x1424  SNMPTRAP - ok
10:36:51.0609 0x1424  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
10:36:51.0640 0x1424  spaceport - ok
10:36:51.0671 0x1424  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
10:36:51.0671 0x1424  SpbCx - ok
10:36:51.0734 0x1424  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\Windows\System32\spoolsv.exe
10:36:51.0750 0x1424  Spooler - ok
10:36:52.0015 0x1424  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\Windows\system32\sppsvc.exe
10:36:52.0156 0x1424  sppsvc - ok
10:36:52.0281 0x1424  [ BFA32A566B958EF5A1D6383F3CB03AA2, BD899DE3815C88F825C3D93AA8AA43C178626F43E4B14C107A91C68155D64F71 ] SRTSP           C:\Windows\System32\Drivers\N360x64\1605040.018\SRTSP64.SYS
10:36:52.0296 0x1424  SRTSP - ok
10:36:52.0343 0x1424  [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX          C:\Windows\system32\drivers\N360x64\1605040.018\SRTSPX64.SYS
10:36:52.0343 0x1424  SRTSPX - ok
10:36:52.0390 0x1424  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:36:52.0390 0x1424  srv - ok
10:36:52.0453 0x1424  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:36:52.0468 0x1424  srv2 - ok
10:36:52.0515 0x1424  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:36:52.0515 0x1424  srvnet - ok
10:36:52.0562 0x1424  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:36:52.0593 0x1424  SSDPSRV - ok
10:36:52.0640 0x1424  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:36:52.0656 0x1424  SstpSvc - ok
10:36:52.0671 0x1424  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
10:36:52.0671 0x1424  ssudmdm - ok
10:36:52.0687 0x1424  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:36:52.0703 0x1424  stexstor - ok
10:36:52.0765 0x1424  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
10:36:52.0781 0x1424  stisvc - ok
10:36:52.0796 0x1424  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
10:36:52.0796 0x1424  storahci - ok
10:36:52.0828 0x1424  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
10:36:52.0828 0x1424  storflt - ok
10:36:52.0875 0x1424  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
10:36:52.0875 0x1424  stornvme - ok
10:36:52.0937 0x1424  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
10:36:52.0937 0x1424  StorSvc - ok
10:36:52.0968 0x1424  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:36:52.0968 0x1424  storvsc - ok
10:36:53.0015 0x1424  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
10:36:53.0031 0x1424  svsvc - ok
10:36:53.0062 0x1424  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
10:36:53.0062 0x1424  swenum - ok
10:36:53.0109 0x1424  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
10:36:53.0125 0x1424  swprv - ok
10:36:53.0203 0x1424  [ C9EC22D5B3C6B32A7C8B4A73870A7379, BA530C64FDE63D9A4023BB9E667497D5248B2910BC1A214B592318CC64034735 ] SymEFASI        C:\Windows\system32\drivers\N360x64\1605040.018\SYMEFASI64.SYS
10:36:53.0234 0x1424  SymEFASI - ok
10:36:53.0265 0x1424  [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM         C:\Windows\system32\drivers\N360x64\1605040.018\SymELAM.sys
10:36:53.0265 0x1424  SymELAM - ok
10:36:53.0296 0x1424  [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:36:53.0312 0x1424  SymEvent - ok
10:36:53.0359 0x1424  [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON         C:\Windows\system32\drivers\N360x64\1605040.018\Ironx64.SYS
10:36:53.0359 0x1424  SymIRON - ok
10:36:53.0421 0x1424  [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS         C:\Windows\System32\Drivers\N360x64\1605040.018\SYMNETS.SYS
10:36:53.0437 0x1424  SymNetS - ok
10:36:53.0515 0x1424  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
10:36:53.0531 0x1424  SysMain - ok
10:36:53.0640 0x1424  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
10:36:53.0656 0x1424  SystemEventsBroker - ok
10:36:53.0687 0x1424  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:36:53.0703 0x1424  TabletInputService - ok
10:36:53.0750 0x1424  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:36:53.0750 0x1424  TapiSrv - ok
10:36:53.0890 0x1424  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:36:53.0937 0x1424  Tcpip - ok
10:36:54.0000 0x1424  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:36:54.0062 0x1424  TCPIP6 - ok
10:36:54.0062 0x1754  Object required for P2P: [ 86E6E661C3B5FB6BF8E01D94864650F0 ] N360
10:36:54.0109 0x1424  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:36:54.0109 0x1424  tcpipreg - ok
10:36:54.0140 0x1424  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:36:54.0140 0x1424  tdx - ok
10:36:54.0171 0x1424  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
10:36:54.0171 0x1424  terminpt - ok
10:36:54.0218 0x1424  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
10:36:54.0250 0x1424  TermService - ok
10:36:54.0281 0x1424  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
10:36:54.0296 0x1424  Themes - ok
10:36:54.0375 0x1424  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
10:36:54.0390 0x1424  THREADORDER - ok
10:36:54.0453 0x1424  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
10:36:54.0468 0x1424  TimeBroker - ok
10:36:54.0546 0x1424  [ 01334D4F797CEE704F9B0D3232EA049E, 84BA8DFC36AFE1677007B35A90F6ADAF219FA5792397B8C541934A0CBDF69F1D ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
10:36:54.0546 0x1424  TOSHIBA HDD SSD Alert Service - ok
10:36:54.0578 0x1424  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
10:36:54.0578 0x1424  TPM - ok
10:36:54.0609 0x1424  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
10:36:54.0609 0x1424  TrkWks - ok
10:36:54.0640 0x1424  [ 531121E7ED50084B493A69F8F8A7A927, BFBFCB7CAE421739163E7630865009D3197F587265E9E5797142D93E1B72B191 ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
10:36:54.0640 0x1424  TrueSight - ok
10:36:54.0687 0x1424  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:36:54.0687 0x1424  TrustedInstaller - ok
10:36:54.0734 0x1424  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:36:54.0734 0x1424  TsUsbFlt - ok
10:36:54.0781 0x1424  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
10:36:54.0781 0x1424  TsUsbGD - ok
10:36:54.0828 0x1424  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:36:54.0828 0x1424  tunnel - ok
10:36:54.0843 0x1424  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:36:54.0875 0x1424  uagp35 - ok
10:36:54.0890 0x1424  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
10:36:54.0890 0x1424  UASPStor - ok
10:36:54.0968 0x1424  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
10:36:54.0984 0x1424  UCX01000 - ok
10:36:55.0031 0x1424  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:36:55.0031 0x1424  udfs - ok
10:36:55.0046 0x1424  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
10:36:55.0046 0x1424  UEFI - ok
10:36:55.0093 0x1424  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:36:55.0109 0x1424  UI0Detect - ok
10:36:55.0125 0x1424  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:36:55.0125 0x1424  uliagpkx - ok
10:36:55.0140 0x1424  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
10:36:55.0140 0x1424  umbus - ok
10:36:55.0171 0x1424  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
10:36:55.0171 0x1424  UmPass - ok
10:36:55.0203 0x1424  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:36:55.0218 0x1424  UmRdpService - ok
10:36:55.0265 0x1424  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
10:36:55.0265 0x1424  upnphost - ok
10:36:55.0328 0x1424  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
10:36:55.0328 0x1424  usbaudio - ok
10:36:55.0390 0x1424  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
10:36:55.0406 0x1424  usbccgp - ok
10:36:55.0437 0x1424  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
10:36:55.0437 0x1424  usbcir - ok
10:36:55.0468 0x1424  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
10:36:55.0468 0x1424  usbehci - ok
10:36:55.0500 0x1424  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
10:36:55.0500 0x1424  usbfilter - ok
10:36:55.0546 0x1424  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
10:36:55.0546 0x1424  usbhub - ok
10:36:55.0593 0x1424  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
10:36:55.0593 0x1424  USBHUB3 - ok
10:36:55.0734 0x1424  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
10:36:55.0734 0x1424  usbohci - ok
10:36:55.0750 0x1424  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
10:36:55.0765 0x1424  usbprint - ok
10:36:55.0796 0x1424  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:36:55.0812 0x1424  usbscan - ok
10:36:55.0828 0x1424  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
10:36:55.0843 0x1424  USBSTOR - ok
10:36:55.0937 0x1424  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
10:36:55.0937 0x1424  usbuhci - ok
10:36:55.0968 0x1424  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
10:36:55.0968 0x1424  USBXHCI - ok
10:36:55.0984 0x1424  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
10:36:55.0984 0x1424  VaultSvc - ok
10:36:56.0000 0x1424  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:36:56.0015 0x1424  vdrvroot - ok
10:36:56.0062 0x1424  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
10:36:56.0093 0x1424  vds - ok
10:36:56.0171 0x1424  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
10:36:56.0171 0x1424  VerifierExt - ok
10:36:56.0234 0x1424  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
10:36:56.0250 0x1424  vhdmp - ok
10:36:56.0296 0x1424  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:36:56.0296 0x1424  viaide - ok
10:36:56.0343 0x1424  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
10:36:56.0343 0x1424  vmbus - ok
10:36:56.0359 0x1424  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
10:36:56.0375 0x1424  VMBusHID - ok
10:36:56.0421 0x1424  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
10:36:56.0421 0x1424  vmicguestinterface - ok
10:36:56.0453 0x1424  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
10:36:56.0453 0x1424  vmicheartbeat - ok
10:36:56.0468 0x1424  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
10:36:56.0484 0x1424  vmickvpexchange - ok
10:36:56.0500 0x1424  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
10:36:56.0500 0x1424  vmicrdv - ok
10:36:56.0515 0x1424  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
10:36:56.0531 0x1424  vmicshutdown - ok
10:36:56.0546 0x1424  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
10:36:56.0562 0x1424  vmictimesync - ok
10:36:56.0578 0x1424  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
10:36:56.0578 0x1424  vmicvss - ok
10:36:56.0593 0x1424  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:36:56.0609 0x1424  volmgr - ok
10:36:56.0625 0x1424  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:36:56.0640 0x1424  volmgrx - ok
10:36:56.0687 0x1424  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:36:56.0687 0x1424  volsnap - ok
10:36:56.0718 0x1424  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
10:36:56.0750 0x1754  Object send P2P result: true
10:36:56.0750 0x1424  vpci - ok
10:36:56.0765 0x1754  Object required for P2P: [ 685590E21D90214CC8CB697E53277B49 ] RapportMgmtService
10:36:56.0812 0x1424  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:36:56.0828 0x1424  vsmraid - ok
10:36:56.0875 0x1424  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\Windows\system32\vssvc.exe
10:36:56.0921 0x1424  VSS - ok
10:36:56.0937 0x1424  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
10:36:56.0953 0x1424  VSTXRAID - ok
10:36:56.0968 0x1424  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:36:56.0968 0x1424  vwifibus - ok
10:36:56.0984 0x1424  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:36:57.0000 0x1424  vwififlt - ok
10:36:57.0015 0x1424  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:36:57.0015 0x1424  vwifimp - ok
10:36:57.0109 0x1424  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
10:36:57.0125 0x1424  W32Time - ok
10:36:57.0140 0x1424  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
10:36:57.0140 0x1424  WacomPen - ok
10:36:57.0203 0x1424  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
10:36:57.0234 0x1424  wbengine - ok
10:36:57.0296 0x1424  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:36:57.0312 0x1424  WbioSrvc - ok
10:36:57.0343 0x1424  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
10:36:57.0343 0x1424  Wcmsvc - ok
10:36:57.0375 0x1424  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:36:57.0390 0x1424  wcncsvc - ok
10:36:57.0421 0x1424  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:36:57.0437 0x1424  WcsPlugInService - ok
10:36:57.0437 0x1424  [ 694B28DE12AD47031FFB4B052662131A, FF3B1B1A69C82BB123073E10D9F1322ED8587F5BAC36F8AB7DAED22C7DD5C7DB ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
10:36:57.0437 0x1424  WdBoot - ok
10:36:57.0562 0x1424  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:36:57.0578 0x1424  Wdf01000 - ok
10:36:57.0609 0x1424  [ 0B99529A3BECC3528D865DDECB62503B, 28E6B44BDC52E212D2EB269491D3574B45EE9B19821FE15167D7FA05566C89F4 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
10:36:57.0609 0x1424  WdFilter - ok
10:36:57.0734 0x1424  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:36:57.0750 0x1424  WdiServiceHost - ok
10:36:57.0765 0x1424  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:36:57.0765 0x1424  WdiSystemHost - ok
10:36:57.0796 0x1424  [ 282E7D46310338FF4A6B7680440EB0DA, 04242798DD82F583154AEA3D775C9BFD574FC471D01CDEB9D070872425094D82 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
10:36:57.0796 0x1424  WdNisDrv - ok
10:36:57.0828 0x1424  WdNisSvc - ok
10:36:57.0875 0x1424  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
10:36:57.0890 0x1424  WebClient - ok
10:36:57.0937 0x1424  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:36:57.0937 0x1424  Wecsvc - ok
10:36:57.0968 0x1424  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
10:36:57.0984 0x1424  WEPHOSTSVC - ok
10:36:58.0015 0x1424  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:36:58.0031 0x1424  wercplsupport - ok
10:36:58.0062 0x1424  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
10:36:58.0062 0x1424  WerSvc - ok
10:36:58.0078 0x1424  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
10:36:58.0093 0x1424  WFPLWFS - ok
10:36:58.0109 0x1424  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
10:36:58.0109 0x1424  WiaRpc - ok
10:36:58.0171 0x1424  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:36:58.0187 0x1424  WIMMount - ok
10:36:58.0187 0x1424  WinDefend - ok
10:36:58.0281 0x1424  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
10:36:58.0296 0x1424  WinHttpAutoProxySvc - ok
10:36:58.0375 0x1424  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:36:58.0375 0x1424  Winmgmt - ok
10:36:58.0531 0x1424  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:36:58.0578 0x1424  WinRM - ok
10:36:58.0640 0x1424  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:36:58.0640 0x1424  WinUsb - ok
10:36:58.0765 0x1424  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
10:36:58.0796 0x1424  WlanSvc - ok
10:36:59.0078 0x1424  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
10:36:59.0171 0x1424  wlidsvc - ok
10:36:59.0203 0x1424  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
10:36:59.0203 0x1424  WmiAcpi - ok
10:36:59.0250 0x1424  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:36:59.0250 0x1424  wmiApSrv - ok
10:36:59.0359 0x1424  WMPNetworkSvc - ok
10:36:59.0453 0x1754  Object send P2P result: true
10:36:59.0468 0x1424  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
10:36:59.0468 0x1424  Wof - ok
10:36:59.0562 0x1424  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
10:36:59.0593 0x1424  workfolderssvc - ok
10:36:59.0640 0x1424  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
10:36:59.0640 0x1424  wpcfltr - ok
10:36:59.0671 0x1424  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:36:59.0687 0x1424  WPCSvc - ok
10:36:59.0703 0x1424  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:36:59.0718 0x1424  WPDBusEnum - ok
10:36:59.0734 0x1424  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
10:36:59.0750 0x1424  WpdUpFltr - ok
10:36:59.0750 0x1424  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:36:59.0750 0x1424  ws2ifsl - ok
10:36:59.0859 0x1424  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
10:36:59.0875 0x1424  wscsvc - ok
10:36:59.0875 0x1424  WSearch - ok
10:36:59.0984 0x1424  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
10:37:00.0046 0x1424  WSService - ok
10:37:00.0171 0x1424  [ 4BD3138EF061E24F9FDC722B49274B40, F9339F6AA8822E5E1334E41BE4140F9E8E5B24D1CD85B4C746D714AFDD485B49 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:37:00.0234 0x1424  wuauserv - ok
10:37:00.0296 0x1424  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:37:00.0296 0x1424  WudfPf - ok
10:37:00.0343 0x1424  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
10:37:00.0359 0x1424  WUDFRd - ok
10:37:00.0390 0x1424  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
10:37:00.0390 0x1424  WUDFSensorLP - ok
10:37:00.0437 0x1424  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:37:00.0437 0x1424  wudfsvc - ok
10:37:00.0453 0x1424  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
10:37:00.0453 0x1424  WUDFWpdFs - ok
10:37:00.0468 0x1424  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
10:37:00.0468 0x1424  WUDFWpdMtp - ok
10:37:00.0531 0x1424  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:37:00.0546 0x1424  WwanSvc - ok
10:37:00.0562 0x1424  ================ Scan global ===============================
10:37:00.0609 0x1424  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
10:37:00.0625 0x1424  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
10:37:00.0718 0x1424  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
10:37:00.0765 0x1424  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
10:37:00.0781 0x1424  [ Global ] - ok
10:37:00.0781 0x1424  ================ Scan MBR ==================================
10:37:00.0796 0x1424  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
10:37:00.0859 0x1424  \Device\Harddisk0\DR0 - ok
10:37:00.0859 0x1424  ================ Scan VBR ==================================
10:37:00.0906 0x1424  [ E415717843F92CA3897388CB2503074B ] \Device\Harddisk0\DR0\Partition1
10:37:01.0250 0x1424  \Device\Harddisk0\DR0\Partition1 - ok
10:37:01.0265 0x1424  [ E65561C39466C2837CE1BCB9EA2A9141 ] \Device\Harddisk0\DR0\Partition2
10:37:01.0328 0x1424  \Device\Harddisk0\DR0\Partition2 - ok
10:37:01.0375 0x1424  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
10:37:01.0390 0x1424  \Device\Harddisk0\DR0\Partition3 - ok
10:37:01.0453 0x1424  [ 152915D8E5A6472E2A982773642418BE ] \Device\Harddisk0\DR0\Partition4
10:37:01.0515 0x1424  \Device\Harddisk0\DR0\Partition4 - ok
10:37:01.0562 0x1424  [ F9B84297FDEB4C687E1B02474E2C82B8 ] \Device\Harddisk0\DR0\Partition5
10:37:01.0578 0x1424  \Device\Harddisk0\DR0\Partition5 - ok
10:37:01.0578 0x1424  ================ Scan generic autorun ======================
10:37:01.0812 0x1424  [ E16C98951AF108CB5178A7BD2DD13660, 9A85D0CD2339A89C06EE476CD1394A15198F167318280D80BF32AD3615D8660B ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
10:37:02.0281 0x1424  RTHDVCPL - ok
10:37:02.0328 0x1424  [ D8AB6AC4A2D30641C9544021373B47EB, A0553AFB3B186D8EA28CF056139FA5AA150D6BD31E36E5EB9D5DD5940A90CA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
10:37:02.0343 0x1424  RtHDVBg - ok
10:37:02.0390 0x1424  [ E88C413A2B763A2AB9E7FDD3A9463C71, EADE68CD4622F6DF4302D77E70730E1D8407F7A613705A4DA13E04269162EBA2 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
10:37:02.0390 0x1424  TosSENotify - ok
10:37:02.0468 0x1424  [ 3F45A43BF4B0E06B42E474B9BDA63985, 0C3F80761C4149B1D417D2F6093639963A2537E020A7BA2F97B7148E3A9FAC64 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
10:37:02.0484 0x1424  StartCCC - ok
10:37:02.0546 0x1424  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
10:37:02.0546 0x1424  BCSSync - ok
10:37:02.0703 0x1424  [ 74FB55079FAB617CE61FBE8A53278D9E, 0D15425AB5C344D2CADA3D8E04FB66DAAED0BDFF7E567F2770085F0726D0BE59 ] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe
10:37:02.0750 0x1424  Acrobat Assistant 8.0 - ok
10:37:02.0890 0x1424  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
10:37:02.0953 0x1424  SDTray - ok
10:37:02.0984 0x1424  [ 1C86D0C84FF3870A3E13808B853C040A, 129B757C9ED918EAA821F77D70C8DDAABC33E7E2929CF48ECD6AEB370D1F43CF ] C:\Program Files (x86)\AirPort\APAgent.exe
10:37:03.0062 0x1424  AirPort Base Station Agent - ok
10:37:03.0265 0x1424  [ 69E6AA230410AF75DE5C81B77C63BBDF, 56D6B2823695EA116FBEB3F3F49FC1023359528BF6377069D7E320EC28AE6561 ] C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
10:37:03.0359 0x1424  AvgUi - ok
10:37:03.0484 0x1424  [ BB1597F99D85047CC586F58C5C72A552, 788392F22ABA3131EE1250AF3237205D6D5E2E0E3E1A6C492E82F936B6FCE272 ] C:\Program Files (x86)\AVG\Av\avgui.exe
10:37:03.0546 0x1424  AVG_UI - ok
10:37:03.0593 0x1424  [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
10:37:03.0609 0x1424  OfficeSyncProcess - ok
10:37:03.0671 0x1424  [ B7D0F8D228E0289549E20F69F62D73B4, 49FE5CD979B04E3AE358E3CC7F01CCBF33A176650FEB460C0338107849F7F754 ] C:\Program Files (x86)\Backblaze\bzbui.exe
10:37:03.0687 0x1424  Backblaze - ok
10:37:03.0687 0x1424  Waiting for KSN requests completion. In queue: 154
10:37:04.0703 0x1424  Waiting for KSN requests completion. In queue: 154
10:37:05.0718 0x1424  Waiting for KSN requests completion. In queue: 154
10:37:06.0750 0x1424  AV detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated )
10:37:06.0843 0x1424  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9600.16384 ), 0x60100 ( disabled : updated )
10:37:06.0875 0x1424  AV detected via SS2: AVG Internet Security, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.7.0.7227 ), 0x41000 ( enabled : updated )
10:37:06.0937 0x1424  FW detected via SS2: AVG Internet Security, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.7.0.7227 ), 0x41010 ( enabled )
10:37:06.0937 0x1424  FW detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled )
10:37:09.0500 0x1424  ============================================================
10:37:09.0500 0x1424  Scan finished
10:37:09.0500 0x1424  ============================================================
10:37:09.0500 0x1b8c  Detected object count: 0
10:37:09.0500 0x1b8c  Actual detected object count: 0
10:38:04.0281 0x1144  Deinitialize success
 
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
Apparently, there was too much content for one post. This is part one of two.


#4 JGVT75

JGVT75
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 PM

Posted 14 November 2015 - 01:30 PM

This is part two of two.

 

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

AdwCleaner Log

 

# AdwCleaner v5.020 - Logfile created 14/11/2015 at 10:39:06

# Updated 13/11/2015 by Xplode

# Database : 2015-11-13.3 [Server]

# Operating system : Windows 8.1  (x64)

# Username : James - WORKSTATION

# Running from : C:\Users\James\Desktop\AdwCleaner.exe

# Option : Scan

# Support : http://toolslib.net/forum

 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

 

***** [ Files ] *****

 

 

***** [ DLL ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKU\.DEFAULT\Software\Avg Secure Update

 

***** [ Web browsers ] *****

 

 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [613 bytes] ##########

 

Junkware Removal Tool Log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 7.6.4 (09.28.2015:1)

OS: Windows 8.1 x64

Ran by James on Sat 11/14/2015 at 10:58:42.95

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Tasks

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

Successfully deleted: [File] C:\ProgramData\SMRResults501.dat

 

 

 

~~~ Folders

 

 

 

~~~ Chrome

 

 

[C:\Users\James\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

 

[C:\Users\James\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

 

[C:\Users\James\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

 

[C:\Users\James\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

[]

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sat 11/14/2015 at 11:04:58.56

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

ESET Log

 

C:\Program Files (x86)\NirSoft\ProduKey\ProduKey.exe a variant of Win32/PSWTool.ProductKey potentially unsafe application cleaned by deleting - quarantined

C:\Users\James\Desktop\documents-export-2015-10-07.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application deleted - quarantined

C:\Users\James\Downloads\rcsetup152.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

C:\Users\James\Software\M\Magical Jelly Bean\KeyFinderInstaller.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted - quarantined

C:\Users\James\Software\N\Nirsoft\produkey_setup.exe a variant of Win32/PSWTool.ProductKey potentially unsafe application deleted - quarantined

C:\Users\James\Software\P\spsetup128.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Thank you for your assistance. It is greatly appreciated.

 

James



#5 JGVT75

JGVT75
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 PM

Posted 24 November 2015 - 04:39 PM

Boopme,

 

Given the amount of time that has lapsed and your lack of response after I provided the requested information, it appears that you are either no longer willing or able to provide assistance in solving my problem. A simple message confirming this would have been appreciated. At this point I will consider the matter closed from my end and solicit help elsewhere. Thank you for your time and attention to this matter.

 

James



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 PM

Posted 24 November 2015 - 11:26 PM

Hello sorry about that. My daughter was in the hospital for a week and I could not get time.

You were infected by using cracked software. Some was removed.
you need to remove anything else or this is a waste of time anyway.

After that we need a deeper look to find anything else.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 JGVT75

JGVT75
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 PM

Posted 25 November 2015 - 08:54 AM

No problem. I had no idea. I hope that your daughter is doing well.

 

Cracked software? By this I assume you mean pirated software? Any idea what the specific program is? Everything that I installed on the machine should be on the up and up. 

 

Before I follow the Preparation Guide you referenced and post a new topic, I wanted to know that with all the uncertainty associated with malware and its removal if doing a disk erase and clean install of the OS will resolve the problem? As I am sure you are aware a key point with a clean install is not to reinstall any software that contains malware. So, it would be great if you can tell me which software caused the problem.

 

Thank you for your help.

 

Best,

 

James



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 PM

Posted 25 November 2015 - 12:41 PM

No problem, life happens.

This for example was removed.
Win32/PSWTool.ProductKey..it may cause data loss or other misbehavior including performance degradation. It could have entered thru an email.

In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:But the reinstall may just be the quickest.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 JGVT75

JGVT75
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 PM

Posted 25 November 2015 - 12:59 PM

Thanks for the reply and information. I have decided to go ahead with a secure erase of the HD and clean install of the OS. Once I get it all back up and running I will bring all my data backups online through a sandbox to route out anything that may be buried in my files. 



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 PM

Posted 26 November 2015 - 06:23 PM

Good plan!

Happy Thanksgiving!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users