Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ads.diamonds browser hijack on yahoo


  • This topic is locked This topic is locked
18 replies to this topic

#1 bubbleit

bubbleit

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 03 May 2017 - 11:16 AM

Hi
while surfing on yahoo website my browser suddenly redirects me to annoying (and dangerous?) advertising sites through links like ads.diamonds.com
 
This hijacker works now only on yahoo. I tried to solve with a topic in the section Am I Infected? but without results 
 
Thank you very much for your help :)
 
---------------
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01
Ran by FabrizioZ (administrator) on FABRIZIOZPC (03-05-2017 23:35:43)
Running from C:\Users\FabrizioZ\Downloads
Loaded Profiles: FabrizioZ (Available Profiles: FabrizioZ)
Platform: Windows 8.1 (Update) (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Almico Software (almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [1008128 2014-04-28] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-08-26] (Synaptics Incorporated)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-03] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-10-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [517536 2014-04-07] (TOSHIBA)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-03] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-03] (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3FF4D001-2ED1-4D3D-A558-AB8EF6FC19EE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D699EA5B-9AFB-44BC-9160-18A3BDCB9CAA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2520746005-1499581859-3675680556-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2520746005-1499581859-3675680556-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-2520746005-1499581859-3675680556-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/it-it/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxps://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1429006737751
 
FireFox:
========
FF DefaultProfile: dgh3shz7.default
FF ProfilePath: C:\Users\FabrizioZ\AppData\Roaming\Mozilla\Firefox\Profiles\dgh3shz7.default [2017-05-03]
FF Extension: (Adblock Plus) - C:\Users\FabrizioZ\AppData\Roaming\Mozilla\Firefox\Profiles\dgh3shz7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Shield Recipe Client) - C:\Users\FabrizioZ\AppData\Roaming\Mozilla\Firefox\Profiles\dgh3shz7.default\features\{2bb52758-e5b2-4a52-be56-11554701e1cf}\shield-recipe-client@mozilla.org.xpi [2017-05-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default [2017-05-03]
CHR Extension: (Presentazioni Google) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-03]
CHR Extension: (Documenti Google) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-03]
CHR Extension: (Google Drive) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-03]
CHR Extension: (YouTube) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-03]
CHR Extension: (Fogli Google) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-03]
CHR Extension: (Google Documenti offline) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-03]
CHR Extension: (AdBlock) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-05-03]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-03]
CHR Extension: (Gmail) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-03]
 
Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-03] (AVAST Software)
S4 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-06-30] ()
S4 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-22] (Intel Corporation)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [342928 2014-12-10] (Intel Corporation)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
S4 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-08-26] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2014-08-05] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-03] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-03] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158368 2017-05-03] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-03] (AVAST Software)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [222152 2014-08-22] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-07-08] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [293592 2014-04-17] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-08-26] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [27136 2014-03-24] (Windows ® Win 7 DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-06-12] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [213296 2014-10-15] (Windows ® Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Users\FabrizioZ\Documents\RealTemp_370\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
U0 Partizan; system32\drivers\Partizan.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-05-03 23:35 - 2017-05-03 23:35 - 00000000 ____D C:\Users\FabrizioZ\Downloads\FRST-OlderVersion
2017-05-03 23:00 - 2017-05-03 23:00 - 00000000 ____D C:\ProgramData\RegRun
2017-05-03 22:45 - 2017-05-03 22:45 - 00000002 RSHOT C:\Windows\winstart.bat
2017-05-03 22:45 - 2017-05-03 22:45 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2017-05-03 22:45 - 2017-05-03 22:45 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2017-05-03 22:41 - 2017-05-03 22:41 - 00000000 ____D C:\Users\FabrizioZ\Downloads\unhackme_8.80.0.580
2017-05-03 22:35 - 2017-05-03 22:36 - 18656117 _____ C:\Users\FabrizioZ\Downloads\unhackme_8.80.0.580.zip
2017-05-03 17:58 - 2017-05-03 23:35 - 02428928 _____ (Farbar) C:\Users\FabrizioZ\Downloads\FRST64.exe
2017-05-03 15:27 - 2017-05-03 15:27 - 00002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-03 15:27 - 2017-05-03 15:27 - 00002248 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-03 15:26 - 2017-05-03 15:26 - 00003582 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-03 15:26 - 2017-05-03 15:26 - 00003454 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-03 14:51 - 2017-05-03 14:51 - 00000000 ____D C:\Program Files\HitmanPro
2017-05-03 14:47 - 2017-05-03 14:48 - 09741664 _____ (SurfRight B.V.) C:\Users\FabrizioZ\Downloads\HitmanPro_x64.exe
2017-05-03 14:36 - 2017-05-03 14:36 - 00003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1493814972
2017-05-03 14:36 - 2017-05-03 14:36 - 00001120 _____ C:\Users\Public\Desktop\Opera 44.lnk
2017-05-03 14:36 - 2017-05-03 14:36 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 44.lnk
2017-05-03 14:35 - 2017-05-03 14:36 - 00000000 ____D C:\Program Files\Opera
2017-05-03 14:26 - 2017-05-03 14:26 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-03 12:44 - 2017-05-03 12:44 - 01186112 _____ (Opera Software) C:\Users\FabrizioZ\Downloads\OperaSetup (1).exe
2017-05-03 11:47 - 2017-05-03 11:47 - 01130328 _____ (Google Inc.) C:\Users\FabrizioZ\Downloads\ChromeSetup (1).exe
2017-05-03 00:01 - 2017-05-03 00:01 - 00000000 ____D C:\Users\FabrizioZ\AppData\Roaming\Eusing
2017-05-02 13:35 - 2017-05-02 13:36 - 03841528 _____ (Google) C:\Users\FabrizioZ\Downloads\chrome_cleanup_tool.exe
2017-05-01 21:18 - 2017-05-01 21:18 - 00000238 _____ C:\Users\FabrizioZ\Documents\esetscan.txt
2017-05-01 19:51 - 2017-05-01 19:52 - 06752896 _____ (ESET spol. s r.o.) C:\Users\FabrizioZ\Downloads\esetonlinescanner_enu (1).exe
2017-05-01 17:55 - 2017-05-01 17:55 - 00024950 _____ C:\Users\FabrizioZ\Documents\malwarscan01mag.odt
2017-05-01 15:47 - 2017-05-03 23:35 - 00013799 _____ C:\Users\FabrizioZ\Downloads\FRST.txt
2017-05-01 15:47 - 2017-05-03 18:00 - 00025027 _____ C:\Users\FabrizioZ\Downloads\Addition.txt
2017-05-01 15:46 - 2017-05-03 23:35 - 00000000 ____D C:\FRST
2017-05-01 13:21 - 2017-05-03 12:02 - 00029284 _____ C:\Users\FabrizioZ\Downloads\MTB.txt
2017-05-01 13:19 - 2017-05-01 13:19 - 00892416 _____ (Farbar) C:\Users\FabrizioZ\Downloads\MiniToolBox.exe
2017-05-01 13:16 - 2017-05-01 13:16 - 00003016 _____ C:\Users\FabrizioZ\Downloads\FSS.txt
2017-05-01 13:11 - 2017-05-01 13:11 - 00899584 _____ (Farbar) C:\Users\FabrizioZ\Downloads\FSS.exe
2017-05-01 13:06 - 2017-05-01 13:06 - 00852798 _____ C:\Users\FabrizioZ\Downloads\SecurityCheck.exe
2017-05-01 13:00 - 2017-05-01 13:00 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\FabrizioZ\Downloads\rkill.exe
2017-05-01 11:44 - 2017-05-01 16:17 - 00000000 ____D C:\Users\FabrizioZ\AppData\Roaming\WinPatrol
2017-05-01 11:44 - 2017-05-01 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2017-05-01 11:40 - 2017-05-01 11:40 - 01187840 _____ (Ruiware) C:\Users\FabrizioZ\Downloads\wpsetup.exe
2017-05-01 03:01 - 2017-05-01 03:01 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-05-01 02:08 - 2017-05-01 02:08 - 01605616 _____ (PortableApps.com) C:\Users\FabrizioZ\Downloads\GoogleChromePortable_58.0.3029.81_online.paf.exe
2017-04-30 23:35 - 2017-04-30 23:36 - 00000000 ____D C:\Users\FabrizioZ\Downloads\Opera
2017-04-30 23:35 - 2017-04-30 23:35 - 01183984 _____ (Opera Software) C:\Users\FabrizioZ\Downloads\Opera_PortableSetup (1).exe
2017-04-30 21:15 - 2017-04-11 02:12 - 01663672 _____ (Malwarebytes) C:\Users\FabrizioZ\Desktop\JRT.exe
2017-04-30 20:13 - 2017-05-03 00:09 - 00000000 ____D C:\Program Files (x86)\Eusing Free Registry Cleaner
2017-04-30 20:13 - 2017-04-30 20:13 - 00985017 _____ C:\Users\FabrizioZ\Downloads\EFRCSetup.exe
2017-04-30 18:38 - 2017-04-30 18:38 - 04102600 _____ C:\Users\FabrizioZ\Downloads\adwcleaner_6.046.exe
2017-04-30 18:07 - 2017-04-01 03:12 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-30 18:07 - 2017-04-01 03:12 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-30 17:59 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-30 17:59 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-30 17:59 - 2017-03-21 15:11 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-04-30 17:59 - 2017-03-21 15:11 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-04-30 17:59 - 2017-03-21 15:11 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-04-30 17:59 - 2017-03-21 15:11 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-04-30 17:58 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-30 17:58 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-30 17:58 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-30 17:58 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-30 17:58 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-30 17:58 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-30 17:58 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-30 17:58 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-30 17:58 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-30 17:58 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-30 17:58 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-30 17:58 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-30 17:58 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-30 17:58 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-30 17:58 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-30 17:58 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-30 17:58 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-30 17:58 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-30 17:58 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-30 17:58 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-30 17:58 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-30 17:58 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-30 17:58 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-30 17:58 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-30 17:58 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-30 17:58 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-30 17:58 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-30 17:58 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-30 17:58 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-30 17:58 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-30 17:58 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-30 17:58 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-30 17:58 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-30 17:58 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-30 17:58 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-30 17:58 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-30 17:58 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2017-04-30 17:58 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-30 17:58 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-30 17:58 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-30 17:58 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-30 17:58 - 2017-03-12 17:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-30 17:58 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-30 17:58 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-30 17:58 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-30 17:58 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-30 17:58 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-30 17:58 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-30 17:58 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-30 17:58 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-30 17:58 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-30 17:58 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-30 17:58 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-30 17:58 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-30 17:58 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-30 17:58 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-30 17:58 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-30 17:58 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-30 17:58 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-30 17:58 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-30 17:58 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-30 17:58 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-30 17:58 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-30 17:58 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2017-04-30 17:58 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2017-04-30 17:58 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-30 17:58 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2017-04-30 17:58 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-30 17:58 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-30 17:58 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-30 17:58 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-30 17:58 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-30 17:58 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-30 17:58 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-30 17:58 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-30 17:58 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-30 17:58 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-30 17:58 - 2017-01-14 16:37 - 00447095 _____ C:\Windows\system32\ApnDatabase.xml
2017-04-30 17:58 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2017-04-30 17:58 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2017-04-30 17:58 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-04-30 17:58 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2017-04-30 17:58 - 2017-01-11 19:28 - 00422744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-04-30 17:58 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2017-04-30 17:58 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-04-30 17:58 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-04-30 17:58 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-04-30 17:58 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-04-30 17:58 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-04-30 17:58 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-04-30 17:58 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-04-30 17:58 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-04-30 17:58 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-04-30 17:58 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-04-30 17:58 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2017-04-30 17:58 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-04-30 17:58 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-04-30 13:45 - 2017-04-30 13:45 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-04-30 13:30 - 2017-05-02 14:14 - 00002190 _____ C:\Users\FabrizioZ\Desktop\Rkill.txt
2017-04-30 13:14 - 2017-04-30 13:14 - 00001180 _____ C:\malw01.txt
2017-04-26 20:39 - 2017-04-26 20:39 - 00000000 ____D C:\ProgramData\NortonInstaller
 
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-05-03 23:32 - 2015-04-14 15:30 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-05-03 23:28 - 2016-11-16 02:09 - 00000000 ____D C:\Users\FabrizioZ\AppData\LocalLow\Mozilla
2017-05-03 23:12 - 2015-04-14 02:42 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2520746005-1499581859-3675680556-1001
2017-05-03 23:06 - 2017-02-13 19:39 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-05-03 22:57 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-03 19:26 - 2015-06-21 19:48 - 00000000 ____D C:\AdwCleaner
2017-05-03 15:27 - 2015-04-14 02:40 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\Google
2017-05-03 15:27 - 2014-12-25 10:57 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-03 14:49 - 2015-07-25 12:28 - 00000000 ____D C:\ProgramData\HitmanPro
2017-05-03 14:36 - 2016-06-13 00:56 - 00000000 ____D C:\Users\FabrizioZ\AppData\Roaming\Opera Software
2017-05-03 14:36 - 2015-04-14 15:48 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\Opera Software
2017-05-03 14:27 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-03 14:26 - 2017-02-13 19:39 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-03 14:26 - 2017-02-13 19:39 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-03 14:26 - 2017-02-13 19:39 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-03 14:26 - 2017-02-13 19:39 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00158368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-03 14:17 - 2015-04-14 02:36 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\Packages
2017-05-03 14:17 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-03 14:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-05-02 18:53 - 2015-09-10 16:18 - 00000547 _____ C:\Users\FabrizioZ\Desktop\JRT.txt
2017-05-02 00:27 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-01 22:09 - 2016-06-10 18:27 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\ESET
2017-05-01 15:46 - 2016-06-04 18:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-01 14:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-04-30 23:01 - 2016-09-28 13:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-30 23:01 - 2016-06-04 12:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-30 18:19 - 2016-03-27 22:38 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\CrashDumps
2017-04-30 18:12 - 2014-10-31 13:30 - 00803564 _____ C:\Windows\system32\perfh010.dat
2017-04-30 18:12 - 2014-10-31 13:30 - 00156688 _____ C:\Windows\system32\perfc010.dat
2017-04-30 18:12 - 2014-03-18 11:47 - 01813012 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-30 18:05 - 2013-08-22 16:44 - 00403104 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-30 18:02 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2017-04-30 18:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-30 18:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-30 18:02 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-04-30 17:42 - 2017-02-04 02:27 - 00001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-04-30 17:19 - 2015-04-14 02:35 - 00000000 ____D C:\Users\FabrizioZ
2017-04-30 17:15 - 2016-03-02 19:53 - 00000000 ____D C:\ProgramData\RogueKiller
2017-04-30 17:15 - 2016-02-15 16:51 - 00000000 ____D C:\ProgramData\Norton
2017-04-30 17:15 - 2015-12-03 14:07 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-04-30 17:15 - 2015-04-18 12:24 - 00000000 ____D C:\Users\FabrizioZ\Documents\RealTemp_370
2017-04-30 17:15 - 2014-12-25 11:06 - 00000000 ____D C:\Program Files (x86)\Toshiba TEMPRO
2017-04-30 17:15 - 2014-12-25 10:57 - 00000000 ____D C:\Program Files (x86)\Symbaloo_TLauncher
2017-04-30 17:15 - 2014-12-25 10:38 - 00000000 ____D C:\Windows\System32\Tasks\TOSHIBA
2017-04-30 17:15 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media
2017-04-30 17:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SystemResources
2017-04-30 17:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-30 17:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Globalization
2017-04-30 17:15 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Sysprep
2017-04-30 17:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2017-04-30 14:52 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-04-30 13:16 - 2015-11-21 19:01 - 00029493 _____ C:\Users\FabrizioZ\Documents\dulilor2b.odt
2017-04-25 12:57 - 2016-02-15 16:51 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\NPE
2017-04-11 16:01 - 2015-06-13 18:05 - 00004436 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-04-11 16:01 - 2015-04-16 11:43 - 00004440 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-04-11 16:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-11 16:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-11 13:45 - 2017-02-06 20:47 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1486406810
2017-04-11 13:45 - 2017-02-06 20:46 - 00001032 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-04-04 23:39 - 2017-02-04 02:26 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.149356694929607
2017-04-04 23:39 - 2017-02-04 02:26 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.149356694929607
 
==================== Files in the root of some directories =======
 
2015-05-04 02:13 - 2016-06-03 18:35 - 0007597 _____ () C:\Users\FabrizioZ\AppData\Local\Resmon.ResmonCfg
2015-07-19 13:15 - 2015-07-19 13:15 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some files in TEMP:
====================
2017-05-02 12:41 - 2017-05-03 23:32 - 0192512 _____ () C:\Users\FabrizioZ\AppData\Local\Temp\sfamcc00001.dll
2017-05-03 21:42 - 2017-05-03 23:32 - 0158720 _____ () C:\Users\FabrizioZ\AppData\Local\Temp\sfareca00001.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-05-02 14:09
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
Ran by FabrizioZ (03-05-2017 23:37:00)
Running from C:\Users\FabrizioZ\Downloads
Windows 8.1 (Update) (X64) (2015-04-14 00:35:43)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2520746005-1499581859-3675680556-500 - Administrator - Disabled)
FabrizioZ (S-1-5-21-2520746005-1499581859-3675680556-1001 - Administrator - Enabled) => C:\Users\FabrizioZ
Guest (S-1-5-21-2520746005-1499581859-3675680556-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{4D875057-4353-4B8F-93E5-8C3DC7F34EA9}) (Version: 1.0.8 - Amazon) <==== ATTENTION
AMD Catalyst Install Manager (HKLM\...\{4B59EFAF-8E8A-0F20-2AE1-DDF265413161}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.49.0 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.2223 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4518.05 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DTS Sound (HKLM-x32\...\{BC95D4AF-4DAC-4350-8BCE-C8BF16A13AE0}) (Version: 1.01.8800 - DTS, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HP Deskjet 2540 series Aiuto (HKLM-x32\...\{5498205F-A6B4-4731-9B96-F2F411AFC58D}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 2540 series Software di base dispositivo (HKLM\...\{AA6A7206-C950-4BFC-98C3-EAF91DD0F659}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel® WiDi (HKLM\...\{32E851D9-FA8D-4F60-BED4-B0F613BF5E20}) (Version: 5.1.18.0 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{72059B36-031F-495E-B1A6-5346A905386E}) (Version: 17.1.1434.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{50748ecf-730e-4c86-87be-0346d4aa7aac}) (Version: 17.0.6 - Intel Corporation)
LibreOffice 4.4.6.3 (HKLM-x32\...\{1013DB12-EC2E-455E-B5ED-BFD056DC1A99}) (Version: 4.4.6.3 - The Document Foundation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 53.0 (x86 it) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 it)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
OEM Application Profile (HKLM-x32\...\{0405E53E-A68F-0B55-DEA5-5A070E58BD4E}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Opera Stable 44.0.2510.1449 (HKLM-x32\...\Opera 44.0.2510.1449) (Version: 44.0.2510.1449 - Opera Software)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29079 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Studio per il miglioramento dei prodotti HP Deskjet 2540 series (HKLM\...\{AE239200-6353-465D-A5BD-DB7D694C8807}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.18 - Synaptics Incorporated)
TOSHIBA Display Utility (HKLM\...\{CD780B1B-8B32-43BD-81D4-5326C27B36A0}) (Version: 1.2.6.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.5.3.6401 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.20 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 6.1.9.0 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{A0D34C74-70AC-45E4-9735-A11DA95A5810}) (Version: 4.00.00.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.02.7000 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{38732132-C103-4F24-A91A-62B68649B313}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0039 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.5.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.6.0 - Toshiba Europe GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2520746005-1499581859-3675680556-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2BEFDFC7-A85D-4CB5-8F7F-59371AEAAD76} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-30] (AVAST Software)
Task: {2F03AEC9-BB99-4242-B00B-C35F49C16877} - System32\Tasks\Opera scheduled Autoupdate 1486406810 => C:\Program Files\Opera\launcher.exe [2017-04-25] (Opera Software)
Task: {3FCC7B8F-18F3-427F-AA9E-96A54D2E842C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-03] (Google Inc.)
Task: {402299F2-BBF7-4E3D-AFAF-CF3DD78B88E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {47533241-B8F0-449A-9B35-39AC82A5F227} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {5EA61F91-3A3C-41BC-B297-3FEC48A1702B} - System32\Tasks\SafeZone scheduled Autoupdate 1460037588 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe 
Task: {8E9CDDF0-09EB-45CB-B337-1A1894579FF0} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [2014-06-04] ()
Task: {9133659F-D543-4100-AB40-F170961DB0B9} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {93E24D1C-D25A-4C85-9047-C9F255B9A8CA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {9BC0A604-3830-4158-95D8-43D1E0177CC8} - System32\Tasks\BDAntiCryptoWallTask => C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe 
Task: {AC6567EA-8227-4280-8606-C81356CF0205} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-03] (AVAST Software)
Task: {BC8108C8-7385-4FC9-9405-306DA477D707} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-03] (Google Inc.)
Task: {C2F9A958-F51F-42B1-BD7E-5C24DA401D93} - System32\Tasks\Opera scheduled Autoupdate 1493814972 => C:\Program Files\Opera\launcher.exe [2017-04-25] (Opera Software)
Task: {C7A41B8A-7245-47EA-81A7-1BFD79EC2F17} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2014-08-05] (Toshiba Europe GmbH)
Task: {D039BE6E-4BB9-4C75-A0A0-82AE47DEDCA9} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {DE27AFB6-E517-474C-9CB7-854EAAF945AF} - System32\Tasks\Opera scheduled Autoupdate 1429019257 => C:\Program Files (x86)\Opera\launcher.exe 
Task: {F83D2BD6-1693-4879-825A-D1AACD4CC7CE} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2014-10-09] (TOSHIBA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2017-05-03 21:42 - 2017-05-03 23:32 - 00158720 _____ () C:\Users\FabrizioZ\AppData\Local\Temp\sfareca00001.dll
2017-05-02 12:41 - 2017-05-03 23:32 - 00192512 _____ () C:\Users\FabrizioZ\AppData\Local\Temp\sfamcc00001.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2520746005-1499581859-3675680556-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Toshiba\standard.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: dts_apo_service => 3
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HDDHealth => 2
MSCONFIG\Services: ibtsiva.exe => 2
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: IntelUSBoverIP => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: TemproMonitoringService => 3
MSCONFIG\Services: TOSHIBA eco Utility Service => 2
MSCONFIG\Services: ZeroConfigService => 2
HKLM\...\StartupApproved\StartupFolder: => "HDDHealth.lnk"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{36ACA10F-5ADB-4174-8448-5F4B3C3F4863}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D4F74928-584C-4A65-9B5A-D057A23452BF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{D526C88B-1ABD-4258-8DAF-B44403174067}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{DE274733-F320-4799-A390-906D91D5BE06}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{59987378-0BA0-4935-879B-7E3A7E496DA2}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{298F1F07-9455-423A-BDE9-956F358743D9}] => (Allow) LPort=5357
FirewallRules: [{E47B8587-8BC8-4971-BA64-D3B1B97D2724}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0BBED689-7CAF-423C-9C5B-7BDC8075104A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7FC1AC36-6B5F-42B8-A160-463369658685}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6204FAEC-587F-4D50-B638-FDA69D1953F5}] => (Allow) C:\Program Files\Opera\44.0.2510.1449\opera.exe
FirewallRules: [{FD5DFF0A-D5F4-4A51-88B2-995DBF19B459}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
12-04-2017 14:01:49 Punto di controllo pianificato
25-04-2017 20:29:42 JRT Pre-Junkware Removal
30-04-2017 16:55:50 Operazione di ripristino
30-04-2017 18:42:17 JRT Pre-Junkware Removal
30-04-2017 19:30:44 JRT Pre-Junkware Removal
01-05-2017 03:00:27 Removed Amazon 1Button App
02-05-2017 18:47:52 JRT Pre-Junkware Removal
02-05-2017 18:51:15 JRT Pre-Junkware Removal
03-05-2017 22:54:41 UnHackMe Malware Removal
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Impossibile inizializzare l'indice.
 
Dettagli:
Impossibile trovare l'oggetto specificato. Specificare il nome di un oggetto esistente.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Impossibile inizializzare l'applicazione.
 
Contesto: applicazione Windows
 
Dettagli:
Impossibile trovare l'oggetto specificato. Specificare il nome di un oggetto esistente.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Impossibile inizializzare l'oggetto Gatherer.
 
Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Impossibile trovare l'oggetto specificato. Specificare il nome di un oggetto esistente.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Impossibile inizializzare il plug-in <Search.TripoliIndexer>.
 
Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Impossibile trovare l'oggetto specificato. Specificare il nome di un oggetto esistente.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Impossibile inizializzare il programma di gestione dei plug-in <Search.TripoliIndexer>.
 
Contesto: applicazione Windows
 
Dettagli:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: È in corso l'interruzione del servizio Windows Search. Problema dell'indicizzatore, The catalog is corrupt.
 
Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.   0xc0041801 (0xc0041801)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Il servizio di ricerca ha rilevato dati danneggiati nell'indice {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)}. Il servizio eseguirà un tentativo di correzione automatica del problema mediante la ricreazione dell'indice.
 
Dettagli:
0x8e5e0210 (0x8e5e0210)
 
Error: (05/03/2017 12:12:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (5004) Windows: Errore -1811 (0xfffff8ed) durante l'apertura del file di registro C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb0003A.log.
 
Error: (05/02/2017 03:38:40 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Impossibile inizializzare l'indice.
 
Dettagli:
Impossibile trovare l'oggetto specificato. Specificare il nome di un oggetto esistente.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/02/2017 03:38:40 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Impossibile inizializzare l'applicazione.
 
Contesto: applicazione Windows
 
Dettagli:
Impossibile trovare l'oggetto specificato. Specificare il nome di un oggetto esistente.  (HRESULT : 0x80040d06) (0x80040d06)
 
 
System errors:
=============
Error: (05/03/2017 10:26:50 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {1B1F472E-3221-4826-97DB-2C2324D389AE} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/03/2017 10:26:20 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/03/2017 01:48:49 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {1B1F472E-3221-4826-97DB-2C2324D389AE} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/03/2017 01:48:19 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/03/2017 12:13:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.
 
Percorso modulo: C:\Windows\System32\IWMSSvc.dll
 
Error: (05/03/2017 12:13:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.
 
Percorso modulo: C:\Windows\System32\IWMSSvc.dll
 
Error: (05/03/2017 12:13:03 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.
 
Percorso modulo: C:\Windows\System32\IWMSSvc.dll
 
Error: (05/03/2017 12:12:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Windows Search è stato arrestato in modo imprevisto. Questo problema si è verificato 2 volta/e. Le seguenti azioni di correzione saranno eseguite tra 30000 millisecondi: Riavvia il servizio.
 
Error: (05/03/2017 12:12:56 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Servizio Windows Search terminato con l'errore specifico del servizio 
%%2147749126
 
Error: (05/03/2017 12:12:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio TMachInfo. Questo evento si è già verificato 1 volta(e).
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 19%
Total physical RAM: 8107.14 MB
Available physical RAM: 6525.93 MB
Total Virtual: 9387.14 MB
Available Virtual: 7841.46 MB
 
==================== Drives ================================
 
Drive c: (TI31411800A) (Fixed) (Total:918.33 GB) (Free:850.82 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 

Edited by bubbleit, 03 May 2017 - 04:41 PM.


BC AdBot (Login to Remove)

 


#2 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:01:46 PM

Posted 03 May 2017 - 09:09 PM

Hi bubbleit,

Thanks for the logs. I will review them and give you more instructions soon. As I am still in training, my replies will need to be reviewed by another person before they can be posted, so there may be a small delay.

Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#3 bubbleit

bubbleit
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 04 May 2017 - 04:58 AM

Ok. Thans Iangcarrol. I'll wait your help :)



#4 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:01:46 PM

Posted 06 May 2017 - 02:38 PM

Hi bubbleit,

Please follow the below instructions. Could you also tell me what web browser you are seeing this in?

:step1: Please move FRST from your Downloads folder to your Desktop.

:step2: iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.
  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located);
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste its content in your next reply;
:step3: Can you take a screenshot of the search results you get that link to the adware? You can follow these instructions for using the Snipping Tool:
  • Press on the Win Key + R to open the Run box;
  • Enter SnippingTool and press on Enter;
  • The Snipping Tool will open, asking you to choose the area to take in the screenshot;
  • Left click on the area where you want to start the screenshot, keep it, and drag the cursor across the screen;
  • Once done, release the left button to take the screenshot;
  • In the editing window, click on the File menu then Save As;
  • Save the screenshot in a folder that you can access easily;
  • Attaching the screenshot in your reply
    • Go in your thread and click on the Reply to this topic button in the top-right corner;
      85hPFGu.png
    • Below the text box you'll have the option to Attach files. Click on the Choose Files... button, navigate to your screenshot and select it;
      LKVBzF7.png
    • Once done, add a comment to your reply and post it;

Attached Files


Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#5 bubbleit

bubbleit
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 07 May 2017 - 04:56 AM

Hi iangcarroll, thanks for your reply

 

this is the fixlogtxt

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-05-2017
Ran by FabrizioZ (06-05-2017 23:37:17) Run:1
Running from C:\Users\FabrizioZ\Downloads
Loaded Profiles: FabrizioZ (Available Profiles: FabrizioZ)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-2520746005-1499581859-3675680556-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => No File
EmptyTemp:
*****************
 
HKU\S-1-5-21-2520746005-1499581859-3675680556-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value removed successfully
"C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL" => Value data removed successfully.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7525182 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 329102 B
Edge => 0 B
Chrome => 145408 B
Firefox => 12808236 B
Opera => 9700064 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 551889 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
FabrizioZ => 36847483 B
 
RecycleBin => 0 B
EmptyTemp: => 72.8 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 23:37:21 ====


#6 bubbleit

bubbleit
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 07 May 2017 - 05:27 AM

Sorry, maybe I was not well explained , the problem is mainly with the yahoo homepage, not with the search results. When I go on the yahoo home I'm redirected to these advertising sites, especially through the link ads.diamonds.com.
If I block third-party cookies, the problem does not appear.
The browsers I use are mainly Chrome and Opera
I attach the file with snippet of yahoo home page and the address of the last site I was redirected (with the scan report of Virustotal).
 
 Thank you for your patient help :)

Attached Files


Edited by bubbleit, 07 May 2017 - 05:58 AM.


#7 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:01:46 PM

Posted 09 May 2017 - 03:36 PM

Hi bubbleit,

I may have found what's causing this; please follow the below instructions. Thank you for the info and screenshots.

:step1: Uninstall Programs

I noticed that you have malicious programs installed on your system. Please uninstall the following programs from the Control Panel.
  • Amazon 1Button App
  • Symbaloo
If you have an issue when uninstalling a program, please let me know.

:step2: iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Click on the Scan button;
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of both FRST.txt and Addition.txt in your next reply;
:step3: warning.gifRegistry Cleaners Warning!
Registry Cleaners are known to be harmful to the system and should not be used for any reason there is. It's a known fact that using these programs can easily break a Windows installation, to the point where a complete reinstallation might be needed. Here's a few myths about using these programs, and why they are just plainly false.
  • "Using a Registry Cleaner will improve a system's performance" - False. The Windows Registry is a big database which contains information on everything present on the system, from the boot settings to how your programs looks when you open them. There's so many entries in it that cleaning even thousands of them isn't enough to boost a system performance. Also, there's no studies, tests, benchmarks, etc. which shows that using Registry Cleaners actually improve a system speed;
  • "Using a Registry Cleaner will fix all your errors" - False. Using a Registry Cleaner won't fix any problems at all. In fact, it have more chances to create them if anything. There's no program that can fix every problems in a simple click, and there probably never will. If you have an error, it's better to troubleshoot that error in particuliar by finding what's causing it and fixing it than using a software that might give you more errors;
  • "If you don't use a Registry Cleaner, you'll leave a door open for malware" - False. It is rare that malware will actually hijack orpheans keys and keypairs in the Registry to create persistence or install themself. They'll usually create their own keys/keypairs since they have been instructed (coded) to do so, and the creator cannot expect every system he'll infect to have leftover keys. Also, pretty much only Reg Loading Points in the Registry would be of any interest for a malware to hijack, and these are usually occupied already, or quickly deleted when empty;
  • Registry Cleaners aren't Registry Defraggers - These are two different kind of software who have two distinct function each.
  • On a last note, there's a lot of Registry Cleaners out here that won't create a back-up of your Registry before applying the changes they make. Which means that if you use them and clean entries that prevents Windows to reboot after, locking you out of your computer, you won't be able to restore a precedent Registry back-up via the Recovery PE. This means that if you can't fix the boot issue after that, you'll most likely be forced to reinstall Windows;
  • Registry Cleaners were used back in the days by developers who were using a OLE-schema for their applications. They used these to clean the Registry after uninstalling their programs, just in case there was traces of it left behind that could affect a reinstallation. These were back in the Windows 95 and Windows 98 days and this practice isn't in effect anymore. Therefore, there's no reason for you to use such programs and quite a few to avoid them instead.

    Here's more articles on Registry Cleaners that are worth a read if you want to learn more about them and why you shouldn't use them.

Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#8 bubbleit

bubbleit
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 10 May 2017 - 04:32 AM

Hi iangcarroll. I have uninstalled Amazon 1Button App and Symbaloo

 

These are the FRST scan results: 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017

Ran by FabrizioZ (administrator) on FABRIZIOZPC (10-05-2017 11:12:23)
Running from C:\Users\FabrizioZ\Downloads
Loaded Profiles: FabrizioZ (Available Profiles: FabrizioZ)
Platform: Windows 8.1 (Update) (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(uWebb Software) C:\Users\FabrizioZ\Documents\RealTemp_370\RealTemp.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Opera Software) C:\Program Files\Opera\44.0.2510.1449\opera.exe
(Opera Software) C:\Program Files\Opera\44.0.2510.1449\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\44.0.2510.1449\opera.exe
(Opera Software) C:\Program Files\Opera\44.0.2510.1449\opera.exe
(Opera Software) C:\Program Files\Opera\44.0.2510.1449\opera.exe
(Opera Software) C:\Program Files\Opera\44.0.2510.1449\opera.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [1008128 2014-04-28] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-08-26] (Synaptics Incorporated)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-03] (AVAST Software)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-10-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [517536 2014-04-07] (TOSHIBA)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-03] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-03] (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3FF4D001-2ED1-4D3D-A558-AB8EF6FC19EE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D699EA5B-9AFB-44BC-9160-18A3BDCB9CAA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2520746005-1499581859-3675680556-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2520746005-1499581859-3675680556-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/it-it/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxps://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1429006737751
 
FireFox:
========
FF DefaultProfile: dgh3shz7.default
FF ProfilePath: C:\Users\FabrizioZ\AppData\Roaming\Mozilla\Firefox\Profiles\dgh3shz7.default [2017-05-10]
FF Extension: (Adblock Plus) - C:\Users\FabrizioZ\AppData\Roaming\Mozilla\Firefox\Profiles\dgh3shz7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default [2017-05-10]
CHR Extension: (Presentazioni Google) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-03]
CHR Extension: (Documenti Google) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-03]
CHR Extension: (Google Drive) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-03]
CHR Extension: (YouTube) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-03]
CHR Extension: (Fogli Google) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-03]
CHR Extension: (Google Documenti offline) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-03]
CHR Extension: (AdBlock) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-05-03]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-03]
CHR Extension: (Gmail) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\FabrizioZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-03]
 
Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-03] (AVAST Software)
S4 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-06-30] ()
S4 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-22] (Intel Corporation)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [342928 2014-12-10] (Intel Corporation)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
S4 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-08-26] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2014-08-05] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-03] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-03] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158368 2017-05-03] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-03] (AVAST Software)
S3 ERmvrDrv; C:\Windows\system32\drivers\ERKRmvrDrv.sys [43608 2017-05-08] (ESET spol. s r.o.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-05-07] ()
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [222152 2014-08-22] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-05-10] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-05-10] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-05-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-10] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92096 2017-05-10] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-07-08] (Intel Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2017-05-06] (Greatis Software)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [293592 2014-04-17] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-08-26] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [27136 2014-03-24] (Windows ® Win 7 DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-06-12] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [213296 2014-10-15] (Windows ® Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Users\FabrizioZ\Documents\RealTemp_370\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-05-08 13:02 - 2017-05-08 13:02 - 00043608 _____ (ESET spol. s r.o.) C:\Windows\system32\Drivers\ERKRmvrDrv.sys
2017-05-07 19:43 - 2017-05-07 19:51 - 00233548 _____ C:\TDSSKiller.3.1.0.15_07.05.2017_19.43.19_log.txt
2017-05-07 15:08 - 2017-05-07 15:45 - 00233546 _____ C:\TDSSKiller.3.1.0.15_07.05.2017_15.08.52_log.txt
2017-05-07 15:04 - 2017-05-07 15:04 - 00000436 _____ C:\TDSSKiller.3.1.0.11_07.05.2017_15.04.40_log.txt
2017-05-07 13:44 - 2017-05-10 10:52 - 00092096 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-05-07 13:44 - 2017-05-10 10:44 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-07 13:44 - 2017-05-10 10:44 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-05-07 13:44 - 2017-05-10 10:44 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-05-07 13:44 - 2017-05-10 10:44 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-05-07 13:44 - 2017-05-07 14:46 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-05-07 13:44 - 2017-05-07 13:44 - 00001894 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-07 13:44 - 2017-05-07 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-07 13:44 - 2017-05-07 13:44 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-07 13:36 - 2017-05-07 13:37 - 57131432 _____ (Malwarebytes ) C:\Users\FabrizioZ\Downloads\mb3-setup-1878.1878-3.0.6.1469-1075.exe
2017-05-07 11:25 - 2017-05-07 11:27 - 00000000 ____D C:\Users\FabrizioZ\Downloads\serchfrst
2017-05-06 23:37 - 2017-05-06 23:37 - 00001503 _____ C:\Users\FabrizioZ\Downloads\Fixlog.txt
2017-05-06 15:05 - 2017-05-06 15:05 - 00000000 _____ C:\Users\FabrizioZ\ipconfig
2017-05-06 13:57 - 2017-05-06 13:57 - 00040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2017-05-06 13:32 - 2017-05-09 22:15 - 00000000 ____D C:\Users\FabrizioZ\Documents\RegRun2
2017-05-06 13:32 - 2017-05-09 18:03 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2017-05-06 13:32 - 2017-05-06 20:34 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2017-05-06 13:32 - 2017-05-06 13:32 - 00003338 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2017-05-06 13:32 - 2017-05-06 13:32 - 00000994 _____ C:\Users\FabrizioZ\Desktop\UnHackMe.lnk
2017-05-06 13:32 - 2017-05-06 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2017-05-06 13:32 - 2017-04-14 12:48 - 00014984 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2017-05-06 13:32 - 2015-12-28 11:32 - 00049968 _____ (Greatis Software) C:\Windows\system32\partizan.exe
2017-05-06 00:42 - 2017-05-06 00:43 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-05 12:42 - 2017-05-09 12:55 - 00000000 ____D C:\Users\FabrizioZ\Downloads\cartella old doc
2017-05-03 23:35 - 2017-05-10 11:11 - 00000000 ____D C:\Users\FabrizioZ\Downloads\FRST-OlderVersion
2017-05-03 23:00 - 2017-05-06 21:38 - 00000000 ____D C:\ProgramData\RegRun
2017-05-03 22:45 - 2017-05-06 13:32 - 00000002 RSHOT C:\Windows\winstart.bat
2017-05-03 22:45 - 2017-05-06 13:32 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2017-05-03 22:45 - 2017-05-06 13:32 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2017-05-03 17:58 - 2017-05-10 11:11 - 02429440 _____ (Farbar) C:\Users\FabrizioZ\Downloads\FRST64.exe
2017-05-03 15:27 - 2017-05-03 15:27 - 00002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-03 15:27 - 2017-05-03 15:27 - 00002248 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-03 15:26 - 2017-05-03 15:26 - 00003582 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-03 15:26 - 2017-05-03 15:26 - 00003454 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-03 14:51 - 2017-05-03 14:51 - 00000000 ____D C:\Program Files\HitmanPro
2017-05-03 14:36 - 2017-05-03 14:36 - 00003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1493814972
2017-05-03 14:36 - 2017-05-03 14:36 - 00001120 _____ C:\Users\Public\Desktop\Opera 44.lnk
2017-05-03 14:36 - 2017-05-03 14:36 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 44.lnk
2017-05-03 14:35 - 2017-05-03 14:36 - 00000000 ____D C:\Program Files\Opera
2017-05-03 14:26 - 2017-05-03 14:26 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-03 00:01 - 2017-05-03 00:01 - 00000000 ____D C:\Users\FabrizioZ\AppData\Roaming\Eusing
2017-05-01 21:18 - 2017-05-01 21:18 - 00000238 _____ C:\Users\FabrizioZ\Documents\esetscan.txt
2017-05-01 17:55 - 2017-05-01 17:55 - 00024950 _____ C:\Users\FabrizioZ\Documents\malwarscan01mag.odt
2017-05-01 15:47 - 2017-05-10 11:12 - 00014621 _____ C:\Users\FabrizioZ\Downloads\FRST.txt
2017-05-01 15:47 - 2017-05-07 11:31 - 00025240 _____ C:\Users\FabrizioZ\Downloads\Addition.txt
2017-05-01 15:46 - 2017-05-10 11:12 - 00000000 ____D C:\FRST
2017-05-01 11:44 - 2017-05-01 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2017-05-01 03:01 - 2017-05-01 03:01 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-04-30 21:15 - 2017-04-11 02:12 - 01663672 _____ (Malwarebytes) C:\Users\FabrizioZ\Desktop\JRT.exe
2017-04-30 20:13 - 2017-05-03 00:09 - 00000000 ____D C:\Program Files (x86)\Eusing Free Registry Cleaner
2017-04-30 18:07 - 2017-04-01 03:12 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-30 18:07 - 2017-04-01 03:12 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-30 17:59 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-30 17:59 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-30 17:59 - 2017-03-21 15:11 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-04-30 17:59 - 2017-03-21 15:11 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-04-30 17:59 - 2017-03-21 15:11 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-04-30 17:59 - 2017-03-21 15:11 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-04-30 17:58 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-30 17:58 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-30 17:58 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-30 17:58 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-30 17:58 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-30 17:58 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-30 17:58 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-30 17:58 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-30 17:58 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-30 17:58 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-30 17:58 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-30 17:58 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-30 17:58 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-30 17:58 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-30 17:58 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-30 17:58 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-30 17:58 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-30 17:58 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-30 17:58 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-30 17:58 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-30 17:58 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-30 17:58 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-30 17:58 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-30 17:58 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-30 17:58 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-30 17:58 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-30 17:58 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-30 17:58 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-30 17:58 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-30 17:58 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-30 17:58 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-30 17:58 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-30 17:58 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-30 17:58 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-30 17:58 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-30 17:58 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-30 17:58 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2017-04-30 17:58 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-30 17:58 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-30 17:58 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-30 17:58 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-30 17:58 - 2017-03-12 17:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-30 17:58 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-30 17:58 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-30 17:58 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-30 17:58 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-30 17:58 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-30 17:58 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-30 17:58 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-30 17:58 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-30 17:58 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-30 17:58 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-30 17:58 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-30 17:58 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-30 17:58 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-30 17:58 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-30 17:58 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-30 17:58 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-30 17:58 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-30 17:58 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-30 17:58 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-30 17:58 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-30 17:58 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-30 17:58 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2017-04-30 17:58 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2017-04-30 17:58 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-30 17:58 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2017-04-30 17:58 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-30 17:58 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-30 17:58 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-30 17:58 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-30 17:58 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-30 17:58 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-30 17:58 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-30 17:58 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-30 17:58 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-30 17:58 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-30 17:58 - 2017-01-14 16:37 - 00447095 _____ C:\Windows\system32\ApnDatabase.xml
2017-04-30 17:58 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2017-04-30 17:58 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2017-04-30 17:58 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-04-30 17:58 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2017-04-30 17:58 - 2017-01-11 19:28 - 00422744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-04-30 17:58 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2017-04-30 17:58 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-04-30 17:58 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-04-30 17:58 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-04-30 17:58 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-04-30 17:58 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-04-30 17:58 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-04-30 17:58 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-04-30 17:58 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-04-30 17:58 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-04-30 17:58 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-04-30 17:58 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2017-04-30 17:58 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-04-30 17:58 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-04-30 13:45 - 2017-04-30 13:45 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-04-30 13:30 - 2017-05-07 13:49 - 00002314 _____ C:\Users\FabrizioZ\Desktop\Rkill.txt
2017-04-30 13:14 - 2017-04-30 13:14 - 00001180 _____ C:\malw01.txt
2017-04-26 20:39 - 2017-04-26 20:39 - 00000000 ____D C:\ProgramData\NortonInstaller
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-05-10 11:11 - 2015-04-14 02:42 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2520746005-1499581859-3675680556-1001
2017-05-10 10:58 - 2016-11-16 02:09 - 00000000 ____D C:\Users\FabrizioZ\AppData\LocalLow\Mozilla
2017-05-10 10:44 - 2015-04-14 15:30 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-05-09 22:30 - 2015-04-14 02:35 - 00000000 ____D C:\Users\FabrizioZ
2017-05-09 22:18 - 2015-11-21 19:01 - 00029546 _____ C:\Users\FabrizioZ\Documents\dulilor2b.odt
2017-05-09 12:58 - 2015-06-21 19:48 - 00000000 ____D C:\AdwCleaner
2017-05-09 12:58 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-09 11:18 - 2015-06-13 18:05 - 00004436 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-05-09 11:18 - 2015-04-16 11:43 - 00004440 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-09 11:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-09 11:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-09 01:09 - 2016-11-07 14:02 - 00016920 _____ C:\Users\FabrizioZ\Documents\babilonia.odt
2017-05-08 13:57 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-08 02:28 - 2017-02-13 19:39 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-05-07 22:15 - 2016-02-15 16:51 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\NPE
2017-05-07 13:44 - 2015-04-26 11:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-07 01:15 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-05-06 23:37 - 2015-04-15 20:18 - 00000000 ____D C:\Users\FabrizioZ\AppData\LocalLow\Temp
2017-05-06 20:34 - 2016-06-04 12:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-06 20:34 - 2016-02-15 16:51 - 00000000 ____D C:\ProgramData\Norton
2017-05-06 20:34 - 2015-12-03 14:07 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-05-06 20:34 - 2014-12-25 10:38 - 00000000 ____D C:\Windows\System32\Tasks\TOSHIBA
2017-05-06 20:31 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-06 20:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2017-05-06 00:43 - 2015-07-16 11:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-05-05 20:41 - 2016-09-28 13:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-04 17:57 - 2014-10-31 13:30 - 00803564 _____ C:\Windows\system32\perfh010.dat
2017-05-04 17:57 - 2014-10-31 13:30 - 00156688 _____ C:\Windows\system32\perfc010.dat
2017-05-04 17:57 - 2014-03-18 11:47 - 01813012 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-03 15:27 - 2015-04-14 02:40 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\Google
2017-05-03 15:27 - 2014-12-25 10:57 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-03 14:49 - 2015-07-25 12:28 - 00000000 ____D C:\ProgramData\HitmanPro
2017-05-03 14:36 - 2016-06-13 00:56 - 00000000 ____D C:\Users\FabrizioZ\AppData\Roaming\Opera Software
2017-05-03 14:36 - 2015-04-14 15:48 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\Opera Software
2017-05-03 14:27 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-03 14:26 - 2017-02-13 19:39 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-03 14:26 - 2017-02-13 19:39 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-03 14:26 - 2017-02-13 19:39 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-03 14:26 - 2017-02-13 19:39 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00158368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-03 14:26 - 2017-02-04 02:26 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-03 14:17 - 2015-04-14 02:36 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\Packages
2017-05-03 14:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-05-02 18:53 - 2015-09-10 16:18 - 00000547 _____ C:\Users\FabrizioZ\Desktop\JRT.txt
2017-05-01 22:09 - 2016-06-10 18:27 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\ESET
2017-05-01 15:46 - 2016-06-04 18:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-01 14:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-04-30 18:19 - 2016-03-27 22:38 - 00000000 ____D C:\Users\FabrizioZ\AppData\Local\CrashDumps
2017-04-30 18:05 - 2013-08-22 16:44 - 00403104 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-30 18:02 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2017-04-30 18:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-30 18:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-30 17:42 - 2017-02-04 02:27 - 00001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-04-30 17:15 - 2016-03-02 19:53 - 00000000 ____D C:\ProgramData\RogueKiller
2017-04-30 17:15 - 2015-04-18 12:24 - 00000000 ____D C:\Users\FabrizioZ\Documents\RealTemp_370
2017-04-30 17:15 - 2014-12-25 11:06 - 00000000 ____D C:\Program Files (x86)\Toshiba TEMPRO
2017-04-30 17:15 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media
2017-04-30 17:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SystemResources
2017-04-30 17:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-30 17:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Globalization
2017-04-30 17:15 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Sysprep
2017-04-30 14:52 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-04-11 13:45 - 2017-02-06 20:47 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1486406810
2017-04-11 13:45 - 2017-02-06 20:46 - 00001032 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
 
==================== Files in the root of some directories =======
 
2015-05-04 02:13 - 2016-06-03 18:35 - 0007597 _____ () C:\Users\FabrizioZ\AppData\Local\Resmon.ResmonCfg
2015-07-19 13:15 - 2015-07-19 13:15 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some files in TEMP:
====================
2017-05-07 01:21 - 2017-05-10 10:44 - 0192512 _____ () C:\Users\FabrizioZ\AppData\Local\Temp\sfamcc00001.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-05-08 13:35
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017
Ran by FabrizioZ (10-05-2017 11:13:24)
Running from C:\Users\FabrizioZ\Downloads
Windows 8.1 (Update) (X64) (2015-04-14 00:35:43)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2520746005-1499581859-3675680556-500 - Administrator - Disabled)
FabrizioZ (S-1-5-21-2520746005-1499581859-3675680556-1001 - Administrator - Enabled) => C:\Users\FabrizioZ
Guest (S-1-5-21-2520746005-1499581859-3675680556-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{4B59EFAF-8E8A-0F20-2AE1-DDF265413161}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.49.0 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.2223 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4518.05 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DTS Sound (HKLM-x32\...\{BC95D4AF-4DAC-4350-8BCE-C8BF16A13AE0}) (Version: 1.01.8800 - DTS, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HP Deskjet 2540 series Aiuto (HKLM-x32\...\{5498205F-A6B4-4731-9B96-F2F411AFC58D}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 2540 series Software di base dispositivo (HKLM\...\{AA6A7206-C950-4BFC-98C3-EAF91DD0F659}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel® WiDi (HKLM\...\{32E851D9-FA8D-4F60-BED4-B0F613BF5E20}) (Version: 5.1.18.0 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{72059B36-031F-495E-B1A6-5346A905386E}) (Version: 17.1.1434.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{50748ecf-730e-4c86-87be-0346d4aa7aac}) (Version: 17.0.6 - Intel Corporation)
LibreOffice 4.4.6.3 (HKLM-x32\...\{1013DB12-EC2E-455E-B5ED-BFD056DC1A99}) (Version: 4.4.6.3 - The Document Foundation)
Malwarebytes versione 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 it) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 it)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
OEM Application Profile (HKLM-x32\...\{0405E53E-A68F-0B55-DEA5-5A070E58BD4E}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Opera Stable 44.0.2510.1449 (HKLM-x32\...\Opera 44.0.2510.1449) (Version: 44.0.2510.1449 - Opera Software)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29079 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Studio per il miglioramento dei prodotti HP Deskjet 2540 series (HKLM\...\{AE239200-6353-465D-A5BD-DB7D694C8807}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.18 - Synaptics Incorporated)
TOSHIBA Display Utility (HKLM\...\{CD780B1B-8B32-43BD-81D4-5326C27B36A0}) (Version: 1.2.6.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.5.3.6401 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.20 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 6.1.9.0 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{A0D34C74-70AC-45E4-9735-A11DA95A5810}) (Version: 4.00.00.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.02.7000 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{38732132-C103-4F24-A91A-62B68649B313}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0039 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.5.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.6.0 - Toshiba Europe GmbH)
UnHackMe 8.80 (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2520746005-1499581859-3675680556-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2BEFDFC7-A85D-4CB5-8F7F-59371AEAAD76} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-30] (AVAST Software)
Task: {2F03AEC9-BB99-4242-B00B-C35F49C16877} - System32\Tasks\Opera scheduled Autoupdate 1486406810 => C:\Program Files\Opera\launcher.exe [2017-04-25] (Opera Software)
Task: {3FCC7B8F-18F3-427F-AA9E-96A54D2E842C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-03] (Google Inc.)
Task: {402299F2-BBF7-4E3D-AFAF-CF3DD78B88E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {47533241-B8F0-449A-9B35-39AC82A5F227} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {5EA61F91-3A3C-41BC-B297-3FEC48A1702B} - System32\Tasks\SafeZone scheduled Autoupdate 1460037588 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe 
Task: {782BDFAF-D02A-410B-BB71-269746E11377} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {8E9CDDF0-09EB-45CB-B337-1A1894579FF0} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [2014-06-04] ()
Task: {9133659F-D543-4100-AB40-F170961DB0B9} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {93E24D1C-D25A-4C85-9047-C9F255B9A8CA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {9BC0A604-3830-4158-95D8-43D1E0177CC8} - System32\Tasks\BDAntiCryptoWallTask => C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe 
Task: {AC6567EA-8227-4280-8606-C81356CF0205} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-03] (AVAST Software)
Task: {BC8108C8-7385-4FC9-9405-306DA477D707} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-03] (Google Inc.)
Task: {C2F9A958-F51F-42B1-BD7E-5C24DA401D93} - System32\Tasks\Opera scheduled Autoupdate 1493814972 => C:\Program Files\Opera\launcher.exe [2017-04-25] (Opera Software)
Task: {C7A41B8A-7245-47EA-81A7-1BFD79EC2F17} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2014-08-05] (Toshiba Europe GmbH)
Task: {D039BE6E-4BB9-4C75-A0A0-82AE47DEDCA9} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {DE27AFB6-E517-474C-9CB7-854EAAF945AF} - System32\Tasks\Opera scheduled Autoupdate 1429019257 => C:\Program Files (x86)\Opera\launcher.exe 
Task: {F71B3FAC-A480-4615-8787-A40D7F82C482} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2017-04-14] (Greatis Software)
Task: {F83D2BD6-1693-4879-825A-D1AACD4CC7CE} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2014-10-09] (TOSHIBA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2017-05-07 13:44 - 2017-05-07 14:46 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-05-07 13:44 - 2017-05-07 14:46 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-05-03 14:36 - 2017-04-25 08:13 - 86931544 _____ () C:\Program Files\Opera\44.0.2510.1449\opera_browser.dll
2017-05-03 14:36 - 2017-04-25 08:13 - 02827352 _____ () C:\Program Files\Opera\44.0.2510.1449\libglesv2.dll
2017-05-03 14:36 - 2017-04-25 08:13 - 00100440 _____ () C:\Program Files\Opera\44.0.2510.1449\libegl.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-03 14:26 - 2017-05-03 14:26 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2520746005-1499581859-3675680556-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Toshiba\standard.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: dts_apo_service => 3
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HDDHealth => 2
MSCONFIG\Services: ibtsiva.exe => 2
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: IntelUSBoverIP => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: TemproMonitoringService => 3
MSCONFIG\Services: TOSHIBA eco Utility Service => 2
MSCONFIG\Services: ZeroConfigService => 2
HKLM\...\StartupApproved\StartupFolder: => "HDDHealth.lnk"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{36ACA10F-5ADB-4174-8448-5F4B3C3F4863}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D4F74928-584C-4A65-9B5A-D057A23452BF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{D526C88B-1ABD-4258-8DAF-B44403174067}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{DE274733-F320-4799-A390-906D91D5BE06}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{59987378-0BA0-4935-879B-7E3A7E496DA2}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{298F1F07-9455-423A-BDE9-956F358743D9}] => (Allow) LPort=5357
FirewallRules: [{E47B8587-8BC8-4971-BA64-D3B1B97D2724}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0BBED689-7CAF-423C-9C5B-7BDC8075104A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7FC1AC36-6B5F-42B8-A160-463369658685}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6204FAEC-587F-4D50-B638-FDA69D1953F5}] => (Allow) C:\Program Files\Opera\44.0.2510.1449\opera.exe
FirewallRules: [{FD5DFF0A-D5F4-4A51-88B2-995DBF19B459}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
12-04-2017 14:01:49 Punto di controllo pianificato
25-04-2017 20:29:42 JRT Pre-Junkware Removal
30-04-2017 16:55:50 Operazione di ripristino
30-04-2017 18:42:17 JRT Pre-Junkware Removal
30-04-2017 19:30:44 JRT Pre-Junkware Removal
01-05-2017 03:00:27 Removed Amazon 1Button App
02-05-2017 18:47:52 JRT Pre-Junkware Removal
02-05-2017 18:51:15 JRT Pre-Junkware Removal
03-05-2017 22:54:41 UnHackMe Malware Removal
06-05-2017 14:06:24 UnHackMe Malware Removal
06-05-2017 20:24:04 Operazione di ripristino
06-05-2017 21:54:31 ripstino06mag17
08-05-2017 17:58:47 Installed Microsoft Message Analyzer
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/09/2017 12:31:15 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generazione del contesto di attivazione non riuscita per "E:\click2run2010-kb2598285-fullfile-x86-glb.exe". Errore nel file manifesto o dei criteri "E:\click2run2010-kb2598285-fullfile-x86-glb.exe", riga 0.
Sintassi XML non valida.
 
Error: (05/06/2017 08:39:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1384) SRUJet: Errore -1811 (0xfffff8ed) durante l'apertura del file di registro C:\Windows\system32\SRU\SRU0005D.log.
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Impossibile inizializzare l'indice.
 
Dettagli:
Impossibile trovare l'oggetto specificato. Specificare il nome di un oggetto esistente.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Impossibile inizializzare l'applicazione.
 
Contesto: applicazione Windows
 
Dettagli:
Impossibile trovare l'oggetto specificato. Specificare il nome di un oggetto esistente.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Impossibile inizializzare l'oggetto Gatherer.
 
Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Impossibile trovare l'oggetto specificato. Specificare il nome di un oggetto esistente.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Impossibile inizializzare il plug-in <Search.TripoliIndexer>.
 
Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Impossibile trovare l'oggetto specificato. Specificare il nome di un oggetto esistente.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Impossibile inizializzare il programma di gestione dei plug-in <Search.TripoliIndexer>.
 
Contesto: applicazione Windows
 
Dettagli:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: È in corso l'interruzione del servizio Windows Search. Problema dell'indicizzatore, The catalog is corrupt.
 
Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.   0xc0041801 (0xc0041801)
 
Error: (05/03/2017 12:12:56 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Il servizio di ricerca ha rilevato dati danneggiati nell'indice {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)}. Il servizio eseguirà un tentativo di correzione automatica del problema mediante la ricreazione dell'indice.
 
Dettagli:
0x8e5e0210 (0x8e5e0210)
 
Error: (05/03/2017 12:12:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (5004) Windows: Errore -1811 (0xfffff8ed) durante l'apertura del file di registro C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb0003A.log.
 
 
System errors:
=============
Error: (05/09/2017 12:31:14 PM) (Source: disk) (EventID: 7) (User: )
Description: Rilevato blocco danneggiato sul dispositivo \Device\Harddisk1\DR1.
 
Error: (05/09/2017 11:29:00 AM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {1B1F472E-3221-4826-97DB-2C2324D389AE} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/09/2017 11:28:30 AM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/08/2017 08:19:02 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {4545DEA0-2DFC-4906-A728-6D986BA399A9} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/08/2017 08:19:02 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {4545DEA0-2DFC-4906-A728-6D986BA399A9} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/08/2017 08:19:02 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {4545DEA0-2DFC-4906-A728-6D986BA399A9} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/08/2017 08:19:02 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {4545DEA0-2DFC-4906-A728-6D986BA399A9} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/08/2017 08:18:56 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {4545DEA0-2DFC-4906-A728-6D986BA399A9} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/08/2017 08:18:56 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {4545DEA0-2DFC-4906-A728-6D986BA399A9} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
Error: (05/08/2017 08:18:56 PM) (Source: DCOM) (EventID: 10010) (User: Fabriziozpc)
Description: Il server {4545DEA0-2DFC-4906-A728-6D986BA399A9} non ha effettuato la registrazione con DCOM nel tempo richiesto.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 8107.14 MB
Available physical RAM: 5467.66 MB
Total Virtual: 9387.14 MB
Available Virtual: 6505.39 MB
 
==================== Drives ================================
 
Drive c: (TI31411800A) (Fixed) (Total:918.33 GB) (Free:856.69 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#9 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:01:46 PM

Posted 11 May 2017 - 07:44 PM

Hi bubbleit,

Is this problem still occurring? If so, please follow these instructions:

:step1: Can you paste the contents of the following TDSSKiller logs? Did you run TDSSKiller yourself?
C:\TDSSKiller.3.1.0.15_07.05.2017_19.43.19_log.txt
C:\TDSSKiller.3.1.0.15_07.05.2017_15.08.52_log.txt
C:\TDSSKiller.3.1.0.11_07.05.2017_15.04.40_log.txt
:step2: Does this issue happen in incognito mode in Chrome?
:step3: Please go to "chrome://extensions" in Chrome and look at what extensions you have loaded. I'd expect the following, but I'm wondering if something is missing from the log:
  • Presentazioni Google
  • Documenti Google
  • Google Drive
  • YouTube
  • Fogli Google
  • Google Documenti offline
  • AdBlock
  • Pagamenti Chrome Web Store
  • Gmail
  • Chrome Media Router
Is anything missing from that list, or is anything duplicated?

Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#10 bubbleit

bubbleit
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 13 May 2017 - 06:27 AM

Hi iangcarroll

 

The problem does not occur for two days. Perhaps this is the right way, but even before that , after a few days, redirects suddenly came back . So I prefer to wait a few more days before I can say I'm safer. :)

 

1) I run TDSS killer but the logs were clean.

2) The issue happened also in incognito mode

3) In Chrome there is no other than what you indicated.  there are only these extensions: Ad Block; Presentazioni Google, Documenti Google, Fogli Google, Google Documenti offline


Edited by bubbleit, 14 May 2017 - 04:33 AM.


#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:46 PM

Posted 15 May 2017 - 11:17 AM

iangcarrol will be back soon.


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:01:46 PM

Posted 15 May 2017 - 12:21 PM

Hi bubbleit,

Can you please upload the TDSSKiller logs regardless? Let me know if the problem comes back at any point.

Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#13 bubbleit

bubbleit
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 17 May 2017 - 11:56 AM

Hi iangcarroll.
 
The problem does not occur for 6 days. Good news therefore :)
 
I Post the TDSSkiller logs you asked
 
15:04:40.0100 0x1704  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
15:04:40.0100 0x1704  UEFI system
15:04:46.0542 0x1704  Perform update action was selected
15:04:46.0547 0x0e60  Deinitialize success
 
15:08:52.0275 0x1128  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
15:08:52.0275 0x1128  UEFI system
15:08:58.0276 0x1128  ============================================================
15:08:58.0276 0x1128  Current date / time: 2017/05/07 15:08:58.0276
15:08:58.0276 0x1128  SystemInfo:
15:08:58.0276 0x1128  
15:08:58.0276 0x1128  OS Version: 6.3.9600 ServicePack: 0.0
15:08:58.0276 0x1128  Product type: Workstation
15:08:58.0276 0x1128  ComputerName: FABRIZIOZPC
15:08:58.0276 0x1128  UserName: FabrizioZ
15:08:58.0276 0x1128  Windows directory: C:\Windows
15:08:58.0276 0x1128  System windows directory: C:\Windows
15:08:58.0276 0x1128  Running under WOW64
15:08:58.0276 0x1128  Processor architecture: Intel x64
15:08:58.0276 0x1128  Number of processors: 4
15:08:58.0276 0x1128  Page size: 0x1000
15:08:58.0276 0x1128  Boot type: Normal boot
15:08:58.0276 0x1128  CodeIntegrityOptions = 0x00000001
15:08:58.0276 0x1128  ============================================================
15:08:58.0576 0x1128  KLMD registered as C:\Windows\system32\drivers\37798249.sys
15:08:58.0576 0x1128  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18589, osProperties = 0x19
15:08:58.0926 0x1128  System UUID: {FE88E2AD-ED20-6B6C-035E-36B23E9404F8}
15:08:59.0926 0x1128  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:08:59.0936 0x1128  ============================================================
15:08:59.0936 0x1128  \Device\Harddisk0\DR0:
15:08:59.0936 0x1128  GPT partitions:
15:08:59.0936 0x1128  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1E27F41F-6C59-4C61-9B19-E4231FA714A0}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
15:08:59.0936 0x1128  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6A023B6A-A25A-45B0-9FAC-0AAB6AEF0F03}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x32000
15:08:59.0936 0x1128  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3EC941EA-5E87-402E-8949-7541F0A8533D}, Name: Basic data partition, StartLBA 0x232800, BlocksNum 0x40000
15:08:59.0936 0x1128  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {47A56D4A-15F4-48E5-8150-4DD26DB0DCB6}, Name: Basic data partition, StartLBA 0x272800, BlocksNum 0x72CA6800
15:08:59.0936 0x1128  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8C284314-7CF9-42C6-A0B8-A12DC7D89ED2}, Name: Basic data partition, StartLBA 0x72F19000, BlocksNum 0x17ED800
15:08:59.0936 0x1128  MBR partitions:
15:08:59.0936 0x1128  ============================================================
15:08:59.0966 0x1128  C: <-> \Device\Harddisk0\DR0\Partition4
15:08:59.0966 0x1128  ============================================================
15:08:59.0966 0x1128  Initialize success
15:08:59.0966 0x1128  ============================================================
15:09:07.0279 0x12a0  ============================================================
15:09:07.0279 0x12a0  Scan started
15:09:07.0279 0x12a0  Mode: Manual; 
15:09:07.0279 0x12a0  ============================================================
15:09:07.0279 0x12a0  KSN ping started
15:09:07.0929 0x12a0  KSN ping finished: true
15:09:10.0610 0x12a0  ================ Scan system memory ========================
15:09:10.0610 0x12a0  System memory - ok
15:09:10.0610 0x12a0  ================ Scan services =============================
15:09:10.0770 0x12a0  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
15:09:10.0780 0x12a0  1394ohci - ok
15:09:10.0840 0x12a0  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
15:09:10.0840 0x12a0  3ware - ok
15:09:10.0900 0x12a0  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:09:10.0910 0x12a0  ACPI - ok
15:09:10.0940 0x12a0  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
15:09:10.0950 0x12a0  acpiex - ok
15:09:10.0960 0x12a0  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
15:09:10.0960 0x12a0  acpipagr - ok
15:09:10.0970 0x12a0  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
15:09:10.0970 0x12a0  AcpiPmi - ok
15:09:10.0980 0x12a0  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
15:09:10.0980 0x12a0  acpitime - ok
15:09:11.0060 0x12a0  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:09:11.0070 0x12a0  AdobeARMservice - ok
15:09:11.0190 0x12a0  [ 95FF82767D666AC11CF644FDA976270D, CEF6BD96C59438B0AA01334FD0DCC719229E8DF17453519ECE79491CBEF5354E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:09:11.0200 0x12a0  AdobeFlashPlayerUpdateSvc - ok
15:09:11.0250 0x12a0  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
15:09:11.0280 0x12a0  ADP80XX - ok
15:09:11.0320 0x12a0  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:09:11.0320 0x12a0  AeLookupSvc - ok
15:09:11.0360 0x12a0  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
15:09:11.0370 0x12a0  AFD - ok
15:09:11.0390 0x12a0  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:09:11.0390 0x12a0  agp440 - ok
15:09:11.0410 0x12a0  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
15:09:11.0410 0x12a0  ahcache - ok
15:09:11.0450 0x12a0  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
15:09:11.0450 0x12a0  ALG - ok
15:09:11.0480 0x12a0  [ 99FA3D852B921AB4FF7F5DD90028F91F, 641D3A517B85BBC2C8668671F8699AA91D3294EBC5A4310AA45348E5E8E5DF85 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:09:11.0490 0x12a0  AMD External Events Utility - ok
15:09:11.0510 0x12a0  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
15:09:11.0510 0x12a0  AmdK8 - ok
15:09:11.0930 0x12a0  [ 6DCE3D4A8FAE7DEE4B84D1033C165D71, 8C2D491BF6D570EB89C26E16E828218C472B3DB2BC514CFF9EF7761350935E94 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:09:12.0350 0x12a0  amdkmdag - ok
15:09:12.0400 0x12a0  [ F04CBC7BD43EE3B41FBF1DFFC8F7C8EA, 92C93D320076E45D4C3C2302CF497074C7B3620623507C1E902B0403742708E8 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:09:12.0420 0x12a0  amdkmdap - ok
15:09:12.0430 0x12a0  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
15:09:12.0440 0x12a0  AmdPPM - ok
15:09:12.0450 0x12a0  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:09:12.0450 0x12a0  amdsata - ok
15:09:12.0470 0x12a0  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:09:12.0470 0x12a0  amdsbs - ok
15:09:12.0490 0x12a0  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:09:12.0490 0x12a0  amdxata - ok
15:09:12.0520 0x12a0  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
15:09:12.0520 0x12a0  AppID - ok
15:09:12.0540 0x12a0  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:09:12.0540 0x12a0  AppIDSvc - ok
15:09:12.0570 0x12a0  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\Windows\System32\appinfo.dll
15:09:12.0570 0x12a0  Appinfo - ok
15:09:12.0620 0x12a0  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
15:09:12.0640 0x12a0  AppReadiness - ok
15:09:12.0690 0x12a0  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
15:09:12.0720 0x12a0  AppXSvc - ok
15:09:12.0740 0x12a0  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:09:12.0740 0x12a0  arcsas - ok
15:09:13.0000 0x12a0  [ A760C2AFBA1A71E0F7310A6E900CB0E4, 3827C8D4DFC3FC850E9BD049E1B127BD1076DDEFDA19BBA9445FF201F6AE99F8 ] aswbIDSAgent    C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
15:09:13.0100 0x12a0  aswbIDSAgent - ok
15:09:13.0150 0x12a0  [ 0C19C91ED99964925FF8B05C23743AB1, BF513CCC0E5D2D2CE7D06F17ABC34CD3A55B59588267A5868ADFB723454AF6EB ] aswbidsdriver   C:\Windows\system32\drivers\aswbidsdrivera.sys
15:09:13.0160 0x12a0  aswbidsdriver - ok
15:09:13.0180 0x12a0  [ 670839F4BA6D82F3035AADFE8274F02E, E4E8B1F3B9138CB2600158CC8507CBA31637E48BBA4D67398E05970B2CECA671 ] aswbidsh        C:\Windows\system32\drivers\aswbidsha.sys
15:09:13.0180 0x12a0  aswbidsh - ok
15:09:13.0230 0x12a0  [ 5C561968CF601D76A98692DCC8CF74ED, 26D0F34CE4485A813200032CE6889575A13196E79A4B124DD19E4584B0C102DC ] aswblog         C:\Windows\system32\drivers\aswbloga.sys
15:09:13.0240 0x12a0  aswblog - ok
15:09:13.0260 0x12a0  [ 335E5F19E7397A283B7ED20FE7B369EB, 6A31ABA0BA671EA796E8920EBD64DB28D3D7EB65C4FF68C3EB1DEF4FFC002163 ] aswbuniv        C:\Windows\system32\drivers\aswbuniva.sys
15:09:13.0260 0x12a0  aswbuniv - ok
15:09:13.0280 0x12a0  [ BA02CA77D989710F79FD662019C4DF94, 2E989847BEE92EB8DE7492DE7AB9B4658CEFC38E678346B7548E6ECB528300D6 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
15:09:13.0290 0x12a0  aswHwid - ok
15:09:13.0300 0x12a0  [ 2B1490F2F1CC76C9C9B61CE63D6E7973, BFD456C598E74974B81453805ADD0792BD9636BF8213306F40029560B20DE036 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:09:13.0310 0x12a0  aswMonFlt - ok
15:09:13.0330 0x12a0  [ F26D1F761E14789743275FA5D258EAB8, D532AD4DFFC73BE8A889B75BB50D33FFF674B5AB31F05AA75D9E0667363057F1 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
15:09:13.0330 0x12a0  aswRdr - ok
15:09:13.0360 0x12a0  [ C1007774450CFAB19D784D50C3410FC7, 2752FD77412D54D78A81DED9F05F094E589BCA5E360ECD420E28ECC844D35921 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:09:13.0360 0x12a0  aswRvrt - ok
15:09:13.0400 0x12a0  [ EB1991686949400C51B8C21CE013621E, 248545BDD5E8D1BD2D752AF7D3B77E8F1EA6453FD3B007851A04E9B634966448 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:09:13.0450 0x12a0  aswSnx - ok
15:09:13.0480 0x12a0  [ 7A17BD26C74F5329CB1DF029AE4DD357, 31F98B74F6BC2D75BDC83E3E2E60C9541D57912B6DF2C8A9241F3CFB17E0ACBB ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:09:13.0500 0x12a0  aswSP - ok
15:09:13.0530 0x12a0  [ E826A190E6628C9B6AA2433D2771E15D, 9B509D8A214B4EC0D3439335A105BF6410476E755341F6EF3C9ADCD1C7303414 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
15:09:13.0530 0x12a0  aswStm - ok
15:09:13.0560 0x12a0  [ E76C21203E29F2DCC489EF585E0B1A38, F64B8F5F2EFA10ADD64DE0574ADDE05DF1DFDEACF0E72879C9DD6DEB037E01A3 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:09:13.0570 0x12a0  aswVmm - ok
15:09:13.0600 0x12a0  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:09:13.0600 0x12a0  atapi - ok
15:09:13.0630 0x12a0  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
15:09:13.0630 0x12a0  AudioEndpointBuilder - ok
15:09:13.0660 0x12a0  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:09:13.0680 0x12a0  Audiosrv - ok
15:09:13.0710 0x12a0  [ D961A7C05A76302E782B1B0CF6546BA7, DAE7481B4FFC0746944213D10EF59C21BBA9937138D660E72E63F43BCDC1F799 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:09:13.0710 0x12a0  avast! Antivirus - ok
15:09:13.0750 0x12a0  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:09:13.0750 0x12a0  AxInstSV - ok
15:09:13.0780 0x12a0  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:09:13.0810 0x12a0  b06bdrv - ok
15:09:13.0840 0x12a0  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
15:09:13.0840 0x12a0  BasicDisplay - ok
15:09:13.0890 0x12a0  [ 195BD339B4B782B42C19489DCFB4D110, E63CC0AEF1875D5D127E341CF65117DABC9E376A83E615EC8D01F6AB705DABAD ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
15:09:13.0890 0x12a0  BasicRender - ok
15:09:13.0910 0x12a0  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
15:09:13.0920 0x12a0  bcmfn2 - ok
15:09:13.0960 0x12a0  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\Windows\System32\bdesvc.dll
15:09:13.0970 0x12a0  BDESVC - ok
15:09:13.0980 0x12a0  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
15:09:13.0980 0x12a0  Beep - ok
15:09:14.0020 0x12a0  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
15:09:14.0040 0x12a0  BFE - ok
15:09:14.0100 0x12a0  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
15:09:14.0120 0x12a0  BITS - ok
15:09:14.0160 0x12a0  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:09:14.0160 0x12a0  bowser - ok
15:09:14.0200 0x12a0  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
15:09:14.0200 0x12a0  BrokerInfrastructure - ok
15:09:14.0230 0x12a0  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
15:09:14.0230 0x12a0  Browser - ok
15:09:14.0250 0x12a0  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
15:09:14.0250 0x12a0  BthAvrcpTg - ok
15:09:14.0270 0x12a0  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
15:09:14.0270 0x12a0  BthEnum - ok
15:09:14.0290 0x12a0  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
15:09:14.0290 0x12a0  BthHFEnum - ok
15:09:14.0300 0x12a0  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
15:09:14.0310 0x12a0  bthhfhid - ok
15:09:14.0350 0x12a0  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
15:09:14.0360 0x12a0  BthHFSrv - ok
15:09:14.0380 0x12a0  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
15:09:14.0390 0x12a0  BthLEEnum - ok
15:09:14.0410 0x12a0  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
15:09:14.0410 0x12a0  BTHMODEM - ok
15:09:14.0440 0x12a0  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
15:09:14.0440 0x12a0  BthPan - ok
15:09:14.0520 0x12a0  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:09:14.0570 0x12a0  BTHPORT - ok
15:09:14.0610 0x12a0  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
15:09:14.0610 0x12a0  bthserv - ok
15:09:14.0680 0x12a0  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:09:14.0680 0x12a0  BTHUSB - ok
15:09:14.0730 0x12a0  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:09:14.0730 0x12a0  cdfs - ok
15:09:14.0760 0x12a0  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
15:09:14.0770 0x12a0  cdrom - ok
15:09:14.0790 0x12a0  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:09:14.0800 0x12a0  CertPropSvc - ok
15:09:14.0820 0x12a0  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
15:09:14.0820 0x12a0  circlass - ok
15:09:14.0870 0x12a0  [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS            C:\Windows\system32\drivers\CLFS.sys
15:09:14.0890 0x12a0  CLFS - ok
15:09:14.0910 0x12a0  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
15:09:14.0910 0x12a0  CmBatt - ok
15:09:14.0970 0x12a0  [ C8823A6ECE66B997C8E9F413D1D671E7, D739A194BCA4C1979C5B2A71F4B8DAB0BCC1524808C50BA302847B6C82D77250 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:09:15.0000 0x12a0  CNG - ok
15:09:15.0090 0x12a0  [ CCEF5F12E7A33F232E1138B3EF5A1B6A, AF680F17DA3524E571B8FE6C2EAB6B0369D4A3B124E4F020D63E0189122EA251 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
15:09:15.0140 0x12a0  CnxtHdAudService - ok
15:09:15.0170 0x12a0  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
15:09:15.0170 0x12a0  CompositeBus - ok
15:09:15.0170 0x12a0  COMSysApp - ok
15:09:15.0190 0x12a0  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
15:09:15.0190 0x12a0  condrv - ok
15:09:15.0280 0x12a0  [ 20D608B263C1D99382E3ABA02AD7705A, FE03490A2E234FDA95556F92CC522A368965EC717A5AC1E622ADF19354B7AF25 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:09:15.0290 0x12a0  cphs - ok
15:09:15.0330 0x12a0  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:09:15.0340 0x12a0  CryptSvc - ok
15:09:15.0370 0x12a0  [ 426B2624A1669D233BAB6C4AC5E9432E, C03746D04094FAEA0650032447667055E7C7D1094581D4C1EB414D22A164CA99 ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
15:09:15.0380 0x12a0  CxAudMsg - ok
15:09:15.0400 0x12a0  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
15:09:15.0410 0x12a0  dam - ok
15:09:15.0470 0x12a0  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:09:15.0480 0x12a0  DcomLaunch - ok
15:09:15.0530 0x12a0  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
15:09:15.0540 0x12a0  defragsvc - ok
15:09:15.0570 0x12a0  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
15:09:15.0580 0x12a0  DeviceAssociationService - ok
15:09:15.0620 0x12a0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
15:09:15.0630 0x12a0  DeviceInstall - ok
15:09:15.0660 0x12a0  [ 4FED6AD69C9EE1EE7FD3C88437138855, 71E0863898F2E3B1F9769C8A9980E2063042961D417FE0C969B2E5B7A0013978 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
15:09:15.0660 0x12a0  Dfsc - ok
15:09:15.0710 0x12a0  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:09:15.0710 0x12a0  Dhcp - ok
15:09:15.0800 0x12a0  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:09:15.0840 0x12a0  DiagTrack - ok
15:09:15.0870 0x12a0  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
15:09:15.0870 0x12a0  disk - ok
15:09:15.0900 0x12a0  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
15:09:15.0900 0x12a0  dmvsc - ok
15:09:15.0930 0x12a0  [ 1E365F2B4C8F6D4D9FF0D1B4A93C230C, 5CAC22131F376D55F09BF875F7CBC4D8827EBC189EEB5D713D693A3510B20077 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:09:15.0930 0x12a0  Dnscache - ok
15:09:15.0990 0x12a0  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:09:16.0010 0x12a0  dot3svc - ok
15:09:16.0050 0x12a0  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
15:09:16.0050 0x12a0  DPS - ok
15:09:16.0080 0x12a0  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:09:16.0080 0x12a0  drmkaud - ok
15:09:16.0110 0x12a0  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
15:09:16.0120 0x12a0  DsmSvc - ok
15:09:16.0200 0x12a0  [ 0166B1E908A6EC670CFDE42521BF7CA3, 5D6A9EF83C9B657C3DFC965100F1404AABF44B6B8B9A06F97F2C47A2E935825E ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
15:09:16.0200 0x12a0  dts_apo_service - ok
15:09:16.0320 0x12a0  [ E7100B511A7AC0422C3E5CC4D1DDC0A5, 7C4166096B824168FADD4B7222E25104DE9B81E2549B6F96F91340BD42AE7D74 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:09:16.0370 0x12a0  DXGKrnl - ok
15:09:16.0400 0x12a0  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
15:09:16.0410 0x12a0  Eaphost - ok
15:09:16.0550 0x12a0  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:09:16.0660 0x12a0  ebdrv - ok
15:09:16.0680 0x12a0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
15:09:16.0690 0x12a0  EFS - ok
15:09:16.0700 0x12a0  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
15:09:16.0710 0x12a0  EhStorClass - ok
15:09:16.0720 0x12a0  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
15:09:16.0730 0x12a0  EhStorTcgDrv - ok
15:09:16.0740 0x12a0  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
15:09:16.0740 0x12a0  ErrDev - ok
15:09:16.0780 0x12a0  [ F1CEA9D2626D5933162C72F0C47B496C, 6B2AFF709CCF9FD9AAE61DBDDC4ACD62FB430C155DFEB31F8D2B516B309EFB3B ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
15:09:16.0790 0x12a0  ESProtectionDriver - ok
15:09:16.0820 0x12a0  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
15:09:16.0830 0x12a0  EventSystem - ok
15:09:16.0920 0x12a0  [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:09:16.0960 0x12a0  EvtEng - ok
15:09:16.0990 0x12a0  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:09:17.0000 0x12a0  exfat - ok
15:09:17.0010 0x12a0  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:09:17.0020 0x12a0  fastfat - ok
15:09:17.0060 0x12a0  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
15:09:17.0080 0x12a0  Fax - ok
15:09:17.0090 0x12a0  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
15:09:17.0090 0x12a0  fdc - ok
15:09:17.0120 0x12a0  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:09:17.0130 0x12a0  fdPHost - ok
15:09:17.0160 0x12a0  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:09:17.0160 0x12a0  FDResPub - ok
15:09:17.0200 0x12a0  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
15:09:17.0200 0x12a0  fhsvc - ok
15:09:17.0210 0x12a0  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:09:17.0220 0x12a0  FileInfo - ok
15:09:17.0230 0x12a0  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:09:17.0230 0x12a0  Filetrace - ok
15:09:17.0250 0x12a0  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
15:09:17.0250 0x12a0  flpydisk - ok
15:09:17.0290 0x12a0  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:09:17.0300 0x12a0  FltMgr - ok
15:09:17.0370 0x12a0  [ 359A7382DB639FE051455D868DEFF1A0, 1FFB6D8C96D9559081092F4BCA221AF993E40388D4951F72FFE6389894465A97 ] FontCache       C:\Windows\system32\FntCache.dll
15:09:17.0420 0x12a0  FontCache - ok
15:09:17.0520 0x12a0  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:09:17.0520 0x12a0  FontCache3.0.0.0 - ok
15:09:17.0550 0x12a0  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:09:17.0560 0x12a0  FsDepends - ok
15:09:17.0580 0x12a0  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:09:17.0580 0x12a0  Fs_Rec - ok
15:09:17.0620 0x12a0  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:09:17.0640 0x12a0  fvevol - ok
15:09:17.0650 0x12a0  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
15:09:17.0660 0x12a0  FxPPM - ok
15:09:17.0670 0x12a0  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:09:17.0680 0x12a0  gagp30kx - ok
15:09:17.0700 0x12a0  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
15:09:17.0700 0x12a0  gencounter - ok
15:09:17.0740 0x12a0  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
15:09:17.0740 0x12a0  GPIOClx0101 - ok
15:09:17.0800 0x12a0  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:09:17.0850 0x12a0  gpsvc - ok
15:09:17.0920 0x12a0  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:09:17.0930 0x12a0  gupdate - ok
15:09:17.0940 0x12a0  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:09:17.0950 0x12a0  gupdatem - ok
15:09:17.0980 0x12a0  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:09:17.0990 0x12a0  HdAudAddService - ok
15:09:18.0000 0x12a0  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
15:09:18.0010 0x12a0  HDAudBus - ok
15:09:18.0020 0x12a0  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
15:09:18.0020 0x12a0  HidBatt - ok
15:09:18.0050 0x12a0  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
15:09:18.0050 0x12a0  HidBth - ok
15:09:18.0070 0x12a0  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
15:09:18.0070 0x12a0  hidi2c - ok
15:09:18.0080 0x12a0  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
15:09:18.0080 0x12a0  HidIr - ok
15:09:18.0120 0x12a0  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
15:09:18.0120 0x12a0  hidserv - ok
15:09:18.0150 0x12a0  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
15:09:18.0160 0x12a0  HidUsb - ok
15:09:18.0190 0x12a0  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:09:18.0190 0x12a0  hkmsvc - ok
15:09:18.0230 0x12a0  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:09:18.0240 0x12a0  HomeGroupListener - ok
15:09:18.0280 0x12a0  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:09:18.0310 0x12a0  HomeGroupProvider - ok
15:09:18.0330 0x12a0  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:09:18.0330 0x12a0  HpSAMD - ok
15:09:18.0380 0x12a0  [ 030DD4F01AF3C32BA1AD00B549156F99, 5FDF4B199FDE1110CBC9DB164001A971057C982EB6AD5542BCD74AB3446E2D70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:09:18.0400 0x12a0  HTTP - ok
15:09:18.0420 0x12a0  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:09:18.0420 0x12a0  hwpolicy - ok
15:09:18.0460 0x12a0  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
15:09:18.0460 0x12a0  hyperkbd - ok
15:09:18.0470 0x12a0  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
15:09:18.0470 0x12a0  HyperVideo - ok
15:09:18.0500 0x12a0  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
15:09:18.0500 0x12a0  i8042prt - ok
15:09:18.0520 0x12a0  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
15:09:18.0520 0x12a0  iaLPSSi_GPIO - ok
15:09:18.0540 0x12a0  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
15:09:18.0540 0x12a0  iaLPSSi_I2C - ok
15:09:18.0570 0x12a0  [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
15:09:18.0580 0x12a0  iaStorA - ok
15:09:18.0620 0x12a0  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
15:09:18.0640 0x12a0  iaStorAV - ok
15:09:18.0670 0x12a0  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:09:18.0680 0x12a0  iaStorV - ok
15:09:18.0800 0x12a0  [ 29BBB3F52B31FEB57526960CDA78E423, B3016CD4DBE8346B4805ACCA149BE96678259344804ACA1B4B4B813F5F233055 ] ibtsiva.exe     C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
15:09:18.0800 0x12a0  ibtsiva.exe - ok
15:09:19.0060 0x12a0  [ 7390AF911FEF186BC5E6C5DCE4FBE122, 00EAC3D23C326F235A5F46B9333596233EB5C663E8C7483AAEE7D949A1F55CA0 ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
15:09:19.0089 0x12a0  ibtusb - ok
15:09:19.0185 0x12a0  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
15:09:19.0190 0x12a0  ICCS - ok
15:09:19.0194 0x12a0  IEEtwCollectorService - ok
15:09:20.0160 0x12a0  [ 0CC07A52339BEEAD5BEFB571FA0F57A7, 32FEC28442D2593A468CEDBBDE56974A482926F36AE26539CC0B7F504A9813A2 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:09:20.0380 0x12a0  igfx - ok
15:09:20.0534 0x12a0  [ 286B22157D7768EA9F053BE37A9FE8B1, 192244A42A646F15615F9F329E3E1801F097913562F289F5209916CE13630225 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
15:09:20.0599 0x12a0  igfxCUIService1.0.0.0 - ok
15:09:20.0761 0x12a0  [ AD5DF6F4FBBC798636EDC66BFEC7D0DE, 837C9BCB6C23FE0901F0F66A57FAB5985984F0EAD9E34F84A9F78349EDE0394F ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
15:09:20.0763 0x12a0  IJPLMSVC - ok
15:09:21.0008 0x12a0  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\Windows\System32\ikeext.dll
15:09:21.0055 0x12a0  IKEEXT - ok
15:09:21.0091 0x12a0  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
15:09:21.0154 0x12a0  intaud_WaveExtensible - ok
15:09:21.0187 0x12a0  [ 0D92782AEAFEC340F7F637E91C7E367D, 2E2654D017FF567CF8ED4D0BA20209894792C8BDDF50C3396961F2B850E17E36 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:09:21.0224 0x12a0  IntcDAud - ok
15:09:21.0460 0x12a0  [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
15:09:21.0479 0x12a0  Intel® Capability Licensing Service TCP IP Interface - ok
15:09:21.0608 0x12a0  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:09:21.0610 0x12a0  intelide - ok
15:09:21.0648 0x12a0  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
15:09:21.0650 0x12a0  intelpep - ok
15:09:21.0660 0x12a0  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
15:09:21.0662 0x12a0  intelppm - ok
15:09:21.0708 0x12a0  [ 7796E03E2BB3E9F5940F5CB12FC4CC4F, A5B156B76757BF6339A35DE4845F19ECB4AA3F0784D227536F45AE1552F680ED ] IntelUSBoverIP  C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
15:09:21.0715 0x12a0  IntelUSBoverIP - ok
15:09:21.0737 0x12a0  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:09:21.0740 0x12a0  IpFilterDriver - ok
15:09:21.0843 0x12a0  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:09:21.0865 0x12a0  iphlpsvc - ok
15:09:21.0902 0x12a0  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
15:09:21.0905 0x12a0  IPMIDRV - ok
15:09:21.0953 0x12a0  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:09:21.0956 0x12a0  IPNAT - ok
15:09:21.0974 0x12a0  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:09:21.0975 0x12a0  IRENUM - ok
15:09:21.0989 0x12a0  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:09:21.0990 0x12a0  isapnp - ok
15:09:22.0028 0x12a0  [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
15:09:22.0034 0x12a0  iScsiPrt - ok
15:09:22.0082 0x12a0  [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
15:09:22.0084 0x12a0  iwdbus - ok
15:09:22.0132 0x12a0  [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
15:09:22.0135 0x12a0  jhi_service - ok
15:09:22.0163 0x12a0  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
15:09:22.0252 0x12a0  kbdclass - ok
15:09:22.0314 0x12a0  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
15:09:22.0368 0x12a0  kbdhid - ok
15:09:22.0454 0x12a0  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
15:09:22.0502 0x12a0  kdnic - ok
15:09:22.0521 0x12a0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
15:09:22.0526 0x12a0  KeyIso - ok
15:09:22.0550 0x12a0  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:09:22.0583 0x12a0  KSecDD - ok
15:09:22.0639 0x12a0  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:09:22.0644 0x12a0  KSecPkg - ok
15:09:22.0674 0x12a0  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:09:22.0676 0x12a0  ksthunk - ok
15:09:22.0698 0x12a0  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:09:22.0708 0x12a0  KtmRm - ok
15:09:22.0761 0x12a0  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:09:22.0771 0x12a0  LanmanServer - ok
15:09:22.0847 0x12a0  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:09:22.0855 0x12a0  LanmanWorkstation - ok
15:09:22.0886 0x12a0  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
15:09:22.0898 0x12a0  lfsvc - ok
15:09:22.0922 0x12a0  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:09:22.0924 0x12a0  lltdio - ok
15:09:22.0949 0x12a0  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:09:22.0957 0x12a0  lltdsvc - ok
15:09:22.0996 0x12a0  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:09:22.0999 0x12a0  lmhosts - ok
15:09:23.0244 0x12a0  [ ED5C8B920F2ACF11A26586B2FA66BF3D, D6F014F0CCAB7EDA38A8CC58F439D2A8CD89195AE84F82E25475CE11CB3883C9 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:09:23.0266 0x12a0  LMS - ok
15:09:23.0293 0x12a0  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:09:23.0297 0x12a0  LSI_SAS - ok
15:09:23.0307 0x12a0  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:09:23.0310 0x12a0  LSI_SAS2 - ok
15:09:23.0326 0x12a0  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
15:09:23.0328 0x12a0  LSI_SAS3 - ok
15:09:23.0339 0x12a0  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
15:09:23.0341 0x12a0  LSI_SSS - ok
15:09:23.0447 0x12a0  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
15:09:23.0461 0x12a0  LSM - ok
15:09:23.0481 0x12a0  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:09:23.0485 0x12a0  luafv - ok
15:09:23.0519 0x12a0  [ 835E1D6B5835EF70FC3BDF93ED42243A, 0025D232ED0FF9A572F8004094CFE21F62070DB832398345425554334E036DA6 ] MBAMChameleon   C:\Windows\system32\drivers\MBAMChameleon.sys
15:09:23.0522 0x12a0  MBAMChameleon - ok
15:09:23.0554 0x12a0  [ F9808F9763FBC7AA830B1F54C0CA1C25, C9141EF15EE6DD28829DE4BF692EE8C293B969117D681A581E2B17F4DFBFEDAD ] MBAMFarflt      C:\Windows\system32\drivers\farflt.sys
15:09:23.0557 0x12a0  MBAMFarflt - ok
15:09:23.0668 0x12a0  [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection  C:\Windows\system32\drivers\mbam.sys
15:09:23.0671 0x12a0  MBAMProtection - ok
15:09:23.0881 0x12a0  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
15:09:23.0943 0x12a0  MBAMService - ok
15:09:24.0009 0x12a0  [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:09:24.0016 0x12a0  MBAMSwissArmy - ok
15:09:24.0050 0x12a0  [ 67D4521C3411E24A98B5BA0058EEC96A, EC590DBCC4D822AB47555C0AC156B0485808B4197D58C623A6C45B62C38A61E0 ] MBAMWebProtection C:\Windows\system32\drivers\mwac.sys
15:09:24.0053 0x12a0  MBAMWebProtection - ok
15:09:24.0098 0x12a0  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
15:09:24.0100 0x12a0  megasas - ok
15:09:24.0127 0x12a0  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
15:09:24.0149 0x12a0  megasr - ok
15:09:24.0172 0x12a0  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
15:09:24.0201 0x12a0  MEIx64 - ok
15:09:24.0232 0x12a0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
15:09:24.0237 0x12a0  MMCSS - ok
15:09:24.0249 0x12a0  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
15:09:24.0252 0x12a0  Modem - ok
15:09:24.0270 0x12a0  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
15:09:24.0272 0x12a0  monitor - ok
15:09:24.0296 0x12a0  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
15:09:24.0299 0x12a0  mouclass - ok
15:09:24.0338 0x12a0  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
15:09:24.0341 0x12a0  mouhid - ok
15:09:24.0370 0x12a0  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:09:24.0373 0x12a0  mountmgr - ok
15:09:24.0432 0x12a0  [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:09:24.0435 0x12a0  MozillaMaintenance - ok
15:09:24.0482 0x12a0  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:09:24.0486 0x12a0  mpsdrv - ok
15:09:24.0579 0x12a0  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:09:24.0589 0x12a0  MpsSvc - ok
15:09:24.0629 0x12a0  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:09:24.0629 0x12a0  MRxDAV - ok
15:09:24.0679 0x12a0  [ E2FC654EC895E92A022794329BFC53EC, BDEFF410B8A1D213B652A86DBF53774A3EBD58C32CCB9180712F9F3777307688 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:09:24.0689 0x12a0  mrxsmb - ok
15:09:24.0719 0x12a0  [ B213149BE26DD213C44AD61DB19C1251, E28886C1E78E54BBA74DD9779BB18B20D9CB8DF1CCD387FE415F1748719EE5F6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:09:24.0729 0x12a0  mrxsmb10 - ok
15:09:24.0809 0x12a0  [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:09:24.0829 0x12a0  mrxsmb20 - ok
15:09:24.0869 0x12a0  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
15:09:24.0879 0x12a0  MsBridge - ok
15:09:24.0899 0x12a0  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
15:09:24.0909 0x12a0  MSDTC - ok
15:09:24.0949 0x12a0  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:09:24.0949 0x12a0  Msfs - ok
15:09:24.0959 0x12a0  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
15:09:24.0969 0x12a0  msgpiowin32 - ok
15:09:24.0979 0x12a0  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:09:24.0979 0x12a0  mshidkmdf - ok
15:09:24.0999 0x12a0  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
15:09:24.0999 0x12a0  mshidumdf - ok
15:09:25.0009 0x12a0  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:09:25.0019 0x12a0  msisadrv - ok
15:09:25.0054 0x12a0  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:09:25.0063 0x12a0  MSiSCSI - ok
15:09:25.0068 0x12a0  msiserver - ok
15:09:25.0080 0x12a0  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:09:25.0082 0x12a0  MSKSSRV - ok
15:09:25.0112 0x12a0  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
15:09:25.0122 0x12a0  MsLldp - ok
15:09:25.0142 0x12a0  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:09:25.0142 0x12a0  MSPCLOCK - ok
15:09:25.0151 0x12a0  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:09:25.0151 0x12a0  MSPQM - ok
15:09:25.0172 0x12a0  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:09:25.0201 0x12a0  MsRPC - ok
15:09:25.0212 0x12a0  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
15:09:25.0212 0x12a0  mssmbios - ok
15:09:25.0221 0x12a0  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:09:25.0221 0x12a0  MSTEE - ok
15:09:25.0232 0x12a0  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
15:09:25.0232 0x12a0  MTConfig - ok
15:09:25.0261 0x12a0  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\Windows\system32\Drivers\mup.sys
15:09:25.0261 0x12a0  Mup - ok
15:09:25.0282 0x12a0  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
15:09:25.0282 0x12a0  mvumis - ok
15:09:25.0311 0x12a0  [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:09:25.0311 0x12a0  MyWiFiDHCPDNS - ok
15:09:25.0351 0x12a0  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
15:09:25.0361 0x12a0  napagent - ok
15:09:25.0401 0x12a0  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:09:25.0411 0x12a0  NativeWifiP - ok
15:09:25.0432 0x12a0  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
15:09:25.0441 0x12a0  NcaSvc - ok
15:09:25.0493 0x12a0  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
15:09:25.0497 0x12a0  NcbService - ok
15:09:25.0514 0x12a0  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
15:09:25.0524 0x12a0  NcdAutoSetup - ok
15:09:25.0604 0x12a0  [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:09:25.0619 0x12a0  NDIS - ok
15:09:25.0655 0x12a0  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:09:25.0655 0x12a0  NdisCap - ok
15:09:25.0695 0x12a0  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
15:09:25.0705 0x12a0  NdisImPlatform - ok
15:09:25.0735 0x12a0  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:09:25.0735 0x12a0  NdisTapi - ok
15:09:25.0775 0x12a0  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:09:25.0775 0x12a0  Ndisuio - ok
15:09:25.0785 0x12a0  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
15:09:25.0785 0x12a0  NdisVirtualBus - ok
15:09:25.0815 0x12a0  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:09:25.0825 0x12a0  NdisWan - ok
15:09:25.0831 0x12a0  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
15:09:25.0835 0x12a0  NdisWanLegacy - ok
15:09:25.0878 0x12a0  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:09:25.0878 0x12a0  NDProxy - ok
15:09:25.0888 0x12a0  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
15:09:25.0898 0x12a0  Ndu - ok
15:09:25.0918 0x12a0  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:09:25.0918 0x12a0  NetBIOS - ok
15:09:25.0958 0x12a0  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:09:25.0968 0x12a0  NetBT - ok
15:09:25.0988 0x12a0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
15:09:25.0988 0x12a0  Netlogon - ok
15:09:26.0038 0x12a0  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
15:09:26.0048 0x12a0  Netman - ok
15:09:26.0088 0x12a0  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
15:09:26.0098 0x12a0  netprofm - ok
15:09:26.0148 0x12a0  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:26.0148 0x12a0  NetTcpPortSharing - ok
15:09:26.0189 0x12a0  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
15:09:26.0194 0x12a0  netvsc - ok
15:09:26.0319 0x12a0  [ C127D444BAFD761458DF8B38CCB7A937, 6D7505387D684D5ADA4FCC4C202BF1787E262FBA6842E56C58A2311D2E38935A ] NETwNb64        C:\Windows\system32\DRIVERS\Netwbw02.sys
15:09:26.0439 0x12a0  NETwNb64 - ok
15:09:26.0483 0x12a0  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:09:26.0503 0x12a0  NlaSvc - ok
15:09:26.0523 0x12a0  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:09:26.0523 0x12a0  Npfs - ok
15:09:26.0543 0x12a0  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
15:09:26.0553 0x12a0  npsvctrig - ok
15:09:26.0583 0x12a0  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
15:09:26.0583 0x12a0  nsi - ok
15:09:26.0623 0x12a0  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:09:26.0633 0x12a0  nsiproxy - ok
15:09:26.0723 0x12a0  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:09:26.0803 0x12a0  Ntfs - ok
15:09:26.0823 0x12a0  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
15:09:26.0823 0x12a0  Null - ok
15:09:26.0842 0x12a0  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:09:26.0846 0x12a0  nvraid - ok
15:09:26.0862 0x12a0  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:09:26.0866 0x12a0  nvstor - ok
15:09:26.0876 0x12a0  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:09:26.0880 0x12a0  nv_agp - ok
15:09:26.0975 0x12a0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:09:26.0995 0x12a0  p2pimsvc - ok
15:09:27.0131 0x12a0  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
15:09:27.0151 0x12a0  p2psvc - ok
15:09:27.0231 0x12a0  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\Windows\System32\drivers\parport.sys
15:09:27.0259 0x12a0  Parport - ok
15:09:27.0264 0x12a0  Partizan - ok
15:09:27.0298 0x12a0  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:09:27.0308 0x12a0  partmgr - ok
15:09:27.0368 0x12a0  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:09:27.0388 0x12a0  PcaSvc - ok
15:09:27.0438 0x12a0  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
15:09:27.0448 0x12a0  pci - ok
15:09:27.0468 0x12a0  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:09:27.0468 0x12a0  pciide - ok
15:09:27.0487 0x12a0  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:09:27.0491 0x12a0  pcmcia - ok
15:09:27.0509 0x12a0  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:09:27.0512 0x12a0  pcw - ok
15:09:27.0529 0x12a0  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
15:09:27.0533 0x12a0  pdc - ok
15:09:27.0565 0x12a0  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:09:27.0585 0x12a0  PEAUTH - ok
15:09:27.0655 0x12a0  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:09:27.0667 0x12a0  PerfHost - ok
15:09:27.0752 0x12a0  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
15:09:27.0792 0x12a0  pla - ok
15:09:27.0837 0x12a0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:09:27.0842 0x12a0  PlugPlay - ok
15:09:27.0868 0x12a0  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:09:27.0868 0x12a0  PNRPAutoReg - ok
15:09:27.0888 0x12a0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:09:27.0898 0x12a0  PNRPsvc - ok
15:09:27.0928 0x12a0  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:09:27.0938 0x12a0  PolicyAgent - ok
15:09:27.0968 0x12a0  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
15:09:27.0978 0x12a0  Power - ok
15:09:28.0128 0x12a0  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
15:09:28.0208 0x12a0  PrintNotify - ok
15:09:28.0218 0x12a0  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
15:09:28.0218 0x12a0  Processor - ok
15:09:28.0258 0x12a0  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
15:09:28.0268 0x12a0  ProfSvc - ok
15:09:28.0318 0x12a0  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:09:28.0328 0x12a0  Psched - ok
15:09:28.0374 0x12a0  [ 14C65D2CB61CF50D82CB9E738CA94F00, 17954AD3317816F33F7167F825F4D10449B97DF5328504F0CD9C3D49D23B134A ] QIOMem          C:\Windows\System32\drivers\QIOMem.sys
15:09:28.0376 0x12a0  QIOMem - ok
15:09:28.0419 0x12a0  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
15:09:28.0429 0x12a0  QWAVE - ok
15:09:28.0459 0x12a0  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:09:28.0459 0x12a0  QWAVEdrv - ok
15:09:28.0489 0x12a0  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:09:28.0489 0x12a0  RasAcd - ok
15:09:28.0519 0x12a0  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
15:09:28.0539 0x12a0  RasAuto - ok
15:09:28.0579 0x12a0  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\Windows\System32\rasmans.dll
15:09:28.0619 0x12a0  RasMan - ok
15:09:28.0639 0x12a0  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:09:28.0639 0x12a0  RasPppoe - ok
15:09:28.0679 0x12a0  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:09:28.0699 0x12a0  rdbss - ok
15:09:28.0740 0x12a0  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
15:09:28.0741 0x12a0  rdpbus - ok
15:09:28.0761 0x12a0  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:09:28.0761 0x12a0  RDPDR - ok
15:09:28.0801 0x12a0  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:09:28.0841 0x12a0  RdpVideoMiniport - ok
15:09:28.0851 0x12a0  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:09:28.0920 0x12a0  rdyboost - ok
15:09:28.0985 0x12a0  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
15:09:29.0005 0x12a0  ReFS - ok
15:09:29.0074 0x12a0  [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:09:29.0074 0x12a0  RegSrvc - ok
15:09:29.0098 0x12a0  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:09:29.0105 0x12a0  RemoteAccess - ok
15:09:29.0163 0x12a0  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:09:29.0170 0x12a0  RemoteRegistry - ok
15:09:29.0217 0x12a0  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
15:09:29.0231 0x12a0  RFCOMM - ok
15:09:29.0278 0x12a0  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:09:29.0283 0x12a0  RpcEptMapper - ok
15:09:29.0337 0x12a0  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
15:09:29.0340 0x12a0  RpcLocator - ok
15:09:29.0370 0x12a0  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\Windows\system32\rpcss.dll
15:09:29.0391 0x12a0  RpcSs - ok
15:09:29.0431 0x12a0  [ 5DE88743E9E2EE397F33264FF9B42E76, 0986E8D182115A24EE4B1CC100FE108250BE05F32D70231DF4815BBD2FD1F49C ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
15:09:29.0431 0x12a0  RSP2STOR - ok
15:09:29.0458 0x12a0  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:09:29.0461 0x12a0  rspndr - ok
15:09:29.0489 0x12a0  [ 0283ADA7E6B1F2E495A0EA0EF2C1F9A2, 89B2CFEC06A884BC92D5E769FD15DC1F4C4E194F4952B36AC6D40FDE27C9E79B ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
15:09:29.0537 0x12a0  RTL8168 - ok
15:09:29.0563 0x12a0  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
15:09:29.0564 0x12a0  s3cap - ok
15:09:29.0585 0x12a0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
15:09:29.0585 0x12a0  SamSs - ok
15:09:29.0605 0x12a0  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:09:29.0605 0x12a0  sbp2port - ok
15:09:29.0677 0x12a0  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:09:29.0686 0x12a0  SCardSvr - ok
15:09:29.0741 0x12a0  [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
15:09:29.0743 0x12a0  ScDeviceEnum - ok
15:09:29.0773 0x12a0  [ FA7ABD857DEB0FE3C94CC39A4C845E66, ACD551F75E00C4EB9CFDA73B04051D0BF5FF0BA67C716E1989A21683D8777A41 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:09:29.0773 0x12a0  scfilter - ok
15:09:29.0918 0x12a0  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
15:09:29.0938 0x12a0  Schedule - ok
15:09:29.0978 0x12a0  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:09:29.0988 0x12a0  SCPolicySvc - ok
15:09:30.0020 0x12a0  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
15:09:30.0026 0x12a0  sdbus - ok
15:09:30.0066 0x12a0  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
15:09:30.0066 0x12a0  sdstor - ok
15:09:30.0086 0x12a0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:09:30.0086 0x12a0  secdrv - ok
15:09:30.0116 0x12a0  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
15:09:30.0116 0x12a0  seclogon - ok
15:09:30.0155 0x12a0  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
15:09:30.0159 0x12a0  SENS - ok
15:09:30.0195 0x12a0  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:09:30.0195 0x12a0  SensrSvc - ok
15:09:30.0245 0x12a0  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
15:09:30.0245 0x12a0  SerCx - ok
15:09:30.0275 0x12a0  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
15:09:30.0275 0x12a0  SerCx2 - ok
15:09:30.0315 0x12a0  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\Windows\System32\drivers\serenum.sys
15:09:30.0315 0x12a0  Serenum - ok
15:09:30.0335 0x12a0  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\Windows\System32\drivers\serial.sys
15:09:30.0335 0x12a0  Serial - ok
15:09:30.0368 0x12a0  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
15:09:30.0370 0x12a0  sermouse - ok
15:09:30.0445 0x12a0  [ C42D93E4211D16EE0315D38C6618659E, CA280B8B42C4F7C47669DF3129E4FD56F861D94D8840C26EFFC669757B4EC495 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:09:30.0465 0x12a0  SessionEnv - ok
15:09:30.0495 0x12a0  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
15:09:30.0495 0x12a0  sfloppy - ok
15:09:30.0535 0x12a0  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:09:30.0555 0x12a0  SharedAccess - ok
15:09:30.0617 0x12a0  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:09:30.0630 0x12a0  ShellHWDetection - ok
15:09:30.0647 0x12a0  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:09:30.0649 0x12a0  SiSRaid2 - ok
15:09:30.0675 0x12a0  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:09:30.0678 0x12a0  SiSRaid4 - ok
15:09:30.0687 0x12a0  [ 0F30F5D825CD5A86BCCE1CBD43CAC363, 75A89D322C97D782941F1397A75D66D0DE26ED98983516AE0C19DDFFC98517E0 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
15:09:30.0689 0x12a0  SmbDrvI - ok
15:09:30.0735 0x12a0  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
15:09:30.0741 0x12a0  smphost - ok
15:09:30.0780 0x12a0  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:09:30.0786 0x12a0  SNMPTRAP - ok
15:09:30.0820 0x12a0  [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
15:09:30.0829 0x12a0  spaceport - ok
15:09:30.0851 0x12a0  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
15:09:30.0854 0x12a0  SpbCx - ok
15:09:30.0914 0x12a0  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\SysWOW64\speedfan.sys
15:09:30.0916 0x12a0  speedfan - ok
15:09:30.0961 0x12a0  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
15:09:30.0975 0x12a0  Spooler - ok
15:09:31.0217 0x12a0  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\Windows\system32\sppsvc.exe
15:09:31.0411 0x12a0  sppsvc - ok
15:09:31.0474 0x12a0  [ D10F18E3287374D3B40D41C1651355DE, 6DF4A00FAB90EBA65B2D3008103960EA9E9308DADB1F3E9B3D4CB3F812FBF1D2 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:09:31.0497 0x12a0  srv - ok
15:09:31.0545 0x12a0  [ E6520A3B215FAFBF23E24AB22C44F973, 2D3B771CA20B77D31DFE211EC999B27F6D17A07B7C767F265A4FDFBF1AE17D1D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:09:31.0561 0x12a0  srv2 - ok
15:09:31.0599 0x12a0  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:09:31.0605 0x12a0  srvnet - ok
15:09:31.0642 0x12a0  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:09:31.0649 0x12a0  SSDPSRV - ok
15:09:31.0673 0x12a0  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:09:31.0679 0x12a0  SstpSvc - ok
15:09:31.0707 0x12a0  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:09:31.0709 0x12a0  stexstor - ok
15:09:31.0724 0x12a0  [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:09:31.0725 0x12a0  StillCam - ok
15:09:31.0769 0x12a0  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
15:09:31.0793 0x12a0  stisvc - ok
15:09:31.0820 0x12a0  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
15:09:31.0823 0x12a0  storahci - ok
15:09:31.0850 0x12a0  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:09:31.0852 0x12a0  storflt - ok
15:09:31.0878 0x12a0  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
15:09:31.0881 0x12a0  stornvme - ok
15:09:31.0909 0x12a0  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
15:09:31.0913 0x12a0  StorSvc - ok
15:09:31.0926 0x12a0  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:09:31.0928 0x12a0  storvsc - ok
15:09:31.0961 0x12a0  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
15:09:31.0969 0x12a0  svsvc - ok
15:09:31.0996 0x12a0  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
15:09:31.0998 0x12a0  swenum - ok
15:09:32.0054 0x12a0  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
15:09:32.0081 0x12a0  swprv - ok
15:09:32.0122 0x12a0  [ 53AEAEA7FBEA844A6228BC6E89D738B8, B25F269D2EA15FD7AAAD53E89D603EC1292ADA00804DE09609908D899EE45398 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:09:32.0145 0x12a0  SynTP - ok
15:09:32.0228 0x12a0  [ C4CD2E376BB8C84075E844B4C81CCA5C, CF5ED23E8EE42AF74F73DF3D26E5C0A9263FBE7BD99370C179C12507BEB5A1D2 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
15:09:32.0263 0x12a0  SynTPEnhService - ok
15:09:32.0362 0x12a0  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
15:09:32.0433 0x12a0  SysMain - ok
15:09:32.0470 0x12a0  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
15:09:32.0482 0x12a0  SystemEventsBroker - ok
15:09:32.0518 0x12a0  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:09:32.0525 0x12a0  TabletInputService - ok
15:09:32.0571 0x12a0  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:09:32.0582 0x12a0  TapiSrv - ok
15:09:32.0686 0x12a0  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:09:32.0729 0x12a0  Tcpip - ok
15:09:32.0796 0x12a0  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:09:32.0832 0x12a0  TCPIP6 - ok
15:09:32.0865 0x12a0  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:09:32.0868 0x12a0  tcpipreg - ok
15:09:32.0890 0x12a0  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:09:32.0893 0x12a0  tdx - ok
15:09:32.0951 0x12a0  [ 436183C39AB66B1A7AD0FA6B76DA00A9, 8A012B30110959D3CF6A9204B069517B959596FEEA5F8C5A028DFEBD1F7087B4 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
15:09:32.0955 0x12a0  TemproMonitoringService - ok
15:09:32.0970 0x12a0  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
15:09:32.0972 0x12a0  terminpt - ok
15:09:33.0026 0x12a0  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
15:09:33.0064 0x12a0  TermService - ok
15:09:33.0096 0x12a0  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
15:09:33.0101 0x12a0  Themes - ok
15:09:33.0127 0x12a0  [ 4C5D93E2CCA6799A0D159F9CF5AF0903, E44007ED1ECAEB174E2378B363BFC7CA18A193CD554C645E60EF62DEF47BF7D6 ] Thotkey         C:\Windows\System32\drivers\Thotkey.sys
15:09:33.0129 0x12a0  Thotkey - ok
15:09:33.0166 0x12a0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:09:33.0170 0x12a0  THREADORDER - ok
15:09:33.0209 0x12a0  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
15:09:33.0221 0x12a0  TimeBroker - ok
15:09:33.0293 0x12a0  [ 7421BB9A1B8C093B809FE1B0547F4A5D, 763C6AAC39D9FEF168A9C49057A2A14612903EE462DFD39EA52ED93C13D72FDB ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
15:09:33.0295 0x12a0  TMachInfo - ok
15:09:33.0346 0x12a0  [ 36A6C54509CF9D7DA91A06B3E3C969D7, 327C0AB1A75FFF3666BAD4A002DE70A1C4CA21FC868BC5EB9C16AEF9D378B8E3 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
15:09:33.0351 0x12a0  TOSHIBA eco Utility Service - ok
15:09:33.0394 0x12a0  [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec         C:\Windows\System32\drivers\tosrfec.sys
15:09:33.0395 0x12a0  tosrfec - ok
15:09:33.0449 0x12a0  [ 5D39CC18C62D4C8B45801F0E390A94CA, 26372CD41211EC3ABDB4CF94D5900B7304FEC8C0E274BCA286C949DA6F0EB283 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
15:09:33.0457 0x12a0  TPCHSrv - ok
15:09:33.0490 0x12a0  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
15:09:33.0493 0x12a0  TPM - ok
15:09:33.0528 0x12a0  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
15:09:33.0533 0x12a0  TrkWks - ok
15:09:33.0545 0x12a0  [ 0C997B061E3C66BD9E927C1288EB1CC7, 3807E9A1BC159B9E8FC0C7CAAD10D7213FF8ED8AD1CEA9EA552B093C81BF624B ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
15:09:33.0547 0x12a0  TrueSight - ok
15:09:33.0604 0x12a0  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:09:33.0606 0x12a0  TrustedInstaller - ok
15:09:33.0631 0x12a0  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:09:33.0633 0x12a0  TsUsbFlt - ok
15:09:33.0660 0x12a0  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
15:09:33.0662 0x12a0  TsUsbGD - ok
15:09:33.0688 0x12a0  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:09:33.0692 0x12a0  tunnel - ok
15:09:33.0715 0x12a0  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\Windows\system32\drivers\TVALZ_O.SYS
15:09:33.0717 0x12a0  TVALZ - ok
15:09:33.0742 0x12a0  [ 7B05B5B492E6E248C2B38CD04B4D3A96, 1E18025DDB5EDEBD30F2FAC8D121F55D768B71DA42D919E1A0E98E2E31AA73C8 ] TVALZFL         C:\Windows\system32\Drivers\TVALZFL.sys
15:09:33.0744 0x12a0  TVALZFL - ok
15:09:33.0769 0x12a0  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:09:33.0773 0x12a0  uagp35 - ok
15:09:33.0785 0x12a0  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
15:09:33.0788 0x12a0  UASPStor - ok
15:09:33.0825 0x12a0  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
15:09:33.0832 0x12a0  UCX01000 - ok
15:09:33.0876 0x12a0  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:09:34.0019 0x12a0  udfs - ok
15:09:34.0043 0x12a0  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
15:09:34.0067 0x12a0  UEFI - ok
15:09:34.0159 0x12a0  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:09:34.0165 0x12a0  UI0Detect - ok
15:09:34.0195 0x12a0  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:09:34.0197 0x12a0  uliagpkx - ok
15:09:34.0210 0x12a0  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
15:09:34.0212 0x12a0  umbus - ok
15:09:34.0229 0x12a0  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
15:09:34.0231 0x12a0  UmPass - ok
15:09:34.0272 0x12a0  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:09:34.0281 0x12a0  UmRdpService - ok
15:09:34.0330 0x12a0  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
15:09:34.0346 0x12a0  upnphost - ok
15:09:34.0376 0x12a0  [ FF487F426CF073CB6553D9F1BB14A19D, FB010E9921AF00C51D9712B23F4EA1C37AF7F44769942C990EFFE78E13907C90 ] usb3Hub         C:\Windows\System32\drivers\usb3Hub.sys
15:09:34.0381 0x12a0  usb3Hub - ok
15:09:34.0410 0x12a0  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
15:09:34.0413 0x12a0  usbccgp - ok
15:09:34.0435 0x12a0  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
15:09:34.0438 0x12a0  usbcir - ok
15:09:34.0472 0x12a0  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
15:09:34.0476 0x12a0  usbehci - ok
15:09:34.0516 0x12a0  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
15:09:34.0526 0x12a0  usbhub - ok
15:09:34.0547 0x12a0  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
15:09:34.0555 0x12a0  USBHUB3 - ok
15:09:34.0574 0x12a0  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
15:09:34.0576 0x12a0  usbohci - ok
15:09:34.0602 0x12a0  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
15:09:34.0604 0x12a0  usbprint - ok
15:09:34.0629 0x12a0  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:09:34.0631 0x12a0  usbscan - ok
15:09:34.0657 0x12a0  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
15:09:34.0661 0x12a0  USBSTOR - ok
15:09:34.0673 0x12a0  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
15:09:34.0675 0x12a0  usbuhci - ok
15:09:34.0708 0x12a0  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:09:34.0713 0x12a0  usbvideo - ok
15:09:34.0737 0x12a0  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
15:09:34.0743 0x12a0  USBXHCI - ok
15:09:34.0766 0x12a0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
15:09:34.0771 0x12a0  VaultSvc - ok
15:09:34.0791 0x12a0  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:09:34.0793 0x12a0  vdrvroot - ok
15:09:34.0849 0x12a0  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
15:09:34.0893 0x12a0  vds - ok
15:09:34.0914 0x12a0  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
15:09:34.0919 0x12a0  VerifierExt - ok
15:09:34.0961 0x12a0  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
15:09:34.0980 0x12a0  vhdmp - ok
15:09:34.0988 0x12a0  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:09:34.0989 0x12a0  viaide - ok
15:09:35.0016 0x12a0  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:09:35.0019 0x12a0  vmbus - ok
15:09:35.0029 0x12a0  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
15:09:35.0030 0x12a0  VMBusHID - ok
15:09:35.0065 0x12a0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
15:09:35.0085 0x12a0  vmicguestinterface - ok
15:09:35.0098 0x12a0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
15:09:35.0108 0x12a0  vmicheartbeat - ok
15:09:35.0120 0x12a0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
15:09:35.0129 0x12a0  vmickvpexchange - ok
15:09:35.0233 0x12a0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
15:09:35.0242 0x12a0  vmicrdv - ok
15:09:35.0255 0x12a0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
15:09:35.0264 0x12a0  vmicshutdown - ok
15:09:35.0276 0x12a0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
15:09:35.0285 0x12a0  vmictimesync - ok
15:09:35.0298 0x12a0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
15:09:35.0307 0x12a0  vmicvss - ok
15:09:35.0336 0x12a0  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:09:35.0338 0x12a0  volmgr - ok
15:09:35.0365 0x12a0  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:09:35.0373 0x12a0  volmgrx - ok
15:09:35.0400 0x12a0  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:09:35.0407 0x12a0  volsnap - ok
15:09:35.0430 0x12a0  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
15:09:35.0433 0x12a0  vpci - ok
15:09:35.0461 0x12a0  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:09:35.0465 0x12a0  vsmraid - ok
15:09:35.0519 0x12a0  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
15:09:35.0563 0x12a0  VSS - ok
15:09:35.0588 0x12a0  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
15:09:35.0595 0x12a0  VSTXRAID - ok
15:09:35.0620 0x12a0  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:09:35.0622 0x12a0  vwifibus - ok
15:09:35.0635 0x12a0  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:09:35.0637 0x12a0  vwififlt - ok
15:09:35.0648 0x12a0  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:09:35.0650 0x12a0  vwifimp - ok
15:09:35.0686 0x12a0  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
15:09:35.0696 0x12a0  W32Time - ok
15:09:35.0716 0x12a0  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
15:09:35.0718 0x12a0  WacomPen - ok
15:09:35.0780 0x12a0  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\Windows\system32\wbengine.exe
15:09:35.0824 0x12a0  wbengine - ok
15:09:35.0864 0x12a0  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:09:35.0873 0x12a0  WbioSrvc - ok
15:09:35.0894 0x12a0  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
15:09:35.0902 0x12a0  Wcmsvc - ok
15:09:35.0924 0x12a0  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:09:35.0947 0x12a0  wcncsvc - ok
15:09:35.0979 0x12a0  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:09:35.0984 0x12a0  WcsPlugInService - ok
15:09:36.0014 0x12a0  [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
15:09:36.0016 0x12a0  WdBoot - ok
15:09:36.0056 0x12a0  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:09:36.0079 0x12a0  Wdf01000 - ok
15:09:36.0097 0x12a0  [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
15:09:36.0103 0x12a0  WdFilter - ok
15:09:36.0128 0x12a0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:09:36.0133 0x12a0  WdiServiceHost - ok
15:09:36.0138 0x12a0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:09:36.0143 0x12a0  WdiSystemHost - ok
15:09:36.0157 0x12a0  [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
15:09:36.0160 0x12a0  WdNisDrv - ok
15:09:36.0184 0x12a0  WdNisSvc - ok
15:09:36.0215 0x12a0  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\Windows\System32\webclnt.dll
15:09:36.0237 0x12a0  WebClient - ok
15:09:36.0287 0x12a0  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:09:36.0299 0x12a0  Wecsvc - ok
15:09:36.0328 0x12a0  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
15:09:36.0332 0x12a0  WEPHOSTSVC - ok
15:09:36.0365 0x12a0  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:09:36.0369 0x12a0  wercplsupport - ok
15:09:36.0402 0x12a0  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
15:09:36.0407 0x12a0  WerSvc - ok
15:09:36.0434 0x12a0  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
15:09:36.0437 0x12a0  WFPLWFS - ok
15:09:36.0456 0x12a0  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
15:09:36.0461 0x12a0  WiaRpc - ok
15:09:36.0485 0x12a0  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:09:36.0487 0x12a0  WIMMount - ok
15:09:36.0490 0x12a0  WinDefend - ok
15:09:36.0575 0x12a0  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
15:09:36.0597 0x12a0  WinHttpAutoProxySvc - ok
15:09:36.0716 0x12a0  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:09:36.0727 0x12a0  Winmgmt - ok
15:09:36.0835 0x12a0  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Users\FabrizioZ\Documents\RealTemp_370\WinRing0x64.sys
15:09:36.0838 0x12a0  WinRing0_1_2_0 - ok
15:09:36.0955 0x12a0  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:09:37.0024 0x12a0  WinRM - ok
15:09:37.0091 0x12a0  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
15:09:37.0137 0x12a0  WlanSvc - ok
15:09:37.0195 0x12a0  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
15:09:37.0241 0x12a0  wlidsvc - ok
15:09:37.0266 0x12a0  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
15:09:37.0267 0x12a0  WmiAcpi - ok
15:09:37.0313 0x12a0  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:09:37.0318 0x12a0  wmiApSrv - ok
15:09:37.0342 0x12a0  WMPNetworkSvc - ok
15:09:37.0372 0x12a0  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
15:09:37.0380 0x12a0  Wof - ok
15:09:37.0451 0x12a0  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
15:09:37.0497 0x12a0  workfolderssvc - ok
15:09:37.0535 0x12a0  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
15:09:37.0537 0x12a0  wpcfltr - ok
15:09:37.0572 0x12a0  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:09:37.0576 0x12a0  WPCSvc - ok
15:09:37.0601 0x12a0  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:09:37.0607 0x12a0  WPDBusEnum - ok
15:09:37.0633 0x12a0  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
15:09:37.0635 0x12a0  WpdUpFltr - ok
15:09:37.0645 0x12a0  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:09:37.0647 0x12a0  ws2ifsl - ok
15:09:37.0674 0x12a0  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
15:09:37.0679 0x12a0  wscsvc - ok
15:09:37.0701 0x12a0  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
15:09:37.0703 0x12a0  WSDPrintDevice - ok
15:09:37.0722 0x12a0  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
15:09:37.0723 0x12a0  WSDScan - ok
15:09:37.0728 0x12a0  WSearch - ok
15:09:37.0855 0x12a0  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
15:09:37.0955 0x12a0  WSService - ok
15:09:38.0060 0x12a0  [ 970B6A52041C641E47D6A31288C08716, B40A2FE234C1E3E1F05BBF9656B46C97188C4589E2471DE15FF3C621063FE815 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:09:38.0187 0x12a0  wuauserv - ok
15:09:38.0221 0x12a0  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:09:38.0225 0x12a0  WudfPf - ok
15:09:38.0264 0x12a0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
15:09:38.0272 0x12a0  WUDFRd - ok
15:09:38.0295 0x12a0  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:09:38.0304 0x12a0  wudfsvc - ok
15:09:38.0315 0x12a0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
15:09:38.0322 0x12a0  WUDFWpdFs - ok
15:09:38.0362 0x12a0  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:09:38.0386 0x12a0  WwanSvc - ok
15:09:38.0558 0x12a0  [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:09:38.0610 0x12a0  ZeroConfigService - ok
15:09:38.0625 0x12a0  ================ Scan global ===============================
15:09:38.0667 0x12a0  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
15:09:38.0696 0x12a0  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
15:09:38.0729 0x12a0  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
15:09:38.0760 0x12a0  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
15:09:38.0768 0x12a0  [ Global ] - ok
15:09:38.0769 0x12a0  ================ Scan MBR ==================================
15:09:38.0776 0x12a0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:09:38.0786 0x12a0  \Device\Harddisk0\DR0 - ok
15:09:38.0787 0x12a0  ================ Scan VBR ==================================
15:09:38.0796 0x12a0  [ 1B90C5907A6C174D9B2A689429A7413D ] \Device\Harddisk0\DR0\Partition1
15:09:38.0796 0x12a0  \Device\Harddisk0\DR0\Partition1 - ok
15:09:38.0807 0x12a0  [ 27F01D68D713D626F2F99B7DBC3B24FA ] \Device\Harddisk0\DR0\Partition2
15:09:38.0808 0x12a0  \Device\Harddisk0\DR0\Partition2 - ok
15:09:38.0825 0x12a0  [ 4A2A607F9F1815F35A93FA2D715DF98E ] \Device\Harddisk0\DR0\Partition3
15:09:38.0826 0x12a0  \Device\Harddisk0\DR0\Partition3 - ok
15:09:38.0841 0x12a0  [ 14A46CDACA8C603429391F10281B7334 ] \Device\Harddisk0\DR0\Partition4
15:09:38.0843 0x12a0  \Device\Harddisk0\DR0\Partition4 - ok
15:09:38.0873 0x12a0  [ 520CEC94C766403EFECD0E07D07A4F15 ] \Device\Harddisk0\DR0\Partition5
15:09:38.0876 0x12a0  \Device\Harddisk0\DR0\Partition5 - ok
15:09:38.0876 0x12a0  ================ Scan generic autorun ======================
15:09:38.0988 0x12a0  [ 840993F6BBE61B60B0AF80A143731580, B80CF91DD9A348A7BCF88CE02CAEA86E82EEC89F4D8765AE7A45498E4151FC9A ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
15:09:39.0010 0x12a0  cAudioFilterAgent - ok
15:09:39.0060 0x12a0  [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
15:09:39.0085 0x12a0  SmartAudio - ok
15:09:39.0088 0x12a0  SynTPEnh - ok
15:09:39.0100 0x12a0  [ E5C98C4A887A032284DEE6CE23B5B475, 5C41EF87B5DE1F3AA7F05B51DB9D369400C8F50E215FC4CB25003650FD3DDEFB ] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
15:09:39.0104 0x12a0  TecoResident - ok
15:09:39.0127 0x12a0  TosWaitSrv - ok
15:09:39.0244 0x12a0  [ 63D9BB372FAD1C9C35FE07F28E2B6D17, 219775084E58FDA864A8E7DE3AA46BB55543AA95771991B73D04CFCAFC23DF06 ] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
15:09:39.0278 0x12a0  TCrdMain - ok
15:09:39.0321 0x12a0  [ 1B95F3170F8DCCE11EF2F01BC5BA18E7, 766CEF016CC67D066A411DBB2E3A55E89C5D9D2E2CB1AB258EE733BE44DE303A ] C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe
15:09:39.0326 0x12a0  TSSSrv - ok
15:09:39.0368 0x12a0  [ 8DD6F98101EBBA3FC92C8092333A6B32, 80FE7E4433731614B92F8C0256EA5440508C535EBDA45188D1225BFEDA6F0F67 ] C:\Program Files\AVAST Software\Avast\AvLaunch.exe
15:09:39.0371 0x12a0  AvastUI.exe - ok
15:09:39.0554 0x12a0  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
15:09:39.0596 0x12a0  Malwarebytes TrayApp - ok
15:09:39.0674 0x12a0  [ CFA72DE80450611914DC83E89B3B0678, D5DAB53C527C3FF03C944501C13D9182824FAF0555EBEE9A2A18B8FD0C338568 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
15:09:39.0686 0x12a0  StartCCC - ok
15:09:39.0744 0x12a0  [ 31AB035B05B898AF044D41B33FD2E2F0, 1A8E5F36960C8F13AD6243194FBF348CE915D03B421103147C6A78E207292830 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
15:09:39.0754 0x12a0  TSVU - ok
15:09:39.0875 0x12a0  [ 3B78ACCCAA5132638E7CF419F4A965C7, C91DD62901778FEB6BDBABD6F736D59FD85361AE53867AD232C90D22ECB7B49F ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
15:09:39.0892 0x12a0  CanonSolutionMenuEx - ok
15:09:39.0953 0x12a0  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
15:09:39.0955 0x12a0  HP Software Update - ok
15:09:39.0962 0x12a0  Waiting for KSN requests completion. In queue: 166
15:09:40.0807 0x0b50  Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
15:09:40.0964 0x12a0  Waiting for KSN requests completion. In queue: 152
15:09:41.0807 0x0b50  Object send P2P result: true
15:09:42.0014 0x12a0  AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 17.4.3482.0 ), 0x41000 ( enabled : updated )
15:09:42.0054 0x12a0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x60100 ( disabled : updated )
15:09:42.0055 0x12a0  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
15:09:42.0087 0x12a0  Win FW state via NFP2: enabled ( trusted )
15:09:42.0921 0x12a0  ============================================================
15:09:42.0921 0x12a0  Scan finished
15:09:42.0921 0x12a0  ============================================================
15:09:42.0930 0x10e4  Detected object count: 0
15:09:42.0930 0x10e4  Actual detected object count: 0
15:45:46.0550 0x0cb0  Deinitialize success
 
 
 


#14 bubbleit

bubbleit
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 17 May 2017 - 11:57 AM

19:43:19.0070 0x1028  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
19:43:19.0070 0x1028  UEFI system
19:43:24.0816 0x1028  ============================================================
19:43:24.0816 0x1028  Current date / time: 2017/05/07 19:43:24.0816
19:43:24.0816 0x1028  SystemInfo:
19:43:24.0816 0x1028  
19:43:24.0816 0x1028  OS Version: 6.3.9600 ServicePack: 0.0
19:43:24.0816 0x1028  Product type: Workstation
19:43:24.0816 0x1028  ComputerName: FABRIZIOZPC
19:43:24.0816 0x1028  UserName: FabrizioZ
19:43:24.0816 0x1028  Windows directory: C:\Windows
19:43:24.0816 0x1028  System windows directory: C:\Windows
19:43:24.0816 0x1028  Running under WOW64
19:43:24.0816 0x1028  Processor architecture: Intel x64
19:43:24.0816 0x1028  Number of processors: 4
19:43:24.0816 0x1028  Page size: 0x1000
19:43:24.0816 0x1028  Boot type: Normal boot
19:43:24.0816 0x1028  CodeIntegrityOptions = 0x00000001
19:43:24.0816 0x1028  ============================================================
19:43:25.0432 0x1028  KLMD registered as C:\Windows\system32\drivers\78164549.sys
19:43:25.0432 0x1028  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18589, osProperties = 0x19
19:43:25.0765 0x1028  System UUID: {FE88E2AD-ED20-6B6C-035E-36B23E9404F8}
19:43:26.0695 0x1028  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:43:26.0702 0x1028  ============================================================
19:43:26.0702 0x1028  \Device\Harddisk0\DR0:
19:43:26.0702 0x1028  GPT partitions:
19:43:26.0703 0x1028  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1E27F41F-6C59-4C61-9B19-E4231FA714A0}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
19:43:26.0703 0x1028  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6A023B6A-A25A-45B0-9FAC-0AAB6AEF0F03}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x32000
19:43:26.0703 0x1028  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3EC941EA-5E87-402E-8949-7541F0A8533D}, Name: Basic data partition, StartLBA 0x232800, BlocksNum 0x40000
19:43:26.0703 0x1028  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {47A56D4A-15F4-48E5-8150-4DD26DB0DCB6}, Name: Basic data partition, StartLBA 0x272800, BlocksNum 0x72CA6800
19:43:26.0703 0x1028  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8C284314-7CF9-42C6-A0B8-A12DC7D89ED2}, Name: Basic data partition, StartLBA 0x72F19000, BlocksNum 0x17ED800
19:43:26.0703 0x1028  MBR partitions:
19:43:26.0703 0x1028  ============================================================
19:43:26.0732 0x1028  C: <-> \Device\Harddisk0\DR0\Partition4
19:43:26.0732 0x1028  ============================================================
19:43:26.0732 0x1028  Initialize success
19:43:26.0732 0x1028  ============================================================
19:43:32.0183 0x0348  ============================================================
19:43:32.0183 0x0348  Scan started
19:43:32.0183 0x0348  Mode: Manual; 
19:43:32.0183 0x0348  ============================================================
19:43:32.0183 0x0348  KSN ping started
19:43:32.0782 0x0348  KSN ping finished: true
19:43:34.0804 0x0348  ================ Scan system memory ========================
19:43:34.0805 0x0348  System memory - ok
19:43:34.0807 0x0348  ================ Scan services =============================
19:43:34.0959 0x0348  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
19:43:34.0966 0x0348  1394ohci - ok
19:43:35.0051 0x0348  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
19:43:35.0056 0x0348  3ware - ok
19:43:35.0105 0x0348  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:43:35.0120 0x0348  ACPI - ok
19:43:35.0146 0x0348  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
19:43:35.0148 0x0348  acpiex - ok
19:43:35.0158 0x0348  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
19:43:35.0159 0x0348  acpipagr - ok
19:43:35.0173 0x0348  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
19:43:35.0174 0x0348  AcpiPmi - ok
19:43:35.0184 0x0348  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
19:43:35.0186 0x0348  acpitime - ok
19:43:35.0263 0x0348  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:43:35.0265 0x0348  AdobeARMservice - ok
19:43:35.0370 0x0348  [ 95FF82767D666AC11CF644FDA976270D, CEF6BD96C59438B0AA01334FD0DCC719229E8DF17453519ECE79491CBEF5354E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:43:35.0386 0x0348  AdobeFlashPlayerUpdateSvc - ok
19:43:35.0455 0x0348  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
19:43:35.0475 0x0348  ADP80XX - ok
19:43:35.0516 0x0348  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:43:35.0528 0x0348  AeLookupSvc - ok
19:43:35.0581 0x0348  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
19:43:35.0597 0x0348  AFD - ok
19:43:35.0616 0x0348  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:43:35.0617 0x0348  agp440 - ok
19:43:35.0637 0x0348  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
19:43:35.0639 0x0348  ahcache - ok
19:43:35.0675 0x0348  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
19:43:35.0677 0x0348  ALG - ok
19:43:35.0708 0x0348  [ 99FA3D852B921AB4FF7F5DD90028F91F, 641D3A517B85BBC2C8668671F8699AA91D3294EBC5A4310AA45348E5E8E5DF85 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:43:35.0712 0x0348  AMD External Events Utility - ok
19:43:35.0732 0x0348  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
19:43:35.0734 0x0348  AmdK8 - ok
19:43:36.0173 0x0348  [ 6DCE3D4A8FAE7DEE4B84D1033C165D71, 8C2D491BF6D570EB89C26E16E828218C472B3DB2BC514CFF9EF7761350935E94 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:43:36.0425 0x0348  amdkmdag - ok
19:43:36.0490 0x0348  [ F04CBC7BD43EE3B41FBF1DFFC8F7C8EA, 92C93D320076E45D4C3C2302CF497074C7B3620623507C1E902B0403742708E8 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:43:36.0498 0x0348  amdkmdap - ok
19:43:36.0513 0x0348  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
19:43:36.0515 0x0348  AmdPPM - ok
19:43:36.0526 0x0348  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:43:36.0527 0x0348  amdsata - ok
19:43:36.0550 0x0348  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:43:36.0554 0x0348  amdsbs - ok
19:43:36.0567 0x0348  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:43:36.0569 0x0348  amdxata - ok
19:43:36.0599 0x0348  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
19:43:36.0601 0x0348  AppID - ok
19:43:36.0618 0x0348  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:43:36.0621 0x0348  AppIDSvc - ok
19:43:36.0653 0x0348  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\Windows\System32\appinfo.dll
19:43:36.0656 0x0348  Appinfo - ok
19:43:36.0700 0x0348  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
19:43:36.0710 0x0348  AppReadiness - ok
19:43:36.0772 0x0348  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
19:43:36.0793 0x0348  AppXSvc - ok
19:43:36.0822 0x0348  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:43:36.0824 0x0348  arcsas - ok
19:43:37.0090 0x0348  [ A760C2AFBA1A71E0F7310A6E900CB0E4, 3827C8D4DFC3FC850E9BD049E1B127BD1076DDEFDA19BBA9445FF201F6AE99F8 ] aswbIDSAgent    C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
19:43:37.0205 0x0348  aswbIDSAgent - ok
19:43:37.0266 0x0348  [ 0C19C91ED99964925FF8B05C23743AB1, BF513CCC0E5D2D2CE7D06F17ABC34CD3A55B59588267A5868ADFB723454AF6EB ] aswbidsdriver   C:\Windows\system32\drivers\aswbidsdrivera.sys
19:43:37.0271 0x0348  aswbidsdriver - ok
19:43:37.0281 0x0348  [ 670839F4BA6D82F3035AADFE8274F02E, E4E8B1F3B9138CB2600158CC8507CBA31637E48BBA4D67398E05970B2CECA671 ] aswbidsh        C:\Windows\system32\drivers\aswbidsha.sys
19:43:37.0286 0x0348  aswbidsh - ok
19:43:37.0303 0x0348  [ 5C561968CF601D76A98692DCC8CF74ED, 26D0F34CE4485A813200032CE6889575A13196E79A4B124DD19E4584B0C102DC ] aswblog         C:\Windows\system32\drivers\aswbloga.sys
19:43:37.0309 0x0348  aswblog - ok
19:43:37.0329 0x0348  [ 335E5F19E7397A283B7ED20FE7B369EB, 6A31ABA0BA671EA796E8920EBD64DB28D3D7EB65C4FF68C3EB1DEF4FFC002163 ] aswbuniv        C:\Windows\system32\drivers\aswbuniva.sys
19:43:37.0331 0x0348  aswbuniv - ok
19:43:37.0354 0x0348  [ BA02CA77D989710F79FD662019C4DF94, 2E989847BEE92EB8DE7492DE7AB9B4658CEFC38E678346B7548E6ECB528300D6 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
19:43:37.0355 0x0348  aswHwid - ok
19:43:37.0374 0x0348  [ 2B1490F2F1CC76C9C9B61CE63D6E7973, BFD456C598E74974B81453805ADD0792BD9636BF8213306F40029560B20DE036 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:43:37.0376 0x0348  aswMonFlt - ok
19:43:37.0400 0x0348  [ F26D1F761E14789743275FA5D258EAB8, D532AD4DFFC73BE8A889B75BB50D33FFF674B5AB31F05AA75D9E0667363057F1 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
19:43:37.0403 0x0348  aswRdr - ok
19:43:37.0425 0x0348  [ C1007774450CFAB19D784D50C3410FC7, 2752FD77412D54D78A81DED9F05F094E589BCA5E360ECD420E28ECC844D35921 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:43:37.0426 0x0348  aswRvrt - ok
19:43:37.0465 0x0348  [ EB1991686949400C51B8C21CE013621E, 248545BDD5E8D1BD2D752AF7D3B77E8F1EA6453FD3B007851A04E9B634966448 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:43:37.0481 0x0348  aswSnx - ok
19:43:37.0502 0x0348  [ 7A17BD26C74F5329CB1DF029AE4DD357, 31F98B74F6BC2D75BDC83E3E2E60C9541D57912B6DF2C8A9241F3CFB17E0ACBB ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:43:37.0510 0x0348  aswSP - ok
19:43:37.0540 0x0348  [ E826A190E6628C9B6AA2433D2771E15D, 9B509D8A214B4EC0D3439335A105BF6410476E755341F6EF3C9ADCD1C7303414 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
19:43:37.0543 0x0348  aswStm - ok
19:43:37.0573 0x0348  [ E76C21203E29F2DCC489EF585E0B1A38, F64B8F5F2EFA10ADD64DE0574ADDE05DF1DFDEACF0E72879C9DD6DEB037E01A3 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:43:37.0578 0x0348  aswVmm - ok
19:43:37.0600 0x0348  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:43:37.0601 0x0348  atapi - ok
19:43:37.0629 0x0348  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
19:43:37.0633 0x0348  AudioEndpointBuilder - ok
19:43:37.0666 0x0348  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:43:37.0681 0x0348  Audiosrv - ok
19:43:37.0710 0x0348  [ D961A7C05A76302E782B1B0CF6546BA7, DAE7481B4FFC0746944213D10EF59C21BBA9937138D660E72E63F43BCDC1F799 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:43:37.0730 0x0348  avast! Antivirus - ok
19:43:37.0771 0x0348  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:43:37.0774 0x0348  AxInstSV - ok
19:43:37.0807 0x0348  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:43:37.0815 0x0348  b06bdrv - ok
19:43:37.0830 0x0348  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
19:43:37.0832 0x0348  BasicDisplay - ok
19:43:37.0879 0x0348  [ 195BD339B4B782B42C19489DCFB4D110, E63CC0AEF1875D5D127E341CF65117DABC9E376A83E615EC8D01F6AB705DABAD ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
19:43:37.0882 0x0348  BasicRender - ok
19:43:37.0903 0x0348  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
19:43:37.0906 0x0348  bcmfn2 - ok
19:43:37.0940 0x0348  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\Windows\System32\bdesvc.dll
19:43:37.0950 0x0348  BDESVC - ok
19:43:37.0969 0x0348  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
19:43:37.0970 0x0348  Beep - ok
19:43:38.0032 0x0348  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
19:43:38.0052 0x0348  BFE - ok
19:43:38.0136 0x0348  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
19:43:38.0158 0x0348  BITS - ok
19:43:38.0204 0x0348  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:43:38.0206 0x0348  bowser - ok
19:43:38.0253 0x0348  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
19:43:38.0268 0x0348  BrokerInfrastructure - ok
19:43:38.0300 0x0348  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
19:43:38.0304 0x0348  Browser - ok
19:43:38.0321 0x0348  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
19:43:38.0323 0x0348  BthAvrcpTg - ok
19:43:38.0340 0x0348  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
19:43:38.0341 0x0348  BthEnum - ok
19:43:38.0370 0x0348  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
19:43:38.0372 0x0348  BthHFEnum - ok
19:43:38.0386 0x0348  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
19:43:38.0387 0x0348  bthhfhid - ok
19:43:38.0437 0x0348  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
19:43:38.0444 0x0348  BthHFSrv - ok
19:43:38.0466 0x0348  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
19:43:38.0471 0x0348  BthLEEnum - ok
19:43:38.0488 0x0348  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
19:43:38.0490 0x0348  BTHMODEM - ok
19:43:38.0517 0x0348  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
19:43:38.0521 0x0348  BthPan - ok
19:43:38.0598 0x0348  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
19:43:38.0616 0x0348  BTHPORT - ok
19:43:38.0654 0x0348  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
19:43:38.0656 0x0348  bthserv - ok
19:43:38.0724 0x0348  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:43:38.0729 0x0348  BTHUSB - ok
19:43:38.0752 0x0348  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:43:38.0758 0x0348  cdfs - ok
19:43:38.0789 0x0348  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
19:43:38.0798 0x0348  cdrom - ok
19:43:38.0829 0x0348  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:43:38.0836 0x0348  CertPropSvc - ok
19:43:38.0857 0x0348  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
19:43:38.0859 0x0348  circlass - ok
19:43:38.0913 0x0348  [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS            C:\Windows\system32\drivers\CLFS.sys
19:43:38.0930 0x0348  CLFS - ok
19:43:38.0945 0x0348  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
19:43:38.0946 0x0348  CmBatt - ok
19:43:38.0997 0x0348  [ C8823A6ECE66B997C8E9F413D1D671E7, D739A194BCA4C1979C5B2A71F4B8DAB0BCC1524808C50BA302847B6C82D77250 ] CNG             C:\Windows\system32\Drivers\cng.sys
19:43:39.0008 0x0348  CNG - ok
19:43:39.0068 0x0348  [ CCEF5F12E7A33F232E1138B3EF5A1B6A, AF680F17DA3524E571B8FE6C2EAB6B0369D4A3B124E4F020D63E0189122EA251 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
19:43:39.0089 0x0348  CnxtHdAudService - ok
19:43:39.0115 0x0348  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
19:43:39.0116 0x0348  CompositeBus - ok
19:43:39.0120 0x0348  COMSysApp - ok
19:43:39.0136 0x0348  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
19:43:39.0138 0x0348  condrv - ok
19:43:39.0224 0x0348  [ 20D608B263C1D99382E3ABA02AD7705A, FE03490A2E234FDA95556F92CC522A368965EC717A5AC1E622ADF19354B7AF25 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:43:39.0236 0x0348  cphs - ok
19:43:39.0279 0x0348  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:43:39.0286 0x0348  CryptSvc - ok
19:43:39.0313 0x0348  [ 426B2624A1669D233BAB6C4AC5E9432E, C03746D04094FAEA0650032447667055E7C7D1094581D4C1EB414D22A164CA99 ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
19:43:39.0319 0x0348  CxAudMsg - ok
19:43:39.0349 0x0348  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
19:43:39.0351 0x0348  dam - ok
19:43:39.0405 0x0348  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:43:39.0420 0x0348  DcomLaunch - ok
19:43:39.0462 0x0348  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
19:43:39.0471 0x0348  defragsvc - ok
19:43:39.0499 0x0348  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
19:43:39.0507 0x0348  DeviceAssociationService - ok
19:43:39.0561 0x0348  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
19:43:39.0575 0x0348  DeviceInstall - ok
19:43:39.0623 0x0348  [ 4FED6AD69C9EE1EE7FD3C88437138855, 71E0863898F2E3B1F9769C8A9980E2063042961D417FE0C969B2E5B7A0013978 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
19:43:39.0632 0x0348  Dfsc - ok
19:43:39.0690 0x0348  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:43:39.0710 0x0348  Dhcp - ok
19:43:39.0804 0x0348  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:43:39.0835 0x0348  DiagTrack - ok
19:43:39.0863 0x0348  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
19:43:39.0865 0x0348  disk - ok
19:43:39.0888 0x0348  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
19:43:39.0889 0x0348  dmvsc - ok
19:43:39.0932 0x0348  [ 1E365F2B4C8F6D4D9FF0D1B4A93C230C, 5CAC22131F376D55F09BF875F7CBC4D8827EBC189EEB5D713D693A3510B20077 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:43:39.0937 0x0348  Dnscache - ok
19:43:39.0968 0x0348  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:43:39.0973 0x0348  dot3svc - ok
19:43:40.0004 0x0348  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
19:43:40.0007 0x0348  DPS - ok
19:43:40.0036 0x0348  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:43:40.0038 0x0348  drmkaud - ok
19:43:40.0085 0x0348  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
19:43:40.0097 0x0348  DsmSvc - ok
19:43:40.0176 0x0348  [ 0166B1E908A6EC670CFDE42521BF7CA3, 5D6A9EF83C9B657C3DFC965100F1404AABF44B6B8B9A06F97F2C47A2E935825E ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
19:43:40.0179 0x0348  dts_apo_service - ok
19:43:40.0250 0x0348  [ E7100B511A7AC0422C3E5CC4D1DDC0A5, 7C4166096B824168FADD4B7222E25104DE9B81E2549B6F96F91340BD42AE7D74 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:43:40.0272 0x0348  DXGKrnl - ok
19:43:40.0306 0x0348  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
19:43:40.0309 0x0348  Eaphost - ok
19:43:40.0442 0x0348  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:43:40.0488 0x0348  ebdrv - ok
19:43:40.0521 0x0348  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
19:43:40.0529 0x0348  EFS - ok
19:43:40.0542 0x0348  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
19:43:40.0547 0x0348  EhStorClass - ok
19:43:40.0561 0x0348  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
19:43:40.0565 0x0348  EhStorTcgDrv - ok
19:43:40.0576 0x0348  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
19:43:40.0577 0x0348  ErrDev - ok
19:43:40.0622 0x0348  [ F1CEA9D2626D5933162C72F0C47B496C, 6B2AFF709CCF9FD9AAE61DBDDC4ACD62FB430C155DFEB31F8D2B516B309EFB3B ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
19:43:40.0623 0x0348  ESProtectionDriver - ok
19:43:40.0661 0x0348  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
19:43:40.0670 0x0348  EventSystem - ok
19:43:40.0741 0x0348  [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:43:40.0750 0x0348  EvtEng - ok
19:43:40.0784 0x0348  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:43:40.0789 0x0348  exfat - ok
19:43:40.0811 0x0348  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:43:40.0821 0x0348  fastfat - ok
19:43:40.0868 0x0348  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
19:43:40.0883 0x0348  Fax - ok
19:43:40.0906 0x0348  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
19:43:40.0907 0x0348  fdc - ok
19:43:40.0938 0x0348  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:43:40.0940 0x0348  fdPHost - ok
19:43:40.0973 0x0348  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:43:40.0980 0x0348  FDResPub - ok
19:43:41.0026 0x0348  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
19:43:41.0038 0x0348  fhsvc - ok
19:43:41.0061 0x0348  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:43:41.0064 0x0348  FileInfo - ok
19:43:41.0081 0x0348  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:43:41.0083 0x0348  Filetrace - ok
19:43:41.0099 0x0348  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
19:43:41.0101 0x0348  flpydisk - ok
19:43:41.0143 0x0348  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:43:41.0151 0x0348  FltMgr - ok
19:43:41.0210 0x0348  [ 359A7382DB639FE051455D868DEFF1A0, 1FFB6D8C96D9559081092F4BCA221AF993E40388D4951F72FFE6389894465A97 ] FontCache       C:\Windows\system32\FntCache.dll
19:43:41.0231 0x0348  FontCache - ok
19:43:41.0331 0x0348  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:43:41.0336 0x0348  FontCache3.0.0.0 - ok
19:43:41.0367 0x0348  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:43:41.0374 0x0348  FsDepends - ok
19:43:41.0401 0x0348  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:43:41.0403 0x0348  Fs_Rec - ok
19:43:41.0445 0x0348  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:43:41.0456 0x0348  fvevol - ok
19:43:41.0468 0x0348  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
19:43:41.0469 0x0348  FxPPM - ok
19:43:41.0488 0x0348  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:43:41.0490 0x0348  gagp30kx - ok
19:43:41.0516 0x0348  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
19:43:41.0517 0x0348  gencounter - ok
19:43:41.0536 0x0348  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
19:43:41.0539 0x0348  GPIOClx0101 - ok
19:43:41.0595 0x0348  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:43:41.0615 0x0348  gpsvc - ok
19:43:41.0683 0x0348  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:43:41.0686 0x0348  gupdate - ok
19:43:41.0705 0x0348  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:43:41.0707 0x0348  gupdatem - ok
19:43:41.0742 0x0348  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:43:41.0748 0x0348  HdAudAddService - ok
19:43:41.0764 0x0348  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
19:43:41.0766 0x0348  HDAudBus - ok
19:43:41.0779 0x0348  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
19:43:41.0780 0x0348  HidBatt - ok
19:43:41.0811 0x0348  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
19:43:41.0817 0x0348  HidBth - ok
19:43:41.0837 0x0348  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
19:43:41.0839 0x0348  hidi2c - ok
19:43:41.0853 0x0348  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
19:43:41.0855 0x0348  HidIr - ok
19:43:41.0887 0x0348  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
19:43:41.0891 0x0348  hidserv - ok
19:43:41.0924 0x0348  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
19:43:41.0926 0x0348  HidUsb - ok
19:43:41.0959 0x0348  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:43:41.0965 0x0348  hkmsvc - ok
19:43:42.0005 0x0348  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:43:42.0016 0x0348  HomeGroupListener - ok
19:43:42.0054 0x0348  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:43:42.0070 0x0348  HomeGroupProvider - ok
19:43:42.0089 0x0348  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:43:42.0090 0x0348  HpSAMD - ok
19:43:42.0140 0x0348  [ 030DD4F01AF3C32BA1AD00B549156F99, 5FDF4B199FDE1110CBC9DB164001A971057C982EB6AD5542BCD74AB3446E2D70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:43:42.0154 0x0348  HTTP - ok
19:43:42.0168 0x0348  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:43:42.0169 0x0348  hwpolicy - ok
19:43:42.0184 0x0348  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
19:43:42.0185 0x0348  hyperkbd - ok
19:43:42.0196 0x0348  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
19:43:42.0196 0x0348  HyperVideo - ok
19:43:42.0223 0x0348  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
19:43:42.0225 0x0348  i8042prt - ok
19:43:42.0247 0x0348  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
19:43:42.0248 0x0348  iaLPSSi_GPIO - ok
19:43:42.0263 0x0348  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
19:43:42.0265 0x0348  iaLPSSi_I2C - ok
19:43:42.0292 0x0348  [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
19:43:42.0302 0x0348  iaStorA - ok
19:43:42.0330 0x0348  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
19:43:42.0340 0x0348  iaStorAV - ok
19:43:42.0363 0x0348  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:43:42.0369 0x0348  iaStorV - ok
19:43:42.0407 0x0348  [ 29BBB3F52B31FEB57526960CDA78E423, B3016CD4DBE8346B4805ACCA149BE96678259344804ACA1B4B4B813F5F233055 ] ibtsiva.exe     C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
19:43:42.0409 0x0348  ibtsiva.exe - ok
19:43:42.0423 0x0348  [ 7390AF911FEF186BC5E6C5DCE4FBE122, 00EAC3D23C326F235A5F46B9333596233EB5C663E8C7483AAEE7D949A1F55CA0 ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
19:43:42.0427 0x0348  ibtusb - ok
19:43:42.0448 0x0348  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
19:43:42.0451 0x0348  ICCS - ok
19:43:42.0456 0x0348  IEEtwCollectorService - ok
19:43:42.0622 0x0348  [ 0CC07A52339BEEAD5BEFB571FA0F57A7, 32FEC28442D2593A468CEDBBDE56974A482926F36AE26539CC0B7F504A9813A2 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:43:42.0689 0x0348  igfx - ok
19:43:42.0714 0x0348  [ 286B22157D7768EA9F053BE37A9FE8B1, 192244A42A646F15615F9F329E3E1801F097913562F289F5209916CE13630225 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
19:43:42.0721 0x0348  igfxCUIService1.0.0.0 - ok
19:43:42.0803 0x0348  [ AD5DF6F4FBBC798636EDC66BFEC7D0DE, 837C9BCB6C23FE0901F0F66A57FAB5985984F0EAD9E34F84A9F78349EDE0394F ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
19:43:42.0806 0x0348  IJPLMSVC - ok
19:43:42.0848 0x0348  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\Windows\System32\ikeext.dll
19:43:42.0865 0x0348  IKEEXT - ok
19:43:42.0890 0x0348  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
19:43:42.0892 0x0348  intaud_WaveExtensible - ok
19:43:42.0924 0x0348  [ 0D92782AEAFEC340F7F637E91C7E367D, 2E2654D017FF567CF8ED4D0BA20209894792C8BDDF50C3396961F2B850E17E36 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:43:42.0943 0x0348  IntcDAud - ok
19:43:43.0020 0x0348  [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:43:43.0040 0x0348  Intel® Capability Licensing Service TCP IP Interface - ok
19:43:43.0051 0x0348  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:43:43.0054 0x0348  intelide - ok
19:43:43.0090 0x0348  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
19:43:43.0092 0x0348  intelpep - ok
19:43:43.0103 0x0348  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
19:43:43.0106 0x0348  intelppm - ok
19:43:43.0168 0x0348  [ 7796E03E2BB3E9F5940F5CB12FC4CC4F, A5B156B76757BF6339A35DE4845F19ECB4AA3F0784D227536F45AE1552F680ED ] IntelUSBoverIP  C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
19:43:43.0183 0x0348  IntelUSBoverIP - ok
19:43:43.0202 0x0348  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:43:43.0205 0x0348  IpFilterDriver - ok
19:43:43.0239 0x0348  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:43:43.0254 0x0348  iphlpsvc - ok
19:43:43.0278 0x0348  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
19:43:43.0280 0x0348  IPMIDRV - ok
19:43:43.0307 0x0348  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:43:43.0309 0x0348  IPNAT - ok
19:43:43.0317 0x0348  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:43:43.0319 0x0348  IRENUM - ok
19:43:43.0332 0x0348  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:43:43.0333 0x0348  isapnp - ok
19:43:43.0374 0x0348  [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
19:43:43.0379 0x0348  iScsiPrt - ok
19:43:43.0414 0x0348  [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
19:43:43.0415 0x0348  iwdbus - ok
19:43:43.0453 0x0348  [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
19:43:43.0459 0x0348  jhi_service - ok
19:43:43.0483 0x0348  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
19:43:43.0487 0x0348  kbdclass - ok
19:43:43.0501 0x0348  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
19:43:43.0504 0x0348  kbdhid - ok
19:43:43.0541 0x0348  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
19:43:43.0542 0x0348  kdnic - ok
19:43:43.0546 0x0348  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
19:43:43.0549 0x0348  KeyIso - ok
19:43:43.0582 0x0348  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:43:43.0584 0x0348  KSecDD - ok
19:43:43.0647 0x0348  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:43:43.0650 0x0348  KSecPkg - ok
19:43:43.0662 0x0348  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:43:43.0663 0x0348  ksthunk - ok
19:43:43.0685 0x0348  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:43:43.0693 0x0348  KtmRm - ok
19:43:43.0737 0x0348  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:43:43.0744 0x0348  LanmanServer - ok
19:43:43.0787 0x0348  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:43:43.0794 0x0348  LanmanWorkstation - ok
19:43:43.0829 0x0348  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
19:43:43.0839 0x0348  lfsvc - ok
19:43:43.0854 0x0348  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:43:43.0856 0x0348  lltdio - ok
19:43:43.0870 0x0348  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:43:43.0878 0x0348  lltdsvc - ok
19:43:43.0905 0x0348  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:43:43.0908 0x0348  lmhosts - ok
19:43:43.0958 0x0348  [ ED5C8B920F2ACF11A26586B2FA66BF3D, D6F014F0CCAB7EDA38A8CC58F439D2A8CD89195AE84F82E25475CE11CB3883C9 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:43:43.0964 0x0348  LMS - ok
19:43:43.0992 0x0348  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:43:43.0994 0x0348  LSI_SAS - ok
19:43:44.0006 0x0348  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:43:44.0009 0x0348  LSI_SAS2 - ok
19:43:44.0025 0x0348  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
19:43:44.0026 0x0348  LSI_SAS3 - ok
19:43:44.0037 0x0348  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
19:43:44.0039 0x0348  LSI_SSS - ok
19:43:44.0122 0x0348  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
19:43:44.0146 0x0348  LSM - ok
19:43:44.0170 0x0348  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:43:44.0175 0x0348  luafv - ok
19:43:44.0209 0x0348  [ 835E1D6B5835EF70FC3BDF93ED42243A, 0025D232ED0FF9A572F8004094CFE21F62070DB832398345425554334E036DA6 ] MBAMChameleon   C:\Windows\system32\drivers\MBAMChameleon.sys
19:43:44.0214 0x0348  MBAMChameleon - ok
19:43:44.0252 0x0348  [ F9808F9763FBC7AA830B1F54C0CA1C25, C9141EF15EE6DD28829DE4BF692EE8C293B969117D681A581E2B17F4DFBFEDAD ] MBAMFarflt      C:\Windows\system32\drivers\farflt.sys
19:43:44.0256 0x0348  MBAMFarflt - ok
19:43:44.0303 0x0348  [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection  C:\Windows\system32\drivers\mbam.sys
19:43:44.0310 0x0348  MBAMProtection - ok
19:43:44.0526 0x0348  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
19:43:44.0585 0x0348  MBAMService - ok
19:43:44.0638 0x0348  [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:43:44.0643 0x0348  MBAMSwissArmy - ok
19:43:44.0670 0x0348  [ 67D4521C3411E24A98B5BA0058EEC96A, EC590DBCC4D822AB47555C0AC156B0485808B4197D58C623A6C45B62C38A61E0 ] MBAMWebProtection C:\Windows\system32\drivers\mwac.sys
19:43:44.0672 0x0348  MBAMWebProtection - ok
19:43:44.0708 0x0348  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
19:43:44.0710 0x0348  megasas - ok
19:43:44.0736 0x0348  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
19:43:44.0745 0x0348  megasr - ok
19:43:44.0761 0x0348  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
19:43:44.0763 0x0348  MEIx64 - ok
19:43:44.0797 0x0348  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
19:43:44.0800 0x0348  MMCSS - ok
19:43:44.0826 0x0348  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
19:43:44.0828 0x0348  Modem - ok
19:43:44.0836 0x0348  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
19:43:44.0837 0x0348  monitor - ok
19:43:44.0861 0x0348  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
19:43:44.0863 0x0348  mouclass - ok
19:43:44.0881 0x0348  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
19:43:44.0883 0x0348  mouhid - ok
19:43:44.0913 0x0348  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:43:44.0915 0x0348  mountmgr - ok
19:43:44.0963 0x0348  [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:43:44.0966 0x0348  MozillaMaintenance - ok
19:43:45.0003 0x0348  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:43:45.0006 0x0348  mpsdrv - ok
19:43:45.0072 0x0348  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:43:45.0087 0x0348  MpsSvc - ok
19:43:45.0107 0x0348  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:43:45.0110 0x0348  MRxDAV - ok
19:43:45.0150 0x0348  [ E2FC654EC895E92A022794329BFC53EC, BDEFF410B8A1D213B652A86DBF53774A3EBD58C32CCB9180712F9F3777307688 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:43:45.0161 0x0348  mrxsmb - ok
19:43:45.0188 0x0348  [ B213149BE26DD213C44AD61DB19C1251, E28886C1E78E54BBA74DD9779BB18B20D9CB8DF1CCD387FE415F1748719EE5F6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:43:45.0193 0x0348  mrxsmb10 - ok
19:43:45.0206 0x0348  [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:43:45.0210 0x0348  mrxsmb20 - ok
19:43:45.0242 0x0348  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
19:43:45.0244 0x0348  MsBridge - ok
19:43:45.0257 0x0348  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
19:43:45.0261 0x0348  MSDTC - ok
19:43:45.0297 0x0348  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:43:45.0298 0x0348  Msfs - ok
19:43:45.0312 0x0348  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
19:43:45.0313 0x0348  msgpiowin32 - ok
19:43:45.0328 0x0348  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:43:45.0329 0x0348  mshidkmdf - ok
19:43:45.0344 0x0348  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
19:43:45.0345 0x0348  mshidumdf - ok
19:43:45.0361 0x0348  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:43:45.0361 0x0348  msisadrv - ok
19:43:45.0396 0x0348  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:43:45.0400 0x0348  MSiSCSI - ok
19:43:45.0407 0x0348  msiserver - ok
19:43:45.0423 0x0348  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:43:45.0423 0x0348  MSKSSRV - ok
19:43:45.0473 0x0348  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
19:43:45.0475 0x0348  MsLldp - ok
19:43:45.0503 0x0348  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:43:45.0504 0x0348  MSPCLOCK - ok
19:43:45.0508 0x0348  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:43:45.0510 0x0348  MSPQM - ok
19:43:45.0530 0x0348  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:43:45.0537 0x0348  MsRPC - ok
19:43:45.0557 0x0348  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
19:43:45.0559 0x0348  mssmbios - ok
19:43:45.0562 0x0348  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:43:45.0563 0x0348  MSTEE - ok
19:43:45.0576 0x0348  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
19:43:45.0577 0x0348  MTConfig - ok
19:43:45.0605 0x0348  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\Windows\system32\Drivers\mup.sys
19:43:45.0610 0x0348  Mup - ok
19:43:45.0627 0x0348  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
19:43:45.0628 0x0348  mvumis - ok
19:43:45.0658 0x0348  [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:43:45.0662 0x0348  MyWiFiDHCPDNS - ok
19:43:45.0699 0x0348  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
19:43:45.0709 0x0348  napagent - ok
19:43:45.0753 0x0348  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:43:45.0767 0x0348  NativeWifiP - ok
19:43:45.0804 0x0348  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
19:43:45.0809 0x0348  NcaSvc - ok
19:43:45.0846 0x0348  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
19:43:45.0851 0x0348  NcbService - ok
19:43:45.0877 0x0348  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
19:43:45.0881 0x0348  NcdAutoSetup - ok
19:43:45.0937 0x0348  [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:43:45.0957 0x0348  NDIS - ok
19:43:45.0988 0x0348  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:43:45.0991 0x0348  NdisCap - ok
19:43:46.0025 0x0348  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
19:43:46.0028 0x0348  NdisImPlatform - ok
19:43:46.0045 0x0348  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:43:46.0046 0x0348  NdisTapi - ok
19:43:46.0076 0x0348  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:43:46.0077 0x0348  Ndisuio - ok
19:43:46.0089 0x0348  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
19:43:46.0091 0x0348  NdisVirtualBus - ok
19:43:46.0120 0x0348  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:43:46.0124 0x0348  NdisWan - ok
19:43:46.0141 0x0348  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
19:43:46.0145 0x0348  NdisWanLegacy - ok
19:43:46.0176 0x0348  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:43:46.0177 0x0348  NDProxy - ok
19:43:46.0193 0x0348  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
19:43:46.0195 0x0348  Ndu - ok
19:43:46.0221 0x0348  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:43:46.0222 0x0348  NetBIOS - ok
19:43:46.0251 0x0348  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:43:46.0265 0x0348  NetBT - ok
19:43:46.0276 0x0348  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
19:43:46.0282 0x0348  Netlogon - ok
19:43:46.0321 0x0348  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
19:43:46.0332 0x0348  Netman - ok
19:43:46.0382 0x0348  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
19:43:46.0393 0x0348  netprofm - ok
19:43:46.0443 0x0348  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:43:46.0452 0x0348  NetTcpPortSharing - ok
19:43:46.0499 0x0348  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
19:43:46.0505 0x0348  netvsc - ok
19:43:46.0630 0x0348  [ C127D444BAFD761458DF8B38CCB7A937, 6D7505387D684D5ADA4FCC4C202BF1787E262FBA6842E56C58A2311D2E38935A ] NETwNb64        C:\Windows\system32\DRIVERS\Netwbw02.sys
19:43:46.0678 0x0348  NETwNb64 - ok
19:43:46.0722 0x0348  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:43:46.0730 0x0348  NlaSvc - ok
19:43:46.0746 0x0348  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:43:46.0748 0x0348  Npfs - ok
19:43:46.0772 0x0348  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
19:43:46.0775 0x0348  npsvctrig - ok
19:43:46.0805 0x0348  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
19:43:46.0813 0x0348  nsi - ok
19:43:46.0825 0x0348  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:43:46.0828 0x0348  nsiproxy - ok
19:43:46.0922 0x0348  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:43:46.0975 0x0348  Ntfs - ok
19:43:47.0005 0x0348  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
19:43:47.0007 0x0348  Null - ok
19:43:47.0030 0x0348  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:43:47.0032 0x0348  nvraid - ok
19:43:47.0050 0x0348  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:43:47.0055 0x0348  nvstor - ok
19:43:47.0064 0x0348  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:43:47.0066 0x0348  nv_agp - ok
19:43:47.0105 0x0348  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:43:47.0112 0x0348  p2pimsvc - ok
19:43:47.0154 0x0348  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
19:43:47.0162 0x0348  p2psvc - ok
19:43:47.0193 0x0348  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\Windows\System32\drivers\parport.sys
19:43:47.0195 0x0348  Parport - ok
19:43:47.0198 0x0348  Partizan - ok
19:43:47.0224 0x0348  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:43:47.0226 0x0348  partmgr - ok
19:43:47.0258 0x0348  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:43:47.0269 0x0348  PcaSvc - ok
19:43:47.0297 0x0348  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
19:43:47.0302 0x0348  pci - ok
19:43:47.0316 0x0348  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:43:47.0316 0x0348  pciide - ok
19:43:47.0329 0x0348  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:43:47.0332 0x0348  pcmcia - ok
19:43:47.0340 0x0348  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:43:47.0342 0x0348  pcw - ok
19:43:47.0350 0x0348  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
19:43:47.0352 0x0348  pdc - ok
19:43:47.0384 0x0348  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:43:47.0395 0x0348  PEAUTH - ok
19:43:47.0466 0x0348  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:43:47.0470 0x0348  PerfHost - ok
19:43:47.0540 0x0348  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
19:43:47.0563 0x0348  pla - ok
19:43:47.0605 0x0348  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:43:47.0616 0x0348  PlugPlay - ok
19:43:47.0647 0x0348  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:43:47.0650 0x0348  PNRPAutoReg - ok
19:43:47.0681 0x0348  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:43:47.0697 0x0348  PNRPsvc - ok
19:43:47.0732 0x0348  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:43:47.0744 0x0348  PolicyAgent - ok
19:43:47.0787 0x0348  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
19:43:47.0799 0x0348  Power - ok
19:43:47.0963 0x0348  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
19:43:48.0005 0x0348  PrintNotify - ok
19:43:48.0022 0x0348  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
19:43:48.0025 0x0348  Processor - ok
19:43:48.0064 0x0348  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
19:43:48.0074 0x0348  ProfSvc - ok
19:43:48.0107 0x0348  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:43:48.0112 0x0348  Psched - ok
19:43:48.0139 0x0348  [ 14C65D2CB61CF50D82CB9E738CA94F00, 17954AD3317816F33F7167F825F4D10449B97DF5328504F0CD9C3D49D23B134A ] QIOMem          C:\Windows\System32\drivers\QIOMem.sys
19:43:48.0141 0x0348  QIOMem - ok
19:43:48.0183 0x0348  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
19:43:48.0193 0x0348  QWAVE - ok
19:43:48.0229 0x0348  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:43:48.0231 0x0348  QWAVEdrv - ok
19:43:48.0246 0x0348  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:43:48.0247 0x0348  RasAcd - ok
19:43:48.0277 0x0348  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
19:43:48.0282 0x0348  RasAuto - ok
19:43:48.0320 0x0348  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\Windows\System32\rasmans.dll
19:43:48.0331 0x0348  RasMan - ok
19:43:48.0349 0x0348  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:43:48.0351 0x0348  RasPppoe - ok
19:43:48.0381 0x0348  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:43:48.0387 0x0348  rdbss - ok
19:43:48.0416 0x0348  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
19:43:48.0417 0x0348  rdpbus - ok
19:43:48.0437 0x0348  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:43:48.0441 0x0348  RDPDR - ok
19:43:48.0461 0x0348  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:43:48.0462 0x0348  RdpVideoMiniport - ok
19:43:48.0480 0x0348  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:43:48.0484 0x0348  rdyboost - ok
19:43:48.0531 0x0348  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
19:43:48.0545 0x0348  ReFS - ok
19:43:48.0607 0x0348  [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:43:48.0609 0x0348  RegSrvc - ok
19:43:48.0629 0x0348  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:43:48.0635 0x0348  RemoteAccess - ok
19:43:48.0683 0x0348  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:43:48.0688 0x0348  RemoteRegistry - ok
19:43:48.0724 0x0348  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
19:43:48.0727 0x0348  RFCOMM - ok
19:43:48.0743 0x0348  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:43:48.0748 0x0348  RpcEptMapper - ok
19:43:48.0780 0x0348  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
19:43:48.0782 0x0348  RpcLocator - ok
19:43:48.0821 0x0348  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\Windows\system32\rpcss.dll
19:43:48.0836 0x0348  RpcSs - ok
19:43:48.0865 0x0348  [ 5DE88743E9E2EE397F33264FF9B42E76, 0986E8D182115A24EE4B1CC100FE108250BE05F32D70231DF4815BBD2FD1F49C ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
19:43:48.0870 0x0348  RSP2STOR - ok
19:43:48.0890 0x0348  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:43:48.0892 0x0348  rspndr - ok
19:43:48.0931 0x0348  [ 0283ADA7E6B1F2E495A0EA0EF2C1F9A2, 89B2CFEC06A884BC92D5E769FD15DC1F4C4E194F4952B36AC6D40FDE27C9E79B ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
19:43:48.0943 0x0348  RTL8168 - ok
19:43:48.0973 0x0348  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
19:43:48.0974 0x0348  s3cap - ok
19:43:48.0998 0x0348  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
19:43:49.0002 0x0348  SamSs - ok
19:43:49.0019 0x0348  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:43:49.0021 0x0348  sbp2port - ok
19:43:49.0052 0x0348  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:43:49.0058 0x0348  SCardSvr - ok
19:43:49.0106 0x0348  [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
19:43:49.0110 0x0348  ScDeviceEnum - ok
19:43:49.0152 0x0348  [ FA7ABD857DEB0FE3C94CC39A4C845E66, ACD551F75E00C4EB9CFDA73B04051D0BF5FF0BA67C716E1989A21683D8777A41 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:43:49.0154 0x0348  scfilter - ok
19:43:49.0223 0x0348  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
19:43:49.0248 0x0348  Schedule - ok
19:43:49.0273 0x0348  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:43:49.0276 0x0348  SCPolicySvc - ok
19:43:49.0308 0x0348  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
19:43:49.0320 0x0348  sdbus - ok
19:43:49.0349 0x0348  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
19:43:49.0353 0x0348  sdstor - ok
19:43:49.0366 0x0348  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:43:49.0368 0x0348  secdrv - ok
19:43:49.0395 0x0348  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
19:43:49.0402 0x0348  seclogon - ok
19:43:49.0444 0x0348  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
19:43:49.0452 0x0348  SENS - ok
19:43:49.0487 0x0348  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:43:49.0500 0x0348  SensrSvc - ok
19:43:49.0521 0x0348  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
19:43:49.0523 0x0348  SerCx - ok
19:43:49.0554 0x0348  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
19:43:49.0558 0x0348  SerCx2 - ok
19:43:49.0593 0x0348  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\Windows\System32\drivers\serenum.sys
19:43:49.0595 0x0348  Serenum - ok
19:43:49.0613 0x0348  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\Windows\System32\drivers\serial.sys
19:43:49.0615 0x0348  Serial - ok
19:43:49.0645 0x0348  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
19:43:49.0646 0x0348  sermouse - ok
19:43:49.0703 0x0348  [ C42D93E4211D16EE0315D38C6618659E, CA280B8B42C4F7C47669DF3129E4FD56F861D94D8840C26EFFC669757B4EC495 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:43:49.0711 0x0348  SessionEnv - ok
19:43:49.0734 0x0348  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
19:43:49.0737 0x0348  sfloppy - ok
19:43:49.0782 0x0348  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:43:49.0790 0x0348  SharedAccess - ok
19:43:49.0834 0x0348  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:43:49.0847 0x0348  ShellHWDetection - ok
19:43:49.0867 0x0348  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:43:49.0869 0x0348  SiSRaid2 - ok
19:43:49.0895 0x0348  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:43:49.0897 0x0348  SiSRaid4 - ok
19:43:49.0908 0x0348  [ 0F30F5D825CD5A86BCCE1CBD43CAC363, 75A89D322C97D782941F1397A75D66D0DE26ED98983516AE0C19DDFFC98517E0 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
19:43:49.0909 0x0348  SmbDrvI - ok
19:43:49.0956 0x0348  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
19:43:49.0960 0x0348  smphost - ok
19:43:49.0990 0x0348  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:43:49.0994 0x0348  SNMPTRAP - ok
19:43:50.0030 0x0348  [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
19:43:50.0037 0x0348  spaceport - ok
19:43:50.0061 0x0348  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
19:43:50.0062 0x0348  SpbCx - ok
19:43:50.0123 0x0348  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\SysWOW64\speedfan.sys
19:43:50.0126 0x0348  speedfan - ok
19:43:50.0171 0x0348  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
19:43:50.0187 0x0348  Spooler - ok
19:43:50.0373 0x0348  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\Windows\system32\sppsvc.exe
19:43:50.0468 0x0348  sppsvc - ok
19:43:50.0549 0x0348  [ D10F18E3287374D3B40D41C1651355DE, 6DF4A00FAB90EBA65B2D3008103960EA9E9308DADB1F3E9B3D4CB3F812FBF1D2 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:43:50.0556 0x0348  srv - ok
19:43:50.0582 0x0348  [ E6520A3B215FAFBF23E24AB22C44F973, 2D3B771CA20B77D31DFE211EC999B27F6D17A07B7C767F265A4FDFBF1AE17D1D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:43:50.0593 0x0348  srv2 - ok
19:43:50.0628 0x0348  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:43:50.0633 0x0348  srvnet - ok
19:43:50.0663 0x0348  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:43:50.0670 0x0348  SSDPSRV - ok
19:43:50.0695 0x0348  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:43:50.0701 0x0348  SstpSvc - ok
19:43:50.0727 0x0348  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:43:50.0729 0x0348  stexstor - ok
19:43:50.0745 0x0348  [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
19:43:50.0746 0x0348  StillCam - ok
19:43:50.0791 0x0348  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
19:43:50.0804 0x0348  stisvc - ok
19:43:50.0818 0x0348  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
19:43:50.0822 0x0348  storahci - ok
19:43:50.0848 0x0348  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:43:50.0850 0x0348  storflt - ok
19:43:50.0876 0x0348  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
19:43:50.0878 0x0348  stornvme - ok
19:43:50.0907 0x0348  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
19:43:50.0912 0x0348  StorSvc - ok
19:43:50.0923 0x0348  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:43:50.0925 0x0348  storvsc - ok
19:43:50.0960 0x0348  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
19:43:50.0963 0x0348  svsvc - ok
19:43:50.0994 0x0348  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
19:43:50.0996 0x0348  swenum - ok
19:43:51.0041 0x0348  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
19:43:51.0054 0x0348  swprv - ok
19:43:51.0083 0x0348  [ 53AEAEA7FBEA844A6228BC6E89D738B8, B25F269D2EA15FD7AAAD53E89D603EC1292ADA00804DE09609908D899EE45398 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:43:51.0091 0x0348  SynTP - ok
19:43:51.0151 0x0348  [ C4CD2E376BB8C84075E844B4C81CCA5C, CF5ED23E8EE42AF74F73DF3D26E5C0A9263FBE7BD99370C179C12507BEB5A1D2 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
19:43:51.0172 0x0348  SynTPEnhService - ok
19:43:51.0224 0x0348  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
19:43:51.0244 0x0348  SysMain - ok
19:43:51.0277 0x0348  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
19:43:51.0284 0x0348  SystemEventsBroker - ok
19:43:51.0316 0x0348  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:43:51.0322 0x0348  TabletInputService - ok
19:43:51.0358 0x0348  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:43:51.0365 0x0348  TapiSrv - ok
19:43:51.0449 0x0348  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:43:51.0485 0x0348  Tcpip - ok
19:43:51.0549 0x0348  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:43:51.0585 0x0348  TCPIP6 - ok
19:43:51.0619 0x0348  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:43:51.0621 0x0348  tcpipreg - ok
19:43:51.0644 0x0348  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:43:51.0646 0x0348  tdx - ok
19:43:51.0707 0x0348  [ 436183C39AB66B1A7AD0FA6B76DA00A9, 8A012B30110959D3CF6A9204B069517B959596FEEA5F8C5A028DFEBD1F7087B4 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
19:43:51.0714 0x0348  TemproMonitoringService - ok
19:43:51.0749 0x0348  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
19:43:51.0753 0x0348  terminpt - ok
19:43:51.0846 0x0348  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
19:43:51.0879 0x0348  TermService - ok
19:43:51.0916 0x0348  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
19:43:51.0927 0x0348  Themes - ok
19:43:51.0958 0x0348  [ 4C5D93E2CCA6799A0D159F9CF5AF0903, E44007ED1ECAEB174E2378B363BFC7CA18A193CD554C645E60EF62DEF47BF7D6 ] Thotkey         C:\Windows\System32\drivers\Thotkey.sys
19:43:51.0961 0x0348  Thotkey - ok
19:43:51.0999 0x0348  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:43:52.0006 0x0348  THREADORDER - ok
19:43:52.0043 0x0348  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
19:43:52.0059 0x0348  TimeBroker - ok
19:43:52.0113 0x0348  [ 7421BB9A1B8C093B809FE1B0547F4A5D, 763C6AAC39D9FEF168A9C49057A2A14612903EE462DFD39EA52ED93C13D72FDB ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:43:52.0115 0x0348  TMachInfo - ok
19:43:52.0177 0x0348  [ 36A6C54509CF9D7DA91A06B3E3C969D7, 327C0AB1A75FFF3666BAD4A002DE70A1C4CA21FC868BC5EB9C16AEF9D378B8E3 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
19:43:52.0194 0x0348  TOSHIBA eco Utility Service - ok
19:43:52.0214 0x0348  [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec         C:\Windows\System32\drivers\tosrfec.sys
19:43:52.0217 0x0348  tosrfec - ok
19:43:52.0275 0x0348  [ 5D39CC18C62D4C8B45801F0E390A94CA, 26372CD41211EC3ABDB4CF94D5900B7304FEC8C0E274BCA286C949DA6F0EB283 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
19:43:52.0290 0x0348  TPCHSrv - ok
19:43:52.0323 0x0348  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
19:43:52.0329 0x0348  TPM - ok
19:43:52.0371 0x0348  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
19:43:52.0377 0x0348  TrkWks - ok
19:43:52.0411 0x0348  [ 0C997B061E3C66BD9E927C1288EB1CC7, 3807E9A1BC159B9E8FC0C7CAAD10D7213FF8ED8AD1CEA9EA552B093C81BF624B ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
19:43:52.0412 0x0348  TrueSight - ok
19:43:52.0469 0x0348  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:43:52.0472 0x0348  TrustedInstaller - ok
19:43:52.0507 0x0348  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:43:52.0509 0x0348  TsUsbFlt - ok
19:43:52.0536 0x0348  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
19:43:52.0537 0x0348  TsUsbGD - ok
19:43:52.0565 0x0348  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:43:52.0569 0x0348  tunnel - ok
19:43:52.0591 0x0348  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\Windows\system32\drivers\TVALZ_O.SYS
19:43:52.0593 0x0348  TVALZ - ok
19:43:52.0618 0x0348  [ 7B05B5B492E6E248C2B38CD04B4D3A96, 1E18025DDB5EDEBD30F2FAC8D121F55D768B71DA42D919E1A0E98E2E31AA73C8 ] TVALZFL         C:\Windows\system32\Drivers\TVALZFL.sys
19:43:52.0620 0x0348  TVALZFL - ok
19:43:52.0645 0x0348  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:43:52.0647 0x0348  uagp35 - ok
19:43:52.0661 0x0348  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
19:43:52.0663 0x0348  UASPStor - ok
19:43:52.0706 0x0348  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
19:43:52.0715 0x0348  UCX01000 - ok
19:43:52.0754 0x0348  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:43:52.0762 0x0348  udfs - ok
19:43:52.0775 0x0348  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
19:43:52.0779 0x0348  UEFI - ok
19:43:52.0812 0x0348  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:43:52.0817 0x0348  UI0Detect - ok
19:43:52.0838 0x0348  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:43:52.0839 0x0348  uliagpkx - ok
19:43:52.0853 0x0348  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
19:43:52.0854 0x0348  umbus - ok
19:43:52.0871 0x0348  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
19:43:52.0873 0x0348  UmPass - ok
19:43:52.0905 0x0348  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:43:52.0924 0x0348  UmRdpService - ok
19:43:52.0975 0x0348  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
19:43:52.0993 0x0348  upnphost - ok
19:43:53.0021 0x0348  [ FF487F426CF073CB6553D9F1BB14A19D, FB010E9921AF00C51D9712B23F4EA1C37AF7F44769942C990EFFE78E13907C90 ] usb3Hub         C:\Windows\System32\drivers\usb3Hub.sys
19:43:53.0028 0x0348  usb3Hub - ok
19:43:53.0053 0x0348  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
19:43:53.0058 0x0348  usbccgp - ok
19:43:53.0090 0x0348  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
19:43:53.0094 0x0348  usbcir - ok
19:43:53.0127 0x0348  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
19:43:53.0130 0x0348  usbehci - ok
19:43:53.0186 0x0348  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
19:43:53.0199 0x0348  usbhub - ok
19:43:53.0256 0x0348  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
19:43:53.0263 0x0348  USBHUB3 - ok
19:43:53.0284 0x0348  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
19:43:53.0287 0x0348  usbohci - ok
19:43:53.0312 0x0348  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
19:43:53.0313 0x0348  usbprint - ok
19:43:53.0339 0x0348  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:43:53.0341 0x0348  usbscan - ok
19:43:53.0366 0x0348  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
19:43:53.0368 0x0348  USBSTOR - ok
19:43:53.0394 0x0348  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
19:43:53.0395 0x0348  usbuhci - ok
19:43:53.0429 0x0348  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:43:53.0433 0x0348  usbvideo - ok
19:43:53.0470 0x0348  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
19:43:53.0475 0x0348  USBXHCI - ok
19:43:53.0498 0x0348  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
19:43:53.0502 0x0348  VaultSvc - ok
19:43:53.0523 0x0348  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:43:53.0524 0x0348  vdrvroot - ok
19:43:53.0600 0x0348  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
19:43:53.0625 0x0348  vds - ok
19:43:53.0646 0x0348  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
19:43:53.0649 0x0348  VerifierExt - ok
19:43:53.0712 0x0348  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
19:43:53.0728 0x0348  vhdmp - ok
19:43:53.0742 0x0348  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:43:53.0744 0x0348  viaide - ok
19:43:53.0771 0x0348  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:43:53.0773 0x0348  vmbus - ok
19:43:53.0783 0x0348  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
19:43:53.0785 0x0348  VMBusHID - ok
19:43:53.0820 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
19:43:53.0828 0x0348  vmicguestinterface - ok
19:43:53.0853 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
19:43:53.0862 0x0348  vmicheartbeat - ok
19:43:53.0887 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
19:43:53.0895 0x0348  vmickvpexchange - ok
19:43:53.0920 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
19:43:53.0929 0x0348  vmicrdv - ok
19:43:53.0952 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
19:43:53.0962 0x0348  vmicshutdown - ok
19:43:53.0987 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
19:43:53.0996 0x0348  vmictimesync - ok
19:43:54.0020 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
19:43:54.0028 0x0348  vmicvss - ok
19:43:54.0045 0x0348  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:43:54.0048 0x0348  volmgr - ok
19:43:54.0074 0x0348  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:43:54.0080 0x0348  volmgrx - ok
19:43:54.0110 0x0348  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:43:54.0115 0x0348  volsnap - ok
19:43:54.0140 0x0348  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
19:43:54.0142 0x0348  vpci - ok
19:43:54.0170 0x0348  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:43:54.0174 0x0348  vsmraid - ok
19:43:54.0228 0x0348  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
19:43:54.0250 0x0348  VSS - ok
19:43:54.0275 0x0348  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
19:43:54.0280 0x0348  VSTXRAID - ok
19:43:54.0307 0x0348  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:43:54.0308 0x0348  vwifibus - ok
19:43:54.0322 0x0348  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:43:54.0324 0x0348  vwififlt - ok
19:43:54.0335 0x0348  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:43:54.0337 0x0348  vwifimp - ok
19:43:54.0373 0x0348  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
19:43:54.0382 0x0348  W32Time - ok
19:43:54.0403 0x0348  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
19:43:54.0405 0x0348  WacomPen - ok
19:43:54.0466 0x0348  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\Windows\system32\wbengine.exe
19:43:54.0494 0x0348  wbengine - ok
19:43:54.0533 0x0348  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:43:54.0562 0x0348  WbioSrvc - ok
19:43:54.0606 0x0348  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
19:43:54.0618 0x0348  Wcmsvc - ok
19:43:54.0645 0x0348  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:43:54.0655 0x0348  wcncsvc - ok
19:43:54.0689 0x0348  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:43:54.0693 0x0348  WcsPlugInService - ok
19:43:54.0724 0x0348  [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
19:43:54.0726 0x0348  WdBoot - ok
19:43:54.0766 0x0348  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:43:54.0779 0x0348  Wdf01000 - ok
19:43:54.0796 0x0348  [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
19:43:54.0800 0x0348  WdFilter - ok
19:43:54.0827 0x0348  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:43:54.0831 0x0348  WdiServiceHost - ok
19:43:54.0849 0x0348  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:43:54.0855 0x0348  WdiSystemHost - ok
19:43:54.0877 0x0348  [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
19:43:54.0880 0x0348  WdNisDrv - ok
19:43:54.0905 0x0348  WdNisSvc - ok
19:43:54.0937 0x0348  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\Windows\System32\webclnt.dll
19:43:54.0953 0x0348  WebClient - ok
19:43:54.0996 0x0348  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:43:55.0005 0x0348  Wecsvc - ok
19:43:55.0037 0x0348  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
19:43:55.0043 0x0348  WEPHOSTSVC - ok
19:43:55.0074 0x0348  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:43:55.0081 0x0348  wercplsupport - ok
19:43:55.0122 0x0348  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
19:43:55.0129 0x0348  WerSvc - ok
19:43:55.0166 0x0348  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
19:43:55.0170 0x0348  WFPLWFS - ok
19:43:55.0187 0x0348  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
19:43:55.0195 0x0348  WiaRpc - ok
19:43:55.0205 0x0348  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:43:55.0207 0x0348  WIMMount - ok
19:43:55.0211 0x0348  WinDefend - ok
19:43:55.0259 0x0348  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
19:43:55.0275 0x0348  WinHttpAutoProxySvc - ok
19:43:55.0333 0x0348  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:43:55.0337 0x0348  Winmgmt - ok
19:43:55.0456 0x0348  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Users\FabrizioZ\Documents\RealTemp_370\WinRing0x64.sys
19:43:55.0457 0x0348  WinRing0_1_2_0 - ok
19:43:55.0626 0x0348  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:43:55.0670 0x0348  WinRM - ok
19:43:55.0735 0x0348  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
19:43:55.0761 0x0348  WlanSvc - ok
19:43:55.0827 0x0348  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
19:43:55.0853 0x0348  wlidsvc - ok
19:43:55.0897 0x0348  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
19:43:55.0899 0x0348  WmiAcpi - ok
19:43:55.0944 0x0348  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:43:55.0948 0x0348  wmiApSrv - ok
19:43:55.0974 0x0348  WMPNetworkSvc - ok
19:43:55.0989 0x0348  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
19:43:55.0993 0x0348  Wof - ok
19:43:56.0063 0x0348  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
19:43:56.0094 0x0348  workfolderssvc - ok
19:43:56.0133 0x0348  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
19:43:56.0136 0x0348  wpcfltr - ok
19:43:56.0170 0x0348  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:43:56.0176 0x0348  WPCSvc - ok
19:43:56.0200 0x0348  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:43:56.0205 0x0348  WPDBusEnum - ok
19:43:56.0231 0x0348  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
19:43:56.0233 0x0348  WpdUpFltr - ok
19:43:56.0244 0x0348  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:43:56.0245 0x0348  ws2ifsl - ok
19:43:56.0271 0x0348  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
19:43:56.0277 0x0348  wscsvc - ok
19:43:56.0299 0x0348  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
19:43:56.0301 0x0348  WSDPrintDevice - ok
19:43:56.0320 0x0348  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
19:43:56.0321 0x0348  WSDScan - ok
19:43:56.0325 0x0348  WSearch - ok
19:43:56.0432 0x0348  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
19:43:56.0483 0x0348  WSService - ok
19:43:56.0596 0x0348  [ 970B6A52041C641E47D6A31288C08716, B40A2FE234C1E3E1F05BBF9656B46C97188C4589E2471DE15FF3C621063FE815 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:43:56.0650 0x0348  wuauserv - ok
19:43:56.0687 0x0348  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:43:56.0689 0x0348  WudfPf - ok
19:43:56.0728 0x0348  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
19:43:56.0731 0x0348  WUDFRd - ok
19:43:56.0748 0x0348  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:43:56.0753 0x0348  wudfsvc - ok
19:43:56.0763 0x0348  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
19:43:56.0767 0x0348  WUDFWpdFs - ok
19:43:56.0806 0x0348  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:43:56.0816 0x0348  WwanSvc - ok
19:43:56.0985 0x0348  [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:43:57.0037 0x0348  ZeroConfigService - ok
19:43:57.0052 0x0348  ================ Scan global ===============================
19:43:57.0098 0x0348  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
19:43:57.0128 0x0348  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
19:43:57.0161 0x0348  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
19:43:57.0192 0x0348  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
19:43:57.0200 0x0348  [ Global ] - ok
19:43:57.0200 0x0348  ================ Scan MBR ==================================
19:43:57.0208 0x0348  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:43:57.0216 0x0348  \Device\Harddisk0\DR0 - ok
19:43:57.0217 0x0348  ================ Scan VBR ==================================
19:43:57.0227 0x0348  [ 1B90C5907A6C174D9B2A689429A7413D ] \Device\Harddisk0\DR0\Partition1
19:43:57.0229 0x0348  \Device\Harddisk0\DR0\Partition1 - ok
19:43:57.0239 0x0348  [ 27F01D68D713D626F2F99B7DBC3B24FA ] \Device\Harddisk0\DR0\Partition2
19:43:57.0240 0x0348  \Device\Harddisk0\DR0\Partition2 - ok
19:43:57.0257 0x0348  [ 4A2A607F9F1815F35A93FA2D715DF98E ] \Device\Harddisk0\DR0\Partition3
19:43:57.0258 0x0348  \Device\Harddisk0\DR0\Partition3 - ok
19:43:57.0273 0x0348  [ 14A46CDACA8C603429391F10281B7334 ] \Device\Harddisk0\DR0\Partition4
19:43:57.0274 0x0348  \Device\Harddisk0\DR0\Partition4 - ok
19:43:57.0305 0x0348  [ 520CEC94C766403EFECD0E07D07A4F15 ] \Device\Harddisk0\DR0\Partition5
19:43:57.0308 0x0348  \Device\Harddisk0\DR0\Partition5 - ok
19:43:57.0308 0x0348  ================ Scan generic autorun ======================
19:43:57.0409 0x0348  [ 840993F6BBE61B60B0AF80A143731580, B80CF91DD9A348A7BCF88CE02CAEA86E82EEC89F4D8765AE7A45498E4151FC9A ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
19:43:57.0423 0x0348  cAudioFilterAgent - ok
19:43:57.0502 0x0348  [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
19:43:57.0533 0x0348  SmartAudio - ok
19:43:57.0537 0x0348  SynTPEnh - ok
19:43:57.0555 0x0348  [ E5C98C4A887A032284DEE6CE23B5B475, 5C41EF87B5DE1F3AA7F05B51DB9D369400C8F50E215FC4CB25003650FD3DDEFB ] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
19:43:57.0559 0x0348  TecoResident - ok
19:43:57.0581 0x0348  TosWaitSrv - ok
19:43:57.0697 0x0348  [ 63D9BB372FAD1C9C35FE07F28E2B6D17, 219775084E58FDA864A8E7DE3AA46BB55543AA95771991B73D04CFCAFC23DF06 ] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
19:43:57.0732 0x0348  TCrdMain - ok
19:43:57.0776 0x0348  [ 1B95F3170F8DCCE11EF2F01BC5BA18E7, 766CEF016CC67D066A411DBB2E3A55E89C5D9D2E2CB1AB258EE733BE44DE303A ] C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe
19:43:57.0780 0x0348  TSSSrv - ok
19:43:57.0827 0x0348  [ 8DD6F98101EBBA3FC92C8092333A6B32, 80FE7E4433731614B92F8C0256EA5440508C535EBDA45188D1225BFEDA6F0F67 ] C:\Program Files\AVAST Software\Avast\AvLaunch.exe
19:43:57.0833 0x0348  AvastUI.exe - ok
19:43:58.0010 0x0348  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
19:43:58.0046 0x0348  Malwarebytes TrayApp - ok
19:43:58.0105 0x0348  [ CFA72DE80450611914DC83E89B3B0678, D5DAB53C527C3FF03C944501C13D9182824FAF0555EBEE9A2A18B8FD0C338568 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
19:43:58.0116 0x0348  StartCCC - ok
19:43:58.0173 0x0348  [ 31AB035B05B898AF044D41B33FD2E2F0, 1A8E5F36960C8F13AD6243194FBF348CE915D03B421103147C6A78E207292830 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
19:43:58.0180 0x0348  TSVU - ok
19:43:58.0312 0x0348  [ 3B78ACCCAA5132638E7CF419F4A965C7, C91DD62901778FEB6BDBABD6F736D59FD85361AE53867AD232C90D22ECB7B49F ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
19:43:58.0328 0x0348  CanonSolutionMenuEx - ok
19:43:58.0399 0x0348  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
19:43:58.0406 0x0348  HP Software Update - ok
19:43:58.0421 0x0348  Waiting for KSN requests completion. In queue: 166
19:43:59.0304 0x076c  Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
19:43:59.0422 0x0348  Waiting for KSN requests completion. In queue: 152
19:44:00.0023 0x076c  Object send P2P result: true
19:44:00.0489 0x0348  AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 17.4.3482.0 ), 0x41000 ( enabled : updated )
19:44:00.0490 0x0348  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x60100 ( disabled : updated )
19:44:00.0514 0x0348  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x60000 ( disabled : updated )
19:44:00.0551 0x0348  Win FW state via NFP2: enabled ( trusted )
19:44:01.0106 0x0348  ============================================================
19:44:01.0106 0x0348  Scan finished
19:44:01.0106 0x0348  ============================================================
19:44:01.0128 0x143c  Detected object count: 0
19:44:01.0128 0x143c  Actual detected object count: 0
19:51:21.0200 0x0808  Deinitialize success


#15 bubbleit

bubbleit
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 17 May 2017 - 12:56 PM

19:35:27.0317 0x077c  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
19:35:27.0317 0x077c  UEFI system
19:35:31.0645 0x077c  ============================================================
19:35:31.0645 0x077c  Current date / time: 2017/05/17 19:35:31.0645
19:35:31.0645 0x077c  SystemInfo:
19:35:31.0645 0x077c  
19:35:31.0645 0x077c  OS Version: 6.3.9600 ServicePack: 0.0
19:35:31.0645 0x077c  Product type: Workstation
19:35:31.0645 0x077c  ComputerName: FABRIZIOZPC
19:35:31.0660 0x077c  UserName: FabrizioZ
19:35:31.0660 0x077c  Windows directory: C:\Windows
19:35:31.0660 0x077c  System windows directory: C:\Windows
19:35:31.0660 0x077c  Running under WOW64
19:35:31.0660 0x077c  Processor architecture: Intel x64
19:35:31.0660 0x077c  Number of processors: 4
19:35:31.0660 0x077c  Page size: 0x1000
19:35:31.0660 0x077c  Boot type: Safe boot
19:35:31.0660 0x077c  CodeIntegrityOptions = 0x00000001
19:35:31.0660 0x077c  ============================================================
19:35:32.0832 0x077c  KLMD registered as C:\Windows\system32\drivers\81281915.sys
19:35:32.0832 0x077c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18685, osProperties = 0x19
19:35:33.0035 0x077c  System UUID: {FE88E2AD-ED20-6B6C-035E-36B23E9404F8}
19:35:33.0864 0x077c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:35:33.0864 0x077c  ============================================================
19:35:33.0864 0x077c  \Device\Harddisk0\DR0:
19:35:33.0864 0x077c  GPT partitions:
19:35:33.0864 0x077c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1E27F41F-6C59-4C61-9B19-E4231FA714A0}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
19:35:33.0864 0x077c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6A023B6A-A25A-45B0-9FAC-0AAB6AEF0F03}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x32000
19:35:33.0864 0x077c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3EC941EA-5E87-402E-8949-7541F0A8533D}, Name: Basic data partition, StartLBA 0x232800, BlocksNum 0x40000
19:35:33.0864 0x077c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {47A56D4A-15F4-48E5-8150-4DD26DB0DCB6}, Name: Basic data partition, StartLBA 0x272800, BlocksNum 0x72CA6800
19:35:33.0864 0x077c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8C284314-7CF9-42C6-A0B8-A12DC7D89ED2}, Name: Basic data partition, StartLBA 0x72F19000, BlocksNum 0x17ED800
19:35:33.0864 0x077c  MBR partitions:
19:35:33.0864 0x077c  ============================================================
19:35:33.0879 0x077c  C: <-> \Device\Harddisk0\DR0\Partition4
19:35:33.0879 0x077c  ============================================================
19:35:33.0879 0x077c  Initialize success
19:35:33.0879 0x077c  ============================================================
19:35:36.0942 0x0798  ============================================================
19:35:36.0942 0x0798  Scan started
19:35:36.0942 0x0798  Mode: Manual; 
19:35:36.0942 0x0798  ============================================================
19:35:36.0942 0x0798  KSN ping started
19:35:36.0989 0x0798  KSN ping finished: false
19:35:38.0442 0x0798  ================ Scan system memory ========================
19:35:38.0442 0x0798  System memory - ok
19:35:38.0442 0x0798  ================ Scan services =============================
19:35:38.0598 0x0798  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
19:35:38.0614 0x0798  1394ohci - ok
19:35:38.0707 0x0798  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
19:35:38.0707 0x0798  3ware - ok
19:35:38.0754 0x0798  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:35:38.0770 0x0798  ACPI - ok
19:35:38.0801 0x0798  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
19:35:38.0801 0x0798  acpiex - ok
19:35:38.0817 0x0798  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
19:35:38.0817 0x0798  acpipagr - ok
19:35:38.0817 0x0798  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
19:35:38.0832 0x0798  AcpiPmi - ok
19:35:38.0832 0x0798  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
19:35:38.0832 0x0798  acpitime - ok
19:35:38.0910 0x0798  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:35:38.0910 0x0798  AdobeARMservice - ok
19:35:39.0004 0x0798  [ 99CE7A1C3AB82125EE3FDB446418865B, 00668D732E69F108ABA4FA84355F61935385C0CF83027339162E997ADD804D3A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:35:39.0004 0x0798  AdobeFlashPlayerUpdateSvc - ok
19:35:39.0051 0x0798  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
19:35:39.0067 0x0798  ADP80XX - ok
19:35:39.0098 0x0798  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:35:39.0098 0x0798  AeLookupSvc - ok
19:35:39.0129 0x0798  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
19:35:39.0160 0x0798  AFD - ok
19:35:39.0176 0x0798  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:35:39.0176 0x0798  agp440 - ok
19:35:39.0207 0x0798  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
19:35:39.0207 0x0798  ahcache - ok
19:35:39.0223 0x0798  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
19:35:39.0239 0x0798  ALG - ok
19:35:39.0254 0x0798  [ 99FA3D852B921AB4FF7F5DD90028F91F, 641D3A517B85BBC2C8668671F8699AA91D3294EBC5A4310AA45348E5E8E5DF85 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:35:39.0270 0x0798  AMD External Events Utility - ok
19:35:39.0285 0x0798  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
19:35:39.0285 0x0798  AmdK8 - ok
19:35:39.0739 0x0798  [ 6DCE3D4A8FAE7DEE4B84D1033C165D71, 8C2D491BF6D570EB89C26E16E828218C472B3DB2BC514CFF9EF7761350935E94 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:35:40.0192 0x0798  amdkmdag - ok
19:35:40.0239 0x0798  [ F04CBC7BD43EE3B41FBF1DFFC8F7C8EA, 92C93D320076E45D4C3C2302CF497074C7B3620623507C1E902B0403742708E8 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:35:40.0270 0x0798  amdkmdap - ok
19:35:40.0270 0x0798  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
19:35:40.0285 0x0798  AmdPPM - ok
19:35:40.0285 0x0798  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:35:40.0285 0x0798  amdsata - ok
19:35:40.0317 0x0798  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:35:40.0317 0x0798  amdsbs - ok
19:35:40.0332 0x0798  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:35:40.0332 0x0798  amdxata - ok
19:35:40.0364 0x0798  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
19:35:40.0364 0x0798  AppID - ok
19:35:40.0379 0x0798  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:35:40.0395 0x0798  AppIDSvc - ok
19:35:40.0410 0x0798  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\Windows\System32\appinfo.dll
19:35:40.0410 0x0798  Appinfo - ok
19:35:40.0442 0x0798  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
19:35:40.0457 0x0798  AppReadiness - ok
19:35:40.0520 0x0798  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
19:35:40.0567 0x0798  AppXSvc - ok
19:35:40.0582 0x0798  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:35:40.0582 0x0798  arcsas - ok
19:35:40.0864 0x0798  [ A760C2AFBA1A71E0F7310A6E900CB0E4, 3827C8D4DFC3FC850E9BD049E1B127BD1076DDEFDA19BBA9445FF201F6AE99F8 ] aswbIDSAgent    C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
19:35:41.0067 0x0798  aswbIDSAgent - ok
19:35:41.0098 0x0798  [ 0C19C91ED99964925FF8B05C23743AB1, BF513CCC0E5D2D2CE7D06F17ABC34CD3A55B59588267A5868ADFB723454AF6EB ] aswbidsdriver   C:\Windows\system32\drivers\aswbidsdrivera.sys
19:35:41.0098 0x0798  aswbidsdriver - ok
19:35:41.0129 0x0798  [ 670839F4BA6D82F3035AADFE8274F02E, E4E8B1F3B9138CB2600158CC8507CBA31637E48BBA4D67398E05970B2CECA671 ] aswbidsh        C:\Windows\system32\drivers\aswbidsha.sys
19:35:41.0129 0x0798  aswbidsh - ok
19:35:41.0145 0x0798  [ 5C561968CF601D76A98692DCC8CF74ED, 26D0F34CE4485A813200032CE6889575A13196E79A4B124DD19E4584B0C102DC ] aswblog         C:\Windows\system32\drivers\aswbloga.sys
19:35:41.0145 0x0798  aswblog - ok
19:35:41.0176 0x0798  [ 335E5F19E7397A283B7ED20FE7B369EB, 6A31ABA0BA671EA796E8920EBD64DB28D3D7EB65C4FF68C3EB1DEF4FFC002163 ] aswbuniv        C:\Windows\system32\drivers\aswbuniva.sys
19:35:41.0176 0x0798  aswbuniv - ok
19:35:41.0192 0x0798  [ BA02CA77D989710F79FD662019C4DF94, 2E989847BEE92EB8DE7492DE7AB9B4658CEFC38E678346B7548E6ECB528300D6 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
19:35:41.0192 0x0798  aswHwid - ok
19:35:41.0207 0x0798  [ 2B1490F2F1CC76C9C9B61CE63D6E7973, BFD456C598E74974B81453805ADD0792BD9636BF8213306F40029560B20DE036 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:35:41.0223 0x0798  aswMonFlt - ok
19:35:41.0239 0x0798  [ F26D1F761E14789743275FA5D258EAB8, D532AD4DFFC73BE8A889B75BB50D33FFF674B5AB31F05AA75D9E0667363057F1 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
19:35:41.0239 0x0798  aswRdr - ok
19:35:41.0270 0x0798  [ C1007774450CFAB19D784D50C3410FC7, 2752FD77412D54D78A81DED9F05F094E589BCA5E360ECD420E28ECC844D35921 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:35:41.0270 0x0798  aswRvrt - ok
19:35:41.0317 0x0798  [ EB1991686949400C51B8C21CE013621E, 248545BDD5E8D1BD2D752AF7D3B77E8F1EA6453FD3B007851A04E9B634966448 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:35:41.0348 0x0798  aswSnx - ok
19:35:41.0364 0x0798  [ 7A17BD26C74F5329CB1DF029AE4DD357, 31F98B74F6BC2D75BDC83E3E2E60C9541D57912B6DF2C8A9241F3CFB17E0ACBB ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:35:41.0395 0x0798  aswSP - ok
19:35:41.0410 0x0798  [ 2933CBC7643168E4288D443B4125941C, 19DF1EB9F3EBF2496633D8D789E56EC8A59CF664ECC12A6BF69045BC2BC6CF48 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
19:35:41.0426 0x0798  aswStm - ok
19:35:41.0457 0x0798  [ E76C21203E29F2DCC489EF585E0B1A38, F64B8F5F2EFA10ADD64DE0574ADDE05DF1DFDEACF0E72879C9DD6DEB037E01A3 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:35:41.0473 0x0798  aswVmm - ok
19:35:41.0489 0x0798  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:35:41.0489 0x0798  atapi - ok
19:35:41.0520 0x0798  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
19:35:41.0535 0x0798  AudioEndpointBuilder - ok
19:35:41.0582 0x0798  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:35:41.0614 0x0798  Audiosrv - ok
19:35:41.0645 0x0798  [ D961A7C05A76302E782B1B0CF6546BA7, DAE7481B4FFC0746944213D10EF59C21BBA9937138D660E72E63F43BCDC1F799 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:35:41.0754 0x0798  avast! Antivirus - ok
19:35:41.0785 0x0798  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:35:41.0785 0x0798  AxInstSV - ok
19:35:41.0817 0x0798  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:35:41.0832 0x0798  b06bdrv - ok
19:35:41.0864 0x0798  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
19:35:41.0864 0x0798  BasicDisplay - ok
19:35:41.0895 0x0798  [ 195BD339B4B782B42C19489DCFB4D110, E63CC0AEF1875D5D127E341CF65117DABC9E376A83E615EC8D01F6AB705DABAD ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
19:35:41.0895 0x0798  BasicRender - ok
19:35:41.0910 0x0798  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
19:35:41.0910 0x0798  bcmfn2 - ok
19:35:41.0926 0x0798  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\Windows\System32\bdesvc.dll
19:35:41.0942 0x0798  BDESVC - ok
19:35:41.0957 0x0798  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
19:35:41.0957 0x0798  Beep - ok
19:35:41.0989 0x0798  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
19:35:42.0020 0x0798  BFE - ok
19:35:42.0067 0x0798  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
19:35:42.0176 0x0798  BITS - ok
19:35:42.0207 0x0798  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:35:42.0207 0x0798  bowser - ok
19:35:42.0239 0x0798  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
19:35:42.0254 0x0798  BrokerInfrastructure - ok
19:35:42.0270 0x0798  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
19:35:42.0270 0x0798  BthAvrcpTg - ok
19:35:42.0285 0x0798  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
19:35:42.0285 0x0798  BthEnum - ok
19:35:42.0317 0x0798  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
19:35:42.0317 0x0798  BthHFEnum - ok
19:35:42.0332 0x0798  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
19:35:42.0332 0x0798  bthhfhid - ok
19:35:42.0364 0x0798  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
19:35:42.0379 0x0798  BthHFSrv - ok
19:35:42.0395 0x0798  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
19:35:42.0395 0x0798  BthLEEnum - ok
19:35:42.0410 0x0798  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
19:35:42.0426 0x0798  BTHMODEM - ok
19:35:42.0442 0x0798  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
19:35:42.0442 0x0798  BthPan - ok
19:35:42.0504 0x0798  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
19:35:42.0535 0x0798  BTHPORT - ok
19:35:42.0567 0x0798  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
19:35:42.0582 0x0798  bthserv - ok
19:35:42.0629 0x0798  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:35:42.0629 0x0798  BTHUSB - ok
19:35:42.0645 0x0798  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:35:42.0645 0x0798  cdfs - ok
19:35:42.0661 0x0798  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
19:35:42.0676 0x0798  cdrom - ok
19:35:42.0692 0x0798  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:35:42.0692 0x0798  CertPropSvc - ok
19:35:42.0723 0x0798  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
19:35:42.0723 0x0798  circlass - ok
19:35:42.0754 0x0798  [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS            C:\Windows\system32\drivers\CLFS.sys
19:35:42.0770 0x0798  CLFS - ok
19:35:42.0770 0x0798  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
19:35:42.0770 0x0798  CmBatt - ok
19:35:42.0817 0x0798  [ C8823A6ECE66B997C8E9F413D1D671E7, D739A194BCA4C1979C5B2A71F4B8DAB0BCC1524808C50BA302847B6C82D77250 ] CNG             C:\Windows\system32\Drivers\cng.sys
19:35:42.0832 0x0798  CNG - ok
19:35:42.0895 0x0798  [ CCEF5F12E7A33F232E1138B3EF5A1B6A, AF680F17DA3524E571B8FE6C2EAB6B0369D4A3B124E4F020D63E0189122EA251 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
19:35:42.0942 0x0798  CnxtHdAudService - ok
19:35:42.0973 0x0798  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
19:35:43.0035 0x0798  CompositeBus - ok
19:35:43.0035 0x0798  COMSysApp - ok
19:35:43.0051 0x0798  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
19:35:43.0051 0x0798  condrv - ok
19:35:43.0114 0x0798  [ 20D608B263C1D99382E3ABA02AD7705A, FE03490A2E234FDA95556F92CC522A368965EC717A5AC1E622ADF19354B7AF25 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:35:43.0207 0x0798  cphs - ok
19:35:43.0239 0x0798  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:35:43.0239 0x0798  CryptSvc - ok
19:35:43.0270 0x0798  [ 426B2624A1669D233BAB6C4AC5E9432E, C03746D04094FAEA0650032447667055E7C7D1094581D4C1EB414D22A164CA99 ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
19:35:43.0285 0x0798  CxAudMsg - ok
19:35:43.0317 0x0798  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
19:35:43.0317 0x0798  dam - ok
19:35:43.0364 0x0798  [ 20CC6E9FE25ACD34BE4FCDDB7B08364D, 295B2BBDC860A4CD65CD09C975D08CA1B8E4FE60AD0CA084CAB149A3E9D64B40 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:35:43.0410 0x0798  DcomLaunch - ok
19:35:43.0457 0x0798  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
19:35:43.0504 0x0798  defragsvc - ok
19:35:43.0536 0x0798  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
19:35:43.0551 0x0798  DeviceAssociationService - ok
19:35:43.0598 0x0798  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
19:35:43.0629 0x0798  DeviceInstall - ok
19:35:43.0661 0x0798  [ 4FED6AD69C9EE1EE7FD3C88437138855, 71E0863898F2E3B1F9769C8A9980E2063042961D417FE0C969B2E5B7A0013978 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
19:35:43.0661 0x0798  Dfsc - ok
19:35:43.0692 0x0798  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:35:43.0707 0x0798  Dhcp - ok
19:35:43.0785 0x0798  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:35:43.0817 0x0798  DiagTrack - ok
19:35:43.0848 0x0798  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
19:35:43.0848 0x0798  disk - ok
19:35:43.0879 0x0798  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
19:35:43.0879 0x0798  dmvsc - ok
19:35:43.0911 0x0798  [ 1E365F2B4C8F6D4D9FF0D1B4A93C230C, 5CAC22131F376D55F09BF875F7CBC4D8827EBC189EEB5D713D693A3510B20077 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:35:43.0911 0x0798  Dnscache - ok
19:35:43.0942 0x0798  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:35:43.0942 0x0798  dot3svc - ok
19:35:43.0973 0x0798  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
19:35:43.0989 0x0798  DPS - ok
19:35:44.0004 0x0798  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:35:44.0004 0x0798  drmkaud - ok
19:35:44.0036 0x0798  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
19:35:44.0036 0x0798  DsmSvc - ok
19:35:44.0114 0x0798  [ 0166B1E908A6EC670CFDE42521BF7CA3, 5D6A9EF83C9B657C3DFC965100F1404AABF44B6B8B9A06F97F2C47A2E935825E ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
19:35:44.0114 0x0798  dts_apo_service - ok
19:35:44.0192 0x0798  [ 24C40570BAFEA48E9CB2B87008DCA152, 2D7CCBE5C354667BFBA0B6D6B8F34201AD2992273FB98767C9AD3C72D890A628 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:35:44.0239 0x0798  DXGKrnl - ok
19:35:44.0254 0x0798  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
19:35:44.0254 0x0798  Eaphost - ok
19:35:44.0364 0x0798  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:35:44.0457 0x0798  ebdrv - ok
19:35:44.0489 0x0798  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
19:35:44.0489 0x0798  EFS - ok
19:35:44.0520 0x0798  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
19:35:44.0520 0x0798  EhStorClass - ok
19:35:44.0536 0x0798  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
19:35:44.0536 0x0798  EhStorTcgDrv - ok
19:35:44.0551 0x0798  [ F585F39AD2ED3D2F0BDC7D9281D04E41, B6C3078AA622BF56F6B5FBE9D0B3127B7872202588166F64E8EF3C151DE347E5 ] ERmvrDrv        C:\Windows\system32\drivers\ERKRmvrDrv.sys
19:35:44.0551 0x0798  ERmvrDrv - ok
19:35:44.0567 0x0798  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
19:35:44.0567 0x0798  ErrDev - ok
19:35:44.0614 0x0798  [ F1CEA9D2626D5933162C72F0C47B496C, 6B2AFF709CCF9FD9AAE61DBDDC4ACD62FB430C155DFEB31F8D2B516B309EFB3B ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
19:35:44.0614 0x0798  ESProtectionDriver - ok
19:35:44.0645 0x0798  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
19:35:44.0676 0x0798  EventSystem - ok
19:35:44.0739 0x0798  [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:35:44.0770 0x0798  EvtEng - ok
19:35:44.0786 0x0798  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:35:44.0801 0x0798  exfat - ok
19:35:44.0817 0x0798  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:35:44.0817 0x0798  fastfat - ok
19:35:44.0864 0x0798  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
19:35:44.0879 0x0798  Fax - ok
19:35:44.0895 0x0798  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
19:35:44.0895 0x0798  fdc - ok
19:35:44.0926 0x0798  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:35:44.0926 0x0798  fdPHost - ok
19:35:44.0957 0x0798  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:35:44.0957 0x0798  FDResPub - ok
19:35:44.0989 0x0798  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
19:35:44.0989 0x0798  fhsvc - ok
19:35:45.0004 0x0798  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:35:45.0004 0x0798  FileInfo - ok
19:35:45.0020 0x0798  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:35:45.0020 0x0798  Filetrace - ok
19:35:45.0036 0x0798  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
19:35:45.0036 0x0798  flpydisk - ok
19:35:45.0067 0x0798  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:35:45.0067 0x0798  FltMgr - ok
19:35:45.0129 0x0798  [ 359A7382DB639FE051455D868DEFF1A0, 1FFB6D8C96D9559081092F4BCA221AF993E40388D4951F72FFE6389894465A97 ] FontCache       C:\Windows\system32\FntCache.dll
19:35:45.0176 0x0798  FontCache - ok
19:35:45.0270 0x0798  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:35:45.0270 0x0798  FontCache3.0.0.0 - ok
19:35:45.0301 0x0798  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:35:45.0301 0x0798  FsDepends - ok
19:35:45.0317 0x0798  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:35:45.0317 0x0798  Fs_Rec - ok
19:35:45.0348 0x0798  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:35:45.0379 0x0798  fvevol - ok
19:35:45.0379 0x0798  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
19:35:45.0395 0x0798  FxPPM - ok
19:35:45.0411 0x0798  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:35:45.0411 0x0798  gagp30kx - ok
19:35:45.0442 0x0798  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
19:35:45.0442 0x0798  gencounter - ok
19:35:45.0457 0x0798  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
19:35:45.0457 0x0798  GPIOClx0101 - ok
19:35:45.0520 0x0798  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:35:45.0567 0x0798  gpsvc - ok
19:35:45.0629 0x0798  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:35:45.0645 0x0798  gupdate - ok
19:35:45.0661 0x0798  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:35:45.0676 0x0798  gupdatem - ok
19:35:45.0707 0x0798  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:35:45.0723 0x0798  HdAudAddService - ok
19:35:45.0739 0x0798  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
19:35:45.0739 0x0798  HDAudBus - ok
19:35:45.0754 0x0798  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
19:35:45.0754 0x0798  HidBatt - ok
19:35:45.0786 0x0798  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
19:35:45.0786 0x0798  HidBth - ok
19:35:45.0817 0x0798  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
19:35:45.0817 0x0798  hidi2c - ok
19:35:45.0832 0x0798  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
19:35:45.0832 0x0798  HidIr - ok
19:35:45.0848 0x0798  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
19:35:45.0848 0x0798  hidserv - ok
19:35:45.0879 0x0798  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
19:35:45.0879 0x0798  HidUsb - ok
19:35:45.0895 0x0798  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:35:45.0895 0x0798  hkmsvc - ok
19:35:45.0926 0x0798  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:35:45.0942 0x0798  HomeGroupListener - ok
19:35:45.0973 0x0798  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:35:46.0004 0x0798  HomeGroupProvider - ok
19:35:46.0020 0x0798  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:35:46.0020 0x0798  HpSAMD - ok
19:35:46.0067 0x0798  [ 030DD4F01AF3C32BA1AD00B549156F99, 5FDF4B199FDE1110CBC9DB164001A971057C982EB6AD5542BCD74AB3446E2D70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:35:46.0098 0x0798  HTTP - ok
19:35:46.0114 0x0798  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:35:46.0114 0x0798  hwpolicy - ok
19:35:46.0129 0x0798  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
19:35:46.0129 0x0798  hyperkbd - ok
19:35:46.0129 0x0798  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
19:35:46.0129 0x0798  HyperVideo - ok
19:35:46.0161 0x0798  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
19:35:46.0161 0x0798  i8042prt - ok
19:35:46.0176 0x0798  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
19:35:46.0176 0x0798  iaLPSSi_GPIO - ok
19:35:46.0192 0x0798  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
19:35:46.0192 0x0798  iaLPSSi_I2C - ok
19:35:46.0223 0x0798  [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
19:35:46.0239 0x0798  iaStorA - ok
19:35:46.0254 0x0798  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
19:35:46.0286 0x0798  iaStorAV - ok
19:35:46.0301 0x0798  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:35:46.0317 0x0798  iaStorV - ok
19:35:46.0348 0x0798  [ 29BBB3F52B31FEB57526960CDA78E423, B3016CD4DBE8346B4805ACCA149BE96678259344804ACA1B4B4B813F5F233055 ] ibtsiva.exe     C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
19:35:46.0348 0x0798  ibtsiva.exe - ok
19:35:46.0379 0x0798  [ 7390AF911FEF186BC5E6C5DCE4FBE122, 00EAC3D23C326F235A5F46B9333596233EB5C663E8C7483AAEE7D949A1F55CA0 ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
19:35:46.0379 0x0798  ibtusb - ok
19:35:46.0379 0x0798  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
19:35:46.0395 0x0798  ICCS - ok
19:35:46.0395 0x0798  IEEtwCollectorService - ok
19:35:46.0551 0x0798  [ 0CC07A52339BEEAD5BEFB571FA0F57A7, 32FEC28442D2593A468CEDBBDE56974A482926F36AE26539CC0B7F504A9813A2 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:35:46.0676 0x0798  igfx - ok
19:35:46.0707 0x0798  [ 286B22157D7768EA9F053BE37A9FE8B1, 192244A42A646F15615F9F329E3E1801F097913562F289F5209916CE13630225 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
19:35:46.0707 0x0798  igfxCUIService1.0.0.0 - ok
19:35:46.0770 0x0798  [ AD5DF6F4FBBC798636EDC66BFEC7D0DE, 837C9BCB6C23FE0901F0F66A57FAB5985984F0EAD9E34F84A9F78349EDE0394F ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
19:35:46.0786 0x0798  IJPLMSVC - ok
19:35:46.0832 0x0798  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\Windows\System32\ikeext.dll
19:35:46.0864 0x0798  IKEEXT - ok
19:35:46.0879 0x0798  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
19:35:46.0895 0x0798  intaud_WaveExtensible - ok
19:35:46.0911 0x0798  [ 0D92782AEAFEC340F7F637E91C7E367D, 2E2654D017FF567CF8ED4D0BA20209894792C8BDDF50C3396961F2B850E17E36 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:35:46.0926 0x0798  IntcDAud - ok
19:35:46.0989 0x0798  [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:35:47.0020 0x0798  Intel® Capability Licensing Service TCP IP Interface - ok
19:35:47.0051 0x0798  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:35:47.0051 0x0798  intelide - ok
19:35:47.0082 0x0798  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
19:35:47.0082 0x0798  intelpep - ok
19:35:47.0098 0x0798  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
19:35:47.0098 0x0798  intelppm - ok
19:35:47.0145 0x0798  [ 7796E03E2BB3E9F5940F5CB12FC4CC4F, A5B156B76757BF6339A35DE4845F19ECB4AA3F0784D227536F45AE1552F680ED ] IntelUSBoverIP  C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
19:35:47.0161 0x0798  IntelUSBoverIP - ok
19:35:47.0176 0x0798  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:35:47.0176 0x0798  IpFilterDriver - ok
19:35:47.0207 0x0798  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:35:47.0254 0x0798  iphlpsvc - ok
19:35:47.0270 0x0798  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
19:35:47.0270 0x0798  IPMIDRV - ok
19:35:47.0301 0x0798  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:35:47.0301 0x0798  IPNAT - ok
19:35:47.0317 0x0798  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:35:47.0332 0x0798  IRENUM - ok
19:35:47.0332 0x0798  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:35:47.0332 0x0798  isapnp - ok
19:35:47.0379 0x0798  [ 744DE92A339763C15C6B988C27439633, B566E04BB3C7BBE736158DFA19A6361ABD7E43ABC5F690CFDA6AD50405C17A94 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
19:35:47.0379 0x0798  iScsiPrt - ok
19:35:47.0395 0x0798  [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
19:35:47.0395 0x0798  iwdbus - ok
19:35:47.0442 0x0798  [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
19:35:47.0442 0x0798  jhi_service - ok
19:35:47.0473 0x0798  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
19:35:47.0473 0x0798  kbdclass - ok
19:35:47.0489 0x0798  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
19:35:47.0489 0x0798  kbdhid - ok
19:35:47.0504 0x0798  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
19:35:47.0504 0x0798  kdnic - ok
19:35:47.0504 0x0798  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
19:35:47.0504 0x0798  KeyIso - ok
19:35:47.0536 0x0798  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:35:47.0536 0x0798  KSecDD - ok
19:35:47.0582 0x0798  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:35:47.0598 0x0798  KSecPkg - ok
19:35:47.0614 0x0798  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:35:47.0614 0x0798  ksthunk - ok
19:35:47.0645 0x0798  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:35:47.0645 0x0798  KtmRm - ok
19:35:47.0676 0x0798  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:35:47.0692 0x0798  LanmanServer - ok
19:35:47.0723 0x0798  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:35:47.0739 0x0798  LanmanWorkstation - ok
19:35:47.0770 0x0798  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
19:35:47.0801 0x0798  lfsvc - ok
19:35:47.0801 0x0798  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:35:47.0801 0x0798  lltdio - ok
19:35:47.0848 0x0798  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:35:47.0848 0x0798  lltdsvc - ok
19:35:47.0879 0x0798  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:35:47.0879 0x0798  lmhosts - ok
19:35:47.0926 0x0798  [ ED5C8B920F2ACF11A26586B2FA66BF3D, D6F014F0CCAB7EDA38A8CC58F439D2A8CD89195AE84F82E25475CE11CB3883C9 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:35:47.0942 0x0798  LMS - ok
19:35:47.0973 0x0798  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:35:47.0973 0x0798  LSI_SAS - ok
19:35:47.0973 0x0798  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:35:47.0989 0x0798  LSI_SAS2 - ok
19:35:48.0004 0x0798  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
19:35:48.0004 0x0798  LSI_SAS3 - ok
19:35:48.0004 0x0798  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
19:35:48.0020 0x0798  LSI_SSS - ok
19:35:48.0051 0x0798  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
19:35:48.0082 0x0798  LSM - ok
19:35:48.0098 0x0798  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:35:48.0098 0x0798  luafv - ok
19:35:48.0145 0x0798  [ 835E1D6B5835EF70FC3BDF93ED42243A, 0025D232ED0FF9A572F8004094CFE21F62070DB832398345425554334E036DA6 ] MBAMChameleon   C:\Windows\system32\drivers\MBAMChameleon.sys
19:35:48.0145 0x0798  MBAMChameleon - ok
19:35:48.0176 0x0798  [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection  C:\Windows\system32\drivers\mbam.sys
19:35:48.0176 0x0798  MBAMProtection - ok
19:35:48.0364 0x0798  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
19:35:48.0426 0x0798  MBAMService - ok
19:35:48.0473 0x0798  [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:35:48.0489 0x0798  MBAMSwissArmy - ok
19:35:48.0504 0x0798  [ 67D4521C3411E24A98B5BA0058EEC96A, EC590DBCC4D822AB47555C0AC156B0485808B4197D58C623A6C45B62C38A61E0 ] MBAMWebProtection C:\Windows\system32\drivers\mwac.sys
19:35:48.0504 0x0798  MBAMWebProtection - ok
19:35:48.0536 0x0798  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
19:35:48.0536 0x0798  megasas - ok
19:35:48.0567 0x0798  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
19:35:48.0582 0x0798  megasr - ok
19:35:48.0614 0x0798  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
19:35:48.0614 0x0798  MEIx64 - ok
19:35:48.0645 0x0798  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
19:35:48.0645 0x0798  MMCSS - ok
19:35:48.0661 0x0798  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
19:35:48.0661 0x0798  Modem - ok
19:35:48.0676 0x0798  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
19:35:48.0676 0x0798  monitor - ok
19:35:48.0707 0x0798  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
19:35:48.0707 0x0798  mouclass - ok
19:35:48.0723 0x0798  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
19:35:48.0723 0x0798  mouhid - ok
19:35:48.0754 0x0798  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:35:48.0754 0x0798  mountmgr - ok
19:35:48.0801 0x0798  [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:35:48.0801 0x0798  MozillaMaintenance - ok
19:35:48.0848 0x0798  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:35:48.0848 0x0798  mpsdrv - ok
19:35:48.0895 0x0798  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:35:48.0926 0x0798  MpsSvc - ok
19:35:48.0973 0x0798  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:35:48.0973 0x0798  MRxDAV - ok
19:35:49.0004 0x0798  [ DE1513C338189348F6934A25CF6E4D19, 905A405E85FB75D6700BF4997BC5F3692068B9A236385543C286809C9D502358 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:35:49.0020 0x0798  mrxsmb - ok
19:35:49.0036 0x0798  [ DE5AAC19EB9B9C3AFF9CAE30D7EB107A, BA03EB556444670B47A56669AD8ECB400E37BE71119FAB8D8324538F76670F8B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:35:49.0051 0x0798  mrxsmb20 - ok
19:35:49.0067 0x0798  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
19:35:49.0067 0x0798  MsBridge - ok
19:35:49.0114 0x0798  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
19:35:49.0114 0x0798  MSDTC - ok
19:35:49.0145 0x0798  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:35:49.0145 0x0798  Msfs - ok
19:35:49.0145 0x0798  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
19:35:49.0161 0x0798  msgpiowin32 - ok
19:35:49.0161 0x0798  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:35:49.0176 0x0798  mshidkmdf - ok
19:35:49.0176 0x0798  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
19:35:49.0176 0x0798  mshidumdf - ok
19:35:49.0192 0x0798  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:35:49.0192 0x0798  msisadrv - ok
19:35:49.0223 0x0798  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:35:49.0223 0x0798  MSiSCSI - ok
19:35:49.0239 0x0798  msiserver - ok
19:35:49.0239 0x0798  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:35:49.0239 0x0798  MSKSSRV - ok
19:35:49.0270 0x0798  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
19:35:49.0270 0x0798  MsLldp - ok
19:35:49.0301 0x0798  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:35:49.0301 0x0798  MSPCLOCK - ok
19:35:49.0301 0x0798  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:35:49.0301 0x0798  MSPQM - ok
19:35:49.0332 0x0798  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:35:49.0332 0x0798  MsRPC - ok
19:35:49.0348 0x0798  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
19:35:49.0348 0x0798  mssmbios - ok
19:35:49.0364 0x0798  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:35:49.0364 0x0798  MSTEE - ok
19:35:49.0379 0x0798  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
19:35:49.0379 0x0798  MTConfig - ok
19:35:49.0395 0x0798  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\Windows\system32\Drivers\mup.sys
19:35:49.0411 0x0798  Mup - ok
19:35:49.0426 0x0798  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
19:35:49.0426 0x0798  mvumis - ok
19:35:49.0457 0x0798  [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:35:49.0473 0x0798  MyWiFiDHCPDNS - ok
19:35:49.0504 0x0798  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
19:35:49.0520 0x0798  napagent - ok
19:35:49.0551 0x0798  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:35:49.0567 0x0798  NativeWifiP - ok
19:35:49.0582 0x0798  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
19:35:49.0598 0x0798  NcaSvc - ok
19:35:49.0614 0x0798  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
19:35:49.0629 0x0798  NcbService - ok
19:35:49.0645 0x0798  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
19:35:49.0645 0x0798  NcdAutoSetup - ok
19:35:49.0707 0x0798  [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:35:49.0739 0x0798  NDIS - ok
19:35:49.0770 0x0798  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:35:49.0770 0x0798  NdisCap - ok
19:35:49.0786 0x0798  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
19:35:49.0786 0x0798  NdisImPlatform - ok
19:35:49.0801 0x0798  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:35:49.0801 0x0798  NdisTapi - ok
19:35:49.0832 0x0798  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:35:49.0832 0x0798  Ndisuio - ok
19:35:49.0848 0x0798  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
19:35:49.0848 0x0798  NdisVirtualBus - ok
19:35:49.0879 0x0798  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:35:49.0879 0x0798  NdisWan - ok
19:35:49.0895 0x0798  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
19:35:49.0895 0x0798  NdisWanLegacy - ok
19:35:49.0926 0x0798  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:35:49.0926 0x0798  NDProxy - ok
19:35:49.0942 0x0798  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
19:35:49.0942 0x0798  Ndu - ok
19:35:49.0989 0x0798  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:35:49.0989 0x0798  NetBIOS - ok
19:35:50.0004 0x0798  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:35:50.0020 0x0798  NetBT - ok
19:35:50.0020 0x0798  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
19:35:50.0036 0x0798  Netlogon - ok
19:35:50.0067 0x0798  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
19:35:50.0067 0x0798  Netman - ok
19:35:50.0098 0x0798  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
19:35:50.0129 0x0798  netprofm - ok
19:35:50.0161 0x0798  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:35:50.0223 0x0798  NetTcpPortSharing - ok
19:35:50.0239 0x0798  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
19:35:50.0239 0x0798  netvsc - ok
19:35:50.0379 0x0798  [ C127D444BAFD761458DF8B38CCB7A937, 6D7505387D684D5ADA4FCC4C202BF1787E262FBA6842E56C58A2311D2E38935A ] NETwNb64        C:\Windows\system32\DRIVERS\Netwbw02.sys
19:35:50.0489 0x0798  NETwNb64 - ok
19:35:50.0536 0x0798  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:35:50.0536 0x0798  NlaSvc - ok
19:35:50.0567 0x0798  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:35:50.0567 0x0798  Npfs - ok
19:35:50.0598 0x0798  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
19:35:50.0598 0x0798  npsvctrig - ok
19:35:50.0614 0x0798  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
19:35:50.0614 0x0798  nsi - ok
19:35:50.0645 0x0798  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:35:50.0645 0x0798  nsiproxy - ok
19:35:50.0817 0x0798  [ E6E90E10CE26DD04868AED601091A124, 94D3EB05BAC5B667638254AE28A4802C209F65B7E210EB0F703ADAEE1B9481EF ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:35:50.0864 0x0798  Ntfs - ok
19:35:50.0895 0x0798  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
19:35:50.0895 0x0798  Null - ok
19:35:50.0911 0x0798  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:35:50.0911 0x0798  nvraid - ok
19:35:50.0942 0x0798  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:35:50.0942 0x0798  nvstor - ok
19:35:50.0942 0x0798  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:35:50.0957 0x0798  nv_agp - ok
19:35:50.0989 0x0798  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:35:51.0004 0x0798  p2pimsvc - ok
19:35:51.0036 0x0798  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
19:35:51.0051 0x0798  p2psvc - ok
19:35:51.0082 0x0798  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\Windows\System32\drivers\parport.sys
19:35:51.0082 0x0798  Parport - ok
19:35:51.0082 0x0798  Partizan - ok
19:35:51.0114 0x0798  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:35:51.0114 0x0798  partmgr - ok
19:35:51.0145 0x0798  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:35:51.0161 0x0798  PcaSvc - ok
19:35:51.0192 0x0798  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
19:35:51.0207 0x0798  pci - ok
19:35:51.0207 0x0798  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:35:51.0207 0x0798  pciide - ok
19:35:51.0223 0x0798  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:35:51.0223 0x0798  pcmcia - ok
19:35:51.0254 0x0798  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:35:51.0254 0x0798  pcw - ok
19:35:51.0254 0x0798  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
19:35:51.0254 0x0798  pdc - ok
19:35:51.0286 0x0798  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:35:51.0317 0x0798  PEAUTH - ok
19:35:51.0379 0x0798  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:35:51.0411 0x0798  PerfHost - ok
19:35:51.0473 0x0798  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
19:35:51.0536 0x0798  pla - ok
19:35:51.0551 0x0798  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:35:51.0551 0x0798  PlugPlay - ok
19:35:51.0582 0x0798  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:35:51.0582 0x0798  PNRPAutoReg - ok
19:35:51.0614 0x0798  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:35:51.0614 0x0798  PNRPsvc - ok
19:35:51.0645 0x0798  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:35:51.0661 0x0798  PolicyAgent - ok
19:35:51.0692 0x0798  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
19:35:51.0692 0x0798  Power - ok
19:35:51.0801 0x0798  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
19:35:51.0879 0x0798  PrintNotify - ok
19:35:51.0911 0x0798  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
19:35:51.0911 0x0798  Processor - ok
19:35:51.0942 0x0798  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
19:35:51.0942 0x0798  ProfSvc - ok
19:35:51.0973 0x0798  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:35:51.0973 0x0798  Psched - ok
19:35:52.0004 0x0798  [ 14C65D2CB61CF50D82CB9E738CA94F00, 17954AD3317816F33F7167F825F4D10449B97DF5328504F0CD9C3D49D23B134A ] QIOMem          C:\Windows\System32\drivers\QIOMem.sys
19:35:52.0004 0x0798  QIOMem - ok
19:35:52.0036 0x0798  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
19:35:52.0036 0x0798  QWAVE - ok
19:35:52.0067 0x0798  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:35:52.0067 0x0798  QWAVEdrv - ok
19:35:52.0082 0x0798  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:35:52.0082 0x0798  RasAcd - ok
19:35:52.0114 0x0798  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
19:35:52.0114 0x0798  RasAuto - ok
19:35:52.0161 0x0798  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\Windows\System32\rasmans.dll
19:35:52.0192 0x0798  RasMan - ok
19:35:52.0207 0x0798  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:35:52.0207 0x0798  RasPppoe - ok
19:35:52.0239 0x0798  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:35:52.0239 0x0798  rdbss - ok
19:35:52.0270 0x0798  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
19:35:52.0270 0x0798  rdpbus - ok
19:35:52.0286 0x0798  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:35:52.0286 0x0798  RDPDR - ok
19:35:52.0317 0x0798  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:35:52.0317 0x0798  RdpVideoMiniport - ok
19:35:52.0332 0x0798  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:35:52.0332 0x0798  rdyboost - ok
19:35:52.0379 0x0798  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
19:35:52.0426 0x0798  ReFS - ok
19:35:52.0473 0x0798  [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:35:52.0489 0x0798  RegSrvc - ok
19:35:52.0504 0x0798  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:35:52.0504 0x0798  RemoteAccess - ok
19:35:52.0551 0x0798  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:35:52.0551 0x0798  RemoteRegistry - ok
19:35:52.0582 0x0798  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
19:35:52.0598 0x0798  RFCOMM - ok
19:35:52.0598 0x0798  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:35:52.0614 0x0798  RpcEptMapper - ok
19:35:52.0629 0x0798  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
19:35:52.0629 0x0798  RpcLocator - ok
19:35:52.0676 0x0798  [ 20CC6E9FE25ACD34BE4FCDDB7B08364D, 295B2BBDC860A4CD65CD09C975D08CA1B8E4FE60AD0CA084CAB149A3E9D64B40 ] RpcSs           C:\Windows\system32\rpcss.dll
19:35:52.0692 0x0798  RpcSs - ok
19:35:52.0723 0x0798  [ 5DE88743E9E2EE397F33264FF9B42E76, 0986E8D182115A24EE4B1CC100FE108250BE05F32D70231DF4815BBD2FD1F49C ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
19:35:52.0739 0x0798  RSP2STOR - ok
19:35:52.0754 0x0798  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:35:52.0754 0x0798  rspndr - ok
19:35:52.0801 0x0798  [ 0283ADA7E6B1F2E495A0EA0EF2C1F9A2, 89B2CFEC06A884BC92D5E769FD15DC1F4C4E194F4952B36AC6D40FDE27C9E79B ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
19:35:52.0832 0x0798  RTL8168 - ok
19:35:52.0879 0x0798  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
19:35:52.0879 0x0798  s3cap - ok
19:35:52.0911 0x0798  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
19:35:52.0911 0x0798  SamSs - ok
19:35:52.0926 0x0798  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:35:52.0926 0x0798  sbp2port - ok
19:35:52.0942 0x0798  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:35:52.0957 0x0798  SCardSvr - ok
19:35:53.0004 0x0798  [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
19:35:53.0004 0x0798  ScDeviceEnum - ok
19:35:53.0036 0x0798  [ FA7ABD857DEB0FE3C94CC39A4C845E66, ACD551F75E00C4EB9CFDA73B04051D0BF5FF0BA67C716E1989A21683D8777A41 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:35:53.0036 0x0798  scfilter - ok
19:35:53.0082 0x0798  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
19:35:53.0145 0x0798  Schedule - ok
19:35:53.0176 0x0798  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:35:53.0176 0x0798  SCPolicySvc - ok
19:35:53.0207 0x0798  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
19:35:53.0223 0x0798  sdbus - ok
19:35:53.0239 0x0798  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
19:35:53.0239 0x0798  sdstor - ok
19:35:53.0254 0x0798  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:35:53.0270 0x0798  secdrv - ok
19:35:53.0286 0x0798  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
19:35:53.0286 0x0798  seclogon - ok
19:35:53.0317 0x0798  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
19:35:53.0317 0x0798  SENS - ok
19:35:53.0348 0x0798  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:35:53.0348 0x0798  SensrSvc - ok
19:35:53.0379 0x0798  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
19:35:53.0379 0x0798  SerCx - ok
19:35:53.0411 0x0798  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
19:35:53.0426 0x0798  SerCx2 - ok
19:35:53.0442 0x0798  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\Windows\System32\drivers\serenum.sys
19:35:53.0442 0x0798  Serenum - ok
19:35:53.0473 0x0798  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\Windows\System32\drivers\serial.sys
19:35:53.0473 0x0798  Serial - ok
19:35:53.0489 0x0798  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
19:35:53.0504 0x0798  sermouse - ok
19:35:53.0551 0x0798  [ C42D93E4211D16EE0315D38C6618659E, CA280B8B42C4F7C47669DF3129E4FD56F861D94D8840C26EFFC669757B4EC495 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:35:53.0551 0x0798  SessionEnv - ok
19:35:53.0582 0x0798  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
19:35:53.0582 0x0798  sfloppy - ok
19:35:53.0614 0x0798  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:35:53.0629 0x0798  SharedAccess - ok
19:35:53.0676 0x0798  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:35:53.0692 0x0798  ShellHWDetection - ok
19:35:53.0707 0x0798  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:35:53.0707 0x0798  SiSRaid2 - ok
19:35:53.0739 0x0798  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:35:53.0739 0x0798  SiSRaid4 - ok
19:35:53.0754 0x0798  [ 0F30F5D825CD5A86BCCE1CBD43CAC363, 75A89D322C97D782941F1397A75D66D0DE26ED98983516AE0C19DDFFC98517E0 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
19:35:53.0754 0x0798  SmbDrvI - ok
19:35:53.0801 0x0798  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
19:35:53.0801 0x0798  smphost - ok
19:35:53.0833 0x0798  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:35:53.0833 0x0798  SNMPTRAP - ok
19:35:53.0864 0x0798  [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
19:35:53.0864 0x0798  spaceport - ok
19:35:53.0895 0x0798  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
19:35:53.0895 0x0798  SpbCx - ok
19:35:53.0958 0x0798  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\SysWOW64\speedfan.sys
19:35:53.0973 0x0798  speedfan - ok
19:35:54.0020 0x0798  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
19:35:54.0067 0x0798  Spooler - ok
19:35:54.0270 0x0798  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\Windows\system32\sppsvc.exe
19:35:54.0442 0x0798  sppsvc - ok
19:35:54.0489 0x0798  [ 94ED1930732AD40C4C65C645BE56F48A, 7AA35AD96FBA1CDD70DE3FB6CD64DD8E4BE98F31F2433CD8EA90531D267B09D2 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:35:54.0520 0x0798  srv2 - ok
19:35:54.0536 0x0798  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:35:54.0536 0x0798  srvnet - ok
19:35:54.0567 0x0798  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:35:54.0583 0x0798  SSDPSRV - ok
19:35:54.0614 0x0798  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:35:54.0614 0x0798  SstpSvc - ok
19:35:54.0645 0x0798  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:35:54.0645 0x0798  stexstor - ok
19:35:54.0661 0x0798  [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
19:35:54.0661 0x0798  StillCam - ok
19:35:54.0723 0x0798  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
19:35:54.0739 0x0798  stisvc - ok
19:35:54.0770 0x0798  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
19:35:54.0770 0x0798  storahci - ok
19:35:54.0801 0x0798  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:35:54.0801 0x0798  storflt - ok
19:35:54.0833 0x0798  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
19:35:54.0833 0x0798  stornvme - ok
19:35:54.0864 0x0798  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
19:35:54.0864 0x0798  StorSvc - ok
19:35:54.0879 0x0798  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:35:54.0879 0x0798  storvsc - ok
19:35:54.0895 0x0798  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
19:35:54.0895 0x0798  svsvc - ok
19:35:54.0926 0x0798  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
19:35:54.0926 0x0798  swenum - ok
19:35:54.0958 0x0798  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
19:35:54.0989 0x0798  swprv - ok
19:35:55.0020 0x0798  [ 53AEAEA7FBEA844A6228BC6E89D738B8, B25F269D2EA15FD7AAAD53E89D603EC1292ADA00804DE09609908D899EE45398 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:35:55.0036 0x0798  SynTP - ok
19:35:55.0098 0x0798  [ C4CD2E376BB8C84075E844B4C81CCA5C, CF5ED23E8EE42AF74F73DF3D26E5C0A9263FBE7BD99370C179C12507BEB5A1D2 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
19:35:55.0129 0x0798  SynTPEnhService - ok
19:35:55.0176 0x0798  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
19:35:55.0208 0x0798  SysMain - ok
19:35:55.0254 0x0798  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
19:35:55.0254 0x0798  SystemEventsBroker - ok
19:35:55.0317 0x0798  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:35:55.0317 0x0798  TabletInputService - ok
19:35:55.0348 0x0798  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:35:55.0348 0x0798  TapiSrv - ok
19:35:55.0426 0x0798  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:35:55.0504 0x0798  Tcpip - ok
19:35:55.0583 0x0798  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:35:55.0614 0x0798  TCPIP6 - ok
19:35:55.0645 0x0798  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:35:55.0645 0x0798  tcpipreg - ok
19:35:55.0676 0x0798  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:35:55.0676 0x0798  tdx - ok
19:35:55.0739 0x0798  [ 436183C39AB66B1A7AD0FA6B76DA00A9, 8A012B30110959D3CF6A9204B069517B959596FEEA5F8C5A028DFEBD1F7087B4 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
19:35:55.0739 0x0798  TemproMonitoringService - ok
19:35:55.0754 0x0798  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
19:35:55.0754 0x0798  terminpt - ok
19:35:55.0817 0x0798  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
19:35:55.0848 0x0798  TermService - ok
19:35:55.0864 0x0798  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
19:35:55.0864 0x0798  Themes - ok
19:35:55.0895 0x0798  [ 4C5D93E2CCA6799A0D159F9CF5AF0903, E44007ED1ECAEB174E2378B363BFC7CA18A193CD554C645E60EF62DEF47BF7D6 ] Thotkey         C:\Windows\System32\drivers\Thotkey.sys
19:35:55.0895 0x0798  Thotkey - ok
19:35:55.0911 0x0798  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:35:55.0911 0x0798  THREADORDER - ok
19:35:55.0958 0x0798  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
19:35:55.0958 0x0798  TimeBroker - ok
19:35:56.0036 0x0798  [ 7421BB9A1B8C093B809FE1B0547F4A5D, 763C6AAC39D9FEF168A9C49057A2A14612903EE462DFD39EA52ED93C13D72FDB ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:35:56.0036 0x0798  TMachInfo - ok
19:35:56.0083 0x0798  [ 36A6C54509CF9D7DA91A06B3E3C969D7, 327C0AB1A75FFF3666BAD4A002DE70A1C4CA21FC868BC5EB9C16AEF9D378B8E3 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
19:35:56.0083 0x0798  TOSHIBA eco Utility Service - ok
19:35:56.0114 0x0798  [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec         C:\Windows\System32\drivers\tosrfec.sys
19:35:56.0114 0x0798  tosrfec - ok
19:35:56.0161 0x0798  [ 5D39CC18C62D4C8B45801F0E390A94CA, 26372CD41211EC3ABDB4CF94D5900B7304FEC8C0E274BCA286C949DA6F0EB283 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
19:35:56.0176 0x0798  TPCHSrv - ok
19:35:56.0208 0x0798  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
19:35:56.0208 0x0798  TPM - ok
19:35:56.0239 0x0798  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
19:35:56.0254 0x0798  TrkWks - ok
19:35:56.0254 0x0798  [ 0C997B061E3C66BD9E927C1288EB1CC7, 3807E9A1BC159B9E8FC0C7CAAD10D7213FF8ED8AD1CEA9EA552B093C81BF624B ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
19:35:56.0270 0x0798  TrueSight - ok
19:35:56.0317 0x0798  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:35:56.0317 0x0798  TrustedInstaller - ok
19:35:56.0348 0x0798  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:35:56.0348 0x0798  TsUsbFlt - ok
19:35:56.0364 0x0798  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
19:35:56.0364 0x0798  TsUsbGD - ok
19:35:56.0379 0x0798  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:35:56.0379 0x0798  tunnel - ok
19:35:56.0411 0x0798  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\Windows\system32\drivers\TVALZ_O.SYS
19:35:56.0411 0x0798  TVALZ - ok
19:35:56.0426 0x0798  [ 7B05B5B492E6E248C2B38CD04B4D3A96, 1E18025DDB5EDEBD30F2FAC8D121F55D768B71DA42D919E1A0E98E2E31AA73C8 ] TVALZFL         C:\Windows\system32\Drivers\TVALZFL.sys
19:35:56.0426 0x0798  TVALZFL - ok
19:35:56.0442 0x0798  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:35:56.0442 0x0798  uagp35 - ok
19:35:56.0458 0x0798  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
19:35:56.0458 0x0798  UASPStor - ok
19:35:56.0489 0x0798  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
19:35:56.0489 0x0798  UCX01000 - ok
19:35:56.0520 0x0798  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:35:56.0536 0x0798  udfs - ok
19:35:56.0551 0x0798  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
19:35:56.0551 0x0798  UEFI - ok
19:35:56.0583 0x0798  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:35:56.0583 0x0798  UI0Detect - ok
19:35:56.0614 0x0798  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:35:56.0614 0x0798  uliagpkx - ok
19:35:56.0629 0x0798  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
19:35:56.0629 0x0798  umbus - ok
19:35:56.0645 0x0798  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
19:35:56.0645 0x0798  UmPass - ok
19:35:56.0676 0x0798  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:35:56.0692 0x0798  UmRdpService - ok
19:35:56.0739 0x0798  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
19:35:56.0770 0x0798  upnphost - ok
19:35:56.0801 0x0798  [ FF487F426CF073CB6553D9F1BB14A19D, FB010E9921AF00C51D9712B23F4EA1C37AF7F44769942C990EFFE78E13907C90 ] usb3Hub         C:\Windows\System32\drivers\usb3Hub.sys
19:35:56.0801 0x0798  usb3Hub - ok
19:35:56.0833 0x0798  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
19:35:56.0833 0x0798  usbccgp - ok
19:35:56.0864 0x0798  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
19:35:56.0864 0x0798  usbcir - ok
19:35:56.0895 0x0798  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
19:35:56.0895 0x0798  usbehci - ok
19:35:56.0942 0x0798  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
19:35:56.0958 0x0798  usbhub - ok
19:35:56.0973 0x0798  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
19:35:56.0989 0x0798  USBHUB3 - ok
19:35:57.0004 0x0798  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
19:35:57.0004 0x0798  usbohci - ok
19:35:57.0020 0x0798  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
19:35:57.0020 0x0798  usbprint - ok
19:35:57.0051 0x0798  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:35:57.0051 0x0798  usbscan - ok
19:35:57.0067 0x0798  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
19:35:57.0083 0x0798  USBSTOR - ok
19:35:57.0083 0x0798  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
19:35:57.0098 0x0798  usbuhci - ok
19:35:57.0114 0x0798  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:35:57.0114 0x0798  usbvideo - ok
19:35:57.0145 0x0798  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
19:35:57.0145 0x0798  USBXHCI - ok
19:35:57.0176 0x0798  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
19:35:57.0192 0x0798  VaultSvc - ok
19:35:57.0208 0x0798  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:35:57.0208 0x0798  vdrvroot - ok
19:35:57.0254 0x0798  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
19:35:57.0301 0x0798  vds - ok
19:35:57.0317 0x0798  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
19:35:57.0317 0x0798  VerifierExt - ok
19:35:57.0364 0x0798  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
19:35:57.0395 0x0798  vhdmp - ok
19:35:57.0411 0x0798  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:35:57.0411 0x0798  viaide - ok
19:35:57.0426 0x0798  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:35:57.0442 0x0798  vmbus - ok
19:35:57.0442 0x0798  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
19:35:57.0442 0x0798  VMBusHID - ok
19:35:57.0489 0x0798  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
19:35:57.0504 0x0798  vmicguestinterface - ok
19:35:57.0536 0x0798  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
19:35:57.0536 0x0798  vmicheartbeat - ok
19:35:57.0567 0x0798  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
19:35:57.0567 0x0798  vmickvpexchange - ok
19:35:57.0598 0x0798  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
19:35:57.0598 0x0798  vmicrdv - ok
19:35:57.0629 0x0798  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
19:35:57.0645 0x0798  vmicshutdown - ok
19:35:57.0661 0x0798  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
19:35:57.0676 0x0798  vmictimesync - ok
19:35:57.0692 0x0798  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
19:35:57.0708 0x0798  vmicvss - ok
19:35:57.0723 0x0798  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:35:57.0754 0x0798  volmgr - ok
19:35:57.0786 0x0798  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:35:57.0786 0x0798  volmgrx - ok
19:35:57.0817 0x0798  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:35:57.0817 0x0798  volsnap - ok
19:35:57.0848 0x0798  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
19:35:57.0848 0x0798  vpci - ok
19:35:57.0864 0x0798  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:35:57.0864 0x0798  vsmraid - ok
19:35:57.0926 0x0798  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
19:35:57.0973 0x0798  VSS - ok
19:35:57.0989 0x0798  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
19:35:58.0004 0x0798  VSTXRAID - ok
19:35:58.0051 0x0798  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:35:58.0083 0x0798  vwifibus - ok
19:35:58.0098 0x0798  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:35:58.0098 0x0798  vwififlt - ok
19:35:58.0114 0x0798  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:35:58.0114 0x0798  vwifimp - ok
19:35:58.0145 0x0798  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
19:35:58.0161 0x0798  W32Time - ok
19:35:58.0176 0x0798  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
19:35:58.0176 0x0798  WacomPen - ok
19:35:58.0239 0x0798  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\Windows\system32\wbengine.exe
19:35:58.0286 0x0798  wbengine - ok
19:35:58.0333 0x0798  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:35:58.0333 0x0798  WbioSrvc - ok
19:35:58.0348 0x0798  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
19:35:58.0364 0x0798  Wcmsvc - ok
19:35:58.0395 0x0798  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:35:58.0411 0x0798  wcncsvc - ok
19:35:58.0442 0x0798  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:35:58.0442 0x0798  WcsPlugInService - ok
19:35:58.0458 0x0798  [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
19:35:58.0473 0x0798  WdBoot - ok
19:35:58.0504 0x0798  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:35:58.0536 0x0798  Wdf01000 - ok
19:35:58.0551 0x0798  [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
19:35:58.0567 0x0798  WdFilter - ok
19:35:58.0598 0x0798  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:35:58.0598 0x0798  WdiServiceHost - ok
19:35:58.0614 0x0798  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:35:58.0614 0x0798  WdiSystemHost - ok
19:35:58.0629 0x0798  [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
19:35:58.0629 0x0798  WdNisDrv - ok
19:35:58.0661 0x0798  WdNisSvc - ok
19:35:58.0676 0x0798  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\Windows\System32\webclnt.dll
19:35:58.0692 0x0798  WebClient - ok
19:35:58.0723 0x0798  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:35:58.0723 0x0798  Wecsvc - ok
19:35:58.0754 0x0798  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
19:35:58.0754 0x0798  WEPHOSTSVC - ok
19:35:58.0770 0x0798  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:35:58.0770 0x0798  wercplsupport - ok
19:35:58.0801 0x0798  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
19:35:58.0801 0x0798  WerSvc - ok
19:35:58.0817 0x0798  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
19:35:58.0817 0x0798  WFPLWFS - ok
19:35:58.0833 0x0798  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
19:35:58.0848 0x0798  WiaRpc - ok
19:35:58.0864 0x0798  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:35:58.0864 0x0798  WIMMount - ok
19:35:58.0864 0x0798  WinDefend - ok
19:35:58.0911 0x0798  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
19:35:58.0942 0x0798  WinHttpAutoProxySvc - ok
19:35:58.0989 0x0798  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:35:59.0004 0x0798  Winmgmt - ok
19:35:59.0098 0x0798  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Users\FabrizioZ\Documents\RealTemp_370\WinRing0x64.sys
19:35:59.0098 0x0798  WinRing0_1_2_0 - ok
19:35:59.0192 0x0798  [ B56BFFFB740D76E634DB7B4802E36E4E, 2AA84756DE882463AE4C7BA0DCDEE3E5501DDF673ADD3F37B2B814FB0342E61F ] WinRM           C:\Windows\system32\WsmSvc.dll
19:35:59.0270 0x0798  WinRM - ok
19:35:59.0348 0x0798  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
19:35:59.0395 0x0798  WlanSvc - ok
19:35:59.0458 0x0798  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
19:35:59.0536 0x0798  wlidsvc - ok
19:35:59.0567 0x0798  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
19:35:59.0567 0x0798  WmiAcpi - ok
19:35:59.0598 0x0798  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:35:59.0598 0x0798  wmiApSrv - ok
19:35:59.0629 0x0798  WMPNetworkSvc - ok
19:35:59.0645 0x0798  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
19:35:59.0645 0x0798  Wof - ok
19:35:59.0723 0x0798  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
19:35:59.0770 0x0798  workfolderssvc - ok
19:35:59.0801 0x0798  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
19:35:59.0801 0x0798  wpcfltr - ok
19:35:59.0817 0x0798  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:35:59.0817 0x0798  WPCSvc - ok
19:35:59.0848 0x0798  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:35:59.0848 0x0798  WPDBusEnum - ok
19:35:59.0879 0x0798  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
19:35:59.0879 0x0798  WpdUpFltr - ok
19:35:59.0895 0x0798  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:35:59.0895 0x0798  ws2ifsl - ok
19:35:59.0926 0x0798  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
19:35:59.0926 0x0798  wscsvc - ok
19:35:59.0958 0x0798  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
19:35:59.0958 0x0798  WSDPrintDevice - ok
19:35:59.0973 0x0798  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
19:35:59.0973 0x0798  WSDScan - ok
19:35:59.0973 0x0798  WSearch - ok
19:36:00.0098 0x0798  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
19:36:00.0192 0x0798  WSService - ok
19:36:00.0317 0x0798  [ 970B6A52041C641E47D6A31288C08716, B40A2FE234C1E3E1F05BBF9656B46C97188C4589E2471DE15FF3C621063FE815 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:36:00.0426 0x0798  wuauserv - ok
19:36:00.0442 0x0798  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:36:00.0458 0x0798  WudfPf - ok
19:36:00.0473 0x0798  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
19:36:00.0489 0x0798  WUDFRd - ok
19:36:00.0504 0x0798  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:36:00.0520 0x0798  wudfsvc - ok
19:36:00.0520 0x0798  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
19:36:00.0520 0x0798  WUDFWpdFs - ok
19:36:00.0567 0x0798  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:36:00.0598 0x0798  WwanSvc - ok
19:36:00.0739 0x0798  [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:36:00.0848 0x0798  ZeroConfigService - ok
19:36:00.0864 0x0798  ================ Scan global ===============================
19:36:00.0911 0x0798  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
19:36:00.0942 0x0798  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
19:36:00.0973 0x0798  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
19:36:01.0004 0x0798  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
19:36:01.0004 0x0798  [ Global ] - ok
19:36:01.0004 0x0798  ================ Scan MBR ==================================
19:36:01.0020 0x0798  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:36:01.0067 0x0798  \Device\Harddisk0\DR0 - ok
19:36:01.0067 0x0798  ================ Scan VBR ==================================
19:36:01.0083 0x0798  [ 1B90C5907A6C174D9B2A689429A7413D ] \Device\Harddisk0\DR0\Partition1
19:36:01.0083 0x0798  \Device\Harddisk0\DR0\Partition1 - ok
19:36:01.0083 0x0798  [ 27F01D68D713D626F2F99B7DBC3B24FA ] \Device\Harddisk0\DR0\Partition2
19:36:01.0098 0x0798  \Device\Harddisk0\DR0\Partition2 - ok
19:36:01.0114 0x0798  [ 4A2A607F9F1815F35A93FA2D715DF98E ] \Device\Harddisk0\DR0\Partition3
19:36:01.0114 0x0798  \Device\Harddisk0\DR0\Partition3 - ok
19:36:01.0129 0x0798  [ 14A46CDACA8C603429391F10281B7334 ] \Device\Harddisk0\DR0\Partition4
19:36:01.0129 0x0798  \Device\Harddisk0\DR0\Partition4 - ok
19:36:01.0161 0x0798  [ 520CEC94C766403EFECD0E07D07A4F15 ] \Device\Harddisk0\DR0\Partition5
19:36:01.0161 0x0798  \Device\Harddisk0\DR0\Partition5 - ok
19:36:01.0161 0x0798  ================ Scan generic autorun ======================
19:36:01.0239 0x0798  [ 840993F6BBE61B60B0AF80A143731580, B80CF91DD9A348A7BCF88CE02CAEA86E82EEC89F4D8765AE7A45498E4151FC9A ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
19:36:01.0270 0x0798  cAudioFilterAgent - ok
19:36:01.0333 0x0798  [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
19:36:01.0379 0x0798  SmartAudio - ok
19:36:01.0379 0x0798  SynTPEnh - ok
19:36:01.0395 0x0798  [ E5C98C4A887A032284DEE6CE23B5B475, 5C41EF87B5DE1F3AA7F05B51DB9D369400C8F50E215FC4CB25003650FD3DDEFB ] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
19:36:01.0395 0x0798  TecoResident - ok
19:36:01.0426 0x0798  TosWaitSrv - ok
19:36:01.0536 0x0798  [ 63D9BB372FAD1C9C35FE07F28E2B6D17, 219775084E58FDA864A8E7DE3AA46BB55543AA95771991B73D04CFCAFC23DF06 ] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
19:36:01.0614 0x0798  TCrdMain - ok
19:36:01.0645 0x0798  [ 1B95F3170F8DCCE11EF2F01BC5BA18E7, 766CEF016CC67D066A411DBB2E3A55E89C5D9D2E2CB1AB258EE733BE44DE303A ] C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe
19:36:01.0661 0x0798  TSSSrv - ok
19:36:01.0692 0x0798  [ 8DD6F98101EBBA3FC92C8092333A6B32, 80FE7E4433731614B92F8C0256EA5440508C535EBDA45188D1225BFEDA6F0F67 ] C:\Program Files\AVAST Software\Avast\AvLaunch.exe
19:36:01.0708 0x0798  AvastUI.exe - ok
19:36:01.0833 0x0798  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
19:36:01.0911 0x0798  Malwarebytes TrayApp - ok
19:36:01.0973 0x0798  [ CFA72DE80450611914DC83E89B3B0678, D5DAB53C527C3FF03C944501C13D9182824FAF0555EBEE9A2A18B8FD0C338568 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
19:36:01.0989 0x0798  StartCCC - ok
19:36:02.0051 0x0798  [ 31AB035B05B898AF044D41B33FD2E2F0, 1A8E5F36960C8F13AD6243194FBF348CE915D03B421103147C6A78E207292830 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
19:36:02.0098 0x0798  TSVU - ok
19:36:02.0192 0x0798  [ 3B78ACCCAA5132638E7CF419F4A965C7, C91DD62901778FEB6BDBABD6F736D59FD85361AE53867AD232C90D22ECB7B49F ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
19:36:02.0223 0x0798  CanonSolutionMenuEx - ok
19:36:02.0286 0x0798  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
19:36:02.0301 0x0798  HP Software Update - ok
19:36:02.0614 0x0798  AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 17.4.3482.0 ), 0x41000 ( enabled : updated )
19:36:02.0629 0x0798  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x60100 ( disabled : updated )
19:36:02.0676 0x0798  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
19:36:02.0723 0x0798  Win FW state via NFP2: disabled ( not trusted )
19:36:02.0723 0x0798  ============================================================
19:36:02.0723 0x0798  Scan finished
19:36:02.0723 0x0798  ============================================================
19:36:02.0723 0x0790  Detected object count: 0
19:36:02.0723 0x0790  Actual detected object count: 0
19:36:17.0536 0x0770  Deinitialize success





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users