Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware picked up using clipconverter.cc [Solved]


  • This topic is locked This topic is locked

#1
ruisliptiger

ruisliptiger

    Member

  • Member
  • PipPip
  • 34 posts

Hi

 

I've picked up a bug from using Clipconverer I think. It's a website I've used in the past without issue. However, this time they seem to have added a checkbox that allowed some promoted software to be downloaded. I didn't see this checkbox so the software got through.

 

I've attempted to remove them. First through Control Panel to uninstall all programs I didn't recognise. Then by AdwCleaner and Malwarebytes. These have cleared most of the obvious symtoms which were automatically downloading setup files, redirecting to websites telling me to download flash player etc. And big intrusive advert in the middle of normally ad free websites.

 

However, things still don't feel right. The browser has slowed significantly so there must still be some traces of the bug left somewhere.

 

Your help will be greatly appreciated.

 

OTL file

 

OTL logfile created on: 01/11/2014 18:16:46 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ian\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
7.91 Gb Total Physical Memory | 4.89 Gb Available Physical Memory | 61.74% Memory free
15.16 Gb Paging File | 11.22 Gb Available in Paging File | 73.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 212.46 Gb Total Space | 99.66 Gb Free Space | 46.91% Space Free | Partition Type: NTFS
Drive D: | 4.00 Gb Total Space | 0.93 Gb Free Space | 23.17% Space Free | Partition Type: NTFS
 
Computer Name: IAN-ULTRABOOK | User Name: Ian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/01 18:16:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ian\Downloads\OTL.exe
PRC - [2014/10/22 04:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/10/07 21:30:19 | 001,514,040 | ---- | M] (Spotify Ltd) -- C:\Users\Ian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/09/13 00:52:04 | 036,414,624 | ---- | M] (Dropbox, Inc.) -- C:\Users\Ian\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/08/08 09:34:04 | 022,734,160 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014/07/11 15:14:20 | 000,118,272 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2014/07/11 14:58:08 | 007,241,728 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2014/05/13 08:27:39 | 000,154,896 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
PRC - [2014/05/13 08:27:39 | 000,153,872 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
PRC - [2014/05/13 08:27:38 | 000,294,672 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
PRC - [2014/05/13 08:27:38 | 000,108,304 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
PRC - [2014/05/13 08:27:25 | 000,161,792 | ---- | M] () -- C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
PRC - [2014/05/13 08:27:23 | 000,249,872 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
PRC - [2014/04/08 08:13:18 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
PRC - [2013/08/09 12:25:18 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/08/09 12:25:12 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013/08/07 21:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/08/07 21:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/08/02 00:31:00 | 005,545,448 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
PRC - [2013/07/04 23:07:26 | 001,157,496 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2013/06/28 22:35:56 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2013/06/25 16:12:32 | 001,132,920 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/11/01 13:58:46 | 000,043,008 | ---- | M] () -- c:\users\ian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpealcz_.dll
MOD - [2014/11/01 13:58:40 | 001,160,704 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\_ssl.pyd
MOD - [2014/11/01 13:58:40 | 001,062,400 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._controls_.pyd
MOD - [2014/11/01 13:58:40 | 000,811,008 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._windows_.pyd
MOD - [2014/11/01 13:58:40 | 000,805,888 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._gdi_.pyd
MOD - [2014/11/01 13:58:40 | 000,713,216 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\_hashlib.pyd
MOD - [2014/11/01 13:58:40 | 000,686,080 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\unicodedata.pyd
MOD - [2014/11/01 13:58:40 | 000,110,080 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\pywintypes27.dll
MOD - [2014/11/01 13:58:40 | 000,070,656 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._html2.pyd
MOD - [2014/11/01 13:58:40 | 000,027,136 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\_multiprocessing.pyd
MOD - [2014/11/01 13:58:40 | 000,025,600 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32pdh.pyd
MOD - [2014/11/01 13:58:40 | 000,024,064 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32pipe.pyd
MOD - [2014/11/01 13:58:40 | 000,018,432 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32event.pyd
MOD - [2014/11/01 13:58:40 | 000,010,240 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\select.pyd
MOD - [2014/11/01 13:58:40 | 000,007,168 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\hashobjs_ext.pyd
MOD - [2014/11/01 13:58:39 | 001,175,040 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._core_.pyd
MOD - [2014/11/01 13:58:39 | 000,735,232 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._misc_.pyd
MOD - [2014/11/01 13:58:39 | 000,557,056 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\pysqlite2._sqlite.pyd
MOD - [2014/11/01 13:58:39 | 000,525,640 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\windows._lib_cacheinvalidation.pyd
MOD - [2014/11/01 13:58:39 | 000,364,544 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\pythoncom27.dll
MOD - [2014/11/01 13:58:39 | 000,320,512 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32com.shell.shell.pyd
MOD - [2014/11/01 13:58:39 | 000,167,936 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32gui.pyd
MOD - [2014/11/01 13:58:39 | 000,128,512 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\_elementtree.pyd
MOD - [2014/11/01 13:58:39 | 000,127,488 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\pyexpat.pyd
MOD - [2014/11/01 13:58:39 | 000,122,368 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._wizard.pyd
MOD - [2014/11/01 13:58:39 | 000,119,808 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32file.pyd
MOD - [2014/11/01 13:58:39 | 000,108,544 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32security.pyd
MOD - [2014/11/01 13:58:39 | 000,098,816 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32api.pyd
MOD - [2014/11/01 13:58:39 | 000,087,552 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\_ctypes.pyd
MOD - [2014/11/01 13:58:39 | 000,078,336 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._animate.pyd
MOD - [2014/11/01 13:58:39 | 000,045,568 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\_socket.pyd
MOD - [2014/11/01 13:58:39 | 000,038,912 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32inet.pyd
MOD - [2014/11/01 13:58:39 | 000,035,840 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32process.pyd
MOD - [2014/11/01 13:58:39 | 000,022,528 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32ts.pyd
MOD - [2014/11/01 13:58:39 | 000,017,408 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32profile.pyd
MOD - [2014/11/01 13:58:39 | 000,011,264 | ---- | M] () -- C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32crypt.pyd
MOD - [2014/10/22 04:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014/10/22 04:04:51 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
MOD - [2014/10/22 04:04:50 | 000,310,088 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libexif.dll
MOD - [2014/10/22 04:04:49 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
MOD - [2014/10/22 04:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2014/09/13 00:20:58 | 003,610,624 | ---- | M] () -- C:\Users\Ian\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/05/13 08:27:39 | 000,101,648 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
MOD - [2014/05/13 08:27:38 | 000,294,672 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
MOD - [2014/05/13 08:27:38 | 000,108,304 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
MOD - [2014/05/13 08:27:38 | 000,102,672 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\3200\TransitionLib.dll
MOD - [2014/05/13 08:27:37 | 000,101,648 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
MOD - [2014/04/08 08:13:18 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
MOD - [2014/04/08 08:08:24 | 000,112,128 | ---- | M] () -- C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
MOD - [2014/02/01 12:30:46 | 000,861,184 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\platforms\qwindows.dll
MOD - [2013/08/30 04:56:38 | 002,435,392 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
MOD - [2013/08/23 19:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Ian\AppData\Roaming\Dropbox\bin\libcef.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/09/11 01:25:54 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/04 04:09:02 | 000,603,424 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2014/08/20 08:16:12 | 001,041,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2014/08/16 03:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/16 00:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/16 00:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 07:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/06/20 09:30:38 | 000,189,912 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/06/20 09:23:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/05/13 08:27:23 | 000,328,720 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe -- (PhoneCompanionVap)
SRV:64bit: - [2014/05/13 08:27:23 | 000,249,872 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe -- (PhoneCompanionPusher)
SRV:64bit: - [2014/04/25 17:34:42 | 000,178,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\mcafee\msc\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2014/04/06 11:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/03/24 02:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 02:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 06:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 05:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 07:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 15:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 09:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 09:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 09:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 09:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 07:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/14 00:40:30 | 000,288,472 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2013/08/23 18:02:40 | 003,667,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013/08/23 18:02:18 | 000,284,912 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013/08/23 18:02:04 | 000,631,024 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013/08/23 18:01:36 | 000,154,864 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013/08/22 11:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 11:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 11:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 11:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 11:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 10:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 10:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 09:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 09:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 09:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 09:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 09:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 09:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 09:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 09:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/08/07 21:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2013/08/03 08:37:12 | 000,148,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyCriticalService.exe -- (DptfPolicyCriticalService)
SRV:64bit: - [2013/08/03 08:37:12 | 000,124,880 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyLpmService.exe -- (DptfPolicyLpmService)
SRV:64bit: - [2013/08/03 08:37:12 | 000,116,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyConfigTDPService.exe -- (DptfPolicyConfigTDPService)
SRV:64bit: - [2013/08/03 08:37:12 | 000,115,632 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfParticipantProcessorService.exe -- (DptfParticipantProcessorService)
SRV:64bit: - [2013/08/02 00:31:10 | 000,198,120 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McOobeSv2)
SRV:64bit: - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/07/25 01:21:46 | 000,334,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2013/06/28 22:35:48 | 000,230,408 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe -- (NitroDriverReadSpool8)
SRV:64bit: - [2013/05/12 00:45:54 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/05/12 00:45:38 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/04/25 02:43:50 | 000,390,632 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2014/10/18 06:28:17 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/08/16 03:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/07/11 14:58:08 | 007,241,728 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2014/05/13 08:27:41 | 000,068,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe -- (VeriFaceSrv)
SRV - [2014/05/13 08:27:39 | 000,070,416 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe -- (LsvUIService)
SRV - [2014/05/13 08:27:37 | 000,032,016 | ---- | M] (Lenovo) [Auto | Running] -- C:\ProgramData\LenovoTransition\Server\x64\ymc.exe -- (ymc)
SRV - [2014/03/14 06:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/02/28 10:32:36 | 000,174,368 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe -- (iumsvc)
SRV - [2013/09/21 13:20:40 | 000,155,448 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe -- (Intel®
SRV - [2013/09/12 21:39:02 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/30 04:56:18 | 000,162,600 | ---- | M] (PointGrab LTD) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe -- (PGService)
SRV - [2013/08/22 03:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 02:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/09 12:25:18 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/08/09 12:25:12 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/07/04 23:07:26 | 001,157,496 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2013/06/28 22:35:56 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2013/06/25 16:12:32 | 001,132,920 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/08/20 08:06:14 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2014/08/20 08:05:28 | 000,445,512 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2014/08/15 00:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 15:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 15:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 11:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/07/11 14:53:22 | 000,024,576 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FlyUsb.sys -- (FlyUsb)
DRV:64bit: - [2014/06/20 09:38:22 | 000,072,128 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/06/20 09:31:06 | 000,348,552 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/06/20 09:26:02 | 000,786,296 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/06/20 09:23:40 | 000,523,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/06/20 09:21:48 | 000,313,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/06/20 09:20:54 | 000,181,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/06/20 09:09:34 | 000,070,600 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2014/05/13 08:28:16 | 000,035,600 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2014/05/01 13:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/24 02:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 02:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 02:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 03:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 12:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 20:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/22 16:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 15:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 15:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 15:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 15:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 12:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 07:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 07:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/19 22:18:36 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/12/04 18:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/11 02:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 11:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/26 01:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 15:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/23 12:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/09/19 07:54:00 | 003,589,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwbw02.sys -- (NETwNb64)
DRV:64bit: - [2013/09/14 14:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/10 19:07:42 | 000,118,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:64bit: - [2013/09/10 09:41:08 | 000,449,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/09/10 09:35:42 | 004,170,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/08/29 19:42:56 | 000,524,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/08/29 19:42:56 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/08/23 08:15:02 | 001,527,928 | ---- | M] (Sunplus) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys -- (SPUVCbv)
DRV:64bit: - [2013/08/22 22:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/08/22 22:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/22 19:12:11 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/22 19:12:07 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 19:12:07 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2013/08/22 13:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 13:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 12:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 12:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 12:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 12:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 12:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 12:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 12:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 12:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 12:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 12:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 12:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 12:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 12:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 12:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 12:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 12:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 12:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 12:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 12:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 12:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 12:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 12:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 12:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 12:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 12:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 12:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 12:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 11:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 11:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 11:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 11:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 11:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 11:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 11:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 11:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 11:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 11:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 11:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 11:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 11:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 11:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 11:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 11:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 11:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 11:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 11:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 11:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 11:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 11:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 11:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 08:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/19 19:29:18 | 001,386,296 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2013/08/12 23:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 00:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/07 21:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/08/03 08:37:06 | 000,494,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfManager.sys -- (DptfManager)
DRV:64bit: - [2013/08/03 08:37:06 | 000,287,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevProc.sys -- (DptfDevProc)
DRV:64bit: - [2013/08/03 08:37:06 | 000,114,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevPch.sys -- (DptfDevPch)
DRV:64bit: - [2013/08/02 00:01:34 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2013/08/02 00:01:34 | 000,021,920 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2013/08/02 00:01:32 | 000,029,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\INETMON.sys -- (INETMON)
DRV:64bit: - [2013/08/02 00:01:32 | 000,021,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2013/07/31 18:25:45 | 001,975,000 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTWlanU.sys -- (RtlWlanu)
DRV:64bit: - [2013/07/30 18:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 19:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/18 15:53:33 | 000,113,864 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ax88772.sys -- (AX88772)
DRV:64bit: - [2013/07/09 21:58:32 | 000,263,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2013/06/18 14:45:43 | 004,649,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwew02.sys -- (NETwNe64)
DRV:64bit: - [2013/04/23 22:50:24 | 000,132,920 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012/06/14 00:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{78D2B474-83A8-462F-A330-34E2631BEC35}: "URL" = http://www.bing.com/...=IE11TR&pc=LCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{78D2B474-83A8-462F-A330-34E2631BEC35}: "URL" = http://www.bing.com/...=IE11TR&pc=LCJB
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcf.sys -> 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll (Intel)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUpx64: C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2014/11/01 13:37:05 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaonknplhhecdgjpphnooeomecgipkc\3.1.0_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.1027.0.1_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.7_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl\1.3.2.5_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh\0.2.3_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkelcbhdkpcdiiancfjhjcpdinbbfolp\1.0.1_1\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekgaebaencakkggokbokmgojdbafnefi\1.1.39_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa\1.2_1\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\1.35_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfhmaajajcjoijfaceafiembkmhcddc\1.1_1\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jokdeafnhahffanabnbjjjjmoechjklc\2.2_1\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpemkngoajegcbamebdmnkjoalpofpbj\1.1.6.2_1\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk\1.0.4_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\occpjibghkbopohbefbejkklnfdkdmok\4.2.4_0\
CHR - Extension: No name found = C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\olamheimegmegknankiijehcgocchdph\1.0_0\
 
O1 HOSTS File: ([2013/08/22 13:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AutoStartTransition] C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe ()
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\SysNative\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo Utility] C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [Persistence] C:\windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Yoga PhoneCompanion] C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe (Lenovo)
O4 - HKLM..\Run: [Lenovo App Shop] C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [Yoga Picks] C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe (Lenovo)
O4 - HKCU..\Run: [BrowserChoice] C:\Windows\BrowserChoice\browserchoice.exe (Microsoft Corporation)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_1D57E82E54B212132D321B49430EE825] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Spotify] C:\Users\Ian\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Ian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\RunOnce: [Application Restart #4] C:\Users\Ian\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Ian\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --enable-touch-events --flag-switches-begin --flag-switches-end --restore-last-session File not found
O4 - Startup: C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Ian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CA606F4-405D-48AC-87F4-41D0A953B695}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9fe697d2-eb79-11e3-8261-7c7a9174a0f8}\Shell - "" = AutoRun
O33 - MountPoints2\{9fe697d2-eb79-11e3-8261-7c7a9174a0f8}\Shell\AutoRun\command - "" = "E:\AESULOCK.exe" 
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/01 14:02:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/11/01 13:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2014/11/01 13:42:34 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/01 13:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/11/01 13:42:06 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/11/01 13:42:06 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/11/01 13:42:06 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/11/01 13:42:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/11/01 13:42:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/11/01 13:32:23 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\windows\SysWow64\sqlite3.dll
[2014/11/01 13:31:38 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/11/01 11:01:13 | 000,000,000 | ---D | C] -- C:\Users\Ian\AppData\Local\Programs
[2014/11/01 11:00:43 | 000,000,000 | ---D | C] -- C:\Users\Ian\AppData\Local\Comodo
[2014/11/01 11:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\806ca4cd89802986
[2014/10/11 22:11:14 | 000,000,000 | ---D | C] -- C:\Users\Ian\AppData\Local\19th Parallel
[2014/10/11 22:11:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\19th Parallel
[2014/10/11 22:11:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\19th Parallel
[2014/10/11 18:09:37 | 000,000,000 | ---D | C] -- C:\Users\Ian\AppData\Local\ElevatedDiagnostics
[2014/10/06 17:51:33 | 000,000,000 | ---D | C] -- C:\Users\Ian\AppData\Local\CANON_INC
[2014/10/06 16:48:57 | 000,000,000 | ---D | C] -- C:\Users\Ian\AppData\Roaming\Canon_Inc_IC
[2014/10/06 16:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2014/10/06 16:47:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2014/10/06 16:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon_Inc_IC
[2014/10/06 16:43:06 | 000,000,000 | ---D | C] -- C:\Users\Ian\AppData\Roaming\canon
[2014/10/06 16:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon_Inc_IC
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/11/01 18:09:29 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/01 18:07:53 | 000,000,934 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8c442d7e56ad.job
[2014/11/01 18:04:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/11/01 17:52:57 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/11/01 13:59:55 | 000,865,408 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/11/01 13:59:55 | 000,748,286 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/11/01 13:59:55 | 000,145,076 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/11/01 13:58:09 | 000,000,930 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/01 13:54:42 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2014/11/01 13:54:40 | 2503,389,183 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/01 13:54:29 | 000,004,608 | ---- | M] () -- C:\windows\SysNative\VfService.trf
[2014/11/01 13:42:12 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/11/01 11:00:27 | 000,009,462 | ---- | M] () -- C:\windows\patsearch.bin
[2014/11/01 11:00:27 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_webinstrNew_01009.Wdf
[2014/11/01 10:51:46 | 070,503,479 | ---- | M] () -- C:\Users\Ian\Desktop\Trumpton, The Bill Poster.mp4
[2014/10/28 18:07:57 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/27 00:36:34 | 000,020,520 | ---- | M] () -- C:\Program Files (x86)\init.dat
[2014/10/20 18:55:51 | 000,515,384 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/10/11 22:11:19 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\LightBox Free Image Editor.lnk
[2014/10/06 16:48:44 | 000,001,219 | ---- | M] () -- C:\Users\Public\Desktop\ImageBrowser EX.lnk
[2014/10/06 16:48:44 | 000,001,212 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
[2014/10/06 16:48:27 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\Picture Style Editor.lnk
[2014/10/06 16:48:04 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2014/10/06 16:47:37 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/11/01 13:42:12 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/11/01 11:00:27 | 000,009,462 | ---- | C] () -- C:\windows\patsearch.bin
[2014/11/01 11:00:27 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_webinstrNew_01009.Wdf
[2014/11/01 10:51:46 | 070,503,479 | ---- | C] () -- C:\Users\Ian\Desktop\Trumpton, The Bill Poster.mp4
[2014/10/11 22:12:12 | 000,020,520 | ---- | C] () -- C:\Program Files (x86)\init.dat
[2014/10/11 22:11:19 | 000,001,206 | ---- | C] () -- C:\Users\Public\Desktop\LightBox Free Image Editor.lnk
[2014/10/11 22:11:19 | 000,001,206 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightBox Free Image Editor.lnk
[2014/10/11 17:52:08 | 000,388,729 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2014/10/06 16:48:44 | 000,001,219 | ---- | C] () -- C:\Users\Public\Desktop\ImageBrowser EX.lnk
[2014/10/06 16:48:44 | 000,001,212 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
[2014/10/06 16:48:27 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\Picture Style Editor.lnk
[2014/10/06 16:48:04 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2014/10/06 16:47:37 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2014/05/28 17:29:14 | 000,076,976 | ---- | C] () -- C:\Users\Ian\AppData\Roaming\LoJackSetup.exe
[2014/05/26 16:23:48 | 000,002,255 | ---- | C] () -- C:\windows\SysWow64\WimBootCompress.ini
[2014/05/26 09:38:23 | 000,103,936 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2014/05/26 09:27:00 | 000,000,017 | ---- | C] () -- C:\Users\Ian\AppData\Local\resmon.resmoncfg
[2014/05/26 09:10:32 | 000,006,971 | ---- | C] () -- C:\Users\Ian\AppData\Roaming\AbsoluteReminder.xml
[2014/05/13 08:49:40 | 000,303,104 | ---- | C] () -- C:\windows\SysWow64\igdmd32.dll
[2014/05/13 08:49:39 | 000,180,736 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2014/05/13 08:49:39 | 000,142,848 | ---- | C] () -- C:\windows\SysWow64\igdail32.dll
[2014/05/13 08:48:28 | 000,004,411 | ---- | C] () -- C:\windows\SysWow64\DptfInvalidPolicyRemover.ini
[2014/05/13 08:15:08 | 000,863,592 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2014/05/13 08:14:34 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/08/22 15:36:43 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2013/08/22 15:36:42 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2013/08/22 14:46:23 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2013/08/22 07:01:23 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2013/08/22 03:32:36 | 000,046,080 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2013/08/21 23:55:20 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2013/08/21 23:52:39 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2013/08/13 05:50:08 | 000,002,443 | ---- | C] () -- C:\windows\remove.ini
[2013/07/26 07:38:00 | 000,300,408 | ---- | C] () -- C:\windows\SysWow64\VCamPPage.dll
[2013/05/12 00:17:52 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/16 04:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/16 03:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 09:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 02:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 09:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/10/11 16:25:57 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\canon
[2014/10/06 16:48:57 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\Canon_Inc_IC
[2014/11/01 13:58:49 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\Dropbox
[2014/05/26 09:15:47 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\FileOpen
[2014/05/26 09:15:47 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\Nitro
[2014/09/27 17:18:26 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\Nitro PDF
[2014/05/29 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\OpenOffice
[2014/05/26 10:07:15 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\Screensaver Factory
[2014/11/01 14:10:22 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\Spotify
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Ian\SkyDrive:ms-properties
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
 
< End of report >
 

  • 0

Advertisements


#2
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello and welcome to Geeks to Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please read through my instructions carefully and completely before executing them. I will lay the instructions out in a step by step order to make them easy to follow.
  • Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  • Please make sure you (if you are able) to print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  • Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If possible, please have your original Windows installation disks handy, just in case.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:

As you are using Win 8 or 8.1, we need to take a look with a different scanner. Please follow the instructions below.


Step 1: Scan with Farbar's Recovery Scan Tool


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

  • 0

#3
ruisliptiger

ruisliptiger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-11-2014
Ran by Ian (administrator) on IAN-ULTRABOOK on 02-11-2014 14:34:58
Running from C:\Users\Ian\Desktop
Loaded Profile: Ian (Available profiles: Ian)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
(Spotify Ltd) C:\Users\Ian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Dropbox, Inc.) C:\Users\Ian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e\ZinioReaderWin8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-31] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-03] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-05-13] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-05-13] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [59925488 2014-05-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-05-13] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [90640 2013-07-09] (Lenovo)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [118272 2014-07-11] (LeapFrog Enterprises, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-211949052-421191045-3187209313-1001\...\Run: [BrowserChoice] => C:\Windows\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-211949052-421191045-3187209313-1001\...\Run: [GoogleChromeAutoLaunch_1D57E82E54B212132D321B49430EE825] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-211949052-421191045-3187209313-1001\...\Run: [Spotify] => C:\Users\Ian\AppData\Roaming\Spotify\Spotify.exe [6553144 2014-10-07] (Spotify Ltd)
HKU\S-1-5-21-211949052-421191045-3187209313-1001\...\Run: [Spotify Web Helper] => C:\Users\Ian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-07] (Spotify Ltd)
HKU\S-1-5-21-211949052-421191045-3187209313-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-211949052-421191045-3187209313-1001\...\RunOnce: [Application Restart #4] => C:\Users\Ian\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-ph (the data entry has 558 more characters).
HKU\S-1-5-21-211949052-421191045-3187209313-1001\...\MountPoints2: {9fe697d2-eb79-11e3-8261-7c7a9174a0f8} - "E:\AESULOCK.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {78D2B474-83A8-462F-A330-34E2631BEC35} URL = http://www.bing.com/...=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - {78D2B474-83A8-462F-A330-34E2631BEC35} URL = http://www.bing.com/...=IE11TR&pc=LCJB
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {78D2B474-83A8-462F-A330-34E2631BEC35} URL = 
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-05-13]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.facebook.com/IanMBarber", "hxxp://www.google.com/", "hxxp://www.ambernectar.org/"
CHR Profile: C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (Loupe Collage) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaonknplhhecdgjpphnooeomecgipkc [2014-06-15]
CHR Extension: (Google Cast) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-05-26]
CHR Extension: (Adblock Plus) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-26]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2014-05-26]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-05-26]
CHR Extension: (Solitaire) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkelcbhdkpcdiiancfjhjcpdinbbfolp [2014-05-26]
CHR Extension: (PictaCast for Chromecast® - Trial) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekgaebaencakkggokbokmgojdbafnefi [2014-09-06]
CHR Extension: (Chain Reaction) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa [2014-05-26]
CHR Extension: (Pin It Button) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-09-27]
CHR Extension: (MeeGenius! Children's Books) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfhmaajajcjoijfaceafiembkmhcddc [2014-05-26]
CHR Extension: (KIDO'Z TV) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jokdeafnhahffanabnbjjjjmoechjklc [2014-05-26]
CHR Extension: (Soccer Manager) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpemkngoajegcbamebdmnkjoalpofpbj [2014-05-26]
CHR Extension: (OneDrive) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-06-15]
CHR Extension: (Save to Pocket) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2014-05-26]
CHR Extension: (Google Wallet) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-26]
CHR Extension: (piZap Photo Editor) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\occpjibghkbopohbefbejkklnfdkdmok [2014-06-16]
CHR Extension: (Desktop Client for Viber™) - C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\olamheimegmegknankiijehcgocchdph [2014-06-23]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-08-03] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-08-03] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-08-03] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-08-03] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-21] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-02] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-07-11] (LeapFrog Enterprises, Inc.) [File not signed]
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-05-13] (Lenovo)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-06-28] (Nitro PDF Software)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [162600 2013-08-30] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [249872 2014-05-13] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [328720 2014-05-13] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-14] (Realtek Semiconductor)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-05-13] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [32016 2014-05-13] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-03] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-03] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-08-03] (Intel Corporation)
S3 FlyUsb; C:\Windows\System32\drivers\FlyUsb.sys [24576 2014-07-11] (LeapFrog)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118216 2013-09-10] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-02] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-02] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [29088 2013-08-02] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-02] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-19] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-29] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1527928 2013-08-23] (Sunplus)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-02 14:34 - 2014-11-02 14:35 - 00026706 _____ () C:\Users\Ian\Desktop\FRST.txt
2014-11-02 14:32 - 2014-11-02 14:34 - 00000000 ____D () C:\FRST
2014-11-02 14:32 - 2014-11-02 14:33 - 00049613 _____ () C:\Users\Ian\Downloads\FRST.txt
2014-11-02 14:32 - 2014-11-02 14:33 - 00037545 _____ () C:\Users\Ian\Downloads\Addition.txt
2014-11-02 14:31 - 2014-11-02 14:31 - 02114048 _____ (Farbar) C:\Users\Ian\Desktop\FRST64.exe
2014-11-02 12:43 - 2014-11-02 12:43 - 00000000 ___HD () C:\OneDriveTemp
2014-11-01 20:27 - 2014-11-01 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-01 18:29 - 2014-11-01 18:29 - 00075508 _____ () C:\Users\Ian\Downloads\Extras.Txt
2014-11-01 18:27 - 2014-11-01 18:27 - 00147440 _____ () C:\Users\Ian\Downloads\OTL.Txt
2014-11-01 18:15 - 2014-11-01 18:16 - 00602112 _____ (OldTimer Tools) C:\Users\Ian\Downloads\OTL.exe
2014-11-01 13:58 - 2014-11-01 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-11-01 13:42 - 2014-11-01 18:09 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-01 13:42 - 2014-11-01 13:42 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-01 13:42 - 2014-11-01 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-01 13:42 - 2014-11-01 13:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-01 13:42 - 2014-11-01 13:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-01 13:42 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-01 13:42 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-11-01 13:42 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-11-01 13:41 - 2014-11-01 13:41 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Ian\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-01 13:41 - 2014-11-01 13:41 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Ian\Downloads\mbam-setup-2.0.3.1025 (1).exe
2014-11-01 13:40 - 2014-11-01 13:40 - 01375089 _____ () C:\Users\Ian\Downloads\adwcleaner_3.311 (1).exe
2014-11-01 13:32 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-11-01 13:31 - 2014-11-01 13:34 - 00000000 ____D () C:\AdwCleaner
2014-11-01 13:31 - 2014-11-01 13:31 - 01375089 _____ () C:\Users\Ian\Downloads\adwcleaner_3.311.exe
2014-11-01 11:03 - 2014-11-01 11:03 - 00008704 ___SH () C:\Users\Ian\Desktop\Thumbs.db
2014-11-01 11:00 - 2014-11-01 11:00 - 00009462 _____ () C:\windows\patsearch.bin
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_webinstrNew_01009.Wdf
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\Users\Ian\AppData\Local\Comodo
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\Users\Guest
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\Users\Administrator
2014-11-01 11:00 - 2014-11-01 11:00 - 00000000 ____D () C:\ProgramData\806ca4cd89802986
2014-11-01 10:51 - 2014-11-01 10:51 - 70503479 _____ () C:\Users\Ian\Desktop\Trumpton, The Bill Poster.mp4
2014-10-26 22:55 - 2014-10-26 22:57 - 161908420 _____ () C:\Users\Ian\Downloads\Photos.zip
2014-10-25 18:59 - 2014-10-25 19:14 - 00129633 _____ () C:\Users\Ian\Documents\Eleanors viking progect.pptm
2014-10-16 16:17 - 2014-09-27 22:25 - 04183040 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 16:17 - 2014-09-08 03:15 - 00054752 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-10-16 16:17 - 2014-09-08 01:46 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-10-16 16:17 - 2014-09-08 01:46 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-10-16 16:17 - 2014-09-08 00:08 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-10-16 16:17 - 2014-09-08 00:07 - 00137728 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-10-16 16:17 - 2014-09-08 00:05 - 03448320 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-10-16 16:17 - 2014-09-08 00:04 - 00388608 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-10-16 16:17 - 2014-09-08 00:04 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-10-16 16:17 - 2014-09-08 00:03 - 01702400 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-10-16 16:17 - 2014-09-08 00:03 - 00839680 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-10-16 16:17 - 2014-09-07 23:59 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-10-16 16:17 - 2014-09-07 23:59 - 00031232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-10-16 16:17 - 2014-09-07 23:56 - 00672256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-10-16 16:17 - 2014-09-07 23:56 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-10-16 16:17 - 2014-09-04 00:10 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\winbici.dll
2014-10-16 16:17 - 2014-09-03 23:57 - 00921600 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2014-10-16 16:17 - 2014-09-03 23:49 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll
2014-10-16 16:16 - 2014-10-09 22:16 - 00678400 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 16:16 - 2014-10-08 22:09 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 16:16 - 2014-09-25 22:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 16:16 - 2014-09-25 22:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 16:16 - 2014-09-25 22:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 16:16 - 2014-09-25 22:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 16:16 - 2014-09-25 22:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 16:16 - 2014-09-25 22:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 16:16 - 2014-09-19 02:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 16:16 - 2014-09-19 01:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 16:16 - 2014-09-19 01:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 16:16 - 2014-09-19 01:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-16 16:16 - 2014-09-19 01:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-16 16:16 - 2014-09-19 01:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 16:16 - 2014-09-19 01:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 16:16 - 2014-09-19 01:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-16 16:16 - 2014-09-19 01:24 - 00527360 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 16:16 - 2014-09-19 01:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-16 16:16 - 2014-09-19 01:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 16:16 - 2014-09-19 00:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-16 16:16 - 2014-09-19 00:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 16:16 - 2014-09-19 00:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 16:16 - 2014-09-19 00:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 16:16 - 2014-09-19 00:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 16:16 - 2014-09-19 00:42 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 16:16 - 2014-09-19 00:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 16:16 - 2014-09-19 00:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 16:16 - 2014-09-19 00:20 - 00315904 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 16:16 - 2014-09-19 00:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 16:16 - 2014-09-18 23:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 16:16 - 2014-09-18 23:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-16 16:16 - 2014-09-18 23:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 16:16 - 2014-09-18 23:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-16 16:16 - 2014-09-13 06:29 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 16:16 - 2014-09-13 06:02 - 02779648 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 16:16 - 2014-09-13 05:49 - 00068608 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-16 16:16 - 2014-09-13 05:30 - 03117568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 16:16 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 16:16 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-11 22:12 - 2014-11-02 00:20 - 00020520 _____ () C:\Program Files (x86)\init.dat
2014-10-11 22:11 - 2014-10-11 22:11 - 00001206 _____ () C:\Users\Public\Desktop\LightBox Free Image Editor.lnk
2014-10-11 22:11 - 2014-10-11 22:11 - 00001206 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightBox Free Image Editor.lnk
2014-10-11 22:11 - 2014-10-11 22:11 - 00000000 ____D () C:\Users\Ian\AppData\Local\19th Parallel
2014-10-11 22:11 - 2014-10-11 22:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\19th Parallel
2014-10-11 22:11 - 2014-10-11 22:11 - 00000000 ____D () C:\Program Files (x86)\19th Parallel
2014-10-11 17:52 - 2014-08-16 04:08 - 21195616 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-10-11 17:52 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
2014-10-11 17:52 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-10-11 17:52 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-10-11 17:52 - 2014-08-16 03:57 - 02498880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-10-11 17:52 - 2014-08-16 03:57 - 00428864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-10-11 17:52 - 2014-08-16 03:16 - 18722600 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-10-11 17:52 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
2014-10-11 17:52 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-10-11 17:52 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-10-11 17:52 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2014-10-11 17:52 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2014-10-11 17:52 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\httpprxm.dll
2014-10-11 17:52 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\ProximityService.dll
2014-10-11 17:52 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2014-10-11 17:52 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2014-10-11 17:52 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\adhsvc.dll
2014-10-11 17:52 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-10-11 17:52 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\windows\system32\pcsvDevice.dll
2014-10-11 17:52 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-11 17:52 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\windows\system32\SearchFolder.dll
2014-10-11 17:52 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll
2014-10-11 17:52 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveShell.dll
2014-10-11 17:52 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-11 17:52 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll
2014-10-11 17:52 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Search.dll
2014-10-11 17:52 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\SkyDriveShell.dll
2014-10-11 17:52 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-11 17:52 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Search.dll
2014-10-11 17:52 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFolder.dll
2014-10-11 17:52 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-10-11 17:52 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe
2014-10-11 17:52 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-11 17:52 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-10-11 17:52 - 2014-07-31 23:22 - 00388729 _____ () C:\windows\system32\ApnDatabase.xml
2014-10-11 17:51 - 2014-08-29 01:58 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2014-10-11 17:51 - 2014-08-28 23:56 - 02646016 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-10-11 17:51 - 2014-08-28 23:47 - 02321920 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-10-10 13:51 - 2014-10-13 00:14 - 00028160 _____ () C:\Users\Ian\Downloads\Portion-Sizes.xls
2014-10-06 17:51 - 2014-10-06 17:51 - 00000000 ____D () C:\Users\Ian\AppData\Local\CANON_INC
2014-10-06 16:48 - 2014-10-06 16:48 - 00001224 _____ () C:\Users\Public\Desktop\Picture Style Editor.lnk
2014-10-06 16:48 - 2014-10-06 16:48 - 00001219 _____ () C:\Users\Public\Desktop\ImageBrowser EX.lnk
2014-10-06 16:48 - 2014-10-06 16:48 - 00001094 _____ () C:\Users\Public\Desktop\EOS Utility.lnk
2014-10-06 16:48 - 2014-10-06 16:48 - 00000000 ____D () C:\Users\Ian\AppData\Roaming\Canon_Inc_IC
2014-10-06 16:47 - 2014-10-06 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-10-06 16:47 - 2014-10-06 16:53 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-10-06 16:47 - 2014-10-06 16:47 - 00001159 _____ () C:\Users\Public\Desktop\Digital Photo Professional.lnk
2014-10-06 16:43 - 2014-10-11 16:25 - 00000000 ____D () C:\Users\Ian\AppData\Roaming\canon
2014-10-06 16:30 - 2014-10-06 16:30 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-02 14:07 - 2014-06-20 04:57 - 00000934 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8c442d7e56ad.job
2014-11-02 14:04 - 2014-05-26 12:55 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-02 14:00 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\system32\sru
2014-11-02 10:38 - 2014-05-13 08:15 - 01858753 _____ () C:\windows\WindowsUpdate.log
2014-11-02 08:54 - 2014-05-26 09:35 - 00003938 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{958CF086-FFBB-48F8-90AA-02BD956F1CB9}
2014-11-02 04:07 - 2014-05-26 10:52 - 00000930 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-01 23:57 - 2014-05-30 16:29 - 00452096 ___SH () C:\Users\Ian\Downloads\Thumbs.db
2014-11-01 23:51 - 2013-08-28 08:36 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-01 20:38 - 2014-05-26 09:14 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-211949052-421191045-3187209313-1001
2014-11-01 20:24 - 2013-08-22 13:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-11-01 14:10 - 2014-06-02 19:15 - 00000000 ____D () C:\Users\Ian\AppData\Roaming\Spotify
2014-11-01 13:58 - 2014-08-16 10:22 - 00000000 ___RD () C:\Users\Ian\Dropbox
2014-11-01 13:58 - 2014-08-16 10:15 - 00000000 ____D () C:\Users\Ian\AppData\Roaming\Dropbox
2014-11-01 13:58 - 2014-06-15 19:57 - 00000000 ___RD () C:\Users\Ian\Google Drive
2014-11-01 13:58 - 2014-05-26 09:11 - 00000000 ___DO () C:\Users\Ian\SkyDrive
2014-11-01 13:54 - 2014-05-13 08:27 - 00004608 _____ () C:\windows\system32\VfService.trf
2014-11-01 13:54 - 2014-05-13 08:11 - 00040204 _____ () C:\windows\setupact.log
2014-11-01 13:54 - 2013-08-28 08:34 - 00059940 _____ () C:\windows\PFRO.log
2014-11-01 13:54 - 2013-08-22 14:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-01 13:54 - 2013-08-22 13:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-11-01 13:40 - 2014-06-02 19:21 - 00000000 ____D () C:\Users\Ian\AppData\Local\Spotify
2014-11-01 13:37 - 2014-05-26 12:46 - 00000000 ____D () C:\Users\Ian\AppData\Local\Pokki
2014-11-01 13:37 - 2014-05-13 08:24 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-11-01 13:20 - 2014-05-13 08:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-01 11:04 - 2014-05-26 15:31 - 00000000 ____D () C:\Users\Ian\AppData\Local\CrashDumps
2014-11-01 11:03 - 2014-05-26 09:08 - 00000000 ____D () C:\Users\Ian
2014-11-01 11:00 - 2014-05-26 10:52 - 00000000 ____D () C:\Users\Ian\AppData\Local\Google
2014-10-30 16:19 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\AppReadiness
2014-10-30 16:16 - 2014-05-13 08:24 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-10-30 10:53 - 2014-05-26 09:54 - 00000000 ____D () C:\windows\system32\MRT
2014-10-30 10:50 - 2014-05-26 09:54 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-28 18:07 - 2014-05-26 10:52 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-24 04:41 - 2014-05-26 12:49 - 00002195 _____ () C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitter.lnk
2014-10-24 03:02 - 2014-06-20 04:57 - 00003906 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8c442d7e56ad
2014-10-24 03:02 - 2014-05-26 10:52 - 00003670 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-22 12:53 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\rescache
2014-10-20 18:55 - 2014-07-13 23:44 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-20 18:55 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\MediaViewer
2014-10-20 18:55 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\FileManager
2014-10-20 18:55 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\Camera
2014-10-20 18:55 - 2013-08-22 14:44 - 00515384 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-19 15:12 - 2014-06-30 22:29 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-10-18 06:28 - 2014-05-26 12:55 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-10-16 16:27 - 2014-06-03 17:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 16:27 - 2013-08-22 15:20 - 00000000 ____D () C:\windows\CbsTemp
2014-10-12 14:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\windows\ToastData
2014-10-12 14:16 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\WinStore
2014-10-11 17:47 - 2014-05-29 23:57 - 00000000 ____D () C:\Users\Ian\AppData\Local\Intel_Corporation
 
Some content of TEMP:
====================
C:\Users\Ian\AppData\Local\Temp\1_flashplayer.exe
C:\Users\Ian\AppData\Local\Temp\8CDD8E78-A3BA-2C0C-E492-90DEF3A289CB.dll
C:\Users\Ian\AppData\Local\Temp\8CDD8E78-A3BA-2C0C-E492-90DEF3A289CB.exe
C:\Users\Ian\AppData\Local\Temp\AESULOCK.exe
C:\Users\Ian\AppData\Local\Temp\COMAP.EXE
C:\Users\Ian\AppData\Local\Temp\D7FFD458-FD29-26B8-3CF6-32FF44BB0FB4.exe
C:\Users\Ian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpealcz_.dll
C:\Users\Ian\AppData\Local\Temp\optprosetup.exe
C:\Users\Ian\AppData\Local\Temp\Quarantine.exe
C:\Users\Ian\AppData\Local\Temp\TouchURL.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-30 10:50
 
==================== End Of Log ============================

  • 0

#4
ruisliptiger

ruisliptiger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014
Ran by Ian at 2014-11-02 14:35:41
Running from C:\Users\Ian\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Bandizip (HKLM\...\Bandizip) (Version: 5.01 - Bandisoft.com)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.38 - Lenovo)
Energy Manager (x32 Version: 1.0.1.38 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel® Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1337.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{D6FBF816-ACB8-46CC-ACC6-C8BBA85F497D}) (Version: 4.2.40.2418 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e1172fd4-a6d9-4cfa-8256-268f728fec31}) (Version: 16.5.3 - Intel Corporation)
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 6.0.19.19317 - LeapFrog)
LeapFrog Connect (x32 Version: 6.0.19.19317 - LeapFrog) Hidden
LeapFrog LeapPad Explorer Plugin (x32 Version: 6.0.19.19317 - LeapFrog) Hidden
LeapFrog Tag Junior Plugin (x32 Version: 6.0.19.19317 - LeapFrog) Hidden
Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.5.35 - SunplusIT)
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A800D2BF-2F0D-4899-B265-C91C90981E8C}) (Version: 2.0.0.0829 - PointGrab)
Lenovo Motion Control (x32 Version: 2.0.0.0829 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.0 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.8211 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.3 - Lenovo)
Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.3 - Lenovo) Hidden
LightBox Free Image Editor (HKLM-x32\...\LightBox Free Image Editor) (Version:  - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nitro Pro 8 (HKLM\...\{2269F0D5-DE47-4313-9003-BB6357919314}) (Version: 8.5.5.7 - Nitro)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sky Go Desktop (HKCU\...\3536701325.go.sky.com) (Version:  - go.sky.com)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 26.1.77080 - Sonos, Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.7 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version:  - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (HKLM-x32\...\TagJuniorPlugin) (Version:  - LeapFrog)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.00.013.0731 - Lenovo)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211949052-421191045-3187209313-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
18-10-2014 06:27:47 McAfee Vulnerability Scanner
22-10-2014 12:37:17 Windows Update
30-10-2014 10:50:20 Windows Update
01-11-2014 13:20:17 Removed ReminderInstaller
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {013B66DA-0E35-43CE-B82F-F9DB6D1F2558} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {254254A6-33AA-4A2E-966D-CF0D2829DDC6} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-05-13] (Lenovo)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3A05C46B-8B50-4E04-A41D-4412D94DB360} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-10-30] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6394F7F5-8BFD-46FF-9568-D20207D1588E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26] (Google Inc.)
Task: {63C530B7-B1CA-4AB2-9DFD-F8607E983DDD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {83CFBEC3-F57A-4990-8BB7-4D554DBA7325} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B21AD816-272B-49F6-85EB-3D567403C78B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {B9B2CD8E-D90D-4F4D-8A60-98214AE6E4C8} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {C0B26076-FE14-4206-9A3C-40A7631A7370} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {CE5328AB-F370-4F92-A0A8-E0293C87622D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-18] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D21F4613-03EC-4CEF-8668-D348A4245B96} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D656AAF1-E36B-4475-91BE-775B95FE1CB6} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8c442d7e56ad => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26] (Google Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E61959F9-5E3D-4F96-9303-E9C4E689061E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E75B69DD-3355-40B5-8EB2-0AB17E975369} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-29] (Synaptics Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8c442d7e56ad.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-04-11 09:34 - 2014-04-11 09:34 - 00034304 _____ () C:\windows\System32\sst7clm.dll
2013-08-02 00:31 - 2013-08-02 00:31 - 00198120 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-08-02 00:31 - 2013-08-02 00:31 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-02 00:31 - 2013-08-02 00:31 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-05-13 08:27 - 2012-04-25 02:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-05-13 08:27 - 2014-05-13 08:27 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-05-13 08:27 - 2014-05-13 08:27 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-05-13 08:27 - 2014-05-13 08:27 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-05-13 08:27 - 2014-05-13 08:27 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2014-05-13 08:27 - 2014-05-13 08:27 - 00108304 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2014-05-13 08:27 - 2014-05-13 08:27 - 00161792 _____ () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
2012-08-30 12:46 - 2014-04-08 08:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-05-13 08:24 - 2013-07-31 22:32 - 00034288 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Lenovo.YogaPicks.Utils.dll
2014-10-19 20:42 - 2014-10-19 20:42 - 00363520 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2014-10-28 12:19 - 2014-10-28 12:19 - 01459712 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll
2014-10-19 20:42 - 2014-10-19 20:42 - 00521216 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\fae2b750f87849ca11806d20b2504bf2\Windows.Data.ni.dll
2014-05-26 11:02 - 2014-05-26 11:04 - 00948224 _____ () C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e\ZinioReaderWin8.exe
2014-10-19 20:42 - 2014-10-19 20:42 - 05185024 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\873b701d9b42e91132f08a6f05c4361a\Windows.UI.Xaml.ni.dll
2014-10-19 20:41 - 2014-10-19 20:41 - 01782784 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\3f4dc590466037f015f65bc07d1ea923\Windows.ApplicationModel.ni.dll
2014-05-26 11:02 - 2014-05-26 11:04 - 00246784 _____ () C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e\pdftron.winmd
2014-05-26 11:02 - 2014-05-26 11:04 - 18383856 _____ () C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e\pdftron.dll
2014-05-26 11:02 - 2014-05-26 11:03 - 00104448 _____ () C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e\nVentive.Umbrella.Web.WinRT.DLL
2014-10-19 20:42 - 2014-10-19 20:42 - 01278464 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\f9ac074d298db459c5eff6d3256861c8\Windows.Storage.ni.dll
2013-08-22 07:19 - 2013-08-22 06:54 - 00112640 _____ () C:\windows\system32\WinMetadata\Windows.Networking.winmd
2014-10-14 11:35 - 2014-10-14 11:35 - 00467456 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\ea818a24554fc2db9a73de1e79afb286\Windows.Graphics.ni.dll
2014-09-16 00:33 - 2014-09-16 00:33 - 00347136 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\94e2bc13589233f9d2cc54292717b8cf\Windows.Globalization.ni.dll
2014-10-19 20:42 - 2014-10-19 20:42 - 00207872 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll
2014-05-26 11:02 - 2014-05-26 11:03 - 00035328 _____ () C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e\nVentive.Umbrella.Services.Contract.WinRT.DLL
2014-10-19 20:42 - 2014-10-19 20:42 - 00632320 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Security\c7f6d022c5d5aec4891cb6b3b9934336\Windows.Security.ni.dll
2014-10-14 11:35 - 2014-10-14 11:35 - 02019840 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Devices\0b4b3f23bdebd1d056b32b31e2f746bb\Windows.Devices.ni.dll
2014-05-13 08:13 - 2013-08-09 12:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-05-13 08:27 - 2014-05-13 08:27 - 00102672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\3200\TransitionLib.dll
2014-05-13 08:27 - 2014-05-13 08:27 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2013-08-30 04:56 - 2013-08-30 04:56 - 02435392 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
2014-10-28 18:07 - 2014-10-22 04:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 18:07 - 2014-10-22 04:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 18:07 - 2014-10-22 04:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 18:07 - 2014-10-22 04:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-05-13 08:27 - 2014-05-13 08:27 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2014-11-01 13:58 - 2014-11-01 13:58 - 00098816 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32api.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00110080 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\pywintypes27.dll
2014-11-01 13:58 - 2014-11-01 13:58 - 00364544 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\pythoncom27.dll
2014-11-01 13:58 - 2014-11-01 13:58 - 00045568 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\_socket.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 01160704 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\_ssl.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00320512 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32com.shell.shell.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00713216 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\_hashlib.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 01175040 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._core_.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00805888 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._gdi_.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00811008 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._windows_.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 01062400 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._controls_.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00735232 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._misc_.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00128512 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\_elementtree.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00127488 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\pyexpat.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00557056 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\pysqlite2._sqlite.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00007168 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\hashobjs_ext.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00087552 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\_ctypes.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00119808 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32file.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00108544 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32security.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00018432 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32event.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00038912 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32inet.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00070656 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._html2.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00167936 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32gui.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00011264 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32crypt.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00027136 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\_multiprocessing.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00686080 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\unicodedata.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00122368 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._wizard.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00010240 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\select.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00024064 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32pipe.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00025600 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32pdh.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00525640 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\windows._lib_cacheinvalidation.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00035840 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32process.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00017408 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32profile.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00022528 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\win32ts.pyd
2014-11-01 13:58 - 2014-11-01 13:58 - 00078336 _____ () C:\Users\Ian\AppData\Local\Temp\_MEI67162\wx._animate.pyd
2012-08-30 12:39 - 2014-04-08 08:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2014-02-01 12:30 - 2014-02-01 12:30 - 00861184 _____ () C:\Program Files (x86)\LeapFrog\LeapFrog Connect\platforms\qwindows.dll
2014-11-01 13:58 - 2014-11-01 13:58 - 00043008 _____ () c:\users\ian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpealcz_.dll
2013-08-23 19:01 - 2013-08-23 19:01 - 25100288 _____ () C:\Users\Ian\AppData\Roaming\Dropbox\bin\libcef.dll
2014-10-28 18:07 - 2014-10-22 04:04 - 00310088 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libexif.dll
2014-10-28 18:07 - 2014-10-22 04:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Ian\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKCU\...\StartupApproved\Run: => "BrowserChoice"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-211949052-421191045-3187209313-500 - Administrator - Disabled)
Guest (S-1-5-21-211949052-421191045-3187209313-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-211949052-421191045-3187209313-1003 - Limited - Enabled)
Ian (S-1-5-21-211949052-421191045-3187209313-1001 - Administrator - Enabled) => C:\Users\Ian
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/01/2014 05:26:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume WINRE_DRV was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (11/01/2014 05:26:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume WINRE_DRV was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (11/01/2014 05:26:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume WINRE_DRV was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (11/01/2014 05:26:45 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume WINRE_DRV was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (11/01/2014 05:26:40 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume WINRE_DRV was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (11/01/2014 01:49:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume WINRE_DRV was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (11/01/2014 11:27:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Setup (1).exe version 2.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1a4e8
 
Start Time: 01cff5c691f91acd
 
Termination Time: 4294967295
 
Application Path: C:\Users\Ian\Downloads\Setup (1).exe
 
Report Id: 02225a7f-61ba-11e4-827a-7c7a9174a0f8
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (11/01/2014 11:03:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: 6825cc31.exe, version: 0.0.0.0, time stamp: 0x526850d6
Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53086d7c
Exception code: 0xc0000005
Fault offset: 0x00016d64
Faulting process id: 0x19c8c
Faulting application start time: 0x6825cc31.exe0
Faulting application path: 6825cc31.exe1
Faulting module path: 6825cc31.exe2
Report Id: 6825cc31.exe3
Faulting package full name: 6825cc31.exe4
Faulting package-relative application ID: 6825cc31.exe5
 
Error: (10/31/2014 11:17:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (10/31/2014 00:39:42 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
 
System errors:
=============
Error: (11/01/2014 08:24:51 PM) (Source: DCOM) (EventID: 10010) (User: IAN-ULTRABOOK)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (10/30/2014 04:16:27 PM) (Source: DCOM) (EventID: 10010) (User: IAN-ULTRABOOK)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (10/29/2014 03:47:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
 
Error: (10/29/2014 03:46:55 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
 
Error: (10/29/2014 03:46:34 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
 
Error: (10/29/2014 03:46:30 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
 
Error: (10/28/2014 00:35:43 PM) (Source: DCOM) (EventID: 10010) (User: IAN-ULTRABOOK)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (10/25/2014 05:09:00 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (10/25/2014 05:08:52 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (10/25/2014 05:08:43 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
 
Microsoft Office Sessions:
=========================
Error: (10/25/2014 06:42:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2109 seconds with 1980 seconds of active time.  This session ended with a crash.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 47%
Total physical RAM: 8104.27 MB
Available physical RAM: 4251.63 MB
Total Pagefile: 15528.27 MB
Available Pagefile: 8424.11 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:212.46 GB) (Free:97.41 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:4 GB) (Free:0.93 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: F19A6DE1)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#5
ruisliptiger

ruisliptiger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

On the plus side, since my original post the Laptop seems to have regained some of it's speed.

 

No guarantee of a clean machine I know, but encouraging nevertheless.


  • 0

#6
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

On the plus side, since my original post the Laptop seems to have regained some of it's speed.
 
No guarantee of a clean machine I know, but encouraging nevertheless.


That's good and very encouraging. :) I don't see anything overt in the FRST log, but I'd like to clean out the temp files and run some further scans. :thumbsup:


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
Emptytemp:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 2: Junkware Removal Tool


thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleaner2_zps680e0e15.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Clean button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\AdwCleaner[R0].txt
Step 4: Scan with TDSSKiller


Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

Junkware Removal Tool Log

AdwCleaner Log

TDSSKiller Log

  • 0

#7
ruisliptiger

ruisliptiger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-11-2014
Ran by Ian at 2014-11-02 19:28:03 Run:1
Running from C:\Users\Ian\Desktop
Loaded Profile: Ian (Available profiles: Ian)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
Emptytemp:
End
*****************
 
EmptyTemp: => Removed 1.1 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

#8
ruisliptiger

ruisliptiger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Windows 8.1 x64
Ran by Ian on 02/11/2014 at 19:48:59.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Users\Ian\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/11/2014 at 19:50:54.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#9
ruisliptiger

ruisliptiger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
# AdwCleaner v3.311 - Report created 02/11/2014 at 19:58:09
# Updated 30/09/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Ian - IAN-ULTRABOOK
# Running from : C:\Users\Ian\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Ian\AppData\Local\Pokki
Folder Deleted : C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17344
 
 
-\\ Google Chrome v38.0.2125.111
 
[ File : C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [4034 octets] - [01/11/2014 13:31:41]
AdwCleaner[R1].txt - [1060 octets] - [02/11/2014 19:56:45]
AdwCleaner[S0].txt - [4089 octets] - [01/11/2014 13:33:50]
AdwCleaner[S1].txt - [987 octets] - [02/11/2014 19:58:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1046 octets] ##########

  • 0

#10
ruisliptiger

ruisliptiger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
20:05:41.0588 0x1738  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
20:05:41.0588 0x1738  UEFI system
20:05:47.0508 0x1738  ============================================================
20:05:47.0508 0x1738  Current date / time: 2014/11/02 20:05:47.0508
20:05:47.0508 0x1738  SystemInfo:
20:05:47.0508 0x1738  
20:05:47.0508 0x1738  OS Version: 6.3.9600 ServicePack: 0.0
20:05:47.0508 0x1738  Product type: Workstation
20:05:47.0509 0x1738  ComputerName: IAN-ULTRABOOK
20:05:47.0509 0x1738  UserName: Ian
20:05:47.0509 0x1738  Windows directory: C:\windows
20:05:47.0509 0x1738  System windows directory: C:\windows
20:05:47.0509 0x1738  Running under WOW64
20:05:47.0509 0x1738  Processor architecture: Intel x64
20:05:47.0509 0x1738  Number of processors: 4
20:05:47.0509 0x1738  Page size: 0x1000
20:05:47.0509 0x1738  Boot type: Normal boot
20:05:47.0509 0x1738  ============================================================
20:05:47.0666 0x1738  KLMD registered as C:\windows\system32\drivers\98180715.sys
20:05:47.0702 0x1738  System UUID: {6C721C30-2344-D7D3-2208-39B33331179D}
20:05:47.0926 0x1738  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:05:47.0928 0x1738  ============================================================
20:05:47.0928 0x1738  \Device\Harddisk0\DR0:
20:05:47.0928 0x1738  GPT partitions:
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9BEC4E63-5CEE-4050-AED5-0A0B69C46A16}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {2EF3E13C-37C7-4292-A4D3-C58FDF998995}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {A5830755-D7C7-4C87-B353-810EE9894753}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1D2E1E14-C8A8-4DE6-B86B-A7D64E3AE775}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {67CB26FF-E771-4E91-87D0-B962B4DCF01A}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x1A8EB000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F1330DB2-77C2-42D4-BD24-8D8999668506}, Name: Basic data partition, StartLBA 0x1AD95800, BlocksNum 0x800000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {EAE30C98-36DF-4FAA-A6EB-1EC79631AF02}, Name: Basic data partition, StartLBA 0x1B595800, BlocksNum 0x275D800
20:05:47.0929 0x1738  MBR partitions:
20:05:47.0929 0x1738  ============================================================
20:05:47.0930 0x1738  C: <-> \Device\Harddisk0\DR0\Partition5
20:05:47.0931 0x1738  D: <-> \Device\Harddisk0\DR0\Partition6
20:05:47.0931 0x1738  ============================================================
20:05:47.0931 0x1738  Initialize success
20:05:47.0931 0x1738  ============================================================
20:06:43.0904 0x0eac  ============================================================
20:06:43.0904 0x0eac  Scan started
20:06:43.0904 0x0eac  Mode: Manual; SigCheck; TDLFS; 
20:06:43.0904 0x0eac  ============================================================
20:06:43.0904 0x0eac  KSN ping started
20:06:46.0336 0x0eac  KSN ping finished: true
20:06:46.0610 0x0eac  ================ Scan system memory ========================
20:06:46.0610 0x0eac  System memory - ok
20:06:46.0610 0x0eac  ================ Scan services =============================
20:06:46.0649 0x0eac  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
20:06:46.0683 0x0eac  1394ohci - ok
20:06:46.0694 0x0eac  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\windows\system32\drivers\3ware.sys
20:06:46.0703 0x0eac  3ware - ok
20:06:46.0721 0x0eac  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\windows\system32\drivers\ACPI.sys
20:06:46.0745 0x0eac  ACPI - ok
20:06:46.0750 0x0eac  [ A273E88FAC37A4F819ED99FE4B642F4D, 994DC229B7B4379852928DF0B22E8E575AB239FD8904AF580AA36A44ED717CD9 ] acpials         C:\windows\system32\DRIVERS\acpials.sys
20:06:46.0758 0x0eac  acpials - ok
20:06:46.0763 0x0eac  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\windows\system32\Drivers\acpiex.sys
20:06:46.0771 0x0eac  acpiex - ok
20:06:46.0775 0x0eac  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
20:06:46.0785 0x0eac  acpipagr - ok
20:06:46.0788 0x0eac  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
20:06:46.0797 0x0eac  AcpiPmi - ok
20:06:46.0802 0x0eac  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\windows\System32\drivers\acpitime.sys
20:06:46.0813 0x0eac  acpitime - ok
20:06:46.0824 0x0eac  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\windows\System32\drivers\AcpiVpc.sys
20:06:46.0838 0x0eac  ACPIVPC - ok
20:06:46.0861 0x0eac  [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:06:46.0874 0x0eac  AdobeFlashPlayerUpdateSvc - ok
20:06:46.0894 0x0eac  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\windows\system32\drivers\ADP80XX.SYS
20:06:46.0922 0x0eac  ADP80XX - ok
20:06:46.0930 0x0eac  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
20:06:46.0946 0x0eac  AeLookupSvc - ok
20:06:46.0963 0x0eac  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\windows\system32\drivers\afd.sys
20:06:46.0984 0x0eac  AFD - ok
20:06:46.0992 0x0eac  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\windows\system32\drivers\agp440.sys
20:06:47.0002 0x0eac  agp440 - ok
20:06:47.0008 0x0eac  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\windows\system32\DRIVERS\ahcache.sys
20:06:47.0020 0x0eac  ahcache - ok
20:06:47.0025 0x0eac  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\windows\System32\alg.exe
20:06:47.0037 0x0eac  ALG - ok
20:06:47.0043 0x0eac  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\windows\System32\drivers\amdk8.sys
20:06:47.0054 0x0eac  AmdK8 - ok
20:06:47.0059 0x0eac  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
20:06:47.0070 0x0eac  AmdPPM - ok
20:06:47.0074 0x0eac  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\windows\system32\drivers\amdsata.sys
20:06:47.0083 0x0eac  amdsata - ok
20:06:47.0089 0x0eac  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
20:06:47.0102 0x0eac  amdsbs - ok
20:06:47.0106 0x0eac  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\windows\system32\drivers\amdxata.sys
20:06:47.0113 0x0eac  amdxata - ok
20:06:47.0118 0x0eac  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\windows\system32\drivers\appid.sys
20:06:47.0127 0x0eac  AppID - ok
20:06:47.0131 0x0eac  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\windows\System32\appidsvc.dll
20:06:47.0140 0x0eac  AppIDSvc - ok
20:06:47.0144 0x0eac  [ 7667B9D81EA8FD6540E6CF72F92161A6, 98F3D0E376F715EBE083FE112CAA640BCE0F13DCE0F244D059D7FA019EA3D24C ] Appinfo         C:\windows\System32\appinfo.dll
20:06:47.0156 0x0eac  Appinfo - ok
20:06:47.0168 0x0eac  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\windows\system32\AppReadiness.dll
20:06:47.0187 0x0eac  AppReadiness - ok
20:06:47.0213 0x0eac  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\windows\system32\appxdeploymentserver.dll
20:06:47.0247 0x0eac  AppXSvc - ok
20:06:47.0253 0x0eac  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\windows\system32\drivers\arcsas.sys
20:06:47.0263 0x0eac  arcsas - ok
20:06:47.0266 0x0eac  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\windows\system32\drivers\atapi.sys
20:06:47.0274 0x0eac  atapi - ok
20:06:47.0281 0x0eac  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
20:06:47.0293 0x0eac  AudioEndpointBuilder - ok
20:06:47.0315 0x0eac  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\windows\System32\Audiosrv.dll
20:06:47.0341 0x0eac  Audiosrv - ok
20:06:47.0349 0x0eac  [ 943B743BEA5AE4EEA43250FFCC99C522, 387966A350796EFB6682A975D66F057B622296F6ADF4AFCEECD9F775BA97BFE6 ] AX88772         C:\windows\system32\DRIVERS\ax88772.sys
20:06:47.0362 0x0eac  AX88772 - ok
20:06:47.0367 0x0eac  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\windows\System32\AxInstSV.dll
20:06:47.0377 0x0eac  AxInstSV - ok
20:06:47.0390 0x0eac  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
20:06:47.0409 0x0eac  b06bdrv - ok
20:06:47.0413 0x0eac  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
20:06:47.0422 0x0eac  BasicDisplay - ok
20:06:47.0426 0x0eac  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
20:06:47.0434 0x0eac  BasicRender - ok
20:06:47.0438 0x0eac  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\windows\System32\drivers\bcmfn2.sys
20:06:47.0444 0x0eac  bcmfn2 - ok
20:06:47.0453 0x0eac  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\windows\System32\bdesvc.dll
20:06:47.0467 0x0eac  BDESVC - ok
20:06:47.0471 0x0eac  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\windows\system32\drivers\Beep.sys
20:06:47.0479 0x0eac  Beep - ok
20:06:47.0496 0x0eac  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\windows\System32\bfe.dll
20:06:47.0520 0x0eac  BFE - ok
20:06:47.0542 0x0eac  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\windows\System32\qmgr.dll
20:06:47.0576 0x0eac  BITS - ok
20:06:47.0602 0x0eac  [ E7429ECD0C47CC065EEACF7E9D0E6341, 10D8231E14C908A0949108EB5F84E17BA10ABFC370D0C5F65945B23879AB12BF ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
20:06:47.0627 0x0eac  Bluetooth Device Monitor - ok
20:06:47.0652 0x0eac  [ 9C0FDB0E3CFE542847E5140FAF17E89F, 290C08C0F8413D15BA41BEFC3D5A9D3E97FB6C55B91FE80D518BEA95A2838173 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
20:06:47.0676 0x0eac  Bluetooth OBEX Service - ok
20:06:47.0681 0x0eac  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\windows\system32\DRIVERS\bowser.sys
20:06:47.0690 0x0eac  bowser - ok
20:06:47.0698 0x0eac  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
20:06:47.0712 0x0eac  BrokerInfrastructure - ok
20:06:47.0717 0x0eac  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\windows\System32\browser.dll
20:06:47.0729 0x0eac  Browser - ok
20:06:47.0732 0x0eac  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
20:06:47.0741 0x0eac  BthAvrcpTg - ok
20:06:47.0745 0x0eac  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
20:06:47.0755 0x0eac  BthEnum - ok
20:06:47.0759 0x0eac  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
20:06:47.0770 0x0eac  BthHFEnum - ok
20:06:47.0773 0x0eac  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
20:06:47.0781 0x0eac  bthhfhid - ok
20:06:47.0790 0x0eac  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\windows\System32\drivers\BthLEEnum.sys
20:06:47.0801 0x0eac  BthLEEnum - ok
20:06:47.0805 0x0eac  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
20:06:47.0814 0x0eac  BTHMODEM - ok
20:06:47.0819 0x0eac  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\windows\System32\drivers\bthpan.sys
20:06:47.0829 0x0eac  BthPan - ok
20:06:47.0858 0x0eac  [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
20:06:47.0886 0x0eac  BTHPORT - ok
20:06:47.0891 0x0eac  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\windows\system32\bthserv.dll
20:06:47.0901 0x0eac  bthserv - ok
20:06:47.0906 0x0eac  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
20:06:47.0916 0x0eac  BTHUSB - ok
20:06:47.0922 0x0eac  [ 5B8D71504FA8BFA308F6E1169B89D322, 1DC0CF47C5F655EA0F0992020C17A86D05637F55ACBB17380283EBB883A4D14D ] btmaux          C:\windows\system32\DRIVERS\btmaux.sys
20:06:47.0928 0x0eac  btmaux - ok
20:06:47.0956 0x0eac  [ A5D4D0B7EB24454777D6029AA6794D81, E39AB28BD48EDB285438F6AC37B26B135972DCD446D07878E28447FA979318C0 ] btmhsf          C:\windows\system32\DRIVERS\btmhsf.sys
20:06:47.0985 0x0eac  btmhsf - ok
20:06:47.0990 0x0eac  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
20:06:48.0001 0x0eac  cdfs - ok
20:06:48.0008 0x0eac  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\windows\System32\drivers\cdrom.sys
20:06:48.0017 0x0eac  cdrom - ok
20:06:48.0023 0x0eac  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\windows\System32\certprop.dll
20:06:48.0037 0x0eac  CertPropSvc - ok
20:06:48.0041 0x0eac  [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids          C:\windows\system32\drivers\cfwids.sys
20:06:48.0047 0x0eac  cfwids - ok
20:06:48.0051 0x0eac  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\windows\System32\drivers\circlass.sys
20:06:48.0060 0x0eac  circlass - ok
20:06:48.0070 0x0eac  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\windows\system32\drivers\CLFS.sys
20:06:48.0085 0x0eac  CLFS - ok
20:06:48.0093 0x0eac  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
20:06:48.0101 0x0eac  CmBatt - ok
20:06:48.0114 0x0eac  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\windows\system32\Drivers\cng.sys
20:06:48.0134 0x0eac  CNG - ok
20:06:48.0139 0x0eac  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
20:06:48.0148 0x0eac  CompositeBus - ok
20:06:48.0150 0x0eac  COMSysApp - ok
20:06:48.0154 0x0eac  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\windows\system32\drivers\condrv.sys
20:06:48.0163 0x0eac  condrv - ok
20:06:48.0184 0x0eac  [ 56D1D35F12F9A07803F6108D4EDCEB78, A947CE92E3E73FCEB4F2B02C789EFAD7E300614E917633F42668CCE9E2F7EE56 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
20:06:48.0195 0x0eac  cphs - ok
20:06:48.0202 0x0eac  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\windows\system32\cryptsvc.dll
20:06:48.0213 0x0eac  CryptSvc - ok
20:06:48.0217 0x0eac  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\windows\system32\drivers\dam.sys
20:06:48.0224 0x0eac  dam - ok
20:06:48.0240 0x0eac  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\windows\system32\rpcss.dll
20:06:48.0265 0x0eac  DcomLaunch - ok
20:06:48.0275 0x0eac  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\windows\System32\defragsvc.dll
20:06:48.0293 0x0eac  defragsvc - ok
20:06:48.0303 0x0eac  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\windows\system32\das.dll
20:06:48.0320 0x0eac  DeviceAssociationService - ok
20:06:48.0325 0x0eac  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
20:06:48.0336 0x0eac  DeviceInstall - ok
20:06:48.0341 0x0eac  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
20:06:48.0351 0x0eac  Dfsc - ok
20:06:48.0355 0x0eac  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\windows\system32\DRIVERS\ssudbus.sys
20:06:48.0363 0x0eac  dg_ssudbus - ok
20:06:48.0371 0x0eac  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\windows\system32\dhcpcore.dll
20:06:48.0385 0x0eac  Dhcp - ok
20:06:48.0391 0x0eac  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\windows\system32\drivers\disk.sys
20:06:48.0400 0x0eac  disk - ok
20:06:48.0403 0x0eac  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
20:06:48.0411 0x0eac  dmvsc - ok
20:06:48.0418 0x0eac  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:06:48.0431 0x0eac  Dnscache - ok
20:06:48.0438 0x0eac  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\windows\System32\dot3svc.dll
20:06:48.0454 0x0eac  dot3svc - ok
20:06:48.0460 0x0eac  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\windows\system32\dps.dll
20:06:48.0475 0x0eac  DPS - ok
20:06:48.0481 0x0eac  [ E87CD3E4F9AC0A2C181990CB781DD4BA, 693F30DF8D4AE732BBB36D250D89DEC05C291B0A0998CBE87677E4F019253432 ] DptfDevPch      C:\windows\system32\DRIVERS\DptfDevPch.sys
20:06:48.0489 0x0eac  DptfDevPch - ok
20:06:48.0497 0x0eac  [ 1C3C798B4150F7A047853838EBE2A95B, 8A44147DAB1FCBD5F23B5D427D12D0D5CA4A8260216ECE155CD849D09328069A ] DptfDevProc     C:\windows\system32\DRIVERS\DptfDevProc.sys
20:06:48.0508 0x0eac  DptfDevProc - ok
20:06:48.0521 0x0eac  [ 133C04EDB13A8A7740FFA3D7DD397C80, 56A28AF194354A6AA48A9204F13C845A4B3FE4E3139BBDE31DDDE318F3FB20C9 ] DptfManager     C:\windows\system32\DRIVERS\DptfManager.sys
20:06:48.0537 0x0eac  DptfManager - ok
20:06:48.0541 0x0eac  [ 8A18176B5108C2FBB23ADA9D548BDD3A, 204E39EE27B6FEDB75E97950B1608DEB0641248857FF0FDD2B66168929967043 ] DptfParticipantProcessorService C:\windows\system32\DptfParticipantProcessorService.exe
20:06:48.0550 0x0eac  DptfParticipantProcessorService - ok
20:06:48.0554 0x0eac  [ 82239362B0C3CDA6C2E69EAB73FA8A97, 73ADB64C365E5C1F2DF92B91982E65577ADC58DE84ECF0399F0C1C380602E630 ] DptfPolicyConfigTDPService C:\windows\system32\DptfPolicyConfigTDPService.exe
20:06:48.0563 0x0eac  DptfPolicyConfigTDPService - ok
20:06:48.0569 0x0eac  [ FAFA22CD7FD7B0A195239E738F7B7030, 9DF3810F814ACD4A694F25482E57ADEA01F1072CEAA4AC14ED5D383A4D2DE385 ] DptfPolicyCriticalService C:\windows\system32\DptfPolicyCriticalService.exe
20:06:48.0578 0x0eac  DptfPolicyCriticalService - ok
20:06:48.0583 0x0eac  [ 06B40DF90D494E2242C63DCACB354B8E, A10EB3EF74EDA33CF710B74E52D97A2B3B7874F3C5212016ED1FB89F8070D6A9 ] DptfPolicyLpmService C:\windows\system32\DptfPolicyLpmService.exe
20:06:48.0591 0x0eac  DptfPolicyLpmService - ok
20:06:48.0595 0x0eac  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
20:06:48.0602 0x0eac  drmkaud - ok
20:06:48.0608 0x0eac  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
20:06:48.0625 0x0eac  DsmSvc - ok
20:06:48.0656 0x0eac  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
20:06:48.0697 0x0eac  DXGKrnl - ok
20:06:48.0705 0x0eac  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\windows\System32\eapsvc.dll
20:06:48.0717 0x0eac  Eaphost - ok
20:06:48.0806 0x0eac  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\windows\system32\drivers\evbda.sys
20:06:48.0953 0x0eac  ebdrv - ok
20:06:48.0963 0x0eac  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\windows\System32\lsass.exe
20:06:48.0978 0x0eac  EFS - ok
20:06:48.0986 0x0eac  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
20:06:48.0996 0x0eac  EhStorClass - ok
20:06:49.0002 0x0eac  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
20:06:49.0013 0x0eac  EhStorTcgDrv - ok
20:06:49.0019 0x0eac  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\windows\System32\drivers\errdev.sys
20:06:49.0027 0x0eac  ErrDev - ok
20:06:49.0042 0x0eac  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\windows\system32\es.dll
20:06:49.0063 0x0eac  EventSystem - ok
20:06:49.0079 0x0eac  [ 905B24D42EA6C7E6988838186DBC8C4C, B2E262D666CF266F32A03505D29AC078E7C5F062AEF0A5D91584877CC9FFB47D ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:06:49.0097 0x0eac  EvtEng - ok
20:06:49.0104 0x0eac  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\windows\system32\drivers\exfat.sys
20:06:49.0121 0x0eac  exfat - ok
20:06:49.0127 0x0eac  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\windows\system32\drivers\fastfat.sys
20:06:49.0139 0x0eac  fastfat - ok
20:06:49.0154 0x0eac  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\windows\system32\fxssvc.exe
20:06:49.0175 0x0eac  Fax - ok
20:06:49.0180 0x0eac  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\windows\System32\drivers\fdc.sys
20:06:49.0188 0x0eac  fdc - ok
20:06:49.0192 0x0eac  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\windows\system32\fdPHost.dll
20:06:49.0206 0x0eac  fdPHost - ok
20:06:49.0209 0x0eac  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\windows\system32\fdrespub.dll
20:06:49.0223 0x0eac  FDResPub - ok
20:06:49.0228 0x0eac  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\windows\system32\fhsvc.dll
20:06:49.0239 0x0eac  fhsvc - ok
20:06:49.0244 0x0eac  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
20:06:49.0254 0x0eac  FileInfo - ok
20:06:49.0258 0x0eac  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\windows\system32\drivers\filetrace.sys
20:06:49.0272 0x0eac  Filetrace - ok
20:06:49.0277 0x0eac  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
20:06:49.0288 0x0eac  flpydisk - ok
20:06:49.0298 0x0eac  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
20:06:49.0313 0x0eac  FltMgr - ok
20:06:49.0318 0x0eac  [ 6CD6BB45BD3E0EEF6CE496BF52854FF1, 939630A1EEAB79DD5AA3D9272B9EDC0550BC06D40C9B398815FCFF4AC12A7F2C ] FlyUsb          C:\windows\System32\drivers\FlyUsb.sys
20:06:49.0325 0x0eac  FlyUsb - ok
20:06:49.0357 0x0eac  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\windows\system32\FntCache.dll
20:06:49.0397 0x0eac  FontCache - ok
20:06:49.0405 0x0eac  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:06:49.0413 0x0eac  FontCache3.0.0.0 - ok
20:06:49.0419 0x0eac  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
20:06:49.0428 0x0eac  FsDepends - ok
20:06:49.0431 0x0eac  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:06:49.0439 0x0eac  Fs_Rec - ok
20:06:49.0453 0x0eac  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
20:06:49.0476 0x0eac  fvevol - ok
20:06:49.0481 0x0eac  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
20:06:49.0490 0x0eac  FxPPM - ok
20:06:49.0493 0x0eac  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
20:06:49.0503 0x0eac  gagp30kx - ok
20:06:49.0506 0x0eac  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
20:06:49.0514 0x0eac  gencounter - ok
20:06:49.0520 0x0eac  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
20:06:49.0531 0x0eac  GPIOClx0101 - ok
20:06:49.0559 0x0eac  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\windows\System32\gpsvc.dll
20:06:49.0607 0x0eac  gpsvc - ok
20:06:49.0616 0x0eac  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:06:49.0623 0x0eac  gupdate - ok
20:06:49.0628 0x0eac  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:06:49.0634 0x0eac  gupdatem - ok
20:06:49.0640 0x0eac  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:06:49.0649 0x0eac  gusvc - ok
20:06:49.0661 0x0eac  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:06:49.0681 0x0eac  HdAudAddService - ok
20:06:49.0688 0x0eac  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
20:06:49.0697 0x0eac  HDAudBus - ok
20:06:49.0702 0x0eac  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
20:06:49.0710 0x0eac  HidBatt - ok
20:06:49.0718 0x0eac  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\windows\System32\drivers\hidbth.sys
20:06:49.0729 0x0eac  HidBth - ok
20:06:49.0733 0x0eac  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
20:06:49.0742 0x0eac  hidi2c - ok
20:06:49.0746 0x0eac  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\windows\System32\drivers\hidir.sys
20:06:49.0754 0x0eac  HidIr - ok
20:06:49.0758 0x0eac  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\windows\system32\hidserv.dll
20:06:49.0768 0x0eac  hidserv - ok
20:06:49.0772 0x0eac  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
20:06:49.0780 0x0eac  HidUsb - ok
20:06:49.0786 0x0eac  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\windows\system32\drivers\HipShieldK.sys
20:06:49.0796 0x0eac  HipShieldK - ok
20:06:49.0801 0x0eac  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\windows\system32\kmsvc.dll
20:06:49.0813 0x0eac  hkmsvc - ok
20:06:49.0822 0x0eac  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:06:49.0836 0x0eac  HomeGroupListener - ok
20:06:49.0846 0x0eac  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:06:49.0863 0x0eac  HomeGroupProvider - ok
20:06:49.0873 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:06:49.0884 0x0eac  HomeNetSvc - ok
20:06:49.0888 0x0eac  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
20:06:49.0898 0x0eac  HpSAMD - ok
20:06:49.0920 0x0eac  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\windows\system32\drivers\HTTP.sys
20:06:49.0947 0x0eac  HTTP - ok
20:06:49.0951 0x0eac  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
20:06:49.0959 0x0eac  hwpolicy - ok
20:06:49.0962 0x0eac  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
20:06:49.0970 0x0eac  hyperkbd - ok
20:06:49.0973 0x0eac  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
20:06:49.0982 0x0eac  HyperVideo - ok
20:06:49.0987 0x0eac  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
20:06:49.0998 0x0eac  i8042prt - ok
20:06:50.0003 0x0eac  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\windows\System32\drivers\iaLPSSi_GPIO.sys
20:06:50.0009 0x0eac  iaLPSSi_GPIO - ok
20:06:50.0014 0x0eac  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\windows\System32\drivers\iaLPSSi_I2C.sys
20:06:50.0021 0x0eac  iaLPSSi_I2C - ok
20:06:50.0039 0x0eac  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
20:06:50.0055 0x0eac  iaStorA - ok
20:06:50.0070 0x0eac  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\windows\system32\drivers\iaStorAV.sys
20:06:50.0088 0x0eac  iaStorAV - ok
20:06:50.0102 0x0eac  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:06:50.0107 0x0eac  IAStorDataMgrSvc - ok
20:06:50.0118 0x0eac  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
20:06:50.0135 0x0eac  iaStorV - ok
20:06:50.0141 0x0eac  [ DA3E76663D55775D675982F4C9CA2794, FCD84EA5A6787D4ADAAF8A1DD85E64BC280F60EC907D89AA1F7E95C5CAA60AFE ] ibtusb          C:\windows\system32\DRIVERS\ibtusb.sys
20:06:50.0148 0x0eac  ibtusb - ok
20:06:50.0151 0x0eac  IEEtwCollectorService - ok
20:06:50.0228 0x0eac  [ A874EC416801B152BD64916E1B5C107E, 6D41CAB617E06F3D9534DB44DFEB9C86F2AD55AFBF3E1B1B41BA2576C0C19407 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
20:06:50.0316 0x0eac  igfx - ok
20:06:50.0323 0x0eac  [ 39F3C7E218CE9118106D166F09AE1352, B78ADFC87AACF868D62A7FB0971B8786C1315A9B4D34D3E3159AD3F24D78AD62 ] ikbevent        C:\windows\system32\DRIVERS\ikbevent.sys
20:06:50.0329 0x0eac  ikbevent - ok
20:06:50.0351 0x0eac  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\windows\System32\ikeext.dll
20:06:50.0381 0x0eac  IKEEXT - ok
20:06:50.0385 0x0eac  [ 404906005D768E48BF16218B420249C7, 78409A077F244FCAC806180384C240F3BB1FF7ECF02EDB5E5D3188F458AB23D1 ] imsevent        C:\windows\system32\DRIVERS\imsevent.sys
20:06:50.0391 0x0eac  imsevent - ok
20:06:50.0395 0x0eac  [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON         C:\windows\System32\Drivers\INETMON.sys
20:06:50.0401 0x0eac  INETMON - ok
20:06:50.0404 0x0eac  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
20:06:50.0410 0x0eac  intaud_WaveExtensible - ok
20:06:50.0479 0x0eac  [ 0CDE7928C4B99C25AAED3B4E84E78168, 5B5444574551D2637A3827F26D248573AECE1B12DFA175C13B10B2A777AD2513 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:06:50.0546 0x0eac  IntcAzAudAddService - ok
20:06:50.0563 0x0eac  [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
20:06:50.0578 0x0eac  IntcDAud - ok
20:06:50.0612 0x0eac  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:06:50.0638 0x0eac  Intel® Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
20:06:53.0116 0x0eac  Detect skipped due to KSN trusted
20:06:53.0116 0x0eac  Intel® Capability Licensing Service Interface - ok
20:06:53.0139 0x0eac  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:06:53.0164 0x0eac  Intel® Capability Licensing Service TCP IP Interface - ok
20:06:53.0179 0x0eac  [ FEC3A8349DCBECB87850692F1020B023, AD3086C31CA7795FA8CB677C67CE7AFD37FAB728EB1027B8B2016F3B283FB958 ] Intel® Wireless Bluetooth® 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
20:06:53.0189 0x0eac  Intel® Wireless Bluetooth® 4.0 Radio Management - ok
20:06:53.0195 0x0eac  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\windows\system32\drivers\intelide.sys
20:06:53.0203 0x0eac  intelide - ok
20:06:53.0209 0x0eac  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\windows\system32\drivers\intelpep.sys
20:06:53.0221 0x0eac  intelpep - ok
20:06:53.0233 0x0eac  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\windows\System32\drivers\intelppm.sys
20:06:53.0242 0x0eac  intelppm - ok
20:06:53.0246 0x0eac  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:06:53.0258 0x0eac  IpFilterDriver - ok
20:06:53.0277 0x0eac  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
20:06:53.0303 0x0eac  iphlpsvc - ok
20:06:53.0308 0x0eac  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
20:06:53.0317 0x0eac  IPMIDRV - ok
20:06:53.0323 0x0eac  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
20:06:53.0335 0x0eac  IPNAT - ok
20:06:53.0339 0x0eac  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\windows\system32\drivers\irenum.sys
20:06:53.0349 0x0eac  IRENUM - ok
20:06:53.0354 0x0eac  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\windows\system32\drivers\isapnp.sys
20:06:53.0362 0x0eac  isapnp - ok
20:06:53.0372 0x0eac  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
20:06:53.0388 0x0eac  iScsiPrt - ok
20:06:53.0392 0x0eac  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\windows\System32\drivers\ISCTD64.sys
20:06:53.0398 0x0eac  ISCT - ok
20:06:53.0405 0x0eac  [ 5215D12B13FC2BC7717AA4884846D34F, B97B8FFC6FB212398BF772C08B318411EA70B683B816906F30EF35DEB5B1C130 ] ISCTAgent       C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
20:06:53.0414 0x0eac  ISCTAgent - ok
20:06:53.0421 0x0eac  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
20:06:53.0429 0x0eac  iumsvc - ok
20:06:53.0433 0x0eac  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\windows\System32\drivers\iwdbus.sys
20:06:53.0439 0x0eac  iwdbus - ok
20:06:53.0445 0x0eac  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:06:53.0453 0x0eac  jhi_service - ok
20:06:53.0458 0x0eac  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
20:06:53.0466 0x0eac  kbdclass - ok
20:06:53.0470 0x0eac  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
20:06:53.0479 0x0eac  kbdhid - ok
20:06:53.0483 0x0eac  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
20:06:53.0491 0x0eac  kdnic - ok
20:06:53.0495 0x0eac  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\windows\system32\lsass.exe
20:06:53.0504 0x0eac  KeyIso - ok
20:06:53.0509 0x0eac  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
20:06:53.0519 0x0eac  KSecDD - ok
20:06:53.0525 0x0eac  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
20:06:53.0537 0x0eac  KSecPkg - ok
20:06:53.0541 0x0eac  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
20:06:53.0550 0x0eac  ksthunk - ok
20:06:53.0561 0x0eac  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\windows\system32\msdtckrm.dll
20:06:53.0578 0x0eac  KtmRm - ok
20:06:53.0587 0x0eac  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\windows\system32\srvsvc.dll
20:06:53.0602 0x0eac  LanmanServer - ok
20:06:53.0611 0x0eac  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:06:53.0625 0x0eac  LanmanWorkstation - ok
20:06:53.0745 0x0eac  [ 1C09A80590E3E8C0F91DF46B1610AA7A, DEE57B3DBF4CF6C8DD4D81FE766498547B182BE76FB3F4C95703244558747E01 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
20:06:53.0890 0x0eac  LeapFrog Connect Device Service - detected UnsignedFile.Multi.Generic ( 1 )
20:06:56.0336 0x0eac  Detect skipped due to KSN trusted
20:06:56.0337 0x0eac  LeapFrog Connect Device Service - ok
20:06:56.0353 0x0eac  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\windows\System32\GeofenceMonitorService.dll
20:06:56.0372 0x0eac  lfsvc - ok
20:06:56.0377 0x0eac  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
20:06:56.0391 0x0eac  lltdio - ok
20:06:56.0402 0x0eac  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\windows\System32\lltdsvc.dll
20:06:56.0418 0x0eac  lltdsvc - ok
20:06:56.0421 0x0eac  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\windows\System32\lmhsvc.dll
20:06:56.0431 0x0eac  lmhosts - ok
20:06:56.0440 0x0eac  [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:06:56.0453 0x0eac  LMS - ok
20:06:56.0459 0x0eac  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
20:06:56.0469 0x0eac  LSI_SAS - ok
20:06:56.0473 0x0eac  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
20:06:56.0483 0x0eac  LSI_SAS2 - ok
20:06:56.0487 0x0eac  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\windows\system32\drivers\lsi_sas3.sys
20:06:56.0495 0x0eac  LSI_SAS3 - ok
20:06:56.0500 0x0eac  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
20:06:56.0508 0x0eac  LSI_SSS - ok
20:06:56.0524 0x0eac  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\windows\System32\lsm.dll
20:06:56.0546 0x0eac  LSM - ok
20:06:56.0550 0x0eac  [ B9D6F27D06565CEFF51FD012B74822CB, D6526314DC2F58745969B7132722C60DB33442CB55ADAB28E7EF64EB088E32DF ] LsvUIService    C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
20:06:56.0557 0x0eac  LsvUIService - ok
20:06:56.0562 0x0eac  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\windows\system32\drivers\luafv.sys
20:06:56.0572 0x0eac  luafv - ok
20:06:56.0580 0x0eac  [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
20:06:56.0588 0x0eac  McAPExe - ok
20:06:56.0596 0x0eac  [ 4F3FAE9E811E64BBE68152F0ED186D75, 55C53B218F8769E9E8774278E7FFB4A8B7753B103D280248E9D5FE42F12B2DCB ] McAWFwk         c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
20:06:56.0608 0x0eac  McAWFwk - ok
20:06:56.0617 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:06:56.0627 0x0eac  McMPFSvc - ok
20:06:56.0635 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:06:56.0646 0x0eac  McNaiAnn - ok
20:06:56.0659 0x0eac  [ 1817FCB59F1832BC5387EC10838FC1BF, F0950EEEF5285C1C21E0C5BAFAFA44302E901EB8466427FA6AA3F1709B4D5A21 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
20:06:56.0674 0x0eac  McODS - ok
20:06:56.0683 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McOobeSv2       C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:06:56.0693 0x0eac  McOobeSv2 - ok
20:06:56.0701 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:06:56.0711 0x0eac  mcpltsvc - ok
20:06:56.0719 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy         C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:06:56.0729 0x0eac  McProxy - ok
20:06:56.0734 0x0eac  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\windows\system32\drivers\megasas.sys
20:06:56.0741 0x0eac  megasas - ok
20:06:56.0756 0x0eac  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\windows\system32\drivers\megasr.sys
20:06:56.0776 0x0eac  megasr - ok
20:06:56.0781 0x0eac  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\windows\system32\DRIVERS\TeeDriverx64.sys
20:06:56.0788 0x0eac  MEIx64 - ok
20:06:56.0794 0x0eac  [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys
20:06:56.0801 0x0eac  mfeapfk - ok
20:06:56.0809 0x0eac  [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys
20:06:56.0819 0x0eac  mfeavfk - ok
20:06:56.0840 0x0eac  [ C83EBEE66A2754CEE5B05699A42F728B, 1D739A505AEC1F40CC8CB86D01BDCEC0E29002A609FDA96CEF3531285E8261B9 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
20:06:56.0865 0x0eac  mfecore - ok
20:06:56.0870 0x0eac  [ DD19F44DE0F742B2E89FB6489A2F7197, B6BF5236181492B9996471469E18C3A11ECD6224BE740BA312771E1A7D4AD6BD ] mfeelamk        C:\windows\system32\drivers\mfeelamk.sys
20:06:56.0878 0x0eac  mfeelamk - ok
20:06:56.0884 0x0eac  [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:06:56.0894 0x0eac  mfefire - ok
20:06:56.0906 0x0eac  [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek        C:\windows\system32\drivers\mfefirek.sys
20:06:56.0920 0x0eac  mfefirek - ok
20:06:56.0938 0x0eac  [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk         C:\windows\system32\drivers\mfehidk.sys
20:06:56.0957 0x0eac  mfehidk - ok
20:06:56.0969 0x0eac  [ 93712907DEE6FFBD8A4016ECBB250DCD, FB3673BA495EF1301C4BA75B457493D9B1D5AE52642A04473575CABC1EC6EDFD ] mfencbdc        C:\windows\system32\DRIVERS\mfencbdc.sys
20:06:56.0981 0x0eac  mfencbdc - ok
20:06:56.0986 0x0eac  [ E97EE1F31F7E5349A06CE089658DA8A1, 8136155C734457E422331B3CBE67927C45FAB10B9B34789A612B58CF0E0E3BEC ] mfencrk         C:\windows\system32\DRIVERS\mfencrk.sys
20:06:56.0993 0x0eac  mfencrk - ok
20:06:56.0999 0x0eac  [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp          C:\windows\system32\mfevtps.exe
20:06:57.0007 0x0eac  mfevtp - ok
20:06:57.0015 0x0eac  [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys
20:06:57.0027 0x0eac  mfewfpk - ok
20:06:57.0032 0x0eac  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:06:57.0039 0x0eac  Microsoft Office Groove Audit Service - ok
20:06:57.0043 0x0eac  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\windows\system32\mmcss.dll
20:06:57.0054 0x0eac  MMCSS - ok
20:06:57.0058 0x0eac  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\windows\system32\drivers\modem.sys
20:06:57.0069 0x0eac  Modem - ok
20:06:57.0073 0x0eac  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\windows\System32\drivers\monitor.sys
20:06:57.0081 0x0eac  monitor - ok
20:06:57.0085 0x0eac  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\windows\System32\drivers\mouclass.sys
20:06:57.0093 0x0eac  mouclass - ok
20:06:57.0096 0x0eac  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\windows\System32\drivers\mouhid.sys
20:06:57.0105 0x0eac  mouhid - ok
20:06:57.0109 0x0eac  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
20:06:57.0119 0x0eac  mountmgr - ok
20:06:57.0124 0x0eac  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
20:06:57.0135 0x0eac  mpsdrv - ok
20:06:57.0154 0x0eac  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\windows\system32\mpssvc.dll
20:06:57.0182 0x0eac  MpsSvc - ok
20:06:57.0188 0x0eac  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
20:06:57.0199 0x0eac  MRxDAV - ok
20:06:57.0209 0x0eac  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:06:57.0223 0x0eac  mrxsmb - ok
20:06:57.0230 0x0eac  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
20:06:57.0244 0x0eac  mrxsmb10 - ok
20:06:57.0250 0x0eac  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
20:06:57.0262 0x0eac  mrxsmb20 - ok
20:06:57.0267 0x0eac  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
20:06:57.0277 0x0eac  MsBridge - ok
20:06:57.0283 0x0eac  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\windows\System32\msdtc.exe
20:06:57.0295 0x0eac  MSDTC - ok
20:06:57.0301 0x0eac  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:06:57.0311 0x0eac  Msfs - ok
20:06:57.0315 0x0eac  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
20:06:57.0323 0x0eac  msgpiowin32 - ok
20:06:57.0326 0x0eac  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
20:06:57.0334 0x0eac  mshidkmdf - ok
20:06:57.0337 0x0eac  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
20:06:57.0346 0x0eac  mshidumdf - ok
20:06:57.0349 0x0eac  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
20:06:57.0357 0x0eac  msisadrv - ok
20:06:57.0361 0x0eac  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
20:06:57.0374 0x0eac  MSiSCSI - ok
20:06:57.0376 0x0eac  msiserver - ok
20:06:57.0384 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:06:57.0394 0x0eac  MSK80Service - ok
20:06:57.0397 0x0eac  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
20:06:57.0406 0x0eac  MSKSSRV - ok
20:06:57.0410 0x0eac  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
20:06:57.0422 0x0eac  MsLldp - ok
20:06:57.0425 0x0eac  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:06:57.0434 0x0eac  MSPCLOCK - ok
20:06:57.0438 0x0eac  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
20:06:57.0446 0x0eac  MSPQM - ok
20:06:57.0456 0x0eac  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
20:06:57.0471 0x0eac  MsRPC - ok
20:06:57.0475 0x0eac  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
20:06:57.0483 0x0eac  mssmbios - ok
20:06:57.0486 0x0eac  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
20:06:57.0494 0x0eac  MSTEE - ok
20:06:57.0497 0x0eac  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
20:06:57.0506 0x0eac  MTConfig - ok
20:06:57.0510 0x0eac  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\windows\system32\Drivers\mup.sys
20:06:57.0519 0x0eac  Mup - ok
20:06:57.0523 0x0eac  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\windows\system32\drivers\mvumis.sys
20:06:57.0531 0x0eac  mvumis - ok
20:06:57.0538 0x0eac  [ DF6C94A974148BCEDD8B4DFA814040FE, 8C2E81A747A2D79E943D67FB1CEA3D37DC467071B309474B04744EBEDCA0E6EF ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:06:57.0549 0x0eac  MyWiFiDHCPDNS - ok
20:06:57.0561 0x0eac  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\windows\system32\qagentRT.dll
20:06:57.0580 0x0eac  napagent - ok
20:06:57.0591 0x0eac  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
20:06:57.0607 0x0eac  NativeWifiP - ok
20:06:57.0614 0x0eac  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\windows\System32\ncasvc.dll
20:06:57.0627 0x0eac  NcaSvc - ok
20:06:57.0633 0x0eac  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\windows\System32\ncbservice.dll
20:06:57.0644 0x0eac  NcbService - ok
20:06:57.0648 0x0eac  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
20:06:57.0664 0x0eac  NcdAutoSetup - ok
20:06:57.0687 0x0eac  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\windows\system32\drivers\ndis.sys
20:06:57.0720 0x0eac  NDIS - ok
20:06:57.0724 0x0eac  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
20:06:57.0735 0x0eac  NdisCap - ok
20:06:57.0740 0x0eac  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
20:06:57.0751 0x0eac  NdisImPlatform - ok
20:06:57.0754 0x0eac  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:06:57.0765 0x0eac  NdisTapi - ok
20:06:57.0769 0x0eac  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
20:06:57.0778 0x0eac  Ndisuio - ok
20:06:57.0781 0x0eac  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\windows\System32\drivers\NdisVirtualBus.sys
20:06:57.0791 0x0eac  NdisVirtualBus - ok
20:06:57.0798 0x0eac  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
20:06:57.0813 0x0eac  NdisWan - ok
20:06:57.0819 0x0eac  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\windows\system32\DRIVERS\ndiswan.sys
20:06:57.0832 0x0eac  NdisWanLegacy - ok
20:06:57.0836 0x0eac  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
20:06:57.0848 0x0eac  NDProxy - ok
20:06:57.0853 0x0eac  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\windows\system32\drivers\Ndu.sys
20:06:57.0865 0x0eac  Ndu - ok
20:06:57.0869 0x0eac  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
20:06:57.0879 0x0eac  NetBIOS - ok
20:06:57.0887 0x0eac  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
20:06:57.0901 0x0eac  NetBT - ok
20:06:57.0905 0x0eac  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\windows\system32\lsass.exe
20:06:57.0913 0x0eac  Netlogon - ok
20:06:57.0922 0x0eac  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\windows\System32\netman.dll
20:06:57.0937 0x0eac  Netman - ok
20:06:57.0952 0x0eac  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\windows\System32\netprofmsvc.dll
20:06:57.0974 0x0eac  netprofm - ok
20:06:57.0984 0x0eac  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:06:57.0995 0x0eac  NetTcpPortSharing - ok
20:06:57.0999 0x0eac  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\windows\system32\DRIVERS\netvsc63.sys
20:06:58.0009 0x0eac  netvsc - ok
20:06:58.0090 0x0eac  [ 31D3E4959C410A7DEC2109CA8BF369AD, C62EFB02E950BCAC104051603DEDD9A497ED4FA81D3236008C15AFACE6CBE092 ] NETwNb64        C:\windows\system32\DRIVERS\NETwbw02.sys
20:06:58.0154 0x0eac  NETwNb64 - ok
20:06:58.0242 0x0eac  [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64        C:\windows\system32\DRIVERS\NETwew02.sys
20:06:58.0338 0x0eac  NETwNe64 - ok
20:06:58.0351 0x0eac  [ 16D554B750B93034A3D89EC07895E414, F3BB2CF8E0EA07D50C2E99221AF0B2A0BDB6D835C0249D479DE8AFD94ADED674 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
20:06:58.0360 0x0eac  NitroDriverReadSpool8 - ok
20:06:58.0370 0x0eac  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\windows\System32\nlasvc.dll
20:06:58.0388 0x0eac  NlaSvc - ok
20:06:58.0406 0x0eac  [ 4EE0410161B7BE586302AFBEBBEB8AD6, A9A228C5B62D8DDC11F40FACB09540FE53D01F8882E7A4935152F60F04EA2DE3 ] nlsX86cc        C:\windows\SysWOW64\NLSSRV32.EXE
20:06:58.0413 0x0eac  nlsX86cc - ok
20:06:58.0418 0x0eac  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:06:58.0428 0x0eac  Npfs - ok
20:06:58.0433 0x0eac  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
20:06:58.0442 0x0eac  npsvctrig - ok
20:06:58.0447 0x0eac  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\windows\system32\nsisvc.dll
20:06:58.0458 0x0eac  nsi - ok
20:06:58.0462 0x0eac  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
20:06:58.0471 0x0eac  nsiproxy - ok
20:06:58.0510 0x0eac  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:06:58.0561 0x0eac  Ntfs - ok
20:06:58.0565 0x0eac  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\windows\system32\drivers\Null.sys
20:06:58.0574 0x0eac  Null - ok
20:06:58.0580 0x0eac  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\windows\system32\drivers\nvraid.sys
20:06:58.0590 0x0eac  nvraid - ok
20:06:58.0595 0x0eac  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\windows\system32\drivers\nvstor.sys
20:06:58.0606 0x0eac  nvstor - ok
20:06:58.0610 0x0eac  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
20:06:58.0620 0x0eac  nv_agp - ok
20:06:58.0632 0x0eac  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:06:58.0645 0x0eac  odserv - ok
20:06:58.0651 0x0eac  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:06:58.0658 0x0eac  ose - ok
20:06:58.0669 0x0eac  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
20:06:58.0685 0x0eac  p2pimsvc - ok
20:06:58.0695 0x0eac  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\windows\system32\p2psvc.dll
20:06:58.0712 0x0eac  p2psvc - ok
20:06:58.0717 0x0eac  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\windows\System32\drivers\parport.sys
20:06:58.0728 0x0eac  Parport - ok
20:06:58.0733 0x0eac  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
20:06:58.0743 0x0eac  partmgr - ok
20:06:58.0775 0x0eac  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\windows\System32\pcasvc.dll
20:06:58.0792 0x0eac  PcaSvc - ok
20:06:58.0802 0x0eac  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\windows\system32\drivers\pci.sys
20:06:58.0816 0x0eac  pci - ok
20:06:58.0820 0x0eac  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\windows\system32\drivers\pciide.sys
20:06:58.0827 0x0eac  pciide - ok
20:06:58.0831 0x0eac  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
20:06:58.0841 0x0eac  pcmcia - ok
20:06:58.0845 0x0eac  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\windows\system32\drivers\pcw.sys
20:06:58.0853 0x0eac  pcw - ok
20:06:58.0857 0x0eac  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\windows\system32\drivers\pdc.sys
20:06:58.0866 0x0eac  pdc - ok
20:06:58.0881 0x0eac  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
20:06:58.0902 0x0eac  PEAUTH - ok
20:06:58.0907 0x0eac  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\windows\SysWow64\perfhost.exe
20:06:58.0916 0x0eac  PerfHost - ok
20:06:58.0925 0x0eac  [ FB6ADFAAFFF621B366BBCC81EC0B7118, 2B33054B6EE10B99EADF201B75B89E943E1D165E2D23DA1F1E508702BE4A2762 ] PGService       C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
20:06:58.0933 0x0eac  PGService - ok
20:06:58.0940 0x0eac  [ 3A6D56E0E072AB0F022FE03ED8C2693A, 8AA5823F68FEDEDB5E8916BD35832BC438A781142CF1672983D593B903083A68 ] PhoneCompanionPusher C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
20:06:58.0949 0x0eac  PhoneCompanionPusher - ok
20:06:58.0957 0x0eac  [ 0B2E100645AFAB3204313148DFE42322, C28FA6EF4FD8001E8F3367A7CB32E44F5D6A3E1EFBEC3C947A2FD3C3B0AF3568 ] PhoneCompanionVap C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe
20:06:58.0969 0x0eac  PhoneCompanionVap - ok
20:06:59.0005 0x0eac  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\windows\system32\pla.dll
20:06:59.0048 0x0eac  pla - ok
20:06:59.0054 0x0eac  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
20:06:59.0064 0x0eac  PlugPlay - ok
20:06:59.0068 0x0eac  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
20:06:59.0077 0x0eac  PNRPAutoReg - ok
20:06:59.0086 0x0eac  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
20:06:59.0100 0x0eac  PNRPsvc - ok
20:06:59.0109 0x0eac  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
20:06:59.0127 0x0eac  PolicyAgent - ok
20:06:59.0133 0x0eac  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\windows\system32\umpo.dll
20:06:59.0144 0x0eac  Power - ok
20:06:59.0236 0x0eac  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:06:59.0299 0x0eac  PrintNotify - ok
20:06:59.0310 0x0eac  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\windows\System32\drivers\processr.sys
20:06:59.0321 0x0eac  Processor - ok
20:06:59.0327 0x0eac  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\windows\system32\profsvc.dll
20:06:59.0341 0x0eac  ProfSvc - ok
20:06:59.0346 0x0eac  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\windows\system32\DRIVERS\pacer.sys
20:06:59.0359 0x0eac  Psched - ok
20:06:59.0367 0x0eac  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\windows\system32\qwave.dll
20:06:59.0384 0x0eac  QWAVE - ok
20:06:59.0388 0x0eac  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
20:06:59.0399 0x0eac  QWAVEdrv - ok
20:06:59.0402 0x0eac  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:06:59.0412 0x0eac  RasAcd - ok
20:06:59.0417 0x0eac  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\windows\System32\rasauto.dll
20:06:59.0429 0x0eac  RasAuto - ok
20:06:59.0443 0x0eac  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\windows\System32\rasmans.dll
20:06:59.0463 0x0eac  RasMan - ok
20:06:59.0468 0x0eac  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:06:59.0480 0x0eac  RasPppoe - ok
20:06:59.0490 0x0eac  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
20:06:59.0504 0x0eac  rdbss - ok
20:06:59.0509 0x0eac  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
20:06:59.0517 0x0eac  rdpbus - ok
20:06:59.0523 0x0eac  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
20:06:59.0534 0x0eac  RDPDR - ok
20:06:59.0540 0x0eac  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
20:06:59.0547 0x0eac  RdpVideoMiniport - ok
20:06:59.0555 0x0eac  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
20:06:59.0567 0x0eac  rdyboost - ok
20:06:59.0591 0x0eac  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\windows\system32\drivers\ReFS.sys
20:06:59.0619 0x0eac  ReFS - ok
20:06:59.0628 0x0eac  [ 76181AD8E1B520B9C466C52B7E6149AB, 16BF9D0C7DB70327A977171F3078E32025C60FE7660DD84DFA631A407A570EA1 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:06:59.0635 0x0eac  RegSrvc - ok
20:06:59.0642 0x0eac  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\windows\System32\mprdim.dll
20:06:59.0659 0x0eac  RemoteAccess - ok
20:06:59.0665 0x0eac  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:06:59.0682 0x0eac  RemoteRegistry - ok
20:06:59.0689 0x0eac  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
20:06:59.0700 0x0eac  RFCOMM - ok
20:06:59.0711 0x0eac  [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
20:06:59.0724 0x0eac  RichVideo64 - ok
20:06:59.0728 0x0eac  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
20:06:59.0739 0x0eac  RpcEptMapper - ok
20:06:59.0742 0x0eac  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\windows\system32\locator.exe
20:06:59.0752 0x0eac  RpcLocator - ok
20:06:59.0767 0x0eac  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\windows\system32\rpcss.dll
20:06:59.0789 0x0eac  RpcSs - ok
20:06:59.0794 0x0eac  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
20:06:59.0806 0x0eac  rspndr - ok
20:06:59.0815 0x0eac  [ 9CF8593B62102545CB1652A1D8748FDD, 818639795720A7567CCE01EBC24A0119BFDCEA1B7A5ED4A11B5012D763C1B5CC ] RSUSBSTOR       C:\windows\System32\Drivers\RtsUStor.sys
20:06:59.0825 0x0eac  RSUSBSTOR - ok
20:06:59.0832 0x0eac  [ 6CBF283C7EBD07B7BB01D3E33B11BB28, 90B7AF25EFDBC71FDDD48D668BF410DB828ABD512FC02146E76962A8FF053DE9 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
20:06:59.0843 0x0eac  RtkAudioService - ok
20:06:59.0879 0x0eac  [ B0A0260A3C03156937ECDB67CE5C6FE5, 88102D22976398599FA6165E9DBC1213EF2A001C99602E2195C9A7BAB0A127D7 ] RtlWlanu        C:\windows\system32\DRIVERS\rtwlanu.sys
20:06:59.0921 0x0eac  RtlWlanu - ok
20:06:59.0925 0x0eac  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
20:06:59.0934 0x0eac  s3cap - ok
20:06:59.0938 0x0eac  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\windows\system32\lsass.exe
20:06:59.0946 0x0eac  SamSs - ok
20:06:59.0952 0x0eac  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
20:06:59.0962 0x0eac  sbp2port - ok
20:06:59.0970 0x0eac  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\windows\System32\SCardSvr.dll
20:06:59.0984 0x0eac  SCardSvr - ok
20:06:59.0989 0x0eac  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\windows\System32\ScDeviceEnum.dll
20:07:00.0007 0x0eac  ScDeviceEnum - ok
20:07:00.0012 0x0eac  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
20:07:00.0023 0x0eac  scfilter - ok
20:07:00.0060 0x0eac  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\windows\system32\schedsvc.dll
20:07:00.0095 0x0eac  Schedule - ok
20:07:00.0102 0x0eac  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\windows\System32\certprop.dll
20:07:00.0114 0x0eac  SCPolicySvc - ok
20:07:00.0143 0x0eac  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\windows\System32\drivers\sdbus.sys
20:07:00.0156 0x0eac  sdbus - ok
20:07:00.0162 0x0eac  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\windows\System32\drivers\sdstor.sys
20:07:00.0171 0x0eac  sdstor - ok
20:07:00.0174 0x0eac  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
20:07:00.0182 0x0eac  secdrv - ok
20:07:00.0186 0x0eac  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\windows\system32\seclogon.dll
20:07:00.0198 0x0eac  seclogon - ok
20:07:00.0203 0x0eac  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\windows\System32\sens.dll
20:07:00.0217 0x0eac  SENS - ok
20:07:00.0224 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsAlsDriver C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:00.0236 0x0eac  SensorsAlsDriver - ok
20:07:00.0242 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsHIDClassDriver C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:00.0253 0x0eac  SensorsHIDClassDriver - ok
20:07:00.0259 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsServiceDriver C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:00.0271 0x0eac  SensorsServiceDriver - ok
20:07:00.0278 0x0eac  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\windows\system32\sensrsvc.dll
20:07:00.0292 0x0eac  SensrSvc - ok
20:07:00.0296 0x0eac  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\windows\system32\drivers\SerCx.sys
20:07:00.0305 0x0eac  SerCx - ok
20:07:00.0310 0x0eac  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\windows\system32\drivers\SerCx2.sys
20:07:00.0320 0x0eac  SerCx2 - ok
20:07:00.0324 0x0eac  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\windows\System32\drivers\serenum.sys
20:07:00.0334 0x0eac  Serenum - ok
20:07:00.0344 0x0eac  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\windows\System32\drivers\serial.sys
20:07:00.0355 0x0eac  Serial - ok
20:07:00.0358 0x0eac  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\windows\System32\drivers\sermouse.sys
20:07:00.0367 0x0eac  sermouse - ok
20:07:00.0380 0x0eac  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\windows\system32\sessenv.dll
20:07:00.0395 0x0eac  SessionEnv - ok
20:07:00.0398 0x0eac  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
20:07:00.0407 0x0eac  sfloppy - ok
20:07:00.0418 0x0eac  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\windows\System32\ipnathlp.dll
20:07:00.0434 0x0eac  SharedAccess - ok
20:07:00.0449 0x0eac  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:07:00.0476 0x0eac  ShellHWDetection - ok
20:07:00.0480 0x0eac  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
20:07:00.0488 0x0eac  SiSRaid2 - ok
20:07:00.0492 0x0eac  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
20:07:00.0502 0x0eac  SiSRaid4 - ok
20:07:00.0505 0x0eac  [ 7F7580EB77F2F95ED67C8046C69D1242, 81CF1A440EA40FCE6B28E275BEFB5C743F3473DCF05ACBE517ECD7E904DD0A1C ] SmbDrvI         C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
20:07:00.0511 0x0eac  SmbDrvI - ok
20:07:00.0514 0x0eac  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\windows\System32\smphost.dll
20:07:00.0524 0x0eac  smphost - ok
20:07:00.0530 0x0eac  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
20:07:00.0542 0x0eac  SNMPTRAP - ok
20:07:00.0555 0x0eac  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\windows\system32\drivers\spaceport.sys
20:07:00.0572 0x0eac  spaceport - ok
20:07:00.0576 0x0eac  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
20:07:00.0586 0x0eac  SpbCx - ok
20:07:00.0603 0x0eac  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\windows\System32\spoolsv.exe
20:07:00.0626 0x0eac  Spooler - ok
20:07:00.0736 0x0eac  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\windows\system32\sppsvc.exe
20:07:00.0887 0x0eac  sppsvc - ok
20:07:00.0924 0x0eac  [ 2A9036906280663FA562D68C5E8599EF, 8EC147904E65AA67C813A916F61D36578C7DCBCB7C4BB626C84CBAEC0089B54C ] SPUVCbv         C:\windows\System32\Drivers\SPUVCbv_x64.sys
20:07:00.0964 0x0eac  SPUVCbv - ok
20:07:00.0974 0x0eac  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\windows\system32\DRIVERS\srv.sys
20:07:00.0989 0x0eac  srv - ok
20:07:01.0004 0x0eac  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
20:07:01.0025 0x0eac  srv2 - ok
20:07:01.0032 0x0eac  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
20:07:01.0044 0x0eac  srvnet - ok
20:07:01.0052 0x0eac  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
20:07:01.0067 0x0eac  SSDPSRV - ok
20:07:01.0073 0x0eac  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\windows\system32\sstpsvc.dll
20:07:01.0086 0x0eac  SstpSvc - ok
20:07:01.0093 0x0eac  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\windows\system32\DRIVERS\ssudmdm.sys
20:07:01.0102 0x0eac  ssudmdm - ok
20:07:01.0106 0x0eac  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\windows\system32\drivers\stexstor.sys
20:07:01.0113 0x0eac  stexstor - ok
20:07:01.0129 0x0eac  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\windows\System32\wiaservc.dll
20:07:01.0151 0x0eac  stisvc - ok
20:07:01.0156 0x0eac  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\windows\system32\drivers\storahci.sys
20:07:01.0165 0x0eac  storahci - ok
20:07:01.0169 0x0eac  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
20:07:01.0177 0x0eac  storflt - ok
20:07:01.0182 0x0eac  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\windows\system32\drivers\stornvme.sys
20:07:01.0190 0x0eac  stornvme - ok
20:07:01.0194 0x0eac  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\windows\system32\storsvc.dll
20:07:01.0204 0x0eac  StorSvc - ok
20:07:01.0208 0x0eac  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\windows\system32\drivers\storvsc.sys
20:07:01.0216 0x0eac  storvsc - ok
20:07:01.0219 0x0eac  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\windows\system32\svsvc.dll
20:07:01.0233 0x0eac  svsvc - ok
20:07:01.0236 0x0eac  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\windows\System32\drivers\swenum.sys
20:07:01.0243 0x0eac  swenum - ok
20:07:01.0259 0x0eac  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\windows\System32\swprv.dll
20:07:01.0282 0x0eac  swprv - ok
20:07:01.0296 0x0eac  [ F3FD427B1C036E060047B920887ACAE8, C5965F957D4D09FA5D579512251F14E7329B84C08B1A234636E750ED520AFF9E ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
20:07:01.0310 0x0eac  SynTP - ok
20:07:01.0335 0x0eac  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\windows\system32\sysmain.dll
20:07:01.0366 0x0eac  SysMain - ok
20:07:01.0375 0x0eac  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
20:07:01.0389 0x0eac  SystemEventsBroker - ok
20:07:01.0395 0x0eac  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\windows\System32\TabSvc.dll
20:07:01.0407 0x0eac  TabletInputService - ok
20:07:01.0416 0x0eac  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\windows\System32\tapisrv.dll
20:07:01.0431 0x0eac  TapiSrv - ok
20:07:01.0478 0x0eac  [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
20:07:01.0538 0x0eac  Tcpip - ok
20:07:01.0592 0x0eac  [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
20:07:01.0648 0x0eac  TCPIP6 - ok
20:07:01.0657 0x0eac  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
20:07:01.0666 0x0eac  tcpipreg - ok
20:07:01.0672 0x0eac  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\windows\system32\DRIVERS\tdx.sys
20:07:01.0682 0x0eac  tdx - ok
20:07:01.0686 0x0eac  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\windows\System32\drivers\terminpt.sys
20:07:01.0695 0x0eac  terminpt - ok
20:07:01.0717 0x0eac  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\windows\System32\termsrv.dll
20:07:01.0745 0x0eac  TermService - ok
20:07:01.0750 0x0eac  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\windows\system32\themeservice.dll
20:07:01.0766 0x0eac  Themes - ok
20:07:01.0770 0x0eac  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\windows\system32\mmcss.dll
20:07:01.0780 0x0eac  THREADORDER - ok
20:07:01.0788 0x0eac  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
20:07:01.0806 0x0eac  TimeBroker - ok
20:07:01.0813 0x0eac  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\windows\system32\drivers\tpm.sys
20:07:01.0824 0x0eac  TPM - ok
20:07:01.0830 0x0eac  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\windows\System32\trkwks.dll
20:07:01.0842 0x0eac  TrkWks - ok
20:07:01.0846 0x0eac  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:07:01.0857 0x0eac  TrustedInstaller - ok
20:07:01.0862 0x0eac  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
20:07:01.0871 0x0eac  TsUsbFlt - ok
20:07:01.0875 0x0eac  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
20:07:01.0884 0x0eac  TsUsbGD - ok
20:07:01.0890 0x0eac  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
20:07:01.0902 0x0eac  tunnel - ok
20:07:01.0906 0x0eac  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\windows\system32\drivers\uagp35.sys
20:07:01.0914 0x0eac  uagp35 - ok
20:07:01.0919 0x0eac  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
20:07:01.0928 0x0eac  UASPStor - ok
20:07:01.0936 0x0eac  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
20:07:01.0946 0x0eac  UCX01000 - ok
20:07:01.0956 0x0eac  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\windows\system32\DRIVERS\udfs.sys
20:07:01.0975 0x0eac  udfs - ok
20:07:01.0978 0x0eac  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\windows\System32\drivers\UEFI.sys
20:07:01.0986 0x0eac  UEFI - ok
20:07:01.0992 0x0eac  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\windows\system32\UI0Detect.exe
20:07:02.0005 0x0eac  UI0Detect - ok
20:07:02.0009 0x0eac  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
20:07:02.0017 0x0eac  uliagpkx - ok
20:07:02.0021 0x0eac  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\windows\System32\drivers\umbus.sys
20:07:02.0030 0x0eac  umbus - ok
20:07:02.0033 0x0eac  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\windows\System32\drivers\umpass.sys
20:07:02.0042 0x0eac  UmPass - ok
20:07:02.0050 0x0eac  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\windows\System32\umrdp.dll
20:07:02.0065 0x0eac  UmRdpService - ok
20:07:02.0076 0x0eac  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\windows\System32\upnphost.dll
20:07:02.0094 0x0eac  upnphost - ok
20:07:02.0101 0x0eac  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
20:07:02.0111 0x0eac  usbccgp - ok
20:07:02.0117 0x0eac  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\windows\System32\drivers\usbcir.sys
20:07:02.0127 0x0eac  usbcir - ok
20:07:02.0133 0x0eac  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\windows\System32\drivers\usbehci.sys
20:07:02.0141 0x0eac  usbehci - ok
20:07:02.0154 0x0eac  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\windows\System32\drivers\usbhub.sys
20:07:02.0170 0x0eac  usbhub - ok
20:07:02.0184 0x0eac  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
20:07:02.0200 0x0eac  USBHUB3 - ok
20:07:02.0204 0x0eac  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\windows\System32\drivers\usbohci.sys
20:07:02.0213 0x0eac  usbohci - ok
20:07:02.0217 0x0eac  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\windows\System32\drivers\usbprint.sys
20:07:02.0227 0x0eac  usbprint - ok
20:07:02.0233 0x0eac  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
20:07:02.0244 0x0eac  USBSTOR - ok
20:07:02.0248 0x0eac  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
20:07:02.0257 0x0eac  usbuhci - ok
20:07:02.0266 0x0eac  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
20:07:02.0279 0x0eac  usbvideo - ok
20:07:02.0290 0x0eac  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
20:07:02.0304 0x0eac  USBXHCI - ok
20:07:02.0308 0x0eac  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\windows\system32\lsass.exe
20:07:02.0317 0x0eac  VaultSvc - ok
20:07:02.0321 0x0eac  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
20:07:02.0328 0x0eac  vdrvroot - ok
20:07:02.0354 0x0eac  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\windows\System32\vds.exe
20:07:02.0386 0x0eac  vds - ok
20:07:02.0392 0x0eac  [ F7579733F4E8FF9B534C3F7D38F25C2C, 449FED49F2178D2A8000549B180606D050751762F53E600C13CFBEC91601DE87 ] VeriFaceSrv     C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
20:07:02.0399 0x0eac  VeriFaceSrv - ok
20:07:02.0405 0x0eac  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
20:07:02.0415 0x0eac  VerifierExt - ok
20:07:02.0431 0x0eac  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
20:07:02.0454 0x0eac  vhdmp - ok
20:07:02.0457 0x0eac  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\windows\system32\drivers\viaide.sys
20:07:02.0464 0x0eac  viaide - ok
20:07:02.0469 0x0eac  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\windows\system32\drivers\vmbus.sys
20:07:02.0477 0x0eac  vmbus - ok
20:07:02.0482 0x0eac  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
20:07:02.0490 0x0eac  VMBusHID - ok
20:07:02.0502 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\windows\System32\ICSvc.dll
20:07:02.0521 0x0eac  vmicguestinterface - ok
20:07:02.0531 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
20:07:02.0548 0x0eac  vmicheartbeat - ok
20:07:02.0560 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\windows\System32\ICSvc.dll
20:07:02.0577 0x0eac  vmickvpexchange - ok
20:07:02.0589 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\windows\System32\ICSvc.dll
20:07:02.0606 0x0eac  vmicrdv - ok
20:07:02.0618 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\windows\System32\ICSvc.dll
20:07:02.0635 0x0eac  vmicshutdown - ok
20:07:02.0647 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\windows\System32\ICSvc.dll
20:07:02.0663 0x0eac  vmictimesync - ok
20:07:02.0675 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\windows\System32\ICSvc.dll
20:07:02.0691 0x0eac  vmicvss - ok
20:07:02.0696 0x0eac  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\windows\system32\drivers\volmgr.sys
20:07:02.0706 0x0eac  volmgr - ok
20:07:02.0717 0x0eac  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
20:07:02.0731 0x0eac  volmgrx - ok
20:07:02.0741 0x0eac  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\windows\system32\drivers\volsnap.sys
20:07:02.0756 0x0eac  volsnap - ok
20:07:02.0760 0x0eac  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\windows\System32\drivers\vpci.sys
20:07:02.0769 0x0eac  vpci - ok
20:07:02.0776 0x0eac  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
20:07:02.0787 0x0eac  vsmraid - ok
20:07:02.0816 0x0eac  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\windows\system32\vssvc.exe
20:07:02.0851 0x0eac  VSS - ok
20:07:02.0860 0x0eac  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
20:07:02.0874 0x0eac  VSTXRAID - ok
20:07:02.0878 0x0eac  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
20:07:02.0886 0x0eac  vwifibus - ok
20:07:02.0892 0x0eac  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
20:07:02.0902 0x0eac  vwififlt - ok
20:07:02.0906 0x0eac  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
20:07:02.0914 0x0eac  vwifimp - ok
20:07:02.0925 0x0eac  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\windows\system32\w32time.dll
20:07:02.0943 0x0eac  W32Time - ok
20:07:02.0947 0x0eac  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\windows\System32\drivers\wacompen.sys
20:07:02.0957 0x0eac  WacomPen - ok
20:07:02.0987 0x0eac  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\windows\system32\wbengine.exe
20:07:03.0025 0x0eac  wbengine - ok
20:07:03.0037 0x0eac  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
20:07:03.0054 0x0eac  WbioSrvc - ok
20:07:03.0066 0x0eac  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
20:07:03.0081 0x0eac  Wcmsvc - ok
20:07:03.0092 0x0eac  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\windows\System32\wcncsvc.dll
20:07:03.0110 0x0eac  wcncsvc - ok
20:07:03.0114 0x0eac  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:07:03.0124 0x0eac  WcsPlugInService - ok
20:07:03.0128 0x0eac  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
20:07:03.0136 0x0eac  WdBoot - ok
20:07:03.0154 0x0eac  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
20:07:03.0177 0x0eac  Wdf01000 - ok
20:07:03.0185 0x0eac  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
20:07:03.0198 0x0eac  WdFilter - ok
20:07:03.0204 0x0eac  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\windows\system32\wdi.dll
20:07:03.0220 0x0eac  WdiServiceHost - ok
20:07:03.0224 0x0eac  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\windows\system32\wdi.dll
20:07:03.0238 0x0eac  WdiSystemHost - ok
20:07:03.0243 0x0eac  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\windows\system32\Drivers\WdNisDrv.sys
20:07:03.0254 0x0eac  WdNisDrv - ok
20:07:03.0256 0x0eac  WdNisSvc - ok
20:07:03.0264 0x0eac  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\windows\System32\webclnt.dll
20:07:03.0277 0x0eac  WebClient - ok
20:07:03.0285 0x0eac  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\windows\system32\wecsvc.dll
20:07:03.0299 0x0eac  Wecsvc - ok
20:07:03.0303 0x0eac  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\windows\system32\wephostsvc.dll
20:07:03.0316 0x0eac  WEPHOSTSVC - ok
20:07:03.0321 0x0eac  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
20:07:03.0333 0x0eac  wercplsupport - ok
20:07:03.0338 0x0eac  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\windows\System32\WerSvc.dll
20:07:03.0350 0x0eac  WerSvc - ok
20:07:03.0355 0x0eac  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
20:07:03.0365 0x0eac  WFPLWFS - ok
20:07:03.0370 0x0eac  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\windows\System32\wiarpc.dll
20:07:03.0380 0x0eac  WiaRpc - ok
20:07:03.0384 0x0eac  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
20:07:03.0392 0x0eac  WIMMount - ok
20:07:03.0394 0x0eac  WinDefend - ok
20:07:03.0414 0x0eac  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
20:07:03.0437 0x0eac  WinHttpAutoProxySvc - ok
20:07:03.0447 0x0eac  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
20:07:03.0462 0x0eac  Winmgmt - ok
20:07:03.0509 0x0eac  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\windows\system32\WsmSvc.dll
20:07:03.0568 0x0eac  WinRM - ok
20:07:03.0579 0x0eac  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
20:07:03.0588 0x0eac  WinUsb - ok
20:07:03.0618 0x0eac  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\windows\System32\wlansvc.dll
20:07:03.0654 0x0eac  WlanSvc - ok
20:07:03.0687 0x0eac  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\windows\system32\wlidsvc.dll
20:07:03.0726 0x0eac  wlidsvc - ok
20:07:03.0731 0x0eac  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
20:07:03.0739 0x0eac  WmiAcpi - ok
20:07:03.0747 0x0eac  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
20:07:03.0758 0x0eac  wmiApSrv - ok
20:07:03.0761 0x0eac  WMPNetworkSvc - ok
20:07:03.0768 0x0eac  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\windows\system32\drivers\Wof.sys
20:07:03.0778 0x0eac  Wof - ok
20:07:03.0811 0x0eac  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\windows\system32\workfolderssvc.dll
20:07:03.0850 0x0eac  workfolderssvc - ok
20:07:03.0855 0x0eac  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
20:07:03.0864 0x0eac  wpcfltr - ok
20:07:03.0867 0x0eac  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
20:07:03.0876 0x0eac  WPCSvc - ok
20:07:03.0881 0x0eac  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
20:07:03.0892 0x0eac  WPDBusEnum - ok
20:07:03.0895 0x0eac  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
20:07:03.0903 0x0eac  WpdUpFltr - ok
20:07:03.0906 0x0eac  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
20:07:03.0917 0x0eac  ws2ifsl - ok
20:07:03.0924 0x0eac  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\windows\System32\wscsvc.dll
20:07:03.0936 0x0eac  wscsvc - ok
20:07:03.0940 0x0eac  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\windows\System32\drivers\WSDPrint.sys
20:07:03.0948 0x0eac  WSDPrintDevice - ok
20:07:03.0953 0x0eac  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\windows\System32\drivers\WSDScan.sys
20:07:03.0962 0x0eac  WSDScan - ok
20:07:03.0965 0x0eac  WSearch - ok
20:07:04.0028 0x0eac  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\windows\System32\WSService.dll
20:07:04.0112 0x0eac  WSService - ok
20:07:04.0122 0x0eac  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
20:07:04.0129 0x0eac  wsvd - ok
20:07:04.0191 0x0eac  [ 9FDD8CD31F3FBA88F050318F32D640E2, BBCAFDA420E11D43BAD5D87D47607F4ADF0D817C1BF86D6389582B56EDD7C246 ] wuauserv        C:\windows\system32\wuaueng.dll
20:07:04.0266 0x0eac  wuauserv - ok
20:07:04.0273 0x0eac  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
20:07:04.0282 0x0eac  WudfPf - ok
20:07:04.0290 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
20:07:04.0301 0x0eac  WUDFRd - ok
20:07:04.0308 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:04.0320 0x0eac  WUDFSensorLP - ok
20:07:04.0324 0x0eac  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
20:07:04.0335 0x0eac  wudfsvc - ok
20:07:04.0342 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:04.0353 0x0eac  WUDFWpdFs - ok
20:07:04.0359 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:04.0370 0x0eac  WUDFWpdMtp - ok
20:07:04.0383 0x0eac  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\windows\System32\wwansvc.dll
20:07:04.0403 0x0eac  WwanSvc - ok
20:07:04.0408 0x0eac  [ B5909EE9DB919D075410B6CCF900E107, CB9785997F2015175DE507A80C3A71F5F8F748080464EC16050564C5CC0FD571 ] ymc             C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
20:07:04.0413 0x0eac  ymc - ok
20:07:04.0501 0x0eac  [ D852B17C3A11433D0D26D57490DFA1C8, 2B1D8F8D6A04C75A7765A8C26118AD19285EFEB57ECD178C707743B6668A3F3F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
20:07:04.0576 0x0eac  ZeroConfigService - ok
20:07:04.0586 0x0eac  ================ Scan global ===============================
20:07:04.0591 0x0eac  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\windows\system32\basesrv.dll
20:07:04.0599 0x0eac  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\windows\system32\winsrv.dll
20:07:04.0606 0x0eac  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\windows\system32\sxssrv.dll
20:07:04.0616 0x0eac  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\windows\system32\services.exe
20:07:04.0622 0x0eac  [ Global ] - ok
20:07:04.0623 0x0eac  ================ Scan MBR ==================================
20:07:04.0624 0x0eac  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:07:04.0658 0x0eac  \Device\Harddisk0\DR0 - ok
20:07:04.0658 0x0eac  ================ Scan VBR ==================================
20:07:04.0660 0x0eac  [ E2B375C8E9319135DD620B47DE24DD36 ] \Device\Harddisk0\DR0\Partition1
20:07:04.0661 0x0eac  \Device\Harddisk0\DR0\Partition1 - ok
20:07:04.0663 0x0eac  [ 73816C70F13DF5F819D5905DAB5FE876 ] \Device\Harddisk0\DR0\Partition2
20:07:04.0664 0x0eac  \Device\Harddisk0\DR0\Partition2 - ok
20:07:04.0666 0x0eac  [ 68E45029A96E1F4B5328FB2F2B693167 ] \Device\Harddisk0\DR0\Partition3
20:07:04.0667 0x0eac  \Device\Harddisk0\DR0\Partition3 - ok
20:07:04.0669 0x0eac  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
20:07:04.0669 0x0eac  \Device\Harddisk0\DR0\Partition4 - ok
20:07:04.0672 0x0eac  [ B0D0A82ED98437FE8DE1984BC4E94763 ] \Device\Harddisk0\DR0\Partition5
20:07:04.0674 0x0eac  \Device\Harddisk0\DR0\Partition5 - ok
20:07:04.0675 0x0eac  [ D63E14C7E54B838385A35A0D0E27EC15 ] \Device\Harddisk0\DR0\Partition6
20:07:04.0677 0x0eac  \Device\Harddisk0\DR0\Partition6 - ok
20:07:04.0679 0x0eac  [ 5896EBBE0191023BE9458B6206EFDD71 ] \Device\Harddisk0\DR0\Partition7
20:07:04.0681 0x0eac  \Device\Harddisk0\DR0\Partition7 - ok
20:07:04.0681 0x0eac  ================ Scan generic autorun ======================
20:07:04.0911 0x0eac  [ 047D94A22B47AF83DDE4E32BB4E06D0A, CB9257995C67A1A44D6D316C36D3AAEF639BFD51A26C699D70FD047C45440CA5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:07:05.0171 0x0eac  RtHDVCpl - ok
20:07:05.0258 0x0eac  [ D8AB6AC4A2D30641C9544021373B47EB, A0553AFB3B186D8EA28CF056139FA5AA150D6BD31E36E5EB9D5DD5940A90CA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:07:05.0292 0x0eac  RtHDVBg_Dolby - ok
20:07:05.0304 0x0eac  [ E50C263D8AB38DBD77D11263C8151708, 71ACC055C9D12BD6470DBF0C5E2D60DBE625565D729080EB59114979599A0CAF ] C:\windows\system32\igfxtray.exe
20:07:05.0320 0x0eac  IgfxTray - ok
20:07:05.0350 0x0eac  [ FADB06BC300A16A112D3B3949C2614D3, 13ECA5CC382148B8F5BF5F9208B449913E5A23BA95ED23FAB573C31A3AE95414 ] C:\windows\system32\hkcmd.exe
20:07:05.0371 0x0eac  HotKeysCmds - ok
20:07:05.0387 0x0eac  [ 293F44F1834FE2F7A99D746424167CA7, DBFDAE61824068DA23DDBD14B82E7B5D77E812A90BA60621C134ACB15AC6F5DA ] C:\windows\system32\igfxpers.exe
20:07:05.0408 0x0eac  Persistence - ok
20:07:05.0411 0x0eac  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
20:07:05.0414 0x0eac  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
20:07:07.0923 0x0eac  Detect skipped due to KSN trusted
20:07:07.0923 0x0eac  IAStorIcon - ok
20:07:07.0929 0x0eac  [ 92BED6F62FBAC9E327A3BF599CE9AB32, 6ED9BB1B97AB0BDC64CE07FB8757651A83C918320320B84AB823933B8ACFDEB6 ] C:\windows\system32\DptfPolicyLpmServiceHelper.exe
20:07:07.0937 0x0eac  DptfPolicyLpmServiceHelper - ok
20:07:07.0940 0x0eac  BTMTrayAgent - ok
20:07:07.0957 0x0eac  [ 5689BB0DB40DC712CC87A4F27925F939, 57164AEC7101BBB1E1321B1BD8CF91453F4A9AC549851885087B42E23D777DB2 ] C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
20:07:07.0978 0x0eac  Yoga PhoneCompanion - ok
20:07:07.0986 0x0eac  [ 0E941C611B5A20FD2B5CE4FA4B69B89D, 1E4B08E236D20F46669B26B5287CED18719A2AD4C1EAA0A20E3A4C7EFF827230 ] C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
20:07:07.0996 0x0eac  AutoStartTransition - ok
20:07:07.0998 0x0eac  Energy Manager - ok
20:07:08.0002 0x0eac  [ ACFA436C851BC9204A6E2B8EBC8B888D, F895E7A77C2C04E61FD8D09909E08172FFEBF039D6DCF7C3D84FF1992D5FFFD3 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
20:07:08.0008 0x0eac  Lenovo Utility - ok
20:07:08.0014 0x0eac  [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe
20:07:08.0022 0x0eac  Lenovo App Shop - ok
20:07:08.0026 0x0eac  [ 669649F7A9C083C95454DD6C13920B0A, 1D9C356CE97B0A2FCC80BE0C182E746F96CA5995EBA230E5178B698A0C31035E ] C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
20:07:08.0032 0x0eac  Yoga Picks - ok
20:07:08.0044 0x0eac  [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
20:07:08.0059 0x0eac  mcpltui_exe - ok
20:07:08.0064 0x0eac  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
20:07:08.0070 0x0eac  GrooveMonitor - ok
20:07:08.0074 0x0eac  [ 7F08566DF64B35F49EA29A82ABC843AC, 472801583D7FA4F8930A146514E8704676F0270EC94F561D62DB34DB3FEE985D ] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
20:07:08.0079 0x0eac  Monitor - detected UnsignedFile.Multi.Generic ( 1 )
20:07:10.0607 0x0eac  Detect skipped due to KSN trusted
20:07:10.0607 0x0eac  Monitor - ok
20:07:10.0611 0x0eac  [ 642F850B5D94E08AB6CFF997BE09C688, 3DA63A127667B7A35EB4ADC9DD5938C8FF35EE6AAD9BDE90D93881FFBC853731 ] C:\Windows\BrowserChoice\browserchoice.exe
20:07:10.0621 0x0eac  BrowserChoice - ok
20:07:10.0638 0x0eac  [ 66A4A7C7802E0968E07647999FFC87E2, 9724C8CB80AF63A4CA14BB3521695942AE33B6C18F42266C407301610C4C7BFE ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:07:10.0656 0x0eac  GoogleChromeAutoLaunch_1D57E82E54B212132D321B49430EE825 - ok
20:07:10.0769 0x0eac  [ 2E8A5736739C6D23F5CBAE22973A1E3A, DC69CF7132FF7CACCEF4E6A8A4C71D9E5CDB6F8A7521D72999E1A6A532C384D6 ] C:\Users\Ian\AppData\Roaming\Spotify\Spotify.exe
20:07:10.0877 0x0eac  Spotify - ok
20:07:10.0909 0x0eac  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Ian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
20:07:10.0939 0x0eac  Spotify Web Helper - ok
20:07:10.0941 0x0eac  GoogleDriveSync - ok
20:07:10.0943 0x0eac  Waiting for KSN requests completion. In queue: 41
20:07:11.0945 0x0eac  Waiting for KSN requests completion. In queue: 41
20:07:12.0945 0x0eac  Waiting for KSN requests completion. In queue: 41
20:07:13.0953 0x0eac  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x52000 ( disabled : updated )
20:07:13.0956 0x0eac  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
20:07:13.0957 0x0eac  FW detected via SS2: McAfee Firewall, C:\Pro20:05:41.0588 0x1738  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
20:05:41.0588 0x1738  UEFI system
20:05:47.0508 0x1738  ============================================================
20:05:47.0508 0x1738  Current date / time: 2014/11/02 20:05:47.0508
20:05:47.0508 0x1738  SystemInfo:
20:05:47.0508 0x1738  
20:05:47.0508 0x1738  OS Version: 6.3.9600 ServicePack: 0.0
20:05:47.0508 0x1738  Product type: Workstation
20:05:47.0509 0x1738  ComputerName: IAN-ULTRABOOK
20:05:47.0509 0x1738  UserName: Ian
20:05:47.0509 0x1738  Windows directory: C:\windows
20:05:47.0509 0x1738  System windows directory: C:\windows
20:05:47.0509 0x1738  Running under WOW64
20:05:47.0509 0x1738  Processor architecture: Intel x64
20:05:47.0509 0x1738  Number of processors: 4
20:05:47.0509 0x1738  Page size: 0x1000
20:05:47.0509 0x1738  Boot type: Normal boot
20:05:47.0509 0x1738  ============================================================
20:05:47.0666 0x1738  KLMD registered as C:\windows\system32\drivers\98180715.sys
20:05:47.0702 0x1738  System UUID: {6C721C30-2344-D7D3-2208-39B33331179D}
20:05:47.0926 0x1738  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:05:47.0928 0x1738  ============================================================
20:05:47.0928 0x1738  \Device\Harddisk0\DR0:
20:05:47.0928 0x1738  GPT partitions:
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9BEC4E63-5CEE-4050-AED5-0A0B69C46A16}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {2EF3E13C-37C7-4292-A4D3-C58FDF998995}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {A5830755-D7C7-4C87-B353-810EE9894753}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1D2E1E14-C8A8-4DE6-B86B-A7D64E3AE775}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {67CB26FF-E771-4E91-87D0-B962B4DCF01A}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x1A8EB000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F1330DB2-77C2-42D4-BD24-8D8999668506}, Name: Basic data partition, StartLBA 0x1AD95800, BlocksNum 0x800000
20:05:47.0929 0x1738  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {EAE30C98-36DF-4FAA-A6EB-1EC79631AF02}, Name: Basic data partition, StartLBA 0x1B595800, BlocksNum 0x275D800
20:05:47.0929 0x1738  MBR partitions:
20:05:47.0929 0x1738  ============================================================
20:05:47.0930 0x1738  C: <-> \Device\Harddisk0\DR0\Partition5
20:05:47.0931 0x1738  D: <-> \Device\Harddisk0\DR0\Partition6
20:05:47.0931 0x1738  ============================================================
20:05:47.0931 0x1738  Initialize success
20:05:47.0931 0x1738  ============================================================
20:06:43.0904 0x0eac  ============================================================
20:06:43.0904 0x0eac  Scan started
20:06:43.0904 0x0eac  Mode: Manual; SigCheck; TDLFS; 
20:06:43.0904 0x0eac  ============================================================
20:06:43.0904 0x0eac  KSN ping started
20:06:46.0336 0x0eac  KSN ping finished: true
20:06:46.0610 0x0eac  ================ Scan system memory ========================
20:06:46.0610 0x0eac  System memory - ok
20:06:46.0610 0x0eac  ================ Scan services =============================
20:06:46.0649 0x0eac  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
20:06:46.0683 0x0eac  1394ohci - ok
20:06:46.0694 0x0eac  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\windows\system32\drivers\3ware.sys
20:06:46.0703 0x0eac  3ware - ok
20:06:46.0721 0x0eac  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\windows\system32\drivers\ACPI.sys
20:06:46.0745 0x0eac  ACPI - ok
20:06:46.0750 0x0eac  [ A273E88FAC37A4F819ED99FE4B642F4D, 994DC229B7B4379852928DF0B22E8E575AB239FD8904AF580AA36A44ED717CD9 ] acpials         C:\windows\system32\DRIVERS\acpials.sys
20:06:46.0758 0x0eac  acpials - ok
20:06:46.0763 0x0eac  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\windows\system32\Drivers\acpiex.sys
20:06:46.0771 0x0eac  acpiex - ok
20:06:46.0775 0x0eac  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
20:06:46.0785 0x0eac  acpipagr - ok
20:06:46.0788 0x0eac  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
20:06:46.0797 0x0eac  AcpiPmi - ok
20:06:46.0802 0x0eac  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\windows\System32\drivers\acpitime.sys
20:06:46.0813 0x0eac  acpitime - ok
20:06:46.0824 0x0eac  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\windows\System32\drivers\AcpiVpc.sys
20:06:46.0838 0x0eac  ACPIVPC - ok
20:06:46.0861 0x0eac  [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:06:46.0874 0x0eac  AdobeFlashPlayerUpdateSvc - ok
20:06:46.0894 0x0eac  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\windows\system32\drivers\ADP80XX.SYS
20:06:46.0922 0x0eac  ADP80XX - ok
20:06:46.0930 0x0eac  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
20:06:46.0946 0x0eac  AeLookupSvc - ok
20:06:46.0963 0x0eac  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\windows\system32\drivers\afd.sys
20:06:46.0984 0x0eac  AFD - ok
20:06:46.0992 0x0eac  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\windows\system32\drivers\agp440.sys
20:06:47.0002 0x0eac  agp440 - ok
20:06:47.0008 0x0eac  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\windows\system32\DRIVERS\ahcache.sys
20:06:47.0020 0x0eac  ahcache - ok
20:06:47.0025 0x0eac  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\windows\System32\alg.exe
20:06:47.0037 0x0eac  ALG - ok
20:06:47.0043 0x0eac  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\windows\System32\drivers\amdk8.sys
20:06:47.0054 0x0eac  AmdK8 - ok
20:06:47.0059 0x0eac  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
20:06:47.0070 0x0eac  AmdPPM - ok
20:06:47.0074 0x0eac  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\windows\system32\drivers\amdsata.sys
20:06:47.0083 0x0eac  amdsata - ok
20:06:47.0089 0x0eac  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
20:06:47.0102 0x0eac  amdsbs - ok
20:06:47.0106 0x0eac  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\windows\system32\drivers\amdxata.sys
20:06:47.0113 0x0eac  amdxata - ok
20:06:47.0118 0x0eac  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\windows\system32\drivers\appid.sys
20:06:47.0127 0x0eac  AppID - ok
20:06:47.0131 0x0eac  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\windows\System32\appidsvc.dll
20:06:47.0140 0x0eac  AppIDSvc - ok
20:06:47.0144 0x0eac  [ 7667B9D81EA8FD6540E6CF72F92161A6, 98F3D0E376F715EBE083FE112CAA640BCE0F13DCE0F244D059D7FA019EA3D24C ] Appinfo         C:\windows\System32\appinfo.dll
20:06:47.0156 0x0eac  Appinfo - ok
20:06:47.0168 0x0eac  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\windows\system32\AppReadiness.dll
20:06:47.0187 0x0eac  AppReadiness - ok
20:06:47.0213 0x0eac  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\windows\system32\appxdeploymentserver.dll
20:06:47.0247 0x0eac  AppXSvc - ok
20:06:47.0253 0x0eac  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\windows\system32\drivers\arcsas.sys
20:06:47.0263 0x0eac  arcsas - ok
20:06:47.0266 0x0eac  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\windows\system32\drivers\atapi.sys
20:06:47.0274 0x0eac  atapi - ok
20:06:47.0281 0x0eac  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
20:06:47.0293 0x0eac  AudioEndpointBuilder - ok
20:06:47.0315 0x0eac  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\windows\System32\Audiosrv.dll
20:06:47.0341 0x0eac  Audiosrv - ok
20:06:47.0349 0x0eac  [ 943B743BEA5AE4EEA43250FFCC99C522, 387966A350796EFB6682A975D66F057B622296F6ADF4AFCEECD9F775BA97BFE6 ] AX88772         C:\windows\system32\DRIVERS\ax88772.sys
20:06:47.0362 0x0eac  AX88772 - ok
20:06:47.0367 0x0eac  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\windows\System32\AxInstSV.dll
20:06:47.0377 0x0eac  AxInstSV - ok
20:06:47.0390 0x0eac  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
20:06:47.0409 0x0eac  b06bdrv - ok
20:06:47.0413 0x0eac  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
20:06:47.0422 0x0eac  BasicDisplay - ok
20:06:47.0426 0x0eac  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
20:06:47.0434 0x0eac  BasicRender - ok
20:06:47.0438 0x0eac  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\windows\System32\drivers\bcmfn2.sys
20:06:47.0444 0x0eac  bcmfn2 - ok
20:06:47.0453 0x0eac  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\windows\System32\bdesvc.dll
20:06:47.0467 0x0eac  BDESVC - ok
20:06:47.0471 0x0eac  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\windows\system32\drivers\Beep.sys
20:06:47.0479 0x0eac  Beep - ok
20:06:47.0496 0x0eac  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\windows\System32\bfe.dll
20:06:47.0520 0x0eac  BFE - ok
20:06:47.0542 0x0eac  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\windows\System32\qmgr.dll
20:06:47.0576 0x0eac  BITS - ok
20:06:47.0602 0x0eac  [ E7429ECD0C47CC065EEACF7E9D0E6341, 10D8231E14C908A0949108EB5F84E17BA10ABFC370D0C5F65945B23879AB12BF ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
20:06:47.0627 0x0eac  Bluetooth Device Monitor - ok
20:06:47.0652 0x0eac  [ 9C0FDB0E3CFE542847E5140FAF17E89F, 290C08C0F8413D15BA41BEFC3D5A9D3E97FB6C55B91FE80D518BEA95A2838173 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
20:06:47.0676 0x0eac  Bluetooth OBEX Service - ok
20:06:47.0681 0x0eac  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\windows\system32\DRIVERS\bowser.sys
20:06:47.0690 0x0eac  bowser - ok
20:06:47.0698 0x0eac  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
20:06:47.0712 0x0eac  BrokerInfrastructure - ok
20:06:47.0717 0x0eac  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\windows\System32\browser.dll
20:06:47.0729 0x0eac  Browser - ok
20:06:47.0732 0x0eac  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
20:06:47.0741 0x0eac  BthAvrcpTg - ok
20:06:47.0745 0x0eac  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
20:06:47.0755 0x0eac  BthEnum - ok
20:06:47.0759 0x0eac  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
20:06:47.0770 0x0eac  BthHFEnum - ok
20:06:47.0773 0x0eac  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
20:06:47.0781 0x0eac  bthhfhid - ok
20:06:47.0790 0x0eac  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\windows\System32\drivers\BthLEEnum.sys
20:06:47.0801 0x0eac  BthLEEnum - ok
20:06:47.0805 0x0eac  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
20:06:47.0814 0x0eac  BTHMODEM - ok
20:06:47.0819 0x0eac  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\windows\System32\drivers\bthpan.sys
20:06:47.0829 0x0eac  BthPan - ok
20:06:47.0858 0x0eac  [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
20:06:47.0886 0x0eac  BTHPORT - ok
20:06:47.0891 0x0eac  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\windows\system32\bthserv.dll
20:06:47.0901 0x0eac  bthserv - ok
20:06:47.0906 0x0eac  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
20:06:47.0916 0x0eac  BTHUSB - ok
20:06:47.0922 0x0eac  [ 5B8D71504FA8BFA308F6E1169B89D322, 1DC0CF47C5F655EA0F0992020C17A86D05637F55ACBB17380283EBB883A4D14D ] btmaux          C:\windows\system32\DRIVERS\btmaux.sys
20:06:47.0928 0x0eac  btmaux - ok
20:06:47.0956 0x0eac  [ A5D4D0B7EB24454777D6029AA6794D81, E39AB28BD48EDB285438F6AC37B26B135972DCD446D07878E28447FA979318C0 ] btmhsf          C:\windows\system32\DRIVERS\btmhsf.sys
20:06:47.0985 0x0eac  btmhsf - ok
20:06:47.0990 0x0eac  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
20:06:48.0001 0x0eac  cdfs - ok
20:06:48.0008 0x0eac  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\windows\System32\drivers\cdrom.sys
20:06:48.0017 0x0eac  cdrom - ok
20:06:48.0023 0x0eac  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\windows\System32\certprop.dll
20:06:48.0037 0x0eac  CertPropSvc - ok
20:06:48.0041 0x0eac  [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids          C:\windows\system32\drivers\cfwids.sys
20:06:48.0047 0x0eac  cfwids - ok
20:06:48.0051 0x0eac  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\windows\System32\drivers\circlass.sys
20:06:48.0060 0x0eac  circlass - ok
20:06:48.0070 0x0eac  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\windows\system32\drivers\CLFS.sys
20:06:48.0085 0x0eac  CLFS - ok
20:06:48.0093 0x0eac  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
20:06:48.0101 0x0eac  CmBatt - ok
20:06:48.0114 0x0eac  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\windows\system32\Drivers\cng.sys
20:06:48.0134 0x0eac  CNG - ok
20:06:48.0139 0x0eac  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
20:06:48.0148 0x0eac  CompositeBus - ok
20:06:48.0150 0x0eac  COMSysApp - ok
20:06:48.0154 0x0eac  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\windows\system32\drivers\condrv.sys
20:06:48.0163 0x0eac  condrv - ok
20:06:48.0184 0x0eac  [ 56D1D35F12F9A07803F6108D4EDCEB78, A947CE92E3E73FCEB4F2B02C789EFAD7E300614E917633F42668CCE9E2F7EE56 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
20:06:48.0195 0x0eac  cphs - ok
20:06:48.0202 0x0eac  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\windows\system32\cryptsvc.dll
20:06:48.0213 0x0eac  CryptSvc - ok
20:06:48.0217 0x0eac  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\windows\system32\drivers\dam.sys
20:06:48.0224 0x0eac  dam - ok
20:06:48.0240 0x0eac  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\windows\system32\rpcss.dll
20:06:48.0265 0x0eac  DcomLaunch - ok
20:06:48.0275 0x0eac  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\windows\System32\defragsvc.dll
20:06:48.0293 0x0eac  defragsvc - ok
20:06:48.0303 0x0eac  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\windows\system32\das.dll
20:06:48.0320 0x0eac  DeviceAssociationService - ok
20:06:48.0325 0x0eac  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
20:06:48.0336 0x0eac  DeviceInstall - ok
20:06:48.0341 0x0eac  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
20:06:48.0351 0x0eac  Dfsc - ok
20:06:48.0355 0x0eac  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\windows\system32\DRIVERS\ssudbus.sys
20:06:48.0363 0x0eac  dg_ssudbus - ok
20:06:48.0371 0x0eac  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\windows\system32\dhcpcore.dll
20:06:48.0385 0x0eac  Dhcp - ok
20:06:48.0391 0x0eac  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\windows\system32\drivers\disk.sys
20:06:48.0400 0x0eac  disk - ok
20:06:48.0403 0x0eac  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
20:06:48.0411 0x0eac  dmvsc - ok
20:06:48.0418 0x0eac  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:06:48.0431 0x0eac  Dnscache - ok
20:06:48.0438 0x0eac  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\windows\System32\dot3svc.dll
20:06:48.0454 0x0eac  dot3svc - ok
20:06:48.0460 0x0eac  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\windows\system32\dps.dll
20:06:48.0475 0x0eac  DPS - ok
20:06:48.0481 0x0eac  [ E87CD3E4F9AC0A2C181990CB781DD4BA, 693F30DF8D4AE732BBB36D250D89DEC05C291B0A0998CBE87677E4F019253432 ] DptfDevPch      C:\windows\system32\DRIVERS\DptfDevPch.sys
20:06:48.0489 0x0eac  DptfDevPch - ok
20:06:48.0497 0x0eac  [ 1C3C798B4150F7A047853838EBE2A95B, 8A44147DAB1FCBD5F23B5D427D12D0D5CA4A8260216ECE155CD849D09328069A ] DptfDevProc     C:\windows\system32\DRIVERS\DptfDevProc.sys
20:06:48.0508 0x0eac  DptfDevProc - ok
20:06:48.0521 0x0eac  [ 133C04EDB13A8A7740FFA3D7DD397C80, 56A28AF194354A6AA48A9204F13C845A4B3FE4E3139BBDE31DDDE318F3FB20C9 ] DptfManager     C:\windows\system32\DRIVERS\DptfManager.sys
20:06:48.0537 0x0eac  DptfManager - ok
20:06:48.0541 0x0eac  [ 8A18176B5108C2FBB23ADA9D548BDD3A, 204E39EE27B6FEDB75E97950B1608DEB0641248857FF0FDD2B66168929967043 ] DptfParticipantProcessorService C:\windows\system32\DptfParticipantProcessorService.exe
20:06:48.0550 0x0eac  DptfParticipantProcessorService - ok
20:06:48.0554 0x0eac  [ 82239362B0C3CDA6C2E69EAB73FA8A97, 73ADB64C365E5C1F2DF92B91982E65577ADC58DE84ECF0399F0C1C380602E630 ] DptfPolicyConfigTDPService C:\windows\system32\DptfPolicyConfigTDPService.exe
20:06:48.0563 0x0eac  DptfPolicyConfigTDPService - ok
20:06:48.0569 0x0eac  [ FAFA22CD7FD7B0A195239E738F7B7030, 9DF3810F814ACD4A694F25482E57ADEA01F1072CEAA4AC14ED5D383A4D2DE385 ] DptfPolicyCriticalService C:\windows\system32\DptfPolicyCriticalService.exe
20:06:48.0578 0x0eac  DptfPolicyCriticalService - ok
20:06:48.0583 0x0eac  [ 06B40DF90D494E2242C63DCACB354B8E, A10EB3EF74EDA33CF710B74E52D97A2B3B7874F3C5212016ED1FB89F8070D6A9 ] DptfPolicyLpmService C:\windows\system32\DptfPolicyLpmService.exe
20:06:48.0591 0x0eac  DptfPolicyLpmService - ok
20:06:48.0595 0x0eac  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
20:06:48.0602 0x0eac  drmkaud - ok
20:06:48.0608 0x0eac  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
20:06:48.0625 0x0eac  DsmSvc - ok
20:06:48.0656 0x0eac  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
20:06:48.0697 0x0eac  DXGKrnl - ok
20:06:48.0705 0x0eac  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\windows\System32\eapsvc.dll
20:06:48.0717 0x0eac  Eaphost - ok
20:06:48.0806 0x0eac  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\windows\system32\drivers\evbda.sys
20:06:48.0953 0x0eac  ebdrv - ok
20:06:48.0963 0x0eac  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\windows\System32\lsass.exe
20:06:48.0978 0x0eac  EFS - ok
20:06:48.0986 0x0eac  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
20:06:48.0996 0x0eac  EhStorClass - ok
20:06:49.0002 0x0eac  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
20:06:49.0013 0x0eac  EhStorTcgDrv - ok
20:06:49.0019 0x0eac  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\windows\System32\drivers\errdev.sys
20:06:49.0027 0x0eac  ErrDev - ok
20:06:49.0042 0x0eac  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\windows\system32\es.dll
20:06:49.0063 0x0eac  EventSystem - ok
20:06:49.0079 0x0eac  [ 905B24D42EA6C7E6988838186DBC8C4C, B2E262D666CF266F32A03505D29AC078E7C5F062AEF0A5D91584877CC9FFB47D ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:06:49.0097 0x0eac  EvtEng - ok
20:06:49.0104 0x0eac  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\windows\system32\drivers\exfat.sys
20:06:49.0121 0x0eac  exfat - ok
20:06:49.0127 0x0eac  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\windows\system32\drivers\fastfat.sys
20:06:49.0139 0x0eac  fastfat - ok
20:06:49.0154 0x0eac  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\windows\system32\fxssvc.exe
20:06:49.0175 0x0eac  Fax - ok
20:06:49.0180 0x0eac  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\windows\System32\drivers\fdc.sys
20:06:49.0188 0x0eac  fdc - ok
20:06:49.0192 0x0eac  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\windows\system32\fdPHost.dll
20:06:49.0206 0x0eac  fdPHost - ok
20:06:49.0209 0x0eac  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\windows\system32\fdrespub.dll
20:06:49.0223 0x0eac  FDResPub - ok
20:06:49.0228 0x0eac  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\windows\system32\fhsvc.dll
20:06:49.0239 0x0eac  fhsvc - ok
20:06:49.0244 0x0eac  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
20:06:49.0254 0x0eac  FileInfo - ok
20:06:49.0258 0x0eac  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\windows\system32\drivers\filetrace.sys
20:06:49.0272 0x0eac  Filetrace - ok
20:06:49.0277 0x0eac  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
20:06:49.0288 0x0eac  flpydisk - ok
20:06:49.0298 0x0eac  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
20:06:49.0313 0x0eac  FltMgr - ok
20:06:49.0318 0x0eac  [ 6CD6BB45BD3E0EEF6CE496BF52854FF1, 939630A1EEAB79DD5AA3D9272B9EDC0550BC06D40C9B398815FCFF4AC12A7F2C ] FlyUsb          C:\windows\System32\drivers\FlyUsb.sys
20:06:49.0325 0x0eac  FlyUsb - ok
20:06:49.0357 0x0eac  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\windows\system32\FntCache.dll
20:06:49.0397 0x0eac  FontCache - ok
20:06:49.0405 0x0eac  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:06:49.0413 0x0eac  FontCache3.0.0.0 - ok
20:06:49.0419 0x0eac  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
20:06:49.0428 0x0eac  FsDepends - ok
20:06:49.0431 0x0eac  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:06:49.0439 0x0eac  Fs_Rec - ok
20:06:49.0453 0x0eac  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
20:06:49.0476 0x0eac  fvevol - ok
20:06:49.0481 0x0eac  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
20:06:49.0490 0x0eac  FxPPM - ok
20:06:49.0493 0x0eac  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
20:06:49.0503 0x0eac  gagp30kx - ok
20:06:49.0506 0x0eac  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
20:06:49.0514 0x0eac  gencounter - ok
20:06:49.0520 0x0eac  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
20:06:49.0531 0x0eac  GPIOClx0101 - ok
20:06:49.0559 0x0eac  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\windows\System32\gpsvc.dll
20:06:49.0607 0x0eac  gpsvc - ok
20:06:49.0616 0x0eac  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:06:49.0623 0x0eac  gupdate - ok
20:06:49.0628 0x0eac  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:06:49.0634 0x0eac  gupdatem - ok
20:06:49.0640 0x0eac  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:06:49.0649 0x0eac  gusvc - ok
20:06:49.0661 0x0eac  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:06:49.0681 0x0eac  HdAudAddService - ok
20:06:49.0688 0x0eac  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
20:06:49.0697 0x0eac  HDAudBus - ok
20:06:49.0702 0x0eac  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
20:06:49.0710 0x0eac  HidBatt - ok
20:06:49.0718 0x0eac  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\windows\System32\drivers\hidbth.sys
20:06:49.0729 0x0eac  HidBth - ok
20:06:49.0733 0x0eac  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
20:06:49.0742 0x0eac  hidi2c - ok
20:06:49.0746 0x0eac  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\windows\System32\drivers\hidir.sys
20:06:49.0754 0x0eac  HidIr - ok
20:06:49.0758 0x0eac  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\windows\system32\hidserv.dll
20:06:49.0768 0x0eac  hidserv - ok
20:06:49.0772 0x0eac  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
20:06:49.0780 0x0eac  HidUsb - ok
20:06:49.0786 0x0eac  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\windows\system32\drivers\HipShieldK.sys
20:06:49.0796 0x0eac  HipShieldK - ok
20:06:49.0801 0x0eac  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\windows\system32\kmsvc.dll
20:06:49.0813 0x0eac  hkmsvc - ok
20:06:49.0822 0x0eac  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:06:49.0836 0x0eac  HomeGroupListener - ok
20:06:49.0846 0x0eac  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:06:49.0863 0x0eac  HomeGroupProvider - ok
20:06:49.0873 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:06:49.0884 0x0eac  HomeNetSvc - ok
20:06:49.0888 0x0eac  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
20:06:49.0898 0x0eac  HpSAMD - ok
20:06:49.0920 0x0eac  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\windows\system32\drivers\HTTP.sys
20:06:49.0947 0x0eac  HTTP - ok
20:06:49.0951 0x0eac  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
20:06:49.0959 0x0eac  hwpolicy - ok
20:06:49.0962 0x0eac  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
20:06:49.0970 0x0eac  hyperkbd - ok
20:06:49.0973 0x0eac  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
20:06:49.0982 0x0eac  HyperVideo - ok
20:06:49.0987 0x0eac  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
20:06:49.0998 0x0eac  i8042prt - ok
20:06:50.0003 0x0eac  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\windows\System32\drivers\iaLPSSi_GPIO.sys
20:06:50.0009 0x0eac  iaLPSSi_GPIO - ok
20:06:50.0014 0x0eac  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\windows\System32\drivers\iaLPSSi_I2C.sys
20:06:50.0021 0x0eac  iaLPSSi_I2C - ok
20:06:50.0039 0x0eac  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
20:06:50.0055 0x0eac  iaStorA - ok
20:06:50.0070 0x0eac  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\windows\system32\drivers\iaStorAV.sys
20:06:50.0088 0x0eac  iaStorAV - ok
20:06:50.0102 0x0eac  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:06:50.0107 0x0eac  IAStorDataMgrSvc - ok
20:06:50.0118 0x0eac  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
20:06:50.0135 0x0eac  iaStorV - ok
20:06:50.0141 0x0eac  [ DA3E76663D55775D675982F4C9CA2794, FCD84EA5A6787D4ADAAF8A1DD85E64BC280F60EC907D89AA1F7E95C5CAA60AFE ] ibtusb          C:\windows\system32\DRIVERS\ibtusb.sys
20:06:50.0148 0x0eac  ibtusb - ok
20:06:50.0151 0x0eac  IEEtwCollectorService - ok
20:06:50.0228 0x0eac  [ A874EC416801B152BD64916E1B5C107E, 6D41CAB617E06F3D9534DB44DFEB9C86F2AD55AFBF3E1B1B41BA2576C0C19407 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
20:06:50.0316 0x0eac  igfx - ok
20:06:50.0323 0x0eac  [ 39F3C7E218CE9118106D166F09AE1352, B78ADFC87AACF868D62A7FB0971B8786C1315A9B4D34D3E3159AD3F24D78AD62 ] ikbevent        C:\windows\system32\DRIVERS\ikbevent.sys
20:06:50.0329 0x0eac  ikbevent - ok
20:06:50.0351 0x0eac  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\windows\System32\ikeext.dll
20:06:50.0381 0x0eac  IKEEXT - ok
20:06:50.0385 0x0eac  [ 404906005D768E48BF16218B420249C7, 78409A077F244FCAC806180384C240F3BB1FF7ECF02EDB5E5D3188F458AB23D1 ] imsevent        C:\windows\system32\DRIVERS\imsevent.sys
20:06:50.0391 0x0eac  imsevent - ok
20:06:50.0395 0x0eac  [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON         C:\windows\System32\Drivers\INETMON.sys
20:06:50.0401 0x0eac  INETMON - ok
20:06:50.0404 0x0eac  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
20:06:50.0410 0x0eac  intaud_WaveExtensible - ok
20:06:50.0479 0x0eac  [ 0CDE7928C4B99C25AAED3B4E84E78168, 5B5444574551D2637A3827F26D248573AECE1B12DFA175C13B10B2A777AD2513 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:06:50.0546 0x0eac  IntcAzAudAddService - ok
20:06:50.0563 0x0eac  [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
20:06:50.0578 0x0eac  IntcDAud - ok
20:06:50.0612 0x0eac  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:06:50.0638 0x0eac  Intel® Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
20:06:53.0116 0x0eac  Detect skipped due to KSN trusted
20:06:53.0116 0x0eac  Intel® Capability Licensing Service Interface - ok
20:06:53.0139 0x0eac  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:06:53.0164 0x0eac  Intel® Capability Licensing Service TCP IP Interface - ok
20:06:53.0179 0x0eac  [ FEC3A8349DCBECB87850692F1020B023, AD3086C31CA7795FA8CB677C67CE7AFD37FAB728EB1027B8B2016F3B283FB958 ] Intel® Wireless Bluetooth® 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
20:06:53.0189 0x0eac  Intel® Wireless Bluetooth® 4.0 Radio Management - ok
20:06:53.0195 0x0eac  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\windows\system32\drivers\intelide.sys
20:06:53.0203 0x0eac  intelide - ok
20:06:53.0209 0x0eac  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\windows\system32\drivers\intelpep.sys
20:06:53.0221 0x0eac  intelpep - ok
20:06:53.0233 0x0eac  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\windows\System32\drivers\intelppm.sys
20:06:53.0242 0x0eac  intelppm - ok
20:06:53.0246 0x0eac  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:06:53.0258 0x0eac  IpFilterDriver - ok
20:06:53.0277 0x0eac  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
20:06:53.0303 0x0eac  iphlpsvc - ok
20:06:53.0308 0x0eac  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
20:06:53.0317 0x0eac  IPMIDRV - ok
20:06:53.0323 0x0eac  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
20:06:53.0335 0x0eac  IPNAT - ok
20:06:53.0339 0x0eac  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\windows\system32\drivers\irenum.sys
20:06:53.0349 0x0eac  IRENUM - ok
20:06:53.0354 0x0eac  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\windows\system32\drivers\isapnp.sys
20:06:53.0362 0x0eac  isapnp - ok
20:06:53.0372 0x0eac  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
20:06:53.0388 0x0eac  iScsiPrt - ok
20:06:53.0392 0x0eac  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\windows\System32\drivers\ISCTD64.sys
20:06:53.0398 0x0eac  ISCT - ok
20:06:53.0405 0x0eac  [ 5215D12B13FC2BC7717AA4884846D34F, B97B8FFC6FB212398BF772C08B318411EA70B683B816906F30EF35DEB5B1C130 ] ISCTAgent       C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
20:06:53.0414 0x0eac  ISCTAgent - ok
20:06:53.0421 0x0eac  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
20:06:53.0429 0x0eac  iumsvc - ok
20:06:53.0433 0x0eac  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\windows\System32\drivers\iwdbus.sys
20:06:53.0439 0x0eac  iwdbus - ok
20:06:53.0445 0x0eac  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:06:53.0453 0x0eac  jhi_service - ok
20:06:53.0458 0x0eac  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
20:06:53.0466 0x0eac  kbdclass - ok
20:06:53.0470 0x0eac  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
20:06:53.0479 0x0eac  kbdhid - ok
20:06:53.0483 0x0eac  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
20:06:53.0491 0x0eac  kdnic - ok
20:06:53.0495 0x0eac  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\windows\system32\lsass.exe
20:06:53.0504 0x0eac  KeyIso - ok
20:06:53.0509 0x0eac  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
20:06:53.0519 0x0eac  KSecDD - ok
20:06:53.0525 0x0eac  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
20:06:53.0537 0x0eac  KSecPkg - ok
20:06:53.0541 0x0eac  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
20:06:53.0550 0x0eac  ksthunk - ok
20:06:53.0561 0x0eac  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\windows\system32\msdtckrm.dll
20:06:53.0578 0x0eac  KtmRm - ok
20:06:53.0587 0x0eac  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\windows\system32\srvsvc.dll
20:06:53.0602 0x0eac  LanmanServer - ok
20:06:53.0611 0x0eac  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:06:53.0625 0x0eac  LanmanWorkstation - ok
20:06:53.0745 0x0eac  [ 1C09A80590E3E8C0F91DF46B1610AA7A, DEE57B3DBF4CF6C8DD4D81FE766498547B182BE76FB3F4C95703244558747E01 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
20:06:53.0890 0x0eac  LeapFrog Connect Device Service - detected UnsignedFile.Multi.Generic ( 1 )
20:06:56.0336 0x0eac  Detect skipped due to KSN trusted
20:06:56.0337 0x0eac  LeapFrog Connect Device Service - ok
20:06:56.0353 0x0eac  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\windows\System32\GeofenceMonitorService.dll
20:06:56.0372 0x0eac  lfsvc - ok
20:06:56.0377 0x0eac  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
20:06:56.0391 0x0eac  lltdio - ok
20:06:56.0402 0x0eac  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\windows\System32\lltdsvc.dll
20:06:56.0418 0x0eac  lltdsvc - ok
20:06:56.0421 0x0eac  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\windows\System32\lmhsvc.dll
20:06:56.0431 0x0eac  lmhosts - ok
20:06:56.0440 0x0eac  [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:06:56.0453 0x0eac  LMS - ok
20:06:56.0459 0x0eac  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
20:06:56.0469 0x0eac  LSI_SAS - ok
20:06:56.0473 0x0eac  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
20:06:56.0483 0x0eac  LSI_SAS2 - ok
20:06:56.0487 0x0eac  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\windows\system32\drivers\lsi_sas3.sys
20:06:56.0495 0x0eac  LSI_SAS3 - ok
20:06:56.0500 0x0eac  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
20:06:56.0508 0x0eac  LSI_SSS - ok
20:06:56.0524 0x0eac  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\windows\System32\lsm.dll
20:06:56.0546 0x0eac  LSM - ok
20:06:56.0550 0x0eac  [ B9D6F27D06565CEFF51FD012B74822CB, D6526314DC2F58745969B7132722C60DB33442CB55ADAB28E7EF64EB088E32DF ] LsvUIService    C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
20:06:56.0557 0x0eac  LsvUIService - ok
20:06:56.0562 0x0eac  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\windows\system32\drivers\luafv.sys
20:06:56.0572 0x0eac  luafv - ok
20:06:56.0580 0x0eac  [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
20:06:56.0588 0x0eac  McAPExe - ok
20:06:56.0596 0x0eac  [ 4F3FAE9E811E64BBE68152F0ED186D75, 55C53B218F8769E9E8774278E7FFB4A8B7753B103D280248E9D5FE42F12B2DCB ] McAWFwk         c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
20:06:56.0608 0x0eac  McAWFwk - ok
20:06:56.0617 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:06:56.0627 0x0eac  McMPFSvc - ok
20:06:56.0635 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:06:56.0646 0x0eac  McNaiAnn - ok
20:06:56.0659 0x0eac  [ 1817FCB59F1832BC5387EC10838FC1BF, F0950EEEF5285C1C21E0C5BAFAFA44302E901EB8466427FA6AA3F1709B4D5A21 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
20:06:56.0674 0x0eac  McODS - ok
20:06:56.0683 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McOobeSv2       C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:06:56.0693 0x0eac  McOobeSv2 - ok
20:06:56.0701 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:06:56.0711 0x0eac  mcpltsvc - ok
20:06:56.0719 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy         C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:06:56.0729 0x0eac  McProxy - ok
20:06:56.0734 0x0eac  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\windows\system32\drivers\megasas.sys
20:06:56.0741 0x0eac  megasas - ok
20:06:56.0756 0x0eac  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\windows\system32\drivers\megasr.sys
20:06:56.0776 0x0eac  megasr - ok
20:06:56.0781 0x0eac  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\windows\system32\DRIVERS\TeeDriverx64.sys
20:06:56.0788 0x0eac  MEIx64 - ok
20:06:56.0794 0x0eac  [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys
20:06:56.0801 0x0eac  mfeapfk - ok
20:06:56.0809 0x0eac  [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys
20:06:56.0819 0x0eac  mfeavfk - ok
20:06:56.0840 0x0eac  [ C83EBEE66A2754CEE5B05699A42F728B, 1D739A505AEC1F40CC8CB86D01BDCEC0E29002A609FDA96CEF3531285E8261B9 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
20:06:56.0865 0x0eac  mfecore - ok
20:06:56.0870 0x0eac  [ DD19F44DE0F742B2E89FB6489A2F7197, B6BF5236181492B9996471469E18C3A11ECD6224BE740BA312771E1A7D4AD6BD ] mfeelamk        C:\windows\system32\drivers\mfeelamk.sys
20:06:56.0878 0x0eac  mfeelamk - ok
20:06:56.0884 0x0eac  [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:06:56.0894 0x0eac  mfefire - ok
20:06:56.0906 0x0eac  [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek        C:\windows\system32\drivers\mfefirek.sys
20:06:56.0920 0x0eac  mfefirek - ok
20:06:56.0938 0x0eac  [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk         C:\windows\system32\drivers\mfehidk.sys
20:06:56.0957 0x0eac  mfehidk - ok
20:06:56.0969 0x0eac  [ 93712907DEE6FFBD8A4016ECBB250DCD, FB3673BA495EF1301C4BA75B457493D9B1D5AE52642A04473575CABC1EC6EDFD ] mfencbdc        C:\windows\system32\DRIVERS\mfencbdc.sys
20:06:56.0981 0x0eac  mfencbdc - ok
20:06:56.0986 0x0eac  [ E97EE1F31F7E5349A06CE089658DA8A1, 8136155C734457E422331B3CBE67927C45FAB10B9B34789A612B58CF0E0E3BEC ] mfencrk         C:\windows\system32\DRIVERS\mfencrk.sys
20:06:56.0993 0x0eac  mfencrk - ok
20:06:56.0999 0x0eac  [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp          C:\windows\system32\mfevtps.exe
20:06:57.0007 0x0eac  mfevtp - ok
20:06:57.0015 0x0eac  [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys
20:06:57.0027 0x0eac  mfewfpk - ok
20:06:57.0032 0x0eac  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:06:57.0039 0x0eac  Microsoft Office Groove Audit Service - ok
20:06:57.0043 0x0eac  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\windows\system32\mmcss.dll
20:06:57.0054 0x0eac  MMCSS - ok
20:06:57.0058 0x0eac  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\windows\system32\drivers\modem.sys
20:06:57.0069 0x0eac  Modem - ok
20:06:57.0073 0x0eac  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\windows\System32\drivers\monitor.sys
20:06:57.0081 0x0eac  monitor - ok
20:06:57.0085 0x0eac  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\windows\System32\drivers\mouclass.sys
20:06:57.0093 0x0eac  mouclass - ok
20:06:57.0096 0x0eac  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\windows\System32\drivers\mouhid.sys
20:06:57.0105 0x0eac  mouhid - ok
20:06:57.0109 0x0eac  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
20:06:57.0119 0x0eac  mountmgr - ok
20:06:57.0124 0x0eac  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
20:06:57.0135 0x0eac  mpsdrv - ok
20:06:57.0154 0x0eac  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\windows\system32\mpssvc.dll
20:06:57.0182 0x0eac  MpsSvc - ok
20:06:57.0188 0x0eac  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
20:06:57.0199 0x0eac  MRxDAV - ok
20:06:57.0209 0x0eac  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:06:57.0223 0x0eac  mrxsmb - ok
20:06:57.0230 0x0eac  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
20:06:57.0244 0x0eac  mrxsmb10 - ok
20:06:57.0250 0x0eac  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
20:06:57.0262 0x0eac  mrxsmb20 - ok
20:06:57.0267 0x0eac  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
20:06:57.0277 0x0eac  MsBridge - ok
20:06:57.0283 0x0eac  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\windows\System32\msdtc.exe
20:06:57.0295 0x0eac  MSDTC - ok
20:06:57.0301 0x0eac  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:06:57.0311 0x0eac  Msfs - ok
20:06:57.0315 0x0eac  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
20:06:57.0323 0x0eac  msgpiowin32 - ok
20:06:57.0326 0x0eac  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
20:06:57.0334 0x0eac  mshidkmdf - ok
20:06:57.0337 0x0eac  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
20:06:57.0346 0x0eac  mshidumdf - ok
20:06:57.0349 0x0eac  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
20:06:57.0357 0x0eac  msisadrv - ok
20:06:57.0361 0x0eac  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
20:06:57.0374 0x0eac  MSiSCSI - ok
20:06:57.0376 0x0eac  msiserver - ok
20:06:57.0384 0x0eac  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:06:57.0394 0x0eac  MSK80Service - ok
20:06:57.0397 0x0eac  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
20:06:57.0406 0x0eac  MSKSSRV - ok
20:06:57.0410 0x0eac  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
20:06:57.0422 0x0eac  MsLldp - ok
20:06:57.0425 0x0eac  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:06:57.0434 0x0eac  MSPCLOCK - ok
20:06:57.0438 0x0eac  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
20:06:57.0446 0x0eac  MSPQM - ok
20:06:57.0456 0x0eac  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
20:06:57.0471 0x0eac  MsRPC - ok
20:06:57.0475 0x0eac  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
20:06:57.0483 0x0eac  mssmbios - ok
20:06:57.0486 0x0eac  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
20:06:57.0494 0x0eac  MSTEE - ok
20:06:57.0497 0x0eac  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
20:06:57.0506 0x0eac  MTConfig - ok
20:06:57.0510 0x0eac  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\windows\system32\Drivers\mup.sys
20:06:57.0519 0x0eac  Mup - ok
20:06:57.0523 0x0eac  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\windows\system32\drivers\mvumis.sys
20:06:57.0531 0x0eac  mvumis - ok
20:06:57.0538 0x0eac  [ DF6C94A974148BCEDD8B4DFA814040FE, 8C2E81A747A2D79E943D67FB1CEA3D37DC467071B309474B04744EBEDCA0E6EF ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:06:57.0549 0x0eac  MyWiFiDHCPDNS - ok
20:06:57.0561 0x0eac  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\windows\system32\qagentRT.dll
20:06:57.0580 0x0eac  napagent - ok
20:06:57.0591 0x0eac  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
20:06:57.0607 0x0eac  NativeWifiP - ok
20:06:57.0614 0x0eac  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\windows\System32\ncasvc.dll
20:06:57.0627 0x0eac  NcaSvc - ok
20:06:57.0633 0x0eac  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\windows\System32\ncbservice.dll
20:06:57.0644 0x0eac  NcbService - ok
20:06:57.0648 0x0eac  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
20:06:57.0664 0x0eac  NcdAutoSetup - ok
20:06:57.0687 0x0eac  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\windows\system32\drivers\ndis.sys
20:06:57.0720 0x0eac  NDIS - ok
20:06:57.0724 0x0eac  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
20:06:57.0735 0x0eac  NdisCap - ok
20:06:57.0740 0x0eac  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
20:06:57.0751 0x0eac  NdisImPlatform - ok
20:06:57.0754 0x0eac  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:06:57.0765 0x0eac  NdisTapi - ok
20:06:57.0769 0x0eac  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
20:06:57.0778 0x0eac  Ndisuio - ok
20:06:57.0781 0x0eac  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\windows\System32\drivers\NdisVirtualBus.sys
20:06:57.0791 0x0eac  NdisVirtualBus - ok
20:06:57.0798 0x0eac  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
20:06:57.0813 0x0eac  NdisWan - ok
20:06:57.0819 0x0eac  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\windows\system32\DRIVERS\ndiswan.sys
20:06:57.0832 0x0eac  NdisWanLegacy - ok
20:06:57.0836 0x0eac  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
20:06:57.0848 0x0eac  NDProxy - ok
20:06:57.0853 0x0eac  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\windows\system32\drivers\Ndu.sys
20:06:57.0865 0x0eac  Ndu - ok
20:06:57.0869 0x0eac  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
20:06:57.0879 0x0eac  NetBIOS - ok
20:06:57.0887 0x0eac  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
20:06:57.0901 0x0eac  NetBT - ok
20:06:57.0905 0x0eac  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\windows\system32\lsass.exe
20:06:57.0913 0x0eac  Netlogon - ok
20:06:57.0922 0x0eac  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\windows\System32\netman.dll
20:06:57.0937 0x0eac  Netman - ok
20:06:57.0952 0x0eac  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\windows\System32\netprofmsvc.dll
20:06:57.0974 0x0eac  netprofm - ok
20:06:57.0984 0x0eac  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:06:57.0995 0x0eac  NetTcpPortSharing - ok
20:06:57.0999 0x0eac  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\windows\system32\DRIVERS\netvsc63.sys
20:06:58.0009 0x0eac  netvsc - ok
20:06:58.0090 0x0eac  [ 31D3E4959C410A7DEC2109CA8BF369AD, C62EFB02E950BCAC104051603DEDD9A497ED4FA81D3236008C15AFACE6CBE092 ] NETwNb64        C:\windows\system32\DRIVERS\NETwbw02.sys
20:06:58.0154 0x0eac  NETwNb64 - ok
20:06:58.0242 0x0eac  [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64        C:\windows\system32\DRIVERS\NETwew02.sys
20:06:58.0338 0x0eac  NETwNe64 - ok
20:06:58.0351 0x0eac  [ 16D554B750B93034A3D89EC07895E414, F3BB2CF8E0EA07D50C2E99221AF0B2A0BDB6D835C0249D479DE8AFD94ADED674 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
20:06:58.0360 0x0eac  NitroDriverReadSpool8 - ok
20:06:58.0370 0x0eac  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\windows\System32\nlasvc.dll
20:06:58.0388 0x0eac  NlaSvc - ok
20:06:58.0406 0x0eac  [ 4EE0410161B7BE586302AFBEBBEB8AD6, A9A228C5B62D8DDC11F40FACB09540FE53D01F8882E7A4935152F60F04EA2DE3 ] nlsX86cc        C:\windows\SysWOW64\NLSSRV32.EXE
20:06:58.0413 0x0eac  nlsX86cc - ok
20:06:58.0418 0x0eac  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:06:58.0428 0x0eac  Npfs - ok
20:06:58.0433 0x0eac  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
20:06:58.0442 0x0eac  npsvctrig - ok
20:06:58.0447 0x0eac  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\windows\system32\nsisvc.dll
20:06:58.0458 0x0eac  nsi - ok
20:06:58.0462 0x0eac  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
20:06:58.0471 0x0eac  nsiproxy - ok
20:06:58.0510 0x0eac  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:06:58.0561 0x0eac  Ntfs - ok
20:06:58.0565 0x0eac  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\windows\system32\drivers\Null.sys
20:06:58.0574 0x0eac  Null - ok
20:06:58.0580 0x0eac  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\windows\system32\drivers\nvraid.sys
20:06:58.0590 0x0eac  nvraid - ok
20:06:58.0595 0x0eac  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\windows\system32\drivers\nvstor.sys
20:06:58.0606 0x0eac  nvstor - ok
20:06:58.0610 0x0eac  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
20:06:58.0620 0x0eac  nv_agp - ok
20:06:58.0632 0x0eac  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:06:58.0645 0x0eac  odserv - ok
20:06:58.0651 0x0eac  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:06:58.0658 0x0eac  ose - ok
20:06:58.0669 0x0eac  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
20:06:58.0685 0x0eac  p2pimsvc - ok
20:06:58.0695 0x0eac  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\windows\system32\p2psvc.dll
20:06:58.0712 0x0eac  p2psvc - ok
20:06:58.0717 0x0eac  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\windows\System32\drivers\parport.sys
20:06:58.0728 0x0eac  Parport - ok
20:06:58.0733 0x0eac  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
20:06:58.0743 0x0eac  partmgr - ok
20:06:58.0775 0x0eac  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\windows\System32\pcasvc.dll
20:06:58.0792 0x0eac  PcaSvc - ok
20:06:58.0802 0x0eac  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\windows\system32\drivers\pci.sys
20:06:58.0816 0x0eac  pci - ok
20:06:58.0820 0x0eac  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\windows\system32\drivers\pciide.sys
20:06:58.0827 0x0eac  pciide - ok
20:06:58.0831 0x0eac  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
20:06:58.0841 0x0eac  pcmcia - ok
20:06:58.0845 0x0eac  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\windows\system32\drivers\pcw.sys
20:06:58.0853 0x0eac  pcw - ok
20:06:58.0857 0x0eac  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\windows\system32\drivers\pdc.sys
20:06:58.0866 0x0eac  pdc - ok
20:06:58.0881 0x0eac  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
20:06:58.0902 0x0eac  PEAUTH - ok
20:06:58.0907 0x0eac  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\windows\SysWow64\perfhost.exe
20:06:58.0916 0x0eac  PerfHost - ok
20:06:58.0925 0x0eac  [ FB6ADFAAFFF621B366BBCC81EC0B7118, 2B33054B6EE10B99EADF201B75B89E943E1D165E2D23DA1F1E508702BE4A2762 ] PGService       C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
20:06:58.0933 0x0eac  PGService - ok
20:06:58.0940 0x0eac  [ 3A6D56E0E072AB0F022FE03ED8C2693A, 8AA5823F68FEDEDB5E8916BD35832BC438A781142CF1672983D593B903083A68 ] PhoneCompanionPusher C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
20:06:58.0949 0x0eac  PhoneCompanionPusher - ok
20:06:58.0957 0x0eac  [ 0B2E100645AFAB3204313148DFE42322, C28FA6EF4FD8001E8F3367A7CB32E44F5D6A3E1EFBEC3C947A2FD3C3B0AF3568 ] PhoneCompanionVap C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe
20:06:58.0969 0x0eac  PhoneCompanionVap - ok
20:06:59.0005 0x0eac  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\windows\system32\pla.dll
20:06:59.0048 0x0eac  pla - ok
20:06:59.0054 0x0eac  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
20:06:59.0064 0x0eac  PlugPlay - ok
20:06:59.0068 0x0eac  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
20:06:59.0077 0x0eac  PNRPAutoReg - ok
20:06:59.0086 0x0eac  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
20:06:59.0100 0x0eac  PNRPsvc - ok
20:06:59.0109 0x0eac  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
20:06:59.0127 0x0eac  PolicyAgent - ok
20:06:59.0133 0x0eac  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\windows\system32\umpo.dll
20:06:59.0144 0x0eac  Power - ok
20:06:59.0236 0x0eac  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:06:59.0299 0x0eac  PrintNotify - ok
20:06:59.0310 0x0eac  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\windows\System32\drivers\processr.sys
20:06:59.0321 0x0eac  Processor - ok
20:06:59.0327 0x0eac  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\windows\system32\profsvc.dll
20:06:59.0341 0x0eac  ProfSvc - ok
20:06:59.0346 0x0eac  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\windows\system32\DRIVERS\pacer.sys
20:06:59.0359 0x0eac  Psched - ok
20:06:59.0367 0x0eac  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\windows\system32\qwave.dll
20:06:59.0384 0x0eac  QWAVE - ok
20:06:59.0388 0x0eac  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
20:06:59.0399 0x0eac  QWAVEdrv - ok
20:06:59.0402 0x0eac  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:06:59.0412 0x0eac  RasAcd - ok
20:06:59.0417 0x0eac  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\windows\System32\rasauto.dll
20:06:59.0429 0x0eac  RasAuto - ok
20:06:59.0443 0x0eac  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\windows\System32\rasmans.dll
20:06:59.0463 0x0eac  RasMan - ok
20:06:59.0468 0x0eac  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:06:59.0480 0x0eac  RasPppoe - ok
20:06:59.0490 0x0eac  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
20:06:59.0504 0x0eac  rdbss - ok
20:06:59.0509 0x0eac  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
20:06:59.0517 0x0eac  rdpbus - ok
20:06:59.0523 0x0eac  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
20:06:59.0534 0x0eac  RDPDR - ok
20:06:59.0540 0x0eac  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
20:06:59.0547 0x0eac  RdpVideoMiniport - ok
20:06:59.0555 0x0eac  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
20:06:59.0567 0x0eac  rdyboost - ok
20:06:59.0591 0x0eac  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\windows\system32\drivers\ReFS.sys
20:06:59.0619 0x0eac  ReFS - ok
20:06:59.0628 0x0eac  [ 76181AD8E1B520B9C466C52B7E6149AB, 16BF9D0C7DB70327A977171F3078E32025C60FE7660DD84DFA631A407A570EA1 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:06:59.0635 0x0eac  RegSrvc - ok
20:06:59.0642 0x0eac  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\windows\System32\mprdim.dll
20:06:59.0659 0x0eac  RemoteAccess - ok
20:06:59.0665 0x0eac  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:06:59.0682 0x0eac  RemoteRegistry - ok
20:06:59.0689 0x0eac  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
20:06:59.0700 0x0eac  RFCOMM - ok
20:06:59.0711 0x0eac  [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
20:06:59.0724 0x0eac  RichVideo64 - ok
20:06:59.0728 0x0eac  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
20:06:59.0739 0x0eac  RpcEptMapper - ok
20:06:59.0742 0x0eac  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\windows\system32\locator.exe
20:06:59.0752 0x0eac  RpcLocator - ok
20:06:59.0767 0x0eac  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\windows\system32\rpcss.dll
20:06:59.0789 0x0eac  RpcSs - ok
20:06:59.0794 0x0eac  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
20:06:59.0806 0x0eac  rspndr - ok
20:06:59.0815 0x0eac  [ 9CF8593B62102545CB1652A1D8748FDD, 818639795720A7567CCE01EBC24A0119BFDCEA1B7A5ED4A11B5012D763C1B5CC ] RSUSBSTOR       C:\windows\System32\Drivers\RtsUStor.sys
20:06:59.0825 0x0eac  RSUSBSTOR - ok
20:06:59.0832 0x0eac  [ 6CBF283C7EBD07B7BB01D3E33B11BB28, 90B7AF25EFDBC71FDDD48D668BF410DB828ABD512FC02146E76962A8FF053DE9 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
20:06:59.0843 0x0eac  RtkAudioService - ok
20:06:59.0879 0x0eac  [ B0A0260A3C03156937ECDB67CE5C6FE5, 88102D22976398599FA6165E9DBC1213EF2A001C99602E2195C9A7BAB0A127D7 ] RtlWlanu        C:\windows\system32\DRIVERS\rtwlanu.sys
20:06:59.0921 0x0eac  RtlWlanu - ok
20:06:59.0925 0x0eac  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
20:06:59.0934 0x0eac  s3cap - ok
20:06:59.0938 0x0eac  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\windows\system32\lsass.exe
20:06:59.0946 0x0eac  SamSs - ok
20:06:59.0952 0x0eac  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
20:06:59.0962 0x0eac  sbp2port - ok
20:06:59.0970 0x0eac  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\windows\System32\SCardSvr.dll
20:06:59.0984 0x0eac  SCardSvr - ok
20:06:59.0989 0x0eac  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\windows\System32\ScDeviceEnum.dll
20:07:00.0007 0x0eac  ScDeviceEnum - ok
20:07:00.0012 0x0eac  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
20:07:00.0023 0x0eac  scfilter - ok
20:07:00.0060 0x0eac  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\windows\system32\schedsvc.dll
20:07:00.0095 0x0eac  Schedule - ok
20:07:00.0102 0x0eac  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\windows\System32\certprop.dll
20:07:00.0114 0x0eac  SCPolicySvc - ok
20:07:00.0143 0x0eac  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\windows\System32\drivers\sdbus.sys
20:07:00.0156 0x0eac  sdbus - ok
20:07:00.0162 0x0eac  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\windows\System32\drivers\sdstor.sys
20:07:00.0171 0x0eac  sdstor - ok
20:07:00.0174 0x0eac  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
20:07:00.0182 0x0eac  secdrv - ok
20:07:00.0186 0x0eac  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\windows\system32\seclogon.dll
20:07:00.0198 0x0eac  seclogon - ok
20:07:00.0203 0x0eac  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\windows\System32\sens.dll
20:07:00.0217 0x0eac  SENS - ok
20:07:00.0224 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsAlsDriver C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:00.0236 0x0eac  SensorsAlsDriver - ok
20:07:00.0242 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsHIDClassDriver C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:00.0253 0x0eac  SensorsHIDClassDriver - ok
20:07:00.0259 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsServiceDriver C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:00.0271 0x0eac  SensorsServiceDriver - ok
20:07:00.0278 0x0eac  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\windows\system32\sensrsvc.dll
20:07:00.0292 0x0eac  SensrSvc - ok
20:07:00.0296 0x0eac  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\windows\system32\drivers\SerCx.sys
20:07:00.0305 0x0eac  SerCx - ok
20:07:00.0310 0x0eac  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\windows\system32\drivers\SerCx2.sys
20:07:00.0320 0x0eac  SerCx2 - ok
20:07:00.0324 0x0eac  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\windows\System32\drivers\serenum.sys
20:07:00.0334 0x0eac  Serenum - ok
20:07:00.0344 0x0eac  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\windows\System32\drivers\serial.sys
20:07:00.0355 0x0eac  Serial - ok
20:07:00.0358 0x0eac  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\windows\System32\drivers\sermouse.sys
20:07:00.0367 0x0eac  sermouse - ok
20:07:00.0380 0x0eac  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\windows\system32\sessenv.dll
20:07:00.0395 0x0eac  SessionEnv - ok
20:07:00.0398 0x0eac  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
20:07:00.0407 0x0eac  sfloppy - ok
20:07:00.0418 0x0eac  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\windows\System32\ipnathlp.dll
20:07:00.0434 0x0eac  SharedAccess - ok
20:07:00.0449 0x0eac  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:07:00.0476 0x0eac  ShellHWDetection - ok
20:07:00.0480 0x0eac  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
20:07:00.0488 0x0eac  SiSRaid2 - ok
20:07:00.0492 0x0eac  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
20:07:00.0502 0x0eac  SiSRaid4 - ok
20:07:00.0505 0x0eac  [ 7F7580EB77F2F95ED67C8046C69D1242, 81CF1A440EA40FCE6B28E275BEFB5C743F3473DCF05ACBE517ECD7E904DD0A1C ] SmbDrvI         C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
20:07:00.0511 0x0eac  SmbDrvI - ok
20:07:00.0514 0x0eac  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\windows\System32\smphost.dll
20:07:00.0524 0x0eac  smphost - ok
20:07:00.0530 0x0eac  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
20:07:00.0542 0x0eac  SNMPTRAP - ok
20:07:00.0555 0x0eac  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\windows\system32\drivers\spaceport.sys
20:07:00.0572 0x0eac  spaceport - ok
20:07:00.0576 0x0eac  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
20:07:00.0586 0x0eac  SpbCx - ok
20:07:00.0603 0x0eac  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\windows\System32\spoolsv.exe
20:07:00.0626 0x0eac  Spooler - ok
20:07:00.0736 0x0eac  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\windows\system32\sppsvc.exe
20:07:00.0887 0x0eac  sppsvc - ok
20:07:00.0924 0x0eac  [ 2A9036906280663FA562D68C5E8599EF, 8EC147904E65AA67C813A916F61D36578C7DCBCB7C4BB626C84CBAEC0089B54C ] SPUVCbv         C:\windows\System32\Drivers\SPUVCbv_x64.sys
20:07:00.0964 0x0eac  SPUVCbv - ok
20:07:00.0974 0x0eac  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\windows\system32\DRIVERS\srv.sys
20:07:00.0989 0x0eac  srv - ok
20:07:01.0004 0x0eac  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
20:07:01.0025 0x0eac  srv2 - ok
20:07:01.0032 0x0eac  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
20:07:01.0044 0x0eac  srvnet - ok
20:07:01.0052 0x0eac  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
20:07:01.0067 0x0eac  SSDPSRV - ok
20:07:01.0073 0x0eac  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\windows\system32\sstpsvc.dll
20:07:01.0086 0x0eac  SstpSvc - ok
20:07:01.0093 0x0eac  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\windows\system32\DRIVERS\ssudmdm.sys
20:07:01.0102 0x0eac  ssudmdm - ok
20:07:01.0106 0x0eac  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\windows\system32\drivers\stexstor.sys
20:07:01.0113 0x0eac  stexstor - ok
20:07:01.0129 0x0eac  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\windows\System32\wiaservc.dll
20:07:01.0151 0x0eac  stisvc - ok
20:07:01.0156 0x0eac  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\windows\system32\drivers\storahci.sys
20:07:01.0165 0x0eac  storahci - ok
20:07:01.0169 0x0eac  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
20:07:01.0177 0x0eac  storflt - ok
20:07:01.0182 0x0eac  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\windows\system32\drivers\stornvme.sys
20:07:01.0190 0x0eac  stornvme - ok
20:07:01.0194 0x0eac  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\windows\system32\storsvc.dll
20:07:01.0204 0x0eac  StorSvc - ok
20:07:01.0208 0x0eac  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\windows\system32\drivers\storvsc.sys
20:07:01.0216 0x0eac  storvsc - ok
20:07:01.0219 0x0eac  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\windows\system32\svsvc.dll
20:07:01.0233 0x0eac  svsvc - ok
20:07:01.0236 0x0eac  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\windows\System32\drivers\swenum.sys
20:07:01.0243 0x0eac  swenum - ok
20:07:01.0259 0x0eac  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\windows\System32\swprv.dll
20:07:01.0282 0x0eac  swprv - ok
20:07:01.0296 0x0eac  [ F3FD427B1C036E060047B920887ACAE8, C5965F957D4D09FA5D579512251F14E7329B84C08B1A234636E750ED520AFF9E ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
20:07:01.0310 0x0eac  SynTP - ok
20:07:01.0335 0x0eac  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\windows\system32\sysmain.dll
20:07:01.0366 0x0eac  SysMain - ok
20:07:01.0375 0x0eac  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
20:07:01.0389 0x0eac  SystemEventsBroker - ok
20:07:01.0395 0x0eac  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\windows\System32\TabSvc.dll
20:07:01.0407 0x0eac  TabletInputService - ok
20:07:01.0416 0x0eac  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\windows\System32\tapisrv.dll
20:07:01.0431 0x0eac  TapiSrv - ok
20:07:01.0478 0x0eac  [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
20:07:01.0538 0x0eac  Tcpip - ok
20:07:01.0592 0x0eac  [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
20:07:01.0648 0x0eac  TCPIP6 - ok
20:07:01.0657 0x0eac  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
20:07:01.0666 0x0eac  tcpipreg - ok
20:07:01.0672 0x0eac  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\windows\system32\DRIVERS\tdx.sys
20:07:01.0682 0x0eac  tdx - ok
20:07:01.0686 0x0eac  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\windows\System32\drivers\terminpt.sys
20:07:01.0695 0x0eac  terminpt - ok
20:07:01.0717 0x0eac  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\windows\System32\termsrv.dll
20:07:01.0745 0x0eac  TermService - ok
20:07:01.0750 0x0eac  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\windows\system32\themeservice.dll
20:07:01.0766 0x0eac  Themes - ok
20:07:01.0770 0x0eac  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\windows\system32\mmcss.dll
20:07:01.0780 0x0eac  THREADORDER - ok
20:07:01.0788 0x0eac  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
20:07:01.0806 0x0eac  TimeBroker - ok
20:07:01.0813 0x0eac  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\windows\system32\drivers\tpm.sys
20:07:01.0824 0x0eac  TPM - ok
20:07:01.0830 0x0eac  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\windows\System32\trkwks.dll
20:07:01.0842 0x0eac  TrkWks - ok
20:07:01.0846 0x0eac  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:07:01.0857 0x0eac  TrustedInstaller - ok
20:07:01.0862 0x0eac  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
20:07:01.0871 0x0eac  TsUsbFlt - ok
20:07:01.0875 0x0eac  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
20:07:01.0884 0x0eac  TsUsbGD - ok
20:07:01.0890 0x0eac  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
20:07:01.0902 0x0eac  tunnel - ok
20:07:01.0906 0x0eac  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\windows\system32\drivers\uagp35.sys
20:07:01.0914 0x0eac  uagp35 - ok
20:07:01.0919 0x0eac  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
20:07:01.0928 0x0eac  UASPStor - ok
20:07:01.0936 0x0eac  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
20:07:01.0946 0x0eac  UCX01000 - ok
20:07:01.0956 0x0eac  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\windows\system32\DRIVERS\udfs.sys
20:07:01.0975 0x0eac  udfs - ok
20:07:01.0978 0x0eac  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\windows\System32\drivers\UEFI.sys
20:07:01.0986 0x0eac  UEFI - ok
20:07:01.0992 0x0eac  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\windows\system32\UI0Detect.exe
20:07:02.0005 0x0eac  UI0Detect - ok
20:07:02.0009 0x0eac  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
20:07:02.0017 0x0eac  uliagpkx - ok
20:07:02.0021 0x0eac  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\windows\System32\drivers\umbus.sys
20:07:02.0030 0x0eac  umbus - ok
20:07:02.0033 0x0eac  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\windows\System32\drivers\umpass.sys
20:07:02.0042 0x0eac  UmPass - ok
20:07:02.0050 0x0eac  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\windows\System32\umrdp.dll
20:07:02.0065 0x0eac  UmRdpService - ok
20:07:02.0076 0x0eac  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\windows\System32\upnphost.dll
20:07:02.0094 0x0eac  upnphost - ok
20:07:02.0101 0x0eac  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
20:07:02.0111 0x0eac  usbccgp - ok
20:07:02.0117 0x0eac  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\windows\System32\drivers\usbcir.sys
20:07:02.0127 0x0eac  usbcir - ok
20:07:02.0133 0x0eac  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\windows\System32\drivers\usbehci.sys
20:07:02.0141 0x0eac  usbehci - ok
20:07:02.0154 0x0eac  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\windows\System32\drivers\usbhub.sys
20:07:02.0170 0x0eac  usbhub - ok
20:07:02.0184 0x0eac  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
20:07:02.0200 0x0eac  USBHUB3 - ok
20:07:02.0204 0x0eac  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\windows\System32\drivers\usbohci.sys
20:07:02.0213 0x0eac  usbohci - ok
20:07:02.0217 0x0eac  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\windows\System32\drivers\usbprint.sys
20:07:02.0227 0x0eac  usbprint - ok
20:07:02.0233 0x0eac  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
20:07:02.0244 0x0eac  USBSTOR - ok
20:07:02.0248 0x0eac  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
20:07:02.0257 0x0eac  usbuhci - ok
20:07:02.0266 0x0eac  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
20:07:02.0279 0x0eac  usbvideo - ok
20:07:02.0290 0x0eac  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
20:07:02.0304 0x0eac  USBXHCI - ok
20:07:02.0308 0x0eac  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\windows\system32\lsass.exe
20:07:02.0317 0x0eac  VaultSvc - ok
20:07:02.0321 0x0eac  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
20:07:02.0328 0x0eac  vdrvroot - ok
20:07:02.0354 0x0eac  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\windows\System32\vds.exe
20:07:02.0386 0x0eac  vds - ok
20:07:02.0392 0x0eac  [ F7579733F4E8FF9B534C3F7D38F25C2C, 449FED49F2178D2A8000549B180606D050751762F53E600C13CFBEC91601DE87 ] VeriFaceSrv     C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
20:07:02.0399 0x0eac  VeriFaceSrv - ok
20:07:02.0405 0x0eac  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
20:07:02.0415 0x0eac  VerifierExt - ok
20:07:02.0431 0x0eac  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
20:07:02.0454 0x0eac  vhdmp - ok
20:07:02.0457 0x0eac  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\windows\system32\drivers\viaide.sys
20:07:02.0464 0x0eac  viaide - ok
20:07:02.0469 0x0eac  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\windows\system32\drivers\vmbus.sys
20:07:02.0477 0x0eac  vmbus - ok
20:07:02.0482 0x0eac  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
20:07:02.0490 0x0eac  VMBusHID - ok
20:07:02.0502 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\windows\System32\ICSvc.dll
20:07:02.0521 0x0eac  vmicguestinterface - ok
20:07:02.0531 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
20:07:02.0548 0x0eac  vmicheartbeat - ok
20:07:02.0560 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\windows\System32\ICSvc.dll
20:07:02.0577 0x0eac  vmickvpexchange - ok
20:07:02.0589 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\windows\System32\ICSvc.dll
20:07:02.0606 0x0eac  vmicrdv - ok
20:07:02.0618 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\windows\System32\ICSvc.dll
20:07:02.0635 0x0eac  vmicshutdown - ok
20:07:02.0647 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\windows\System32\ICSvc.dll
20:07:02.0663 0x0eac  vmictimesync - ok
20:07:02.0675 0x0eac  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\windows\System32\ICSvc.dll
20:07:02.0691 0x0eac  vmicvss - ok
20:07:02.0696 0x0eac  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\windows\system32\drivers\volmgr.sys
20:07:02.0706 0x0eac  volmgr - ok
20:07:02.0717 0x0eac  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
20:07:02.0731 0x0eac  volmgrx - ok
20:07:02.0741 0x0eac  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\windows\system32\drivers\volsnap.sys
20:07:02.0756 0x0eac  volsnap - ok
20:07:02.0760 0x0eac  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\windows\System32\drivers\vpci.sys
20:07:02.0769 0x0eac  vpci - ok
20:07:02.0776 0x0eac  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
20:07:02.0787 0x0eac  vsmraid - ok
20:07:02.0816 0x0eac  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\windows\system32\vssvc.exe
20:07:02.0851 0x0eac  VSS - ok
20:07:02.0860 0x0eac  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
20:07:02.0874 0x0eac  VSTXRAID - ok
20:07:02.0878 0x0eac  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
20:07:02.0886 0x0eac  vwifibus - ok
20:07:02.0892 0x0eac  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
20:07:02.0902 0x0eac  vwififlt - ok
20:07:02.0906 0x0eac  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
20:07:02.0914 0x0eac  vwifimp - ok
20:07:02.0925 0x0eac  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\windows\system32\w32time.dll
20:07:02.0943 0x0eac  W32Time - ok
20:07:02.0947 0x0eac  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\windows\System32\drivers\wacompen.sys
20:07:02.0957 0x0eac  WacomPen - ok
20:07:02.0987 0x0eac  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\windows\system32\wbengine.exe
20:07:03.0025 0x0eac  wbengine - ok
20:07:03.0037 0x0eac  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
20:07:03.0054 0x0eac  WbioSrvc - ok
20:07:03.0066 0x0eac  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
20:07:03.0081 0x0eac  Wcmsvc - ok
20:07:03.0092 0x0eac  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\windows\System32\wcncsvc.dll
20:07:03.0110 0x0eac  wcncsvc - ok
20:07:03.0114 0x0eac  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:07:03.0124 0x0eac  WcsPlugInService - ok
20:07:03.0128 0x0eac  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
20:07:03.0136 0x0eac  WdBoot - ok
20:07:03.0154 0x0eac  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
20:07:03.0177 0x0eac  Wdf01000 - ok
20:07:03.0185 0x0eac  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
20:07:03.0198 0x0eac  WdFilter - ok
20:07:03.0204 0x0eac  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\windows\system32\wdi.dll
20:07:03.0220 0x0eac  WdiServiceHost - ok
20:07:03.0224 0x0eac  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\windows\system32\wdi.dll
20:07:03.0238 0x0eac  WdiSystemHost - ok
20:07:03.0243 0x0eac  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\windows\system32\Drivers\WdNisDrv.sys
20:07:03.0254 0x0eac  WdNisDrv - ok
20:07:03.0256 0x0eac  WdNisSvc - ok
20:07:03.0264 0x0eac  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\windows\System32\webclnt.dll
20:07:03.0277 0x0eac  WebClient - ok
20:07:03.0285 0x0eac  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\windows\system32\wecsvc.dll
20:07:03.0299 0x0eac  Wecsvc - ok
20:07:03.0303 0x0eac  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\windows\system32\wephostsvc.dll
20:07:03.0316 0x0eac  WEPHOSTSVC - ok
20:07:03.0321 0x0eac  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
20:07:03.0333 0x0eac  wercplsupport - ok
20:07:03.0338 0x0eac  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\windows\System32\WerSvc.dll
20:07:03.0350 0x0eac  WerSvc - ok
20:07:03.0355 0x0eac  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
20:07:03.0365 0x0eac  WFPLWFS - ok
20:07:03.0370 0x0eac  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\windows\System32\wiarpc.dll
20:07:03.0380 0x0eac  WiaRpc - ok
20:07:03.0384 0x0eac  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
20:07:03.0392 0x0eac  WIMMount - ok
20:07:03.0394 0x0eac  WinDefend - ok
20:07:03.0414 0x0eac  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
20:07:03.0437 0x0eac  WinHttpAutoProxySvc - ok
20:07:03.0447 0x0eac  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
20:07:03.0462 0x0eac  Winmgmt - ok
20:07:03.0509 0x0eac  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\windows\system32\WsmSvc.dll
20:07:03.0568 0x0eac  WinRM - ok
20:07:03.0579 0x0eac  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
20:07:03.0588 0x0eac  WinUsb - ok
20:07:03.0618 0x0eac  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\windows\System32\wlansvc.dll
20:07:03.0654 0x0eac  WlanSvc - ok
20:07:03.0687 0x0eac  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\windows\system32\wlidsvc.dll
20:07:03.0726 0x0eac  wlidsvc - ok
20:07:03.0731 0x0eac  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
20:07:03.0739 0x0eac  WmiAcpi - ok
20:07:03.0747 0x0eac  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
20:07:03.0758 0x0eac  wmiApSrv - ok
20:07:03.0761 0x0eac  WMPNetworkSvc - ok
20:07:03.0768 0x0eac  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\windows\system32\drivers\Wof.sys
20:07:03.0778 0x0eac  Wof - ok
20:07:03.0811 0x0eac  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\windows\system32\workfolderssvc.dll
20:07:03.0850 0x0eac  workfolderssvc - ok
20:07:03.0855 0x0eac  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
20:07:03.0864 0x0eac  wpcfltr - ok
20:07:03.0867 0x0eac  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
20:07:03.0876 0x0eac  WPCSvc - ok
20:07:03.0881 0x0eac  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
20:07:03.0892 0x0eac  WPDBusEnum - ok
20:07:03.0895 0x0eac  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
20:07:03.0903 0x0eac  WpdUpFltr - ok
20:07:03.0906 0x0eac  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
20:07:03.0917 0x0eac  ws2ifsl - ok
20:07:03.0924 0x0eac  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\windows\System32\wscsvc.dll
20:07:03.0936 0x0eac  wscsvc - ok
20:07:03.0940 0x0eac  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\windows\System32\drivers\WSDPrint.sys
20:07:03.0948 0x0eac  WSDPrintDevice - ok
20:07:03.0953 0x0eac  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\windows\System32\drivers\WSDScan.sys
20:07:03.0962 0x0eac  WSDScan - ok
20:07:03.0965 0x0eac  WSearch - ok
20:07:04.0028 0x0eac  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\windows\System32\WSService.dll
20:07:04.0112 0x0eac  WSService - ok
20:07:04.0122 0x0eac  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
20:07:04.0129 0x0eac  wsvd - ok
20:07:04.0191 0x0eac  [ 9FDD8CD31F3FBA88F050318F32D640E2, BBCAFDA420E11D43BAD5D87D47607F4ADF0D817C1BF86D6389582B56EDD7C246 ] wuauserv        C:\windows\system32\wuaueng.dll
20:07:04.0266 0x0eac  wuauserv - ok
20:07:04.0273 0x0eac  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
20:07:04.0282 0x0eac  WudfPf - ok
20:07:04.0290 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
20:07:04.0301 0x0eac  WUDFRd - ok
20:07:04.0308 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:04.0320 0x0eac  WUDFSensorLP - ok
20:07:04.0324 0x0eac  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
20:07:04.0335 0x0eac  wudfsvc - ok
20:07:04.0342 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:04.0353 0x0eac  WUDFWpdFs - ok
20:07:04.0359 0x0eac  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
20:07:04.0370 0x0eac  WUDFWpdMtp - ok
20:07:04.0383 0x0eac  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\windows\System32\wwansvc.dll
20:07:04.0403 0x0eac  WwanSvc - ok
20:07:04.0408 0x0eac  [ B5909EE9DB919D075410B6CCF900E107, CB9785997F2015175DE507A80C3A71F5F8F748080464EC16050564C5CC0FD571 ] ymc             C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
20:07:04.0413 0x0eac  ymc - ok
20:07:04.0501 0x0eac  [ D852B17C3A11433D0D26D57490DFA1C8, 2B1D8F8D6A04C75A7765A8C26118AD19285EFEB57ECD178C707743B6668A3F3F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
20:07:04.0576 0x0eac  ZeroConfigService - ok
20:07:04.0586 0x0eac  ================ Scan global ===============================
20:07:04.0591 0x0eac  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\windows\system32\basesrv.dll
20:07:04.0599 0x0eac  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\windows\system32\winsrv.dll
20:07:04.0606 0x0eac  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\windows\system32\sxssrv.dll
20:07:04.0616 0x0eac  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\windows\system32\services.exe
20:07:04.0622 0x0eac  [ Global ] - ok
20:07:04.0623 0x0eac  ================ Scan MBR ==================================
20:07:04.0624 0x0eac  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:07:04.0658 0x0eac  \Device\Harddisk0\DR0 - ok
20:07:04.0658 0x0eac  ================ Scan VBR ==================================
20:07:04.0660 0x0eac  [ E2B375C8E9319135DD620B47DE24DD36 ] \Device\Harddisk0\DR0\Partition1
20:07:04.0661 0x0eac  \Device\Harddisk0\DR0\Partition1 - ok
20:07:04.0663 0x0eac  [ 73816C70F13DF5F819D5905DAB5FE876 ] \Device\Harddisk0\DR0\Partition2
20:07:04.0664 0x0eac  \Device\Harddisk0\DR0\Partition2 - ok
20:07:04.0666 0x0eac  [ 68E45029A96E1F4B5328FB2F2B693167 ] \Device\Harddisk0\DR0\Partition3
20:07:04.0667 0x0eac  \Device\Harddisk0\DR0\Partition3 - ok
20:07:04.0669 0x0eac  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
20:07:04.0669 0x0eac  \Device\Harddisk0\DR0\Partition4 - ok
20:07:04.0672 0x0eac  [ B0D0A82ED98437FE8DE1984BC4E94763 ] \Device\Harddisk0\DR0\Partition5
20:07:04.0674 0x0eac  \Device\Harddisk0\DR0\Partition5 - ok
20:07:04.0675 0x0eac  [ D63E14C7E54B838385A35A0D0E27EC15 ] \Device\Harddisk0\DR0\Partition6
20:07:04.0677 0x0eac  \Device\Harddisk0\DR0\Partition6 - ok
20:07:04.0679 0x0eac  [ 5896EBBE0191023BE9458B6206EFDD71 ] \Device\Harddisk0\DR0\Partition7
20:07:04.0681 0x0eac  \Device\Harddisk0\DR0\Partition7 - ok
20:07:04.0681 0x0eac  ================ Scan generic autorun ======================
20:07:04.0911 0x0eac  [ 047D94A22B47AF83DDE4E32BB4E06D0A, CB9257995C67A1A44D6D316C36D3AAEF639BFD51A26C699D70FD047C45440CA5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:07:05.0171 0x0eac  RtHDVCpl - ok
20:07:05.0258 0x0eac  [ D8AB6AC4A2D30641C9544021373B47EB, A0553AFB3B186D8EA28CF056139FA5AA150D6BD31E36E5EB9D5DD5940A90CA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:07:05.0292 0x0eac  RtHDVBg_Dolby - ok
20:07:05.0304 0x0eac  [ E50C263D8AB38DBD77D11263C8151708, 71ACC055C9D12BD6470DBF0C5E2D60DBE625565D729080EB59114979599A0CAF ] C:\windows\system32\igfxtray.exe
20:07:05.0320 0x0eac  IgfxTray - ok
20:07:05.0350 0x0eac  [ FADB06BC300A16A112D3B3949C2614D3, 13ECA5CC382148B8F5BF5F9208B449913E5A23BA95ED23FAB573C31A3AE95414 ] C:\windows\system32\hkcmd.exe
20:07:05.0371 0x0eac  HotKeysCmds - ok
20:07:05.0387 0x0eac  [ 293F44F1834FE2F7A99D746424167CA7, DBFDAE61824068DA23DDBD14B82E7B5D77E812A90BA60621C134ACB15AC6F5DA ] C:\windows\system32\igfxpers.exe
20:07:05.0408 0x0eac  Persistence - ok
20:07:05.0411 0x0eac  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
20:07:05.0414 0x0eac  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
20:07:07.0923 0x0eac  Detect skipped due to KSN trusted
20:07:07.0923 0x0eac  IAStorIcon - ok
20:07:07.0929 0x0eac  [ 92BED6F62FBAC9E327A3BF599CE9AB32, 6ED9BB1B97AB0BDC64CE07FB8757651A83C918320320B84AB823933B8ACFDEB6 ] C:\windows\system32\DptfPolicyLpmServiceHelper.exe
20:07:07.0937 0x0eac  DptfPolicyLpmServiceHelper - ok
20:07:07.0940 0x0eac  BTMTrayAgent - ok
20:07:07.0957 0x0eac  [ 5689BB0DB40DC712CC87A4F27925F939, 57164AEC7101BBB1E1321B1BD8CF91453F4A9AC549851885087B42E23D777DB2 ] C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
20:07:07.0978 0x0eac  Yoga PhoneCompanion - ok
20:07:07.0986 0x0eac  [ 0E941C611B5A20FD2B5CE4FA4B69B89D, 1E4B08E236D20F46669B26B5287CED18719A2AD4C1EAA0A20E3A4C7EFF827230 ] C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
20:07:07.0996 0x0eac  AutoStartTransition - ok
20:07:07.0998 0x0eac  Energy Manager - ok
20:07:08.0002 0x0eac  [ ACFA436C851BC9204A6E2B8EBC8B888D, F895E7A77C2C04E61FD8D09909E08172FFEBF039D6DCF7C3D84FF1992D5FFFD3 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
20:07:08.0008 0x0eac  Lenovo Utility - ok
20:07:08.0014 0x0eac  [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe
20:07:08.0022 0x0eac  Lenovo App Shop - ok
20:07:08.0026 0x0eac  [ 669649F7A9C083C95454DD6C13920B0A, 1D9C356CE97B0A2FCC80BE0C182E746F96CA5995EBA230E5178B698A0C31035E ] C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
20:07:08.0032 0x0eac  Yoga Picks - ok
20:07:08.0044 0x0eac  [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
20:07:08.0059 0x0eac  mcpltui_exe - ok
20:07:08.0064 0x0eac  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
20:07:08.0070 0x0eac  GrooveMonitor - ok
20:07:08.0074 0x0eac  [ 7F08566DF64B35F49EA29A82ABC843AC, 472801583D7FA4F8930A146514E8704676F0270EC94F561D62DB34DB3FEE985D ] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
20:07:08.0079 0x0eac  Monitor - detected UnsignedFile.Multi.Generic ( 1 )
20:07:10.0607 0x0eac  Detect skipped due to KSN trusted
20:07:10.0607 0x0eac  Monitor - ok
20:07:10.0611 0x0eac  [ 642F850B5D94E08AB6CFF997BE09C688, 3DA63A127667B7A35EB4ADC9DD5938C8FF35EE6AAD9BDE90D93881FFBC853731 ] C:\Windows\BrowserChoice\browserchoice.exe
20:07:10.0621 0x0eac  BrowserChoice - ok
20:07:10.0638 0x0eac  [ 66A4A7C7802E0968E07647999FFC87E2, 9724C8CB80AF63A4CA14BB3521695942AE33B6C18F42266C407301610C4C7BFE ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:07:10.0656 0x0eac  GoogleChromeAutoLaunch_1D57E82E54B212132D321B49430EE825 - ok
20:07:10.0769 0x0eac  [ 2E8A5736739C6D23F5CBAE22973A1E3A, DC69CF7132FF7CACCEF4E6A8A4C71D9E5CDB6F8A7521D72999E1A6A532C384D6 ] C:\Users\Ian\AppData\Roaming\Spotify\Spotify.exe
20:07:10.0877 0x0eac  Spotify - ok
20:07:10.0909 0x0eac  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Ian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
20:07:10.0939 0x0eac  Spotify Web Helper - ok
20:07:10.0941 0x0eac  GoogleDriveSync - ok
20:07:10.0943 0x0eac  Waiting for KSN requests completion. In queue: 41
20:07:11.0945 0x0eac  Waiting for KSN requests completion. In queue: 41
20:07:12.0945 0x0eac  Waiting for KSN requests completion. In queue: 41
20:07:13.0953 0x0eac  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x52000 ( disabled : updated )
20:07:13.0956 0x0eac  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
20:07:13.0957 0x0eac  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x52010 ( disabled )
20:07:13.0959 0x0eac  Win FW state via NFP2: enabled
20:07:16.0492 0x0eac  ============================================================
20:07:16.0492 0x0eac  Scan finished
20:07:16.0492 0x0eac  ============================================================
20:07:16.0504 0x1154  Detected object count: 0
20:07:16.0504 0x1154  Actual detected object count: 0
20:08:07.0564 0x0fa4  Deinitialize success
 
gram Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x52010 ( disabled )
20:07:13.0959 0x0eac  Win FW state via NFP2: enabled
20:07:16.0492 0x0eac  ============================================================
20:07:16.0492 0x0eac  Scan finished
20:07:16.0492 0x0eac  ============================================================
20:07:16.0504 0x1154  Detected object count: 0
20:07:16.0504 0x1154  Actual detected object count: 0
20:08:07.0564 0x0fa4  Deinitialize success

  • 0

Advertisements


#11
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Ok, those are looking good. How is the machine running?


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Scan with Malwarebytes


Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings_zpsb6b9ada0.jpg

Go back to the Dashboard and select Scan Now

MBAMScan_zps8ba7d192.jpg

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot_zps9089ab30.jpg

MBAMLog_zpsade07f42.jpg

On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list.

Click View, then click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.



Step 2: Scan with ESET Online Scanner


Please note: You can use Internet Explorer or Firefox for this step. Either browser used will have to be ran in admin mode.

Right click on either the Internet Explorer icon or the Firefox icon in the Start Menu or Quick Launch Bar on the Task bar and select Run as Administrator from the menu.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->esetbar_zps93905f48.jpg
  • Select the option YES, I accept the Terms of Use then click on Start
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish
  • Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Step 3: SecurityCheck Scan


Download Security Checksecuritycheck_zpsb7736812.jpg by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Things I need to see in your next post:
  • ESET Scan Log
  • MBAM Log
  • SecurityCheck Log

  • 0

#12
ruisliptiger

ruisliptiger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Oddly it seems to be running fine. I just cant fathom why it miraculously returned to normal a good 12 hours after I'd taken my initial measures to get rid of the malware. Shouldn't the results have been pretty instant? It was restarted afterwards.


  • 0

#13
ruisliptiger

ruisliptiger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 02/11/2014
Scan Time: 22:57:56
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.11.02.07
Rootkit Database: v2014.11.01.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Ian
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352248
Time Elapsed: 4 min, 29 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#14
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Oddly it seems to be running fine. I just cant fathom why it miraculously returned to normal a good 12 hours after I'd taken my initial measures to get rid of the malware. Shouldn't the results have been pretty instant? It was restarted afterwards.


Some times the results are slow in coming. Getting rid of the temp files probably helped quite a bit and there was over a gig of those that we removed. That MBAM log looks good, we'll proceed when the other logs are posted. But I'm very glad to heard the machine is performing well. :thumbsup:
  • 0

#15
ruisliptiger

ruisliptiger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

 [email protected] as CAB hook log:

OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16384 (winblue_rtm.130821-1623)
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=45309d1085e27341806f03bd03b04fd9
# engine=20897
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-11-03 12:33:29
# local_time=2014-11-03 12:33:29 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.3.9600 NT 
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5129 16777214 100 97 129384 101361025 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 13433472 39856102 0 0
# scanned=215039
# found=2
# cleaned=0
# scan_time=1817
sh=FAD5EEA480D8A19090F386C078F060295DA866CF ft=1 fh=a04bb9d705ea48f9 vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir"
sh=19876B0C21073CE7AC4725124851FC36B7EA7301 ft=1 fh=31b372839de59c7b vn="a variant of Win32/CNETInstaller.B potentially unwanted application" ac=I fn="C:\Users\Ian\Downloads\cbsidlm-cbsi188-BlueStacks_App_Player-ORG-75593133.exe"

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP