FRST File . . . . . .
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2015
Ran by user (administrator) on HP on 13-02-2015 20:00:42
Running from C:\Users\user\Downloads
Loaded Profiles: user (Available profiles: user)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\Knowhow Cloud\VSSService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(DSG Retail Limited) C:\Program Files (x86)\Knowhow Cloud\KnowhowCloud.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7642328 2014-12-30] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-17] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643576 2014-11-13] (McAfee, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-10-09] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2015-02-03] (Hewlett-Packard)
HKU\S-1-5-21-1212043878-3611826067-185365948-1001\...\Run: [Livedrive] => C:\Program Files (x86)\Knowhow Cloud\KnowhowCloud.exe [3497632 2013-11-29] (DSG Retail Limited)
HKU\S-1-5-21-1212043878-3611826067-185365948-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-12-20] (Google Inc.)
HKU\S-1-5-21-1212043878-3611826067-185365948-1001\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-1212043878-3611826067-185365948-1001\...\Run: [VunwUyhe] => regsvr32.exe "C:\ProgramData\VunwUyhe\IuziSaqay.aez"
HKU\S-1-5-21-1212043878-3611826067-185365948-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [LivedriveDownloadOverlay] -> {CBCDB610-6B68-4EE9-B7A2-1282FD0C9292} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveSharedOverlay] -> {84CEF1E4-1356-4063-845F-05047F4DD52C} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveSyncedOverlay] -> {42058329-2FBF-4B33-8E52-3BE5754DE0C1} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveUploadOverlay] -> {39A1715A-E4CD-4F1E-B5C4-36B5DB80124E} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT14/2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT14/2
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT14/2
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPNOT14/2
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT14/2
SearchScopes: HKLM-x32 -> {6044B89E-2B59-42AE-8D69-D3BBEBFCB6B8} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1212043878-3611826067-185365948-1001 -> DefaultScope {8A2C9664-8A55-4F24-B727-CD17E7AAC2C3} URL = https://uk.search.ya...p={searchTerms}
SearchScopes: HKU\S-1-5-21-1212043878-3611826067-185365948-1001 -> {6044B89E-2B59-42AE-8D69-D3BBEBFCB6B8} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKU\S-1-5-21-1212043878-3611826067-185365948-1001 -> {8A2C9664-8A55-4F24-B727-CD17E7AAC2C3} URL = https://uk.search.ya...p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1212043878-3611826067-185365948-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8eeeut8j.default
FF DefaultSearchEngine: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Keyword.URL: https://uk.search.ya...GB0D20141227&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-12-27]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-27]
FF HKU\S-1-5-21-1212043878-3611826067-185365948-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-12]
CHR HKLM-x32\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files (x86)\SafeKey\lpchrome.crx [2014-12-27]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94936 2014-07-04] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-03] (Hewlett-Packard Company) [File not signed]
S2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [569608 2014-10-09] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-15] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LivedriveVSSService; C:\Program Files (x86)\Knowhow Cloud\VSSService.exe [210592 2013-11-29] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-12] (McAfee, Inc.)
R3 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [660544 2014-12-04] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [604448 2014-12-17] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [228000 2014-12-19] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [312952 2014-12-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [221320 2014-12-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-12-22] (IBM Corp.)
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-30] (Realtek Semiconductor)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70984 2014-12-19] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [368904 2014-12-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [340192 2014-12-19] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [100080 2014-12-19] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82584 2014-12-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [532424 2014-12-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [886488 2014-12-19] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [482600 2014-11-08] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2014-11-08] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [349328 2014-12-19] (McAfee, Inc.)
R1 RapportCerberus_80120; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys [845464 2015-01-17] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445816 2014-12-22] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [290520 2014-12-22] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [535576 2014-12-22] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [558872 2014-12-22] (IBM Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [573144 2014-06-17] (Realtek Semiconductor Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3463896 2014-06-21] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-17] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-13 20:00 - 2015-02-13 20:01 - 00028953 _____ () C:\Users\user\Downloads\FRST.txt
2015-02-13 20:00 - 2015-02-13 20:00 - 00000000 ____D () C:\FRST
2015-02-13 19:59 - 2015-02-13 20:00 - 02134016 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2015-02-12 23:10 - 2015-02-12 23:10 - 00000660 _____ () C:\Windows\PFRO.log
2015-02-11 21:38 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 21:38 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 21:33 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 21:33 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 21:33 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 21:33 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 21:33 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 21:33 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 21:33 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 21:33 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 21:33 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 21:27 - 2015-01-13 22:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 21:27 - 2015-01-13 22:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 21:27 - 2015-01-10 09:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 21:27 - 2015-01-10 09:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 21:27 - 2015-01-10 08:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 21:27 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 21:27 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 21:27 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 21:27 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 21:27 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 21:27 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 21:27 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 21:27 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-11 21:26 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 21:26 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 21:26 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 21:26 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 21:26 - 2015-01-12 02:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 21:26 - 2015-01-12 02:32 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 21:26 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 21:26 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 21:26 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 21:26 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 21:26 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 21:26 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 21:26 - 2015-01-12 01:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 21:26 - 2015-01-12 01:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 21:26 - 2015-01-12 01:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 21:26 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 21:26 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 21:26 - 2015-01-12 01:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 21:26 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 21:26 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 21:26 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 21:26 - 2015-01-12 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 21:26 - 2015-01-12 01:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 21:26 - 2015-01-12 01:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 21:26 - 2015-01-12 01:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 21:26 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 21:26 - 2015-01-12 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 21:26 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 21:26 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 21:26 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 21:26 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 21:26 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 21:26 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 21:26 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 21:26 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 21:26 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 21:26 - 2015-01-10 07:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 21:26 - 2015-01-10 06:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 21:22 - 2015-01-10 08:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-09 20:55 - 2015-02-09 20:55 - 00001772 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-09 20:55 - 2015-02-09 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-09 20:54 - 2015-02-09 20:55 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-09 20:54 - 2015-02-09 20:55 - 00000000 ____D () C:\Program Files\iTunes
2015-02-09 20:54 - 2015-02-09 20:54 - 00000000 ____D () C:\Program Files\iPod
2015-02-09 20:54 - 2015-02-09 20:54 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-07 09:39 - 2015-02-07 09:39 - 00001160 _____ () C:\Users\user\Desktop\cc_20150207_093900.reg
2015-02-07 09:26 - 2015-02-12 23:11 - 00002570 _____ () C:\Windows\setupact.log
2015-02-07 09:26 - 2015-02-07 09:26 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-07 07:10 - 2015-02-07 07:10 - 00004208 _____ () C:\Users\user\Desktop\cc_20150207_071014.reg
2015-02-07 07:09 - 2015-02-07 07:09 - 00549844 _____ () C:\Users\user\Desktop\cc_20150207_070922.reg
2015-02-06 22:00 - 2015-02-06 22:00 - 13827960 _____ (Adobe Systems Inc.) C:\Users\user\Downloads\Shockwave_Installer_Full.exe
2015-02-03 22:51 - 2015-02-07 07:07 - 00000000 ____D () C:\Windows\Minidump
2015-01-31 22:55 - 2015-01-31 22:55 - 07365120 _____ (Safebytes) C:\Users\user\Downloads\TotalSystemCare_Installer.exe
2015-01-31 08:06 - 2015-01-31 08:06 - 00000000 ____D () C:\a
2015-01-30 21:06 - 2015-01-30 21:06 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-01-30 21:06 - 2015-01-30 21:06 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-30 21:06 - 2015-01-30 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-30 21:06 - 2015-01-30 21:06 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-30 21:05 - 2015-01-30 21:06 - 05325208 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup502.exe
2015-01-30 20:34 - 2015-02-13 19:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-30 20:33 - 2015-01-30 20:33 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-30 20:33 - 2015-01-30 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-30 20:33 - 2015-01-30 20:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-30 20:33 - 2015-01-30 20:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-30 20:33 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-30 20:33 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-30 20:33 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-30 20:32 - 2015-01-30 20:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-30 20:27 - 2015-01-30 20:31 - 00085885 _____ () C:\Users\user\Desktop\sfcdetails.txt
2015-01-30 19:31 - 2015-01-30 19:43 - 00000000 ____D () C:\AdwCleaner
2015-01-30 19:30 - 2015-01-30 19:30 - 02194432 _____ () C:\Users\user\Downloads\adwcleaner_4.109.exe
2015-01-30 18:47 - 2015-02-13 20:02 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForuser.job
2015-01-29 19:42 - 2015-01-29 19:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-28 12:03 - 2015-01-28 12:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\Ilhu
2015-01-27 11:36 - 2015-01-30 19:46 - 00000000 ___HD () C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}
2015-01-27 11:36 - 2015-01-27 11:37 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2015-01-23 19:51 - 2015-01-23 19:51 - 00000000 ____D () C:\Users\user\AppData\Local\Microsoft Help
2015-01-23 08:53 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-01-17 08:03 - 2015-02-13 20:02 - 00000000 ____D () C:\Users\user\Documents\Youcam
2015-01-17 07:57 - 2015-01-17 07:57 - 00000000 ____D () C:\Users\user\AppData\Roaming\CyberLink
2015-01-15 18:27 - 2015-01-15 18:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-01-14 08:25 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:25 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:25 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 08:25 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:25 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 08:25 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 08:25 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 08:25 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:25 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-14 08:25 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 08:25 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 08:24 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 08:24 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 08:24 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 08:24 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 08:24 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 08:24 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 08:24 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 08:24 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 08:24 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-14 08:24 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 08:24 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-14 08:24 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-14 08:24 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 08:24 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-14 08:24 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-14 08:24 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-14 08:24 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-14 08:24 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-14 08:24 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-14 08:24 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-13 20:01 - 2014-12-20 13:22 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1212043878-3611826067-185365948-1001
2015-02-13 20:00 - 2014-12-27 17:54 - 00004946 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for hp-user hp
2015-02-13 20:00 - 2014-12-27 13:30 - 00003898 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C340499F-A8EC-4F84-BC9E-A421A4A8600E}
2015-02-13 20:00 - 2014-12-20 13:16 - 01873980 _____ () C:\Windows\WindowsUpdate.log
2015-02-13 20:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-13 19:57 - 2014-12-20 15:11 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-13 19:57 - 2014-12-20 15:11 - 00000000 ____D () C:\Users\user\AppData\Local\Livedrive
2015-02-13 19:56 - 2014-12-27 17:53 - 00000000 ___RD () C:\Users\user\OneDrive
2015-02-13 19:56 - 2014-12-20 15:12 - 00000000 ____D () C:\Users\user\AppData\Local\CrashDumps
2015-02-12 23:16 - 2014-12-28 23:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-12 23:10 - 2014-12-27 14:46 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-02-12 23:10 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-12 23:10 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-12 22:55 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-12 22:47 - 2014-12-20 15:11 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-12 22:39 - 2013-08-22 14:44 - 00491624 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 20:15 - 2014-03-18 09:53 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-11 23:33 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-11 21:25 - 2014-12-20 13:17 - 00000000 ____D () C:\Users\user\AppData\Local\Packages
2015-02-10 20:06 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-10 19:38 - 2014-12-27 18:38 - 00000000 ____D () C:\Users\user\Documents\On the Floor Dance Academy
2015-02-09 20:55 - 2014-12-27 18:53 - 00000000 ____D () C:\Users\user\Documents\Finances
2015-02-09 20:54 - 2014-12-28 09:45 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-08 15:33 - 2014-12-28 09:42 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-02-08 15:32 - 2014-12-28 09:42 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-02-07 07:42 - 2014-12-20 15:11 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 07:42 - 2014-12-20 15:11 - 00003648 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 21:52 - 2014-12-20 15:12 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-06 08:16 - 2014-12-28 23:19 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-03 19:31 - 2014-12-29 19:56 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:31 - 2014-12-29 19:56 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-01 03:13 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-30 21:31 - 2014-04-02 23:51 - 00000000 ____D () C:\Windows\Panther
2015-01-30 18:39 - 2014-12-27 21:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 11:36 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-23 22:36 - 2014-12-27 18:57 - 00000000 ____D () C:\Users\user\Documents\Misc
2015-01-23 08:53 - 2014-12-27 14:41 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-01-23 08:52 - 2013-08-22 15:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-23 08:50 - 2014-11-16 03:36 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-17 07:58 - 2014-12-27 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2015-01-17 07:57 - 2014-11-16 03:34 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-17 07:57 - 2014-11-16 03:26 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-14 08:34 - 2014-12-27 23:16 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 08:31 - 2014-12-27 23:14 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2014-12-27 14:49 - 2014-12-27 14:49 - 32371688 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-01-03 15:23 - 2015-01-03 15:23 - 0004608 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-09 21:42
==================== End Of Log ============================
Addition File . . . .
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2015
Ran by user at 2015-02-13 20:02:43
Running from C:\Users\user\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.3.5715 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2.3324 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{7FE016CC-DAA9-4E21-BD2F-98390D1E6F3F}) (Version: 7.6.23.8 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C39A7F0F-89A6-44BB-B1BF-5F96569B5345}) (Version: 1.2.9 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Knowhow Cloud (HKLM\...\{FE24E834-46AF-4B4C-B09B-921784B4EE45}) (Version: 2.0.6 - DSG Retail Limited)
KNOWHOW Remote Support (HKLM-x32\...\{A22B8513-EA8C-46A1-9735-F5BE971C368D}) (Version: 7.4.515 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.207 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.2.3 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.191 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1212043878-3611826067-185365948-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-GB)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PhotoSync (HKLM\...\{C05D2D98-CCBD-4E66-9954-021ED55CB1E2}) (Version: 2.3.0 - touchbyte GmbH)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Rapport (x32 Version: 3.5.1404.61 - Trusteer) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.17 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.33 - REALTEK Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.16 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.61 - Trusteer)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (x32 Version: 4.0.11.9 - WildTangent) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1212043878-3611826067-185365948-1001_Classes\CLSID\{2D349E57-23E4-4A67-9624-F1DC6B65AABF}\InprocServer32 -> C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\FntCache.dll No File
CustomCLSID: HKU\S-1-5-21-1212043878-3611826067-185365948-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1212043878-3611826067-185365948-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
06-02-2015 08:38:47 Windows Update
11-02-2015 23:26:45 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1D409AC8-8865-407F-A39B-74433BFDE53C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {406D6D48-F6C8-40D8-9BF0-D0B809A36C39} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {63141479-8AED-4C9B-B66C-54E1851EDE77} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
Task: {686011CE-043E-406D-8847-9F5B9A67D171} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {749102D2-7D46-4F95-BC84-AB37533FD1C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
Task: {7B5C3355-A55A-4C59-823F-D56A4645A37F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8CD57C69-3456-4FB2-AFF4-C31A0F8B3301} - System32\Tasks\HPCeeScheduleForuser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {9EE8F73F-7CC2-4EB4-849B-4B4B8FCC3196} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {A0170FD7-15A1-4047-BEC0-9324E013CD38} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-12-28] (Microsoft Corporation)
Task: {AB2D5362-C60A-4587-B2F6-BD2A5822E73C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {ADB084AC-5A33-4056-B9F3-6231A9E4FFFB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {B8C1BD8A-3CE4-4FBF-A303-4E23F9286BEE} - System32\Tasks\Microsoft Office 15 Sync Maintenance for hp-user hp => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-12-28] (Microsoft Corporation)
Task: {C0BE977F-4A0A-423E-9457-E7A665E30A82} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CABD03A9-89EF-4167-A971-C67166267D8F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {DA28D222-DFCF-484F-8BFD-F28FE428F1BA} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1212043878-3611826067-185365948-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {E7037E67-7A01-4610-AC28-06212CF84A41} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {EBF4D5EE-3390-4023-B792-843C60729717} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {F1CDFC8D-4C29-41FD-974C-0916BACA303E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
Task: {FD4471B8-6548-4EBD-B789-3997F4D6C6DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForuser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) ==============
2014-03-28 12:31 - 2014-03-28 12:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-16 03:13 - 2014-07-04 11:24 - 00094936 ____N () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-12-27 13:56 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 08:44 - 2013-12-04 08:44 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2013-11-29 16:20 - 2013-11-29 16:20 - 00210592 _____ () C:\Program Files (x86)\Knowhow Cloud\VSSService.exe
2014-12-28 07:56 - 2014-12-28 07:56 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-28 12:36 - 2014-03-28 12:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-11-16 03:04 - 2013-12-10 15:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2013-11-29 16:20 - 2013-11-29 16:20 - 00072352 _____ () C:\Program Files (x86)\Knowhow Cloud\Native.dll
2014-12-28 07:53 - 2014-12-28 07:53 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2015-01-29 19:42 - 2015-01-29 19:42 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-12-28 07:56 - 2014-12-28 07:56 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-11-16 03:27 - 2011-08-24 02:39 - 00081920 _____ () C:\Program Files (x86)\CyberLink\YouCam\koan\_ctypes.pyd
2014-11-16 03:27 - 2014-06-18 08:23 - 00866056 _____ () C:\Program Files (x86)\CyberLink\YouCam\subsys\BigBang\Runtime\UNO.dll
2014-11-16 03:27 - 2011-08-24 02:39 - 00053248 _____ () C:\Program Files (x86)\CyberLink\YouCam\koan\_socket.pyd
2014-11-16 03:27 - 2011-08-24 02:39 - 00655360 _____ () C:\Program Files (x86)\CyberLink\YouCam\koan\_ssl.pyd
2014-11-16 03:27 - 2013-12-17 10:19 - 00057344 _____ () C:\Program Files (x86)\CyberLink\YouCam\subsys\YouCam\XUControl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\user\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1212043878-3611826067-185365948-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: RapportMgmtService => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SynTPEnhService => 2
==================== Accounts: =============================
Administrator (S-1-5-21-1212043878-3611826067-185365948-500 - Administrator - Disabled)
Guest (S-1-5-21-1212043878-3611826067-185365948-501 - Limited - Disabled)
user (S-1-5-21-1212043878-3611826067-185365948-1001 - Administrator - Enabled) => C:\Users\user
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/13/2015 07:57:41 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b93aa4b7-e405-4617-86fc-3d9fa6eabeaa}
Error: (02/13/2015 07:57:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPWMISVC.exe, version: 1.2.9.0, time stamp: 0x5436443d
Faulting module name: fastprox.dll_unloaded, version: 6.3.9600.16384, time stamp: 0x52157b33
Exception code: 0xc00001a5
Fault offset: 0x00047505
Faulting process ID: 0x1a20
Faulting application start time: 0xHPWMISVC.exe0
Faulting application path: HPWMISVC.exe1
Faulting module path: HPWMISVC.exe2
Report ID: HPWMISVC.exe3
Faulting package full name: HPWMISVC.exe4
Faulting package-relative application ID: HPWMISVC.exe5
Error: (02/13/2015 07:56:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxTray.exe, version: 6.15.10.3574, time stamp: 0x535821b3
Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53087867
Exception code: 0xc0000005
Fault offset: 0x0000000000005fc4
Faulting process ID: 0x1cb0
Faulting application start time: 0xigfxTray.exe0
Faulting application path: igfxTray.exe1
Faulting module path: igfxTray.exe2
Report ID: igfxTray.exe3
Faulting package full name: igfxTray.exe4
Faulting package-relative application ID: igfxTray.exe5
Error: (02/12/2015 11:13:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b93aa4b7-e405-4617-86fc-3d9fa6eabeaa}
Error: (02/12/2015 11:12:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxTray.exe, version: 6.15.10.3574, time stamp: 0x535821b3
Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53087867
Exception code: 0xc0000005
Fault offset: 0x0000000000006041
Faulting process ID: 0x103c
Faulting application start time: 0xigfxTray.exe0
Faulting application path: igfxTray.exe1
Faulting module path: igfxTray.exe2
Report ID: igfxTray.exe3
Faulting package full name: igfxTray.exe4
Faulting package-relative application ID: igfxTray.exe5
Error: (02/12/2015 11:06:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bbb0c174-b007-4703-83ca-6871c90cf914}
Error: (02/12/2015 11:05:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxTray.exe, version: 6.15.10.3574, time stamp: 0x535821b3
Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53087867
Exception code: 0xc0000005
Fault offset: 0x0000000000005fc4
Faulting process ID: 0x13c8
Faulting application start time: 0xigfxTray.exe0
Faulting application path: igfxTray.exe1
Faulting module path: igfxTray.exe2
Report ID: igfxTray.exe3
Faulting package full name: igfxTray.exe4
Faulting package-relative application ID: igfxTray.exe5
Error: (02/12/2015 10:47:21 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {ee3966dc-af29-4f4b-961b-b0c7b1af5b94}
Error: (02/12/2015 10:44:26 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {ee3966dc-af29-4f4b-961b-b0c7b1af5b94}
Error: (02/12/2015 10:43:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxTray.exe, version: 6.15.10.3574, time stamp: 0x535821b3
Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53087867
Exception code: 0xc0000005
Fault offset: 0x0000000000006041
Faulting process ID: 0x588
Faulting application start time: 0xigfxTray.exe0
Faulting application path: igfxTray.exe1
Faulting module path: igfxTray.exe2
Report ID: igfxTray.exe3
Faulting package full name: igfxTray.exe4
Faulting package-relative application ID: igfxTray.exe5
System errors:
=============
Error: (02/13/2015 07:57:37 PM) (Source: DCOM) (EventID: 10010) (User: HP)
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
Error: (02/13/2015 07:57:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
Error: (02/12/2015 11:15:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The McAfee Home Network service did not respond on starting.
Error: (02/12/2015 11:03:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 22:39:42 on 12/02/2015 was unexpected.
Error: (02/12/2015 10:36:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 22:25:12 on 12/02/2015 was unexpected.
Error: (02/12/2015 10:28:20 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (02/12/2015 10:25:31 PM) (Source: DCOM) (EventID: 10010) (User: HP)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (02/12/2015 10:24:54 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (02/12/2015 10:23:28 PM) (Source: DCOM) (EventID: 10010) (User: HP)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (02/12/2015 08:11:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
Microsoft Office Sessions:
=========================
Error: (02/13/2015 07:57:41 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b93aa4b7-e405-4617-86fc-3d9fa6eabeaa}
Error: (02/13/2015 07:57:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPWMISVC.exe1.2.9.05436443dfastprox.dll_unloaded6.3.9600.1638452157b33c00001a5000475051a2001d047196c44da86c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exefastprox.dll7add5108-b3ba-11e4-8289-7429af433140
Error: (02/13/2015 07:56:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxTray.exe6.15.10.3574535821b3combase.dll6.3.9600.1703153087867c00000050000000000005fc41cb001d047c70f90f629C:\Windows\system32\igfxTray.exeC:\Windows\SYSTEM32\combase.dll58cb623e-b3ba-11e4-8289-7429af433140
Error: (02/12/2015 11:13:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b93aa4b7-e405-4617-86fc-3d9fa6eabeaa}
Error: (02/12/2015 11:12:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxTray.exe6.15.10.3574535821b3combase.dll6.3.9600.1703153087867c00000050000000000006041103c01d047195027742cC:\Windows\system32\igfxTray.exeC:\Windows\SYSTEM32\combase.dll985d17bc-b30c-11e4-8289-7429af433140
Error: (02/12/2015 11:06:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bbb0c174-b007-4703-83ca-6871c90cf914}
Error: (02/12/2015 11:05:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxTray.exe6.15.10.3574535821b3combase.dll6.3.9600.1703153087867c00000050000000000005fc413c801d0471851b5bbc0C:\Windows\system32\igfxTray.exeC:\Windows\SYSTEM32\combase.dll9ac87a0f-b30b-11e4-8288-7429af433140
Error: (02/12/2015 10:47:21 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {ee3966dc-af29-4f4b-961b-b0c7b1af5b94}
Error: (02/12/2015 10:44:26 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {ee3966dc-af29-4f4b-961b-b0c7b1af5b94}
Error: (02/12/2015 10:43:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxTray.exe6.15.10.3574535821b3combase.dll6.3.9600.1703153087867c0000005000000000000604158801d047155a2f52f0C:\Windows\system32\igfxTray.exeC:\Windows\SYSTEM32\combase.dll9d91491c-b308-11e4-8287-7429af433140
CodeIntegrity Errors:
===================================
Date: 2015-01-30 19:25:47.311
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\FntCache.dll that did not meet the Windows signing level requirements.
Date: 2015-01-28 18:08:08.787
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\FntCache.dll that did not meet the Windows signing level requirements.
Date: 2015-01-28 18:04:06.036
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\FntCache.dll that did not meet the Windows signing level requirements.
Date: 2015-01-28 17:50:26.745
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\FntCache.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-4288U CPU @ 2.60GHz
Percentage of memory in use: 54%
Total physical RAM: 8122.15 MB
Available physical RAM: 3700.73 MB
Total Pagefile: 16314.15 MB
Available Pagefile: 11655.34 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:1375.16 GB) (Free:1280.78 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.09 GB) (Free:2.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 39ED847C)
Partition: GPT Partition Type.
==================== End Of Log ===========================
TDSS Killer file . . . .
20:07:49.0346 0x07d8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:07:49.0346 0x07d8 UEFI system
20:07:55.0319 0x07d8 ============================================================
20:07:55.0319 0x07d8 Current date / time: 2015/02/13 20:07:55.0319
20:07:55.0319 0x07d8 SystemInfo:
20:07:55.0319 0x07d8
20:07:55.0319 0x07d8 OS Version: 6.3.9600 ServicePack: 0.0
20:07:55.0319 0x07d8 Product type: Workstation
20:07:55.0319 0x07d8 ComputerName: HP
20:07:55.0319 0x07d8 UserName: user
20:07:55.0319 0x07d8 Windows directory: C:\Windows
20:07:55.0334 0x07d8 System windows directory: C:\Windows
20:07:55.0334 0x07d8 Running under WOW64
20:07:55.0334 0x07d8 Processor architecture: Intel x64
20:07:55.0334 0x07d8 Number of processors: 4
20:07:55.0334 0x07d8 Page size: 0x1000
20:07:55.0334 0x07d8 Boot type: Normal boot
20:07:55.0334 0x07d8 ============================================================
20:07:56.0522 0x07d8 KLMD registered as C:\Windows\system32\drivers\71695405.sys
20:07:57.0241 0x07d8 System UUID: {29AE7BA8-80F7-A692-158A-53C26963D881}
20:07:57.0944 0x07d8 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:07:57.0959 0x07d8 ============================================================
20:07:57.0959 0x07d8 \Device\Harddisk0\DR0:
20:07:57.0959 0x07d8 GPT partitions:
20:07:57.0959 0x07d8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C9F00A19-797B-4BF0-8789-16FD039EC0B2}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000
20:07:57.0959 0x07d8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {50237BDC-6524-42D7-9F64-5409776E6370}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000
20:07:57.0959 0x07d8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {49F7C650-8686-4436-B9ED-C5895F09B113}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000
20:07:57.0959 0x07d8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4673790D-C9FD-49AC-8EAB-9A6E2571A084}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0xABE51800
20:07:57.0959 0x07d8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A0B51950-2273-46DD-81CA-B4504BA3EC58}, Name: Basic data partition, StartLBA 0xAC059000, BlocksNum 0x2A2C000
20:07:57.0959 0x07d8 MBR partitions:
20:07:57.0959 0x07d8 ============================================================
20:07:57.0991 0x07d8 C: <-> \Device\Harddisk0\DR0\Partition4
20:07:58.0038 0x07d8 D: <-> \Device\Harddisk0\DR0\Partition5
20:07:58.0038 0x07d8 ============================================================
20:07:58.0038 0x07d8 Initialize success
20:07:58.0038 0x07d8 ============================================================
20:08:13.0566 0x21c8 ============================================================
20:08:13.0566 0x21c8 Scan started
20:08:13.0566 0x21c8 Mode: Manual; SigCheck; TDLFS;
20:08:13.0566 0x21c8 ============================================================
20:08:13.0566 0x21c8 KSN ping started
20:08:16.0102 0x21c8 KSN ping finished: true
20:08:19.0448 0x21c8 ================ Scan system memory ========================
20:08:19.0448 0x21c8 System memory - ok
20:08:19.0448 0x21c8 ================ Scan services =============================
20:08:19.0635 0x21c8 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
20:08:19.0838 0x21c8 1394ohci - ok
20:08:19.0889 0x21c8 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
20:08:19.0952 0x21c8 3ware - ok
20:08:19.0983 0x21c8 [ F39180029723D7779C80360F9E255709, F4831FEE79AAF4DB66BF58D3F89B8A6DD8F38CD546B3C653BFF7052DDA112CC6 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
20:08:20.0030 0x21c8 Accelerometer - ok
20:08:20.0061 0x21c8 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:08:20.0124 0x21c8 ACPI - ok
20:08:20.0139 0x21c8 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
20:08:20.0202 0x21c8 acpiex - ok
20:08:20.0217 0x21c8 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
20:08:20.0280 0x21c8 acpipagr - ok
20:08:20.0280 0x21c8 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
20:08:20.0358 0x21c8 AcpiPmi - ok
20:08:20.0374 0x21c8 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
20:08:20.0421 0x21c8 acpitime - ok
20:08:20.0530 0x21c8 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:08:20.0608 0x21c8 AdobeARMservice - ok
20:08:20.0896 0x21c8 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:08:20.0958 0x21c8 AdobeFlashPlayerUpdateSvc - ok
20:08:21.0115 0x21c8 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
20:08:21.0505 0x21c8 ADP80XX - ok
20:08:21.0583 0x21c8 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:08:21.0693 0x21c8 AeLookupSvc - ok
20:08:21.0802 0x21c8 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
20:08:21.0958 0x21c8 AFD - ok
20:08:22.0021 0x21c8 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:08:22.0099 0x21c8 agp440 - ok
20:08:22.0146 0x21c8 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
20:08:22.0208 0x21c8 ahcache - ok
20:08:22.0224 0x21c8 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe
20:08:22.0411 0x21c8 ALG - ok
20:08:22.0427 0x21c8 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
20:08:22.0536 0x21c8 AmdK8 - ok
20:08:22.0552 0x21c8 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
20:08:22.0646 0x21c8 AmdPPM - ok
20:08:22.0661 0x21c8 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:08:22.0740 0x21c8 amdsata - ok
20:08:22.0786 0x21c8 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:08:22.0849 0x21c8 amdsbs - ok
20:08:22.0865 0x21c8 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:08:22.0918 0x21c8 amdxata - ok
20:08:22.0981 0x21c8 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
20:08:23.0059 0x21c8 AppHostSvc - ok
20:08:23.0074 0x21c8 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\Windows\system32\drivers\appid.sys
20:08:23.0168 0x21c8 AppID - ok
20:08:23.0215 0x21c8 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:08:23.0293 0x21c8 AppIDSvc - ok
20:08:23.0324 0x21c8 [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\Windows\System32\appinfo.dll
20:08:23.0371 0x21c8 Appinfo - ok
20:08:23.0543 0x21c8 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:08:23.0590 0x21c8 Apple Mobile Device Service - ok
20:08:23.0652 0x21c8 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\Windows\system32\AppReadiness.dll
20:08:23.0746 0x21c8 AppReadiness - ok
20:08:24.0027 0x21c8 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
20:08:24.0184 0x21c8 AppXSvc - ok
20:08:24.0231 0x21c8 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:08:24.0340 0x21c8 arcsas - ok
20:08:24.0699 0x21c8 [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:08:24.0824 0x21c8 aspnet_state - ok
20:08:24.0856 0x21c8 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:08:24.0965 0x21c8 AsyncMac - ok
20:08:24.0981 0x21c8 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
20:08:25.0106 0x21c8 atapi - ok
20:08:25.0184 0x21c8 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:08:25.0324 0x21c8 AudioEndpointBuilder - ok
20:08:25.0449 0x21c8 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:08:25.0559 0x21c8 Audiosrv - ok
20:08:25.0590 0x21c8 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:08:25.0715 0x21c8 AxInstSV - ok
20:08:25.0797 0x21c8 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:08:25.0906 0x21c8 b06bdrv - ok
20:08:25.0922 0x21c8 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
20:08:26.0031 0x21c8 BasicDisplay - ok
20:08:26.0063 0x21c8 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
20:08:26.0141 0x21c8 BasicRender - ok
20:08:26.0172 0x21c8 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
20:08:26.0281 0x21c8 bcmfn2 - ok
20:08:26.0391 0x21c8 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:08:26.0563 0x21c8 BDESVC - ok
20:08:26.0594 0x21c8 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
20:08:26.0688 0x21c8 Beep - ok
20:08:26.0924 0x21c8 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\Windows\System32\bfe.dll
20:08:27.0002 0x21c8 BFE - ok
20:08:27.0095 0x21c8 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll
20:08:27.0189 0x21c8 BITS - ok
20:08:27.0236 0x21c8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:08:27.0299 0x21c8 Bonjour Service - ok
20:08:27.0314 0x21c8 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:08:27.0392 0x21c8 bowser - ok
20:08:27.0455 0x21c8 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:08:27.0517 0x21c8 BrokerInfrastructure - ok
20:08:27.0564 0x21c8 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\Windows\System32\browser.dll
20:08:27.0642 0x21c8 Browser - ok
20:08:27.0861 0x21c8 [ 4B310F830D166A36F941728A7258A0D4, 4C07C638535F9A85E49EE2FDC6AAA4975EA233F54AE811D520129E636E961CC1 ] BTDevManager C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
20:08:27.0910 0x21c8 BTDevManager - ok
20:08:27.0926 0x21c8 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
20:08:28.0004 0x21c8 BthAvrcpTg - ok
20:08:28.0035 0x21c8 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
20:08:28.0082 0x21c8 BthEnum - ok
20:08:28.0113 0x21c8 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
20:08:28.0176 0x21c8 BthHFEnum - ok
20:08:28.0192 0x21c8 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
20:08:28.0254 0x21c8 bthhfhid - ok
20:08:28.0348 0x21c8 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
20:08:28.0410 0x21c8 BthLEEnum - ok
20:08:28.0457 0x21c8 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
20:08:28.0520 0x21c8 BTHMODEM - ok
20:08:28.0598 0x21c8 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\Windows\System32\drivers\bthpan.sys
20:08:28.0645 0x21c8 BthPan - ok
20:08:28.0912 0x21c8 [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:08:28.0990 0x21c8 BTHPORT - ok
20:08:29.0021 0x21c8 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll
20:08:29.0084 0x21c8 bthserv - ok
20:08:29.0177 0x21c8 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:08:29.0224 0x21c8 BTHUSB - ok
20:08:29.0334 0x21c8 [ 3D50891CAA71E3479A8A10F25CA9207F, AEF11602299188DC07F758D13ACC5F91BCD8BE94E87D050C01B1CD155CE10791 ] cbfs3 C:\Windows\system32\drivers\cbfs3.sys
20:08:29.0381 0x21c8 cbfs3 - ok
20:08:29.0412 0x21c8 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:08:29.0474 0x21c8 cdfs - ok
20:08:29.0568 0x21c8 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
20:08:29.0631 0x21c8 cdrom - ok
20:08:29.0693 0x21c8 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll
20:08:29.0787 0x21c8 CertPropSvc - ok
20:08:29.0938 0x21c8 [ 18763CE5B96AB9854D3B0A2E5D4C436F, 8C3C6B49F895584DC020A440A9D327E561982387AE7A4326D2C39F956F5D7282 ] cfwids C:\Windows\system32\drivers\cfwids.sys
20:08:30.0000 0x21c8 cfwids - ok
20:08:30.0032 0x21c8 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
20:08:30.0172 0x21c8 circlass - ok
20:08:30.0250 0x21c8 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\Windows\system32\drivers\CLFS.sys
20:08:30.0313 0x21c8 CLFS - ok
20:08:30.0813 0x21c8 [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
20:08:30.0924 0x21c8 ClickToRunSvc - ok
20:08:30.0971 0x21c8 [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
20:08:31.0033 0x21c8 CLVirtualDrive - ok
20:08:31.0064 0x21c8 [ 9731DAFDC7B690B2C7752FDFF045BFD8, 9DDBDC4FE519AF38993EAB2F16602B2B71CF8675BDD1F651F22DFA8C5C2C80F7 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
20:08:31.0143 0x21c8 clwvd - ok
20:08:31.0174 0x21c8 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
20:08:31.0252 0x21c8 CmBatt - ok
20:08:31.0299 0x21c8 [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG C:\Windows\system32\Drivers\cng.sys
20:08:31.0377 0x21c8 CNG - ok
20:08:31.0424 0x21c8 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
20:08:31.0502 0x21c8 CompositeBus - ok
20:08:31.0502 0x21c8 COMSysApp - ok
20:08:31.0518 0x21c8 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
20:08:31.0580 0x21c8 condrv - ok
20:08:31.0705 0x21c8 [ 370CE1518F8AC94F045BD9F74BD21F63, 2B697B7801A5ED46992E530CD271C44C3450BA3E17165D41AC15AF8E72781DCB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:08:32.0036 0x21c8 cphs - ok
20:08:32.0067 0x21c8 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:08:32.0114 0x21c8 CryptSvc - ok
20:08:32.0130 0x21c8 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
20:08:32.0177 0x21c8 dam - ok
20:08:32.0255 0x21c8 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:08:32.0318 0x21c8 DcomLaunch - ok
20:08:32.0364 0x21c8 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\Windows\System32\defragsvc.dll
20:08:32.0443 0x21c8 defragsvc - ok
20:08:32.0568 0x21c8 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
20:08:32.0646 0x21c8 DeviceAssociationService - ok
20:08:32.0677 0x21c8 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
20:08:32.0739 0x21c8 DeviceInstall - ok
20:08:32.0802 0x21c8 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
20:08:32.0864 0x21c8 Dfsc - ok
20:08:32.0939 0x21c8 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:08:33.0001 0x21c8 Dhcp - ok
20:08:33.0064 0x21c8 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
20:08:33.0111 0x21c8 disk - ok
20:08:33.0126 0x21c8 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
20:08:33.0204 0x21c8 dmvsc - ok
20:08:33.0236 0x21c8 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:08:33.0298 0x21c8 Dnscache - ok
20:08:33.0392 0x21c8 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll
20:08:33.0470 0x21c8 dot3svc - ok
20:08:33.0517 0x21c8 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll
20:08:33.0579 0x21c8 DPS - ok
20:08:33.0595 0x21c8 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:08:33.0657 0x21c8 drmkaud - ok
20:08:33.0704 0x21c8 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
20:08:33.0782 0x21c8 DsmSvc - ok
20:08:34.0173 0x21c8 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:08:34.0251 0x21c8 DXGKrnl - ok
20:08:34.0282 0x21c8 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll
20:08:34.0345 0x21c8 Eaphost - ok
20:08:34.0798 0x21c8 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:08:34.0954 0x21c8 ebdrv - ok
20:08:35.0001 0x21c8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe
20:08:35.0048 0x21c8 EFS - ok
20:08:35.0095 0x21c8 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
20:08:35.0126 0x21c8 EhStorClass - ok
20:08:35.0173 0x21c8 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:08:35.0220 0x21c8 EhStorTcgDrv - ok
20:08:35.0236 0x21c8 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
20:08:35.0298 0x21c8 ErrDev - ok
20:08:35.0361 0x21c8 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll
20:08:35.0423 0x21c8 EventSystem - ok
20:08:35.0470 0x21c8 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
20:08:35.0548 0x21c8 exfat - ok
20:08:35.0626 0x21c8 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:08:35.0673 0x21c8 fastfat - ok
20:08:35.0767 0x21c8 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe
20:08:35.0861 0x21c8 Fax - ok
20:08:35.0876 0x21c8 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
20:08:35.0955 0x21c8 fdc - ok
20:08:36.0205 0x21c8 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll
20:08:36.0251 0x21c8 fdPHost - ok
20:08:36.0267 0x21c8 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll
20:08:36.0330 0x21c8 FDResPub - ok
20:08:36.0361 0x21c8 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll
20:08:36.0423 0x21c8 fhsvc - ok
20:08:36.0455 0x21c8 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:08:36.0501 0x21c8 FileInfo - ok
20:08:36.0517 0x21c8 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:08:36.0595 0x21c8 Filetrace - ok
20:08:36.0626 0x21c8 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
20:08:36.0689 0x21c8 flpydisk - ok
20:08:36.0783 0x21c8 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:08:36.0830 0x21c8 FltMgr - ok
20:08:37.0095 0x21c8 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\Windows\system32\FntCache.dll
20:08:37.0189 0x21c8 FontCache - ok
20:08:37.0361 0x21c8 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:08:37.0408 0x21c8 FontCache3.0.0.0 - ok
20:08:37.0455 0x21c8 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:08:37.0517 0x21c8 FsDepends - ok
20:08:37.0533 0x21c8 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:08:37.0580 0x21c8 Fs_Rec - ok
20:08:37.0720 0x21c8 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:08:37.0783 0x21c8 fvevol - ok
20:08:37.0814 0x21c8 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
20:08:37.0876 0x21c8 FxPPM - ok
20:08:37.0892 0x21c8 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:08:37.0955 0x21c8 gagp30kx - ok
20:08:38.0251 0x21c8 [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
20:08:38.0314 0x21c8 GamesAppIntegrationService - ok
20:08:38.0345 0x21c8 [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:08:38.0423 0x21c8 GamesAppService - ok
20:08:38.0455 0x21c8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:08:38.0517 0x21c8 GEARAspiWDM - ok
20:08:38.0548 0x21c8 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
20:08:38.0642 0x21c8 gencounter - ok
20:08:38.0705 0x21c8 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
20:08:38.0783 0x21c8 GPIOClx0101 - ok
20:08:38.0845 0x21c8 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\Windows\System32\gpsvc.dll
20:08:38.0956 0x21c8 gpsvc - ok
20:08:39.0018 0x21c8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:08:39.0065 0x21c8 gupdate - ok
20:08:39.0096 0x21c8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:08:39.0143 0x21c8 gupdatem - ok
20:08:39.0190 0x21c8 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:08:39.0268 0x21c8 gusvc - ok
20:08:39.0471 0x21c8 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:08:39.0612 0x21c8 HdAudAddService - ok
20:08:39.0690 0x21c8 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
20:08:39.0768 0x21c8 HDAudBus - ok
20:08:39.0815 0x21c8 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
20:08:39.0893 0x21c8 HidBatt - ok
20:08:39.0940 0x21c8 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\Windows\System32\drivers\hidbth.sys
20:08:40.0034 0x21c8 HidBth - ok
20:08:40.0049 0x21c8 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
20:08:40.0143 0x21c8 hidi2c - ok
20:08:40.0174 0x21c8 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
20:08:40.0268 0x21c8 HidIr - ok
20:08:40.0299 0x21c8 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll
20:08:40.0362 0x21c8 hidserv - ok
20:08:40.0393 0x21c8 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
20:08:40.0471 0x21c8 HidUsb - ok
20:08:40.0518 0x21c8 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
20:08:40.0612 0x21c8 HipShieldK - ok
20:08:40.0643 0x21c8 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:08:40.0737 0x21c8 hkmsvc - ok
20:08:40.0753 0x21c8 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:08:40.0862 0x21c8 HomeGroupListener - ok
20:08:40.0893 0x21c8 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:08:40.0973 0x21c8 HomeGroupProvider - ok
20:08:41.0083 0x21c8 [ 4D177347E5C667854DEF83FD31DCF4F0, D6352E703B900BF193A007AD28FE3E84A013257DDBB0BD9C4033A0093A60DB15 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:08:41.0145 0x21c8 HomeNetSvc - ok
20:08:41.0239 0x21c8 [ D304B2B9C544B66847359F2BAE1F3DE9, C54EC99BEFECBDF53779D36C8BA2B8B3352B0BAF1582051EE15A1086E95DEFE8 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:08:41.0301 0x21c8 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
20:08:43.0864 0x21c8 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
20:08:46.0535 0x21c8 [ 8B8E6BD988EAF18C1B86704BF05E5C03, 84052C116032F3DC47B0D3A7A8FC8E86DF94DDB3136C866D8FC8A3DF23209DEC ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
20:08:46.0597 0x21c8 hpdskflt - ok
20:08:46.0660 0x21c8 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:08:46.0738 0x21c8 hpqwmiex - ok
20:08:46.0769 0x21c8 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:08:46.0832 0x21c8 HpSAMD - ok
20:08:46.0863 0x21c8 [ 0865F178E272C682B0689F1AA269128D, F8CC23EA339F0C917C3948FF35BEFE10664CCFF8796954898E41F4EC1618E5E1 ] hpsrv C:\Windows\system32\Hpservice.exe
20:08:46.0910 0x21c8 hpsrv - ok
20:08:46.0972 0x21c8 [ E3BCE46BFD31B2D199151A72F658C988, A8633E044E243F5E097BC6658EDDF1DDF4E09C9ABB0F9BE6A3E84384092CEB5F ] HPWMISVC c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
20:08:47.0051 0x21c8 HPWMISVC - ok
20:08:47.0097 0x21c8 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:08:47.0176 0x21c8 HTTP - ok
20:08:47.0222 0x21c8 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:08:47.0269 0x21c8 hwpolicy - ok
20:08:47.0285 0x21c8 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
20:08:47.0379 0x21c8 hyperkbd - ok
20:08:47.0410 0x21c8 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
20:08:47.0488 0x21c8 HyperVideo - ok
20:08:47.0504 0x21c8 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
20:08:47.0566 0x21c8 i8042prt - ok
20:08:47.0582 0x21c8 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
20:08:47.0660 0x21c8 iaLPSSi_GPIO - ok
20:08:47.0676 0x21c8 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
20:08:47.0754 0x21c8 iaLPSSi_I2C - ok
20:08:47.0801 0x21c8 [ 4558F084BCB7EFA3E8321C95B4EE736F, 4E088E1A9F9CE9F3FCA9CA2954CA7969135D4A42F632E495070FBAC4051148C2 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
20:08:47.0879 0x21c8 iaStorA - ok
20:08:47.0910 0x21c8 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
20:08:48.0004 0x21c8 iaStorAV - ok
20:08:48.0051 0x21c8 [ 3FE5F886F28B78FCED4BD5668902B7FC, 500BF5292051C3E447E94CAE3638D68CEDC2775587787E4DE38D6BCD34160B36 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:08:48.0113 0x21c8 IAStorDataMgrSvc - ok
20:08:48.0129 0x21c8 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:08:48.0222 0x21c8 iaStorV - ok
20:08:48.0222 0x21c8 IEEtwCollectorService - ok
20:08:48.0363 0x21c8 [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:08:48.0535 0x21c8 igfx - ok
20:08:48.0566 0x21c8 [ E766B747824DA1FD97F0DDD8653CB5F4, 1FEFAEB2E672488BAAB9532E3DB368B41C3B200C525ADC3E4DB9E9FF0BC798FC ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
20:08:48.0629 0x21c8 igfxCUIService1.0.0.0 - ok
20:08:48.0660 0x21c8 [ E71AC94964ED675B3ED0727059B7F97B, 5468B5E9B75B10EA0BFBD81827FFC9CABFC69A4065CC5A5792DBC289D4DA27EE ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
20:08:48.0722 0x21c8 ikbevent - ok
20:08:48.0785 0x21c8 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\Windows\System32\ikeext.dll
20:08:49.0105 0x21c8 IKEEXT - ok
20:08:49.0136 0x21c8 [ 2FDB67F5B9F4E96B40FDC9D1AA0B686F, B556328D54F886792A89588F3FEFE38F7129E3D7A417CDC012778FA4EF37A8C1 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
20:08:49.0199 0x21c8 imsevent - ok
20:08:49.0230 0x21c8 [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON C:\Windows\System32\Drivers\INETMON.sys
20:08:49.0277 0x21c8 INETMON - ok
20:08:49.0308 0x21c8 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
20:08:49.0371 0x21c8 intaud_WaveExtensible - ok
20:08:49.0574 0x21c8 [ 0ED561B13EFE36080760981616107D15, 2FB78BC7825E29A9E216061EC9E4196612B86C6ED5ADB48AA3EBBB8C0E2CCCFF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:08:49.0730 0x21c8 IntcAzAudAddService - ok
20:08:49.0761 0x21c8 [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:08:49.0839 0x21c8 IntcDAud - ok
20:08:49.0902 0x21c8 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:08:49.0964 0x21c8 Intel® Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
20:08:52.0767 0x21c8 Detect skipped due to KSN trusted
20:08:52.0767 0x21c8 Intel® Capability Licensing Service Interface - ok
20:08:52.0814 0x21c8 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:08:52.0907 0x21c8 Intel® Capability Licensing Service TCP IP Interface - ok
20:08:52.0987 0x21c8 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
20:08:53.0034 0x21c8 Intel® ME Service - ok
20:08:53.0097 0x21c8 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
20:08:53.0143 0x21c8 intelide - ok
20:08:53.0190 0x21c8 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
20:08:53.0237 0x21c8 intelpep - ok
20:08:53.0253 0x21c8 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
20:08:53.0300 0x21c8 intelppm - ok
20:08:53.0315 0x21c8 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:08:53.0393 0x21c8 IpFilterDriver - ok
20:08:53.0440 0x21c8 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:08:53.0503 0x21c8 iphlpsvc - ok
20:08:53.0534 0x21c8 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
20:08:53.0597 0x21c8 IPMIDRV - ok
20:08:53.0643 0x21c8 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:08:53.0706 0x21c8 IPNAT - ok
20:08:53.0784 0x21c8 [ 87F8EDF63C97BF0BF21359A3D8ABF0C7, BAAAE1DE50EBD1BCE46F33C5F3A7F3C39F61AB21416D78DAA7F8A19F38F67269 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:08:53.0831 0x21c8 iPod Service - ok
20:08:53.0847 0x21c8 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:08:53.0909 0x21c8 IRENUM - ok
20:08:53.0909 0x21c8 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:08:53.0972 0x21c8 isapnp - ok
20:08:54.0003 0x21c8 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
20:08:54.0065 0x21c8 iScsiPrt - ok
20:08:54.0097 0x21c8 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\System32\drivers\ISCTD64.sys
20:08:54.0143 0x21c8 ISCT - ok
20:08:54.0175 0x21c8 [ 2A676B190889ACEDF3AA8D64C269F8AF, 7830536B86BC4233AD4EDD30B6CDEFDCA3969BD53B970BAA6ADCE9C3B88B8593 ] ISCTAgent C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
20:08:54.0237 0x21c8 ISCTAgent - ok
20:08:54.0331 0x21c8 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
20:08:54.0378 0x21c8 iwdbus - ok
20:08:54.0409 0x21c8 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:08:54.0472 0x21c8 jhi_service - ok
20:08:54.0487 0x21c8 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
20:08:54.0534 0x21c8 kbdclass - ok
20:08:54.0550 0x21c8 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
20:08:54.0628 0x21c8 kbdhid - ok
20:08:54.0643 0x21c8 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
20:08:54.0706 0x21c8 kdnic - ok
20:08:54.0706 0x21c8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe
20:08:54.0753 0x21c8 KeyIso - ok
20:08:54.0784 0x21c8 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:08:54.0815 0x21c8 KSecDD - ok
20:08:54.0847 0x21c8 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:08:54.0893 0x21c8 KSecPkg - ok
20:08:54.0909 0x21c8 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:08:54.0956 0x21c8 ksthunk - ok
20:08:54.0987 0x21c8 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:08:55.0065 0x21c8 KtmRm - ok
20:08:55.0097 0x21c8 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\Windows\system32\srvsvc.dll
20:08:55.0159 0x21c8 LanmanServer - ok
20:08:55.0190 0x21c8 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:08:55.0237 0x21c8 LanmanWorkstation - ok
20:08:55.0300 0x21c8 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
20:08:55.0378 0x21c8 lfsvc - ok
20:08:55.0425 0x21c8 [ D97EF2EBB120EFA9E527C64B39073DD2, 18D0DED056FC76E9B3092135694ABB63D66A764B95A952A5810F0583DDEE9E10 ] LivedriveVSSService C:\Program Files (x86)\Knowhow Cloud\VSSService.exe
20:08:55.0472 0x21c8 LivedriveVSSService - ok
20:08:55.0503 0x21c8 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:08:55.0550 0x21c8 lltdio - ok
20:08:55.0581 0x21c8 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:08:55.0690 0x21c8 lltdsvc - ok
20:08:55.0722 0x21c8 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:08:55.0800 0x21c8 lmhosts - ok
20:08:55.0831 0x21c8 [ E2952760B05A256FB1412D20A41C89C1, B5AF47DF90D5DC8E6549DE1AFF897669E8200D08083D43DF86E34F6EE19C59DA ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:08:55.0909 0x21c8 LMS - ok
20:08:55.0940 0x21c8 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:08:56.0003 0x21c8 LSI_SAS - ok
20:08:56.0018 0x21c8 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:08:56.0097 0x21c8 LSI_SAS2 - ok
20:08:56.0097 0x21c8 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
20:08:56.0175 0x21c8 LSI_SAS3 - ok
20:08:56.0190 0x21c8 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
20:08:56.0253 0x21c8 LSI_SSS - ok
20:08:56.0284 0x21c8 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\Windows\System32\lsm.dll
20:08:56.0362 0x21c8 LSM - ok
20:08:56.0393 0x21c8 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
20:08:56.0440 0x21c8 luafv - ok
20:08:56.0472 0x21c8 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:08:56.0518 0x21c8 MBAMProtector - ok
20:08:56.0612 0x21c8 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
20:08:56.0706 0x21c8 MBAMScheduler - ok
20:08:56.0815 0x21c8 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
20:08:56.0878 0x21c8 MBAMService - ok
20:08:56.0909 0x21c8 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
20:08:56.0956 0x21c8 MBAMSwissArmy - ok
20:08:56.0988 0x21c8 [ 9D7BFFDB5FA62B600DF1FCB4919D9D79, B610B18E25366F56A785C1BECE0EC534C836FAB0DF13E0BC3AF7A626E6CD6A5F ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:08:57.0035 0x21c8 MBAMWebAccessControl - ok
20:08:57.0129 0x21c8 [ 2D94EFDD340BBD9DE7D5F627B298512D, A9DE485352616A37DFD32270BBB65CA15B34CF26394A9418A5182801569AEBCD ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
20:08:57.0176 0x21c8 McAfee SiteAdvisor Service - ok
20:08:57.0379 0x21c8 [ 58AF4DAF203910D68B6CBDC475B115F6, 0CED2FBED26C5E27DE0D04B2EF6D7FAF914DC3F0D8E6082E2EB773BFCF2E5848 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
20:08:57.0441 0x21c8 McAPExe - ok
20:08:57.0566 0x21c8 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
20:08:57.0676 0x21c8 McComponentHostService - ok
20:08:57.0957 0x21c8 [ BF9EB1361EF8D456AB15D5AC2765D860, 5A622F26203438BAF768EFAFCAFD78971E90EE6A0A9FC954FE8A68D5B4C9E9C9 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
20:08:58.0019 0x21c8 mccspsvc - ok
20:08:58.0129 0x21c8 [ 4D177347E5C667854DEF83FD31DCF4F0, D6352E703B900BF193A007AD28FE3E84A013257DDBB0BD9C4033A0093A60DB15 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:08:58.0176 0x21c8 McMPFSvc - ok
20:08:58.0238 0x21c8 [ 4D177347E5C667854DEF83FD31DCF4F0, D6352E703B900BF193A007AD28FE3E84A013257DDBB0BD9C4033A0093A60DB15 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:08:58.0301 0x21c8 McNaiAnn - ok
20:08:58.0410 0x21c8 [ 1C5C9D8507BF56AFB43BB45C127A2CDE, 40AEF1927936AF3D468071DC0C8ADF6D70281BDBE562B72B5BE01EA771E27026 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
20:08:58.0488 0x21c8 McODS - ok
20:08:58.0504 0x21c8 [ 4D177347E5C667854DEF83FD31DCF4F0, D6352E703B900BF193A007AD28FE3E84A013257DDBB0BD9C4033A0093A60DB15 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:08:58.0551 0x21c8 mcpltsvc - ok
20:08:58.0598 0x21c8 [ 4D177347E5C667854DEF83FD31DCF4F0, D6352E703B900BF193A007AD28FE3E84A013257DDBB0BD9C4033A0093A60DB15 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:08:58.0644 0x21c8 McProxy - ok
20:08:58.0676 0x21c8 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
20:08:58.0754 0x21c8 megasas - ok
20:08:58.0910 0x21c8 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
20:08:59.0004 0x21c8 megasr - ok
20:08:59.0035 0x21c8 [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
20:08:59.0082 0x21c8 MEIx64 - ok
20:08:59.0176 0x21c8 [ CCFBDC6ECB37E46C3E881FC5B47D9E55, DE179B348601353A2FC235FE594780AC23D0866746016F7106E5BC0A7658D473 ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
20:08:59.0238 0x21c8 mfeaack - ok
20:08:59.0316 0x21c8 [ AF2982B90302BA38B4A13FE9A8B76D59, 02B396F021B843689F90F251B294928890D009254E0EC4C173C618EC8A40C309 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
20:08:59.0379 0x21c8 mfeavfk - ok
20:08:59.0426 0x21c8 [ B769DCF1352342DD1B78872E5AABBBB4, 461B043812A38C19F342D8DABF22108CBD526C297DF82CA66EB31E4ED09640C3 ] mfedisk C:\Windows\system32\DRIVERS\mfedisk.sys
20:08:59.0707 0x21c8 mfedisk - ok
20:08:59.0769 0x21c8 [ 3D02D16DA0691570A7DD6467AFED91DF, 8E4477671035E8F66FA150AE77EC4578AEA09DC7DAD6E4D90B0F0627F1623FA3 ] mfeelamk C:\Windows\system32\drivers\mfeelamk.sys
20:08:59.0926 0x21c8 mfeelamk - ok
20:09:00.0019 0x21c8 [ A6CB0B8D8E2BEBC2F32F07495A02EB66, 2B256B5DD1E1DFDF3175F8EF086A7E21B5796B34FFE49053D273962879FC3D77 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:09:00.0082 0x21c8 mfefire - ok
20:09:00.0129 0x21c8 [ 2A152BDDDD1AA909F5A1AE89F1396967, 88C6B2C8E9E794E74DCF458E14CBD970801DFFD462D1E38346BC287461C23742 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
20:09:00.0207 0x21c8 mfefirek - ok
20:09:00.0254 0x21c8 [ 50FEBDEF35D15C6E1F89B6FF63811ACA, A476D51FB8809C44B26371539E7D394725D04C332F218248C2A0FC4A0AD2E4B0 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
20:09:00.0332 0x21c8 mfehidk - ok
20:09:00.0379 0x21c8 [ 7C0E73CAD85AA2C1AE8D496E759D8217, 597334F691F60F9EABDD9B6A2AEF9B63421478653F651FECE4F2C371B8C82A5A ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
20:09:00.0441 0x21c8 mfemms - ok
20:09:00.0535 0x21c8 [ AE9CBB952A1D3C3C224E4FF80B494D0F, C5A491B1F8BB01CD5B0516DD3D7268B2896CF507F323100564B95F65A3D8A81D ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
20:09:00.0613 0x21c8 mfencbdc - ok
20:09:00.0660 0x21c8 [ F0C01BB7DBF8581A0F20538BB0562D2A, D3754555D64BE68D71FF6FD81455CE538942043518F79058453BF8F7B2593061 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
20:09:00.0723 0x21c8 mfencrk - ok
20:09:00.0754 0x21c8 [ 75FC392C072468868CB715C20A4047EB, BFC58F060224EB69BFB12A62B4BE431961783E8E5E26AB26DC57F5468B14FA71 ] mfevtp C:\Windows\system32\mfevtps.exe
20:09:00.0816 0x21c8 mfevtp - ok
20:09:00.0863 0x21c8 [ 9F4A2B9536E6AF13E2F275C01CC0C9BB, 88E90F471AFB07DFD9E2B935F0BB43ADE2CFDDD482CF32BEF66D32BB59063B77 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
20:09:00.0926 0x21c8 mfewfpk - ok
20:09:01.0037 0x21c8 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll
20:09:01.0163 0x21c8 MMCSS - ok
20:09:01.0176 0x21c8 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
20:09:01.0270 0x21c8 Modem - ok
20:09:01.0317 0x21c8 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
20:09:01.0395 0x21c8 monitor - ok
20:09:01.0457 0x21c8 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\Windows\System32\drivers\mouclass.sys
20:09:01.0520 0x21c8 mouclass - ok
20:09:01.0535 0x21c8 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\Windows\System32\drivers\mouhid.sys
20:09:01.0598 0x21c8 mouhid - ok
20:09:01.0629 0x21c8 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:09:01.0692 0x21c8 mountmgr - ok
20:09:01.0817 0x21c8 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:09:01.0942 0x21c8 MozillaMaintenance - ok
20:09:01.0973 0x21c8 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:09:02.0067 0x21c8 mpsdrv - ok
20:09:02.0160 0x21c8 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:09:02.0254 0x21c8 MpsSvc - ok
20:09:02.0379 0x21c8 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:09:02.0457 0x21c8 MRxDAV - ok
20:09:02.0598 0x21c8 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:09:02.0676 0x21c8 mrxsmb - ok
20:09:02.0817 0x21c8 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:09:02.0895 0x21c8 mrxsmb10 - ok
20:09:03.0006 0x21c8 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:09:03.0084 0x21c8 mrxsmb20 - ok
20:09:03.0100 0x21c8 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
20:09:03.0193 0x21c8 MsBridge - ok
20:09:03.0256 0x21c8 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe
20:09:03.0350 0x21c8 MSDTC - ok
20:09:03.0396 0x21c8 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:09:03.0475 0x21c8 Msfs - ok
20:09:03.0490 0x21c8 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
20:09:03.0568 0x21c8 msgpiowin32 - ok
20:09:03.0568 0x21c8 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:09:03.0662 0x21c8 mshidkmdf - ok
20:09:03.0693 0x21c8 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
20:09:03.0771 0x21c8 mshidumdf - ok
20:09:03.0787 0x21c8 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:09:03.0834 0x21c8 msisadrv - ok
20:09:03.0881 0x21c8 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:09:03.0959 0x21c8 MSiSCSI - ok
20:09:03.0975 0x21c8 msiserver - ok
20:09:03.0990 0x21c8 [ 4D177347E5C667854DEF83FD31DCF4F0, D6352E703B900BF193A007AD28FE3E84A013257DDBB0BD9C4033A0093A60DB15 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:09:04.0053 0x21c8 MSK80Service - ok
20:09:04.0084 0x21c8 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:09:04.0162 0x21c8 MSKSSRV - ok
20:09:04.0178 0x21c8 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
20:09:04.0271 0x21c8 MsLldp - ok
20:09:04.0271 0x21c8 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:09:04.0334 0x21c8 MSPCLOCK - ok
20:09:04.0350 0x21c8 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:09:04.0396 0x21c8 MSPQM - ok
20:09:04.0428 0x21c8 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:09:04.0475 0x21c8 MsRPC - ok
20:09:04.0506 0x21c8 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
20:09:04.0537 0x21c8 mssmbios - ok
20:09:04.0553 0x21c8 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:09:04.0615 0x21c8 MSTEE - ok
20:09:04.0615 0x21c8 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
20:09:04.0678 0x21c8 MTConfig - ok
20:09:04.0693 0x21c8 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
20:09:04.0740 0x21c8 Mup - ok
20:09:04.0756 0x21c8 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
20:09:04.0803 0x21c8 mvumis - ok
20:09:04.0850 0x21c8 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll
20:09:04.0928 0x21c8 napagent - ok
20:09:04.0959 0x21c8 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:09:05.0022 0x21c8 NativeWifiP - ok
20:09:05.0053 0x21c8 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll
20:09:05.0116 0x21c8 NcaSvc - ok
20:09:05.0131 0x21c8 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll
20:09:05.0194 0x21c8 NcbService - ok
20:09:05.0221 0x21c8 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
20:09:05.0284 0x21c8 NcdAutoSetup - ok
20:09:05.0315 0x21c8 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:09:05.0393 0x21c8 NDIS - ok
20:09:05.0409 0x21c8 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:09:05.0487 0x21c8 NdisCap - ok
20:09:05.0503 0x21c8 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:09:05.0581 0x21c8 NdisImPlatform - ok
20:09:05.0596 0x21c8 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:09:05.0674 0x21c8 NdisTapi - ok
20:09:05.0690 0x21c8 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:09:05.0737 0x21c8 Ndisuio - ok
20:09:05.0753 0x21c8 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
20:09:05.0799 0x21c8 NdisVirtualBus - ok
20:09:05.0815 0x21c8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:09:05.0878 0x21c8 NdisWan - ok
20:09:05.0878 0x21c8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
20:09:05.0940 0x21c8 NdisWanLegacy - ok
20:09:05.0940 0x21c8 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:09:06.0018 0x21c8 NDProxy - ok
20:09:06.0034 0x21c8 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys
20:09:06.0081 0x21c8 Ndu - ok
20:09:06.0112 0x21c8 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:09:06.0159 0x21c8 NetBIOS - ok
20:09:06.0174 0x21c8 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:09:06.0237 0x21c8 NetBT - ok
20:09:06.0253 0x21c8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe
20:09:06.0299 0x21c8 Netlogon - ok
20:09:06.0331 0x21c8 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll
20:09:06.0393 0x21c8 Netman - ok
20:09:06.0409 0x21c8 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll
20:09:06.0471 0x21c8 netprofm - ok
20:09:06.0518 0x21c8 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:09:06.0596 0x21c8 NetTcpPortSharing - ok
20:09:06.0612 0x21c8 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys
20:09:06.0690 0x21c8 netvsc - ok
20:09:06.0768 0x21c8 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
20:09:06.0831 0x21c8 NlaSvc - ok
20:09:06.0846 0x21c8 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:09:06.0909 0x21c8 Npfs - ok
20:09:06.0924 0x21c8 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
20:09:06.0987 0x21c8 npsvctrig - ok
20:09:07.0051 0x21c8 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll
20:09:07.0098 0x21c8 nsi - ok
20:09:07.0113 0x21c8 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:09:07.0160 0x21c8 nsiproxy - ok
20:09:07.0254 0x21c8 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:09:07.0348 0x21c8 Ntfs - ok
20:09:07.0410 0x21c8 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
20:09:07.0457 0x21c8 Null - ok
20:09:07.0473 0x21c8 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:09:07.0535 0x21c8 nvraid - ok
20:09:07.0535 0x21c8 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:09:07.0613 0x21c8 nvstor - ok
20:09:07.0613 0x21c8 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:09:07.0676 0x21c8 nv_agp - ok
20:09:07.0738 0x21c8 [ 8DD366F3B9F16ED722A6A66D956DA27F, 3A61B3D7B0D60CAA801FFDA086BFDDCF9C820CB11114DC60FDC9B30F828CC04F ] omniserv C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
20:09:07.0785 0x21c8 omniserv - detected UnsignedFile.Multi.Generic ( 1 )
20:09:10.0458 0x21c8 Detect skipped due to KSN trusted
20:09:10.0458 0x21c8 omniserv - ok
20:09:10.0505 0x21c8 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:09:10.0599 0x21c8 ose - ok
20:09:10.0646 0x21c8 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:09:10.0755 0x21c8 p2pimsvc - ok
20:09:10.0849 0x21c8 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll
20:09:10.0958 0x21c8 p2psvc - ok
20:09:11.0021 0x21c8 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
20:09:11.0130 0x21c8 Parport - ok
20:09:11.0161 0x21c8 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:09:11.0224 0x21c8 partmgr - ok
20:09:11.0411 0x21c8 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:09:11.0474 0x21c8 PcaSvc - ok
20:09:11.0599 0x21c8 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
20:09:11.0677 0x21c8 pci - ok
20:09:11.0708 0x21c8 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
20:09:11.0786 0x21c8 pciide - ok
20:09:11.0849 0x21c8 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:09:11.0911 0x21c8 pcmcia - ok
20:09:11.0943 0x21c8 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
20:09:12.0005 0x21c8 pcw - ok
20:09:12.0052 0x21c8 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
20:09:12.0099 0x21c8 pdc - ok
20:09:12.0161 0x21c8 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:09:12.0255 0x21c8 PEAUTH - ok
20:09:12.0505 0x21c8 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:09:12.0630 0x21c8 PerfHost - ok
20:09:13.0115 0x21c8 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll
20:09:13.0256 0x21c8 pla - ok
20:09:13.0303 0x21c8 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:09:13.0349 0x21c8 PlugPlay - ok
20:09:13.0381 0x21c8 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:09:13.0459 0x21c8 PNRPAutoReg - ok
20:09:13.0490 0x21c8 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:09:13.0537 0x21c8 PNRPsvc - ok
20:09:13.0599 0x21c8 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:09:13.0646 0x21c8 PolicyAgent - ok
20:09:13.0693 0x21c8 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll
20:09:13.0756 0x21c8 Power - ok
20:09:13.0787 0x21c8 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:09:13.0849 0x21c8 PptpMiniport - ok
20:09:13.0990 0x21c8 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:09:14.0115 0x21c8 PrintNotify - ok
20:09:14.0146 0x21c8 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
20:09:14.0209 0x21c8 Processor - ok
20:09:14.0271 0x21c8 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\Windows\system32\profsvc.dll
20:09:14.0334 0x21c8 ProfSvc - ok
20:09:14.0349 0x21c8 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:09:14.0428 0x21c8 Psched - ok
20:09:14.0490 0x21c8 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll
20:09:14.0599 0x21c8 QWAVE - ok
20:09:14.0615 0x21c8 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:09:14.0709 0x21c8 QWAVEdrv - ok
20:09:14.0849 0x21c8 [ 898A05859D60BFCDF332139E2323EDBE, D67AE9D0DFCA909A63A61D859931AF8AF839231DEA728A854A83980740313A2B ] RapportCerberus_80120 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys
20:09:14.0912 0x21c8 RapportCerberus_80120 - ok
20:09:14.0974 0x21c8 [ 22FD13465C2AE76DE4D78157F01A4B5E, C092B8173297C5DF9ABEF3CB324D87F5CB4F17B8572E70C7435B5A8503284288 ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
20:09:15.0037 0x21c8 RapportEI64 - ok
20:09:15.0099 0x21c8 [ 85BCAE39373E13146FE2D95F1B52B722, 85DD74CFBC6EF0C23474EB441FAC2703E5D1CBDF6BD883D377960AEB822D86BC ] RapportHades64 C:\Windows\system32\Drivers\RapportHades64.sys
20:09:15.0162 0x21c8 RapportHades64 - ok
20:09:15.0193 0x21c8 [ C1E0A0D5C58E2B8FEEA078B61B333267, 9B0E61FF52E0FD028438A73227FBD796813EFF5372540503CA31CF7EBF628E1F ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys
20:09:15.0553 0x21c8 RapportKE64 - ok
20:09:15.0615 0x21c8 [ 3087F0E56E57BB37EFA299372C22417C, 29F27AB11E4B908429A317866AE058AB5819F314CFCBF1BF06FE8DE13BB08E12 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
20:09:15.0709 0x21c8 RapportMgmtService - ok
20:09:15.0740 0x21c8 [ 9A800ADA67F2CA1D8D99087CA28E32BA, 09B4BDFE61431043626967E3BF60EDF0B5E11A9965005ED7E8F77B839E0E4395 ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
20:09:15.0787 0x21c8 RapportPG64 - ok
20:09:15.0803 0x21c8 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:09:15.0881 0x21c8 RasAcd - ok
20:09:15.0912 0x21c8 [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:09:15.0990 0x21c8 RasAgileVpn - ok
20:09:16.0038 0x21c8 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll
20:09:16.0100 0x21c8 RasAuto - ok
20:09:16.0116 0x21c8 [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:09:16.0194 0x21c8 Rasl2tp - ok
20:09:16.0225 0x21c8 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\Windows\System32\rasmans.dll
20:09:16.0319 0x21c8 RasMan - ok
20:09:16.0319 0x21c8 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:09:16.0397 0x21c8 RasPppoe - ok
20:09:16.0413 0x21c8 [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:09:16.0491 0x21c8 RasSstp - ok
20:09:16.0506 0x21c8 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:09:16.0600 0x21c8 rdbss - ok
20:09:16.0631 0x21c8 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
20:09:16.0725 0x21c8 rdpbus - ok
20:09:16.0772 0x21c8 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:09:16.0897 0x21c8 RDPDR - ok
20:09:16.0928 0x21c8 [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:09:16.0991 0x21c8 RdpVideoMiniport - ok
20:09:17.0038 0x21c8 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:09:17.0100 0x21c8 rdyboost - ok
20:09:17.0147 0x21c8 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\Windows\system32\drivers\ReFS.sys
20:09:17.0241 0x21c8 ReFS - ok
20:09:17.0303 0x21c8 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:09:17.0397 0x21c8 RemoteAccess - ok
20:09:17.0428 0x21c8 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:09:17.0522 0x21c8 RemoteRegistry - ok
20:09:17.0569 0x21c8 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
20:09:17.0647 0x21c8 RFCOMM - ok
20:09:17.0803 0x21c8 [ 9E18DF158751CF968E7DF83256D70233, 89385DA5ABD283F289E37D7D9E33358B06216E9B3659B2E70F19FD5BA49C7F90 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
20:09:17.0881 0x21c8 RichVideo64 - ok
20:09:17.0913 0x21c8 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:09:17.0975 0x21c8 RpcEptMapper - ok
20:09:18.0022 0x21c8 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe
20:09:18.0116 0x21c8 RpcLocator - ok
20:09:18.0178 0x21c8 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\Windows\system32\rpcss.dll
20:09:18.0256 0x21c8 RpcSs - ok
20:09:18.0288 0x21c8 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:09:18.0350 0x21c8 rspndr - ok
20:09:18.0366 0x21c8 [ E8384111FDD1FC2D39FD114A50F79A84, AB8BC4251C2B1AFF3B890001CB9EAB905659EA0BEFEFB1F2126E10748196496D ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
20:09:18.0428 0x21c8 RSUSBSTOR - ok
20:09:18.0444 0x21c8 [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
20:09:18.0506 0x21c8 RSUSBVSTOR - ok
20:09:18.0569 0x21c8 [ B85642BE0761159B63CFFC137384E17F, ACB04AC581EE475543AEA3003E3643DC2A007C4D3F1831C120F1D07BDAFF2FA4 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
20:09:18.0631 0x21c8 RtkAudioService - ok
20:09:18.0678 0x21c8 [ DEA74D1F57060D5FAC135B1FBEB010CC, CCF0ED53231424CA877916F79FBF95AD3BB12156D1E091D24F1CB1F5664E16E6 ] RtkBtFilter C:\Windows\system32\DRIVERS\RtkBtfilter.sys
20:09:18.0725 0x21c8 RtkBtFilter - ok
20:09:18.0803 0x21c8 [ 48E042D6AAB285409AF06200966EA655, 64FD4305C4EBEC25AA7BC2058952BCB79DB0A054CF46F2413CC54FB1E550D5F4 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
20:09:18.0850 0x21c8 RTL8168 - ok
20:09:18.0960 0x21c8 [ 8BA5B85E22F551A414DF792F66C4BF80, E5C2A481A25AD80637D83040E67172CD75627CA6C127155728995C17FE6D778E ] RTWlanE C:\Windows\system32\DRIVERS\rtwlane.sys
20:09:19.0056 0x21c8 RTWlanE - ok
20:09:19.0103 0x21c8 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
20:09:19.0166 0x21c8 s3cap - ok
20:09:19.0197 0x21c8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe
20:09:19.0244 0x21c8 SamSs - ok
20:09:19.0275 0x21c8 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:09:19.0338 0x21c8 sbp2port - ok
20:09:19.0369 0x21c8 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:09:19.0447 0x21c8 SCardSvr - ok
20:09:19.0463 0x21c8 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
20:09:19.0525 0x21c8 ScDeviceEnum - ok
20:09:19.0541 0x21c8 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:09:19.0619 0x21c8 scfilter - ok
20:09:19.0869 0x21c8 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\Windows\system32\schedsvc.dll
20:09:19.0963 0x21c8 Schedule - ok
20:09:20.0010 0x21c8 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:09:20.0088 0x21c8 SCPolicySvc - ok
20:09:20.0135 0x21c8 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\Windows\System32\drivers\sdbus.sys
20:09:20.0244 0x21c8 sdbus - ok
20:09:20.0275 0x21c8 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
20:09:20.0338 0x21c8 sdstor - ok
20:09:20.0369 0x21c8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:09:20.0416 0x21c8 secdrv - ok
20:09:20.0447 0x21c8 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll
20:09:20.0510 0x21c8 seclogon - ok
20:09:20.0525 0x21c8 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll
20:09:20.0588 0x21c8 SENS - ok
20:09:20.0603 0x21c8 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:09:20.0697 0x21c8 SensrSvc - ok
20:09:20.0713 0x21c8 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
20:09:20.0775 0x21c8 SerCx - ok
20:09:20.0775 0x21c8 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
20:09:20.0838 0x21c8 SerCx2 - ok
20:09:20.0853 0x21c8 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
20:09:20.0916 0x21c8 Serenum - ok
20:09:20.0947 0x21c8 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
20:09:21.0027 0x21c8 Serial - ok
20:09:21.0029 0x21c8 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\Windows\System32\drivers\sermouse.sys
20:09:21.0092 0x21c8 sermouse - ok
20:09:21.0482 0x21c8 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\Windows\system32\sessenv.dll
20:09:21.0592 0x21c8 SessionEnv - ok
20:09:21.0607 0x21c8 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
20:09:21.0701 0x21c8 sfloppy - ok
20:09:21.0748 0x21c8 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:09:21.0873 0x21c8 SharedAccess - ok
20:09:21.0920 0x21c8 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:09:22.0014 0x21c8 ShellHWDetection - ok
20:09:22.0046 0x21c8 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:09:22.0124 0x21c8 SiSRaid2 - ok
20:09:22.0124 0x21c8 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:09:22.0233 0x21c8 SiSRaid4 - ok
20:09:22.0296 0x21c8 [ C73F57BF4B8CF29794F9FBC9B4AF3494, C7A01C1B3E77D8C84F5C2C3AEF42B9F548E3C41A091C2F826BBF82DEA54097FA ] SmbDrv C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
20:09:22.0390 0x21c8 SmbDrv - ok
20:09:22.0405 0x21c8 [ 6FDAA9A447D56E264B4C54B3ADCA4A7D, 9051A0E3E24AB0DA8C95AF556EFBF03B58916DF1BCA9D32E272E58621A18E71A ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
20:09:22.0468 0x21c8 SmbDrvI - ok
20:09:22.0499 0x21c8 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll
20:09:22.0640 0x21c8 smphost - ok
20:09:22.0686 0x21c8 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:09:22.0811 0x21c8 SNMPTRAP - ok
20:09:22.0874 0x21c8 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\Windows\system32\drivers\spaceport.sys
20:09:22.0921 0x21c8 spaceport - ok
20:09:22.0936 0x21c8 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
20:09:22.0999 0x21c8 SpbCx - ok
20:09:23.0046 0x21c8 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\Windows\System32\spoolsv.exe
20:09:23.0124 0x21c8 Spooler - ok
20:09:23.0390 0x21c8 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
20:09:23.0562 0x21c8 sppsvc - ok
20:09:23.0593 0x21c8 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:09:23.0655 0x21c8 srv - ok
20:09:23.0702 0x21c8 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:09:23.0780 0x21c8 srv2 - ok
20:09:23.0890 0x21c8 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:09:23.0968 0x21c8 srvnet - ok
20:09:24.0093 0x21c8 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:09:24.0155 0x21c8 SSDPSRV - ok
20:09:24.0249 0x21c8 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:09:24.0343 0x21c8 SstpSvc - ok
20:09:24.0437 0x21c8 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:09:24.0530 0x21c8 stexstor - ok
20:09:24.0687 0x21c8 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll
20:09:24.0827 0x21c8 stisvc - ok
20:09:24.0921 0x21c8 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
20:09:25.0015 0x21c8 storahci - ok
20:09:25.0062 0x21c8 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
20:09:25.0140 0x21c8 storflt - ok
20:09:25.0202 0x21c8 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
20:09:25.0296 0x21c8 stornvme - ok
20:09:25.0343 0x21c8 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll
20:09:25.0497 0x21c8 StorSvc - ok
20:09:25.0497 0x21c8 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:09:25.0591 0x21c8 storvsc - ok
20:09:25.0606 0x21c8 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll
20:09:25.0731 0x21c8 svsvc - ok
20:09:25.0747 0x21c8 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys
20:09:25.0810 0x21c8 swenum - ok
20:09:26.0028 0x21c8 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\Windows\System32\swprv.dll
20:09:26.0138 0x21c8 swprv - ok
20:09:26.0388 0x21c8 [ 1646B613BD2ABAB87448DED453B104AE, 74CCD4EA332E8CBF9B1E28F52146A76694CB9A2ECA76A4B0F8468CF9CFF27061 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:09:26.0450 0x21c8 SynTP - ok
20:09:26.0497 0x21c8 [ 03DC62FC26B8237EE13194528E454FBF, CBC2F9D0A7D7E396A5304C8A8463D2523F1226BF6D335307CB813903905BE5D6 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
20:09:26.0544 0x21c8 SynTPEnhService - ok
20:09:26.0606 0x21c8 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\Windows\system32\sysmain.dll
20:09:26.0700 0x21c8 SysMain - ok
20:09:26.0731 0x21c8 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:09:26.0794 0x21c8 SystemEventsBroker - ok
20:09:26.0810 0x21c8 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
20:09:26.0888 0x21c8 TabletInputService - ok
20:09:26.0903 0x21c8 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:09:26.0981 0x21c8 TapiSrv - ok
20:09:27.0061 0x21c8 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:09:27.0155 0x21c8 Tcpip - ok
20:09:27.0218 0x21c8 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:09:27.0311 0x21c8 TCPIP6 - ok
20:09:27.0343 0x21c8 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:09:27.0405 0x21c8 tcpipreg - ok
20:09:27.0436 0x21c8 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:09:27.0489 0x21c8 tdx - ok
20:09:27.0504 0x21c8 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
20:09:27.0583 0x21c8 terminpt - ok
20:09:27.0770 0x21c8 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\Windows\System32\termsrv.dll
20:09:27.0942 0x21c8 TermService - ok
20:09:28.0004 0x21c8 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll
20:09:28.0083 0x21c8 Themes - ok
20:09:28.0129 0x21c8 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll
20:09:28.0208 0x21c8 THREADORDER - ok
20:09:28.0239 0x21c8 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
20:09:28.0333 0x21c8 TimeBroker - ok
20:09:28.0458 0x21c8 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
20:09:28.0551 0x21c8 TPM - ok
20:09:28.0629 0x21c8 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll
20:09:28.0708 0x21c8 TrkWks - ok
20:09:28.0770 0x21c8 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:09:28.0864 0x21c8 TrustedInstaller - ok
20:09:28.0879 0x21c8 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:09:28.0989 0x21c8 TsUsbFlt - ok
20:09:28.0989 0x21c8 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
20:09:29.0052 0x21c8 TsUsbGD - ok
20:09:29.0067 0x21c8 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:09:29.0130 0x21c8 tunnel - ok
20:09:29.0130 0x21c8 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:09:29.0208 0x21c8 uagp35 - ok
20:09:29.0270 0x21c8 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
20:09:29.0333 0x21c8 UASPStor - ok
20:09:29.0364 0x21c8 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
20:09:29.0411 0x21c8 UCX01000 - ok
20:09:29.0458 0x21c8 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:09:29.0528 0x21c8 udfs - ok
20:09:29.0543 0x21c8 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
20:09:29.0590 0x21c8 UEFI - ok
20:09:29.0622 0x21c8 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:09:29.0715 0x21c8 UI0Detect - ok
20:09:29.0731 0x21c8 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:09:29.0778 0x21c8 uliagpkx - ok
20:09:29.0809 0x21c8 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
20:09:29.0856 0x21c8 umbus - ok
20:09:29.0872 0x21c8 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
20:09:29.0934 0x21c8 UmPass - ok
20:09:29.0965 0x21c8 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll
20:09:30.0028 0x21c8 UmRdpService - ok
20:09:30.0200 0x21c8 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll
20:09:30.0293 0x21c8 upnphost - ok
20:09:30.0340 0x21c8 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
20:09:30.0434 0x21c8 USBAAPL64 - ok
20:09:30.0543 0x21c8 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
20:09:30.0622 0x21c8 usbccgp - ok
20:09:30.0668 0x21c8 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys
20:09:30.0793 0x21c8 usbcir - ok
20:09:30.0840 0x21c8 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
20:09:30.0903 0x21c8 usbehci - ok
20:09:31.0090 0x21c8 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
20:09:31.0153 0x21c8 usbhub - ok
20:09:31.0200 0x21c8 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
20:09:31.0247 0x21c8 USBHUB3 - ok
20:09:31.0278 0x21c8 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
20:09:31.0356 0x21c8 usbohci - ok
20:09:31.0387 0x21c8 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
20:09:31.0450 0x21c8 usbprint - ok
20:09:31.0481 0x21c8 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
20:09:31.0544 0x21c8 USBSTOR - ok
20:09:31.0590 0x21c8 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
20:09:31.0669 0x21c8 usbuhci - ok
20:09:31.0700 0x21c8 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:09:31.0747 0x21c8 usbvideo - ok
20:09:31.0762 0x21c8 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
20:09:31.0825 0x21c8 USBXHCI - ok
20:09:31.0840 0x21c8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe
20:09:31.0887 0x21c8 VaultSvc - ok
20:09:31.0903 0x21c8 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:09:31.0950 0x21c8 vdrvroot - ok
20:09:31.0997 0x21c8 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\Windows\System32\vds.exe
20:09:32.0106 0x21c8 vds - ok
20:09:32.0137 0x21c8 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
20:09:32.0200 0x21c8 VerifierExt - ok
20:09:32.0231 0x21c8 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
20:09:32.0309 0x21c8 vhdmp - ok
20:09:32.0325 0x21c8 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
20:09:32.0387 0x21c8 viaide - ok
20:09:32.0387 0x21c8 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:09:32.0450 0x21c8 vmbus - ok
20:09:32.0450 0x21c8 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
20:09:32.0529 0x21c8 VMBusHID - ok
20:09:32.0564 0x21c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
20:09:32.0642 0x21c8 vmicguestinterface - ok
20:09:32.0642 0x21c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
20:09:32.0704 0x21c8 vmicheartbeat - ok
20:09:32.0720 0x21c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:09:32.0782 0x21c8 vmickvpexchange - ok
20:09:32.0798 0x21c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll
20:09:32.0861 0x21c8 vmicrdv - ok
20:09:32.0861 0x21c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll
20:09:32.0923 0x21c8 vmicshutdown - ok
20:09:32.0939 0x21c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll
20:09:33.0001 0x21c8 vmictimesync - ok
20:09:33.0017 0x21c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll
20:09:33.0064 0x21c8 vmicvss - ok
20:09:33.0079 0x21c8 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:09:33.0142 0x21c8 volmgr - ok
20:09:33.0157 0x21c8 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:09:33.0220 0x21c8 volmgrx - ok
20:09:33.0251 0x21c8 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:09:33.0298 0x21c8 volsnap - ok
20:09:33.0314 0x21c8 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys
20:09:33.0376 0x21c8 vpci - ok
20:09:33.0407 0x21c8 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:09:33.0470 0x21c8 vsmraid - ok
20:09:33.0517 0x21c8 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\Windows\system32\vssvc.exe
20:09:33.0595 0x21c8 VSS - ok
20:09:33.0626 0x21c8 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
20:09:33.0689 0x21c8 VSTXRAID - ok
20:09:33.0736 0x21c8 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:09:33.0798 0x21c8 vwifibus - ok
20:09:33.0829 0x21c8 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:09:33.0876 0x21c8 vwififlt - ok
20:09:33.0907 0x21c8 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:09:33.0954 0x21c8 vwifimp - ok
20:09:34.0001 0x21c8 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll
20:09:34.0064 0x21c8 W32Time - ok
20:09:34.0236 0x21c8 [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc C:\Windows\system32\inetsrv\w3logsvc.dll
20:09:34.0345 0x21c8 w3logsvc - ok
20:09:34.0345 0x21c8 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
20:09:34.0439 0x21c8 WacomPen - ok
20:09:34.0486 0x21c8 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:09:34.0548 0x21c8 Wanarp - ok
20:09:34.0564 0x21c8 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:09:34.0626 0x21c8 Wanarpv6 - ok
20:09:34.0798 0x21c8 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
20:09:34.0970 0x21c8 WAS - ok
20:09:35.0064 0x21c8 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\Windows\system32\wbengine.exe
20:09:35.0220 0x21c8 wbengine - ok
20:09:35.0423 0x21c8 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:09:35.0533 0x21c8 WbioSrvc - ok
20:09:35.0783 0x21c8 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
20:09:35.0845 0x21c8 Wcmsvc - ok
20:09:35.0970 0x21c8 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:09:36.0033 0x21c8 wcncsvc - ok
20:09:36.0048 0x21c8 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:09:36.0128 0x21c8 WcsPlugInService - ok
20:09:36.0144 0x21c8 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
20:09:36.0206 0x21c8 WdBoot - ok
20:09:36.0238 0x21c8 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:09:36.0316 0x21c8 Wdf01000 - ok
20:09:36.0331 0x21c8 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
20:09:36.0394 0x21c8 WdFilter - ok
20:09:36.0409 0x21c8 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:09:36.0472 0x21c8 WdiServiceHost - ok
20:09:36.0472 0x21c8 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:09:36.0534 0x21c8 WdiSystemHost - ok
20:09:36.0550 0x21c8 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
20:09:36.0613 0x21c8 WdNisDrv - ok
20:09:36.0644 0x21c8 WdNisSvc - ok
20:09:36.0675 0x21c8 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\Windows\System32\webclnt.dll
20:09:36.0753 0x21c8 WebClient - ok
20:09:36.0784 0x21c8 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll
20:09:36.0847 0x21c8 Wecsvc - ok
20:09:36.0878 0x21c8 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
20:09:36.0956 0x21c8 WEPHOSTSVC - ok
20:09:36.0956 0x21c8 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:09:37.0019 0x21c8 wercplsupport - ok
20:09:37.0081 0x21c8 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\Windows\System32\WerSvc.dll
20:09:37.0144 0x21c8 WerSvc - ok
20:09:37.0253 0x21c8 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
20:09:37.0316 0x21c8 WFPLWFS - ok
20:09:37.0331 0x21c8 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll
20:09:37.0410 0x21c8 WiaRpc - ok
20:09:37.0441 0x21c8 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:09:37.0519 0x21c8 WIMMount - ok
20:09:37.0519 0x21c8 WinDefend - ok
20:09:37.0581 0x21c8 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:09:37.0691 0x21c8 WinHttpAutoProxySvc - ok
20:09:37.0785 0x21c8 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:09:37.0941 0x21c8 Winmgmt - ok
20:09:38.0269 0x21c8 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\Windows\system32\WsmSvc.dll
20:09:38.0457 0x21c8 WinRM - ok
20:09:38.0550 0x21c8 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:09:38.0660 0x21c8 WinUsb - ok
20:09:38.0691 0x21c8 [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
20:09:38.0769 0x21c8 WirelessButtonDriver - ok
20:09:38.0972 0x21c8 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\Windows\System32\wlansvc.dll
20:09:39.0066 0x21c8 WlanSvc - ok
20:09:39.0488 0x21c8 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\Windows\system32\wlidsvc.dll
20:09:39.0613 0x21c8 wlidsvc - ok
20:09:39.0634 0x21c8 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
20:09:39.0712 0x21c8 WmiAcpi - ok
20:09:39.0806 0x21c8 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:09:39.0900 0x21c8 wmiApSrv - ok
20:09:39.0931 0x21c8 WMPNetworkSvc - ok
20:09:40.0025 0x21c8 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
20:09:40.0103 0x21c8 Wof - ok
20:09:40.0337 0x21c8 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
20:09:40.0446 0x21c8 workfolderssvc - ok
20:09:40.0478 0x21c8 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
20:09:40.0540 0x21c8 wpcfltr - ok
20:09:40.0571 0x21c8 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:09:40.0650 0x21c8 WPCSvc - ok
20:09:40.0681 0x21c8 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:09:40.0775 0x21c8 WPDBusEnum - ok
20:09:40.0806 0x21c8 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
20:09:40.0868 0x21c8 WpdUpFltr - ok
20:09:40.0884 0x21c8 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:09:40.0962 0x21c8 ws2ifsl - ok
20:09:40.0993 0x21c8 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\Windows\System32\wscsvc.dll
20:09:41.0040 0x21c8 wscsvc - ok
20:09:41.0056 0x21c8 WSearch - ok
20:09:41.0385 0x21c8 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\Windows\System32\WSService.dll
20:09:41.0542 0x21c8 WSService - ok
20:09:41.0667 0x21c8 [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\Windows\system32\wuaueng.dll
20:09:41.0792 0x21c8 wuauserv - ok
20:09:41.0823 0x21c8 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:09:41.0885 0x21c8 WudfPf - ok
20:09:41.0901 0x21c8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
20:09:41.0979 0x21c8 WUDFRd - ok
20:09:42.0104 0x21c8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\Windows\system32\DRIVERS\WUDFRd.sys
20:09:42.0167 0x21c8 WUDFSensorLP - ok
20:09:42.0198 0x21c8 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:09:42.0260 0x21c8 wudfsvc - ok
20:09:42.0276 0x21c8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
20:09:42.0339 0x21c8 WUDFWpdFs - ok
20:09:42.0370 0x21c8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
20:09:42.0432 0x21c8 WUDFWpdMtp - ok
20:09:42.0573 0x21c8 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll
20:09:42.0698 0x21c8 WwanSvc - ok
20:09:42.0714 0x21c8 ================ Scan global ===============================
20:09:42.0807 0x21c8 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
20:09:42.0979 0x21c8 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
20:09:43.0057 0x21c8 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
20:09:43.0245 0x21c8 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe
20:09:43.0260 0x21c8 [ Global ] - ok
20:09:43.0260 0x21c8 ================ Scan MBR ==================================
20:09:43.0276 0x21c8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:09:43.0526 0x21c8 \Device\Harddisk0\DR0 - ok
20:09:43.0526 0x21c8 ================ Scan VBR ==================================
20:09:43.0557 0x21c8 [ 6B811D14436F7A1C9C4F2F5EFB9C436D ] \Device\Harddisk0\DR0\Partition1
20:09:43.0678 0x21c8 \Device\Harddisk0\DR0\Partition1 - ok
20:09:43.0725 0x21c8 [ 394475A8F652C037BEF985CEDD85154B ] \Device\Harddisk0\DR0\Partition2
20:09:43.0787 0x21c8 \Device\Harddisk0\DR0\Partition2 - ok
20:09:43.0834 0x21c8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
20:09:43.0865 0x21c8 \Device\Harddisk0\DR0\Partition3 - ok
20:09:43.0912 0x21c8 [ D87E47DCAA5F669F9DDA4C580E3B238D ] \Device\Harddisk0\DR0\Partition4
20:09:44.0146 0x21c8 \Device\Harddisk0\DR0\Partition4 - ok
20:09:44.0162 0x21c8 [ 65D84FC70580168CEC61B73B40A5DF26 ] \Device\Harddisk0\DR0\Partition5
20:09:44.0256 0x21c8 \Device\Harddisk0\DR0\Partition5 - ok
20:09:44.0271 0x21c8 ================ Scan generic autorun ======================
20:09:45.0115 0x21c8 [ 567690D78D43BE2C19BA73C47923A189, E0E20075559438A9AC152D2DAEFE3E1689DBE7345FB2CB584624E5C0892F5D86 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:09:45.0334 0x21c8 RTHDVCPL - ok
20:09:46.0209 0x21c8 [ DE9938F17D9B173B1CA83E218F03CCC0, BC007746535036743640A17E4AB495114F1370A7522BA6391309266C0B7789A2 ] C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
20:09:46.0350 0x21c8 SimplePass - ok
20:09:46.0537 0x21c8 [ 9159063E3EF84A832DB5251447BACE9C, EE1DD20A5176816F484DD6945674750F43EC37B13355815FD20459097028EAA5 ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
20:09:46.0615 0x21c8 OPBHOBroker - ok
20:09:46.0756 0x21c8 [ AC382EA1AA21E592C808E46D95E6533D, B2941B6AAB48C245B47E94C74F0A1149A66428586ED3747C74C45BBFDA03741E ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
20:09:46.0834 0x21c8 OPBHOBrokerDesktop - ok
20:09:46.0834 0x21c8 SynTPEnh - ok
20:09:47.0006 0x21c8 [ FF0FAB199882C00D6DC54CA035865C49, BF4D65D96F8DC0057042C2A4B70106D156B0D13C75839935BC9051089363C495 ] C:\Program Files\iTunes\iTunesHelper.exe
20:09:47.0068 0x21c8 iTunesHelper - ok
20:09:47.0539 0x21c8 [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
20:09:47.0602 0x21c8 NCPluginUpdater - ok
20:09:47.0758 0x21c8 [ FD8635F0976F6538C43CD306AF4A3BE5, 6108A2B39DEF7947317F2BEC881153939A1122391AEEE85356C3915AF2FFE9AC ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
20:09:47.0805 0x21c8 AccelerometerSysTrayApplet - ok
20:09:48.0102 0x21c8 [ 11CCDCD09C074DE0B85C5C06BDD7E9BD, DEDE1FA3F1921FDF60447C42DD18B53510FDCD51DBCFF1DF57A6ABFB2888D75D ] C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe
20:09:48.0180 0x21c8 mcpltui_exe - ok
20:09:48.0289 0x21c8 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
20:09:48.0446 0x21c8 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
20:09:50.0931 0x21c8 Detect skipped due to KSN trusted
20:09:50.0931 0x21c8 QuickTime Task - ok
20:09:51.0040 0x21c8 [ 73FCAA8154F8FD71E71E7DC52A1BAF2A, 829AE0CD6C10DA78279D3C666DDE1801E9A3AD6C0BAA8A1C05F2C7F1C114B1EB ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
20:09:51.0118 0x21c8 HPMessageService - ok
20:09:51.0571 0x21c8 [ 83A0C1125AAF54859F39D25901891ADC, 2E8FAD4E1CD928746F2E2876080DB1CB080AC0C79A4342253CAF4CEAABA5474A ] C:\Program Files (x86)\Knowhow Cloud\KnowhowCloud.exe
20:09:51.0696 0x21c8 Livedrive - ok
20:09:51.0759 0x21c8 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
20:09:51.0821 0x21c8 swg - ok
20:09:51.0821 0x21c8 Power2GoExpress8 - ok
20:09:51.0821 0x21c8 VunwUyhe - ok
20:09:52.0040 0x21c8 [ 14EF06B1EA531D681B5738F37388B99C, AB74735A3569B7995572FD7B0D026919CADA27C43A6AD0503659CE7CA3FF6B84 ] C:\Program Files\CCleaner\CCleaner64.exe
20:09:52.0213 0x21c8 CCleaner Monitoring - ok
20:09:52.0213 0x21c8 Waiting for KSN requests completion. In queue: 233
20:09:53.0237 0x21c8 Waiting for KSN requests completion. In queue: 233
20:09:54.0247 0x21c8 Waiting for KSN requests completion. In queue: 233
20:09:55.0466 0x21c8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
20:09:55.0482 0x21c8 AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
20:09:55.0482 0x21c8 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
20:09:58.0048 0x21c8 ============================================================
20:09:58.0048 0x21c8 Scan finished
20:09:58.0048 0x21c8 ============================================================
20:09:58.0048 0x21bc Detected object count: 1
20:09:58.0048 0x21bc Actual detected object count: 1
20:10:12.0302 0x21bc HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:10:12.0302 0x21bc HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:10:24.0495 0x151c Deinitialize success