Page 5 of 9 FirstFirst 123456789 LastLast
Results 41 to 50 of 83

Thread: How so I remove AdChoices?

  1. 2014-12-04, 16:14 #41
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    I forgot to ask or may have but, I'll ask again
    Are there specific webpages only showing AdChoices or are they appearing on all?, other devices on the same network are affected?

    Check and read over
    Using Google Public DNS


    Just to check and make sure theres nothing more hidden then a browser Hijacker, let's run an additional scan to check for rootkits.

    Download the latest version of TDSSKiller from here and save it to your Desktop.


    • Doubleclick on TDSSKiller.exe to run the application

    • Then click on Change parameters.


    • Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.
    • Click the Start Scan button.

    • If a suspicious object is detected, the default action will be Skip, click on Continue.


    • If malicious objects are found, they will show in the Scan results and offer three (3) options.
    • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    • Get the report by selecting Reports


    • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


    Please copy and paste its contents on your next reply.



    A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
  2. 2014-12-04, 22:44 #42
    captngaryr
    captngaryr is offline
    Member
    Join Date
    Nov 2014
    Posts
    71

    Default

    Quote Originally Posted by Juliet View Post
    I forgot to ask or may have but, I'll ask again
    Are there specific webpages only showing AdChoices or are they appearing on all?, other devices on the same network are affected?
    There are no specific web pages affected. Many different pages are affected.
    I actually have no reason to shoot you. You're the only hope I've got. I really appreciate all your help, even though we haven't been successful,yet.


    Quote Originally Posted by Juliet View Post
    Check and read over
    Using Google Public DNS
    Will do.
    Last edited by Juliet; 2014-12-04 at 22:53. Reason: removed quote
  3. 2014-12-04, 22:53 #43
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Post the TDSSKiller log when you can.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
  4. 2014-12-04, 23:28 #44
    captngaryr
    captngaryr is offline
    Member
    Join Date
    Nov 2014
    Posts
    71

    Default

    I have finally caught up with your previous instructions without success.

    I didn't do anything with Google DNS, because you didn't specifically request I do so.

    TDSSKiller did not find any threats. See below:

    17:12:34.0405 0x194c TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
    17:12:38.0383 0x194c ============================================================
    17:12:38.0383 0x194c Current date / time: 2014/12/04 17:12:38.0383
    17:12:38.0383 0x194c SystemInfo:
    17:12:38.0383 0x194c
    17:12:38.0383 0x194c OS Version: 6.1.7601 ServicePack: 1.0
    17:12:38.0383 0x194c Product type: Workstation
    17:12:38.0383 0x194c ComputerName: GARY-PC
    17:12:38.0383 0x194c UserName: Gary
    17:12:38.0383 0x194c Windows directory: C:\Windows
    17:12:38.0383 0x194c System windows directory: C:\Windows
    17:12:38.0383 0x194c Running under WOW64
    17:12:38.0383 0x194c Processor architecture: Intel x64
    17:12:38.0383 0x194c Number of processors: 4
    17:12:38.0383 0x194c Page size: 0x1000
    17:12:38.0383 0x194c Boot type: Normal boot
    17:12:38.0383 0x194c ============================================================
    17:12:38.0477 0x194c KLMD registered as C:\Windows\system32\drivers\36366222.sys
    17:12:38.0617 0x194c System UUID: {344E82F9-DBC1-59BC-4AB3-8C732687871A}
    17:12:39.0070 0x194c Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    17:12:39.0085 0x194c ============================================================
    17:12:39.0085 0x194c \Device\Harddisk0\DR0:
    17:12:39.0085 0x194c MBR partitions:
    17:12:39.0085 0x194c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x65F5B
    17:12:39.0085 0x194c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x65F9A, BlocksNum 0x65F9A
    17:12:39.0085 0x194c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xCBF34, BlocksNum 0x1D0F864D
    17:12:39.0085 0x194c ============================================================
    17:12:39.0085 0x194c C: <-> \Device\Harddisk0\DR0\Partition3
    17:12:39.0085 0x194c D: <-> \Device\Harddisk0\DR0\Partition1
    17:12:39.0085 0x194c ============================================================
    17:12:39.0085 0x194c Initialize success
    17:12:39.0085 0x194c ============================================================
    17:13:31.0770 0x08d0 ============================================================
    17:13:31.0770 0x08d0 Scan started
    17:13:31.0770 0x08d0 Mode: Manual; SigCheck; TDLFS;
    17:13:31.0770 0x08d0 ============================================================
    17:13:31.0770 0x08d0 KSN ping started
    17:13:46.0262 0x08d0 KSN ping finished: true
    17:13:46.0496 0x08d0 ================ Scan system memory ========================
    17:13:46.0496 0x08d0 System memory - ok
    17:13:46.0496 0x08d0 ================ Scan services =============================
    17:13:46.0574 0x08d0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    17:13:46.0699 0x08d0 1394ohci - ok
    17:13:46.0714 0x08d0 [ 73C035299E3044636104CA7A7634A6AC, ED1D4904E2D1D1C72ED9697297AE1B64860098BA2F6F63F7A1426413007DF138 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
    17:13:46.0746 0x08d0 a2acc - ok
    17:13:46.0870 0x08d0 [ 1DF600AAA554D358108FF241A667112B, 9CD99BB0A22570B4AE62A0F66122457E57E10965552A8C6FD9C6E4090DAF150E ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
    17:13:47.0026 0x08d0 a2AntiMalware - ok
    17:13:47.0042 0x08d0 [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
    17:13:47.0073 0x08d0 A2DDA - ok
    17:13:47.0073 0x08d0 [ 05936579605018BD2BC528FF2C1AD95F, 763C2E76F9078F6A74D5BCCB4DD8A10C82AEB9C9F5A45C3706A587FA2D03E7D3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
    17:13:47.0120 0x08d0 a2injectiondriver - ok
    17:13:47.0120 0x08d0 [ B1AB7116D14667A2238DAEFE20B7F4D0, DC8A9093A6F759657C3354931A462FCCAF3533A907FB7152380EB2E9B4AD3BF8 ] a2util C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
    17:13:47.0136 0x08d0 a2util - ok
    17:13:47.0136 0x08d0 [ 1CFFE9C06E66A57DAE1452E449A58240, F337852EEF9DCF33FB1B85EEF61FA8D28A780B13488B144DFAD2234FC24CB430 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
    17:13:47.0167 0x08d0 Accelerometer - ok
    17:13:47.0167 0x08d0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    17:13:47.0198 0x08d0 ACPI - ok
    17:13:47.0214 0x08d0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    17:13:47.0245 0x08d0 AcpiPmi - ok
    17:13:47.0245 0x08d0 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    17:13:47.0292 0x08d0 AdobeARMservice - ok
    17:13:47.0323 0x08d0 [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    17:13:47.0354 0x08d0 AdobeFlashPlayerUpdateSvc - ok
    17:13:47.0370 0x08d0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    17:13:47.0401 0x08d0 adp94xx - ok
    17:13:47.0416 0x08d0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    17:13:47.0448 0x08d0 adpahci - ok
    17:13:47.0448 0x08d0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    17:13:47.0479 0x08d0 adpu320 - ok
    17:13:47.0479 0x08d0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    17:13:47.0572 0x08d0 AeLookupSvc - ok
    17:13:47.0572 0x08d0 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
    17:13:47.0604 0x08d0 AESTFilters - ok
    17:13:47.0619 0x08d0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
    17:13:47.0650 0x08d0 AFD - ok
    17:13:47.0666 0x08d0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
    17:13:47.0682 0x08d0 agp440 - ok
    17:13:47.0682 0x08d0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
    17:13:47.0713 0x08d0 ALG - ok
    17:13:47.0713 0x08d0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
    17:13:47.0744 0x08d0 aliide - ok
    17:13:47.0744 0x08d0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
    17:13:47.0760 0x08d0 amdide - ok
    17:13:47.0775 0x08d0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    17:13:47.0791 0x08d0 AmdK8 - ok
    17:13:47.0791 0x08d0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    17:13:47.0822 0x08d0 AmdPPM - ok
    17:13:47.0822 0x08d0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    17:13:47.0853 0x08d0 amdsata - ok
    17:13:47.0853 0x08d0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    17:13:47.0884 0x08d0 amdsbs - ok
    17:13:47.0884 0x08d0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
    17:13:47.0900 0x08d0 amdxata - ok
    17:13:47.0916 0x08d0 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
    17:13:47.0931 0x08d0 AppID - ok
    17:13:47.0947 0x08d0 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    17:13:47.0962 0x08d0 AppIDSvc - ok
    17:13:47.0962 0x08d0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
    17:13:47.0994 0x08d0 Appinfo - ok
    17:13:47.0994 0x08d0 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    17:13:48.0025 0x08d0 Apple Mobile Device - ok
    17:13:48.0025 0x08d0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
    17:13:48.0056 0x08d0 arc - ok
    17:13:48.0056 0x08d0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    17:13:48.0072 0x08d0 arcsas - ok
    17:13:48.0087 0x08d0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    17:13:48.0118 0x08d0 aspnet_state - ok
    17:13:48.0118 0x08d0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    17:13:48.0165 0x08d0 AsyncMac - ok
    17:13:48.0165 0x08d0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
    17:13:48.0196 0x08d0 atapi - ok
    17:13:48.0228 0x08d0 [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
    17:13:48.0306 0x08d0 athr - ok
    17:13:48.0321 0x08d0 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    17:13:48.0368 0x08d0 AudioEndpointBuilder - ok
    17:13:48.0384 0x08d0 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
    17:13:48.0415 0x08d0 AudioSrv - ok
    17:13:48.0430 0x08d0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
    17:13:48.0462 0x08d0 AxInstSV - ok
    17:13:48.0477 0x08d0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    17:13:48.0508 0x08d0 b06bdrv - ok
    17:13:48.0524 0x08d0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    17:13:48.0555 0x08d0 b57nd60a - ok
    17:13:48.0633 0x08d0 [ 0E7A9264576B40638A3FBC804DE1FF76, D307179E6FA5D39E03175F37D297E4D0DA86CF0FC6EFA6CFCFAA0E8713489BC5 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
    17:13:48.0727 0x08d0 BCM43XX - ok
    17:13:48.0742 0x08d0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
    17:13:48.0758 0x08d0 BDESVC - ok
    17:13:48.0774 0x08d0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
    17:13:48.0820 0x08d0 Beep - ok
    17:13:48.0836 0x08d0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
    17:13:48.0883 0x08d0 BFE - ok
    17:13:48.0914 0x08d0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
    17:13:49.0023 0x08d0 BITS - ok
    17:13:49.0023 0x08d0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    17:13:49.0054 0x08d0 blbdrive - ok
    17:13:49.0070 0x08d0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    17:13:49.0101 0x08d0 Bonjour Service - ok
    17:13:49.0101 0x08d0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    17:13:49.0132 0x08d0 bowser - ok
    17:13:49.0132 0x08d0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    17:13:49.0164 0x08d0 BrFiltLo - ok
    17:13:49.0164 0x08d0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    17:13:49.0179 0x08d0 BrFiltUp - ok
    17:13:49.0195 0x08d0 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
    17:13:49.0242 0x08d0 BridgeMP - ok
    17:13:49.0257 0x08d0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
    17:13:49.0273 0x08d0 Browser - ok
    17:13:49.0288 0x08d0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    17:13:49.0320 0x08d0 Brserid - ok
    17:13:49.0320 0x08d0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    17:13:49.0351 0x08d0 BrSerWdm - ok
    17:13:49.0351 0x08d0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    17:13:49.0382 0x08d0 BrUsbMdm - ok
    17:13:49.0382 0x08d0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    17:13:49.0413 0x08d0 BrUsbSer - ok
    17:13:49.0413 0x08d0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    17:13:49.0444 0x08d0 BTHMODEM - ok
    17:13:49.0444 0x08d0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
    17:13:49.0491 0x08d0 bthserv - ok
    17:13:49.0507 0x08d0 [ 07F135A94B04E61B1AACBEDF008FC797, 8B8AD28FB9A81EA80473AD2AE03003706E979E540FF193CC485CC5A41266F515 ] bzserv C:\Program Files (x86)\Backblaze\bzserv.exe
    17:13:49.0616 0x08d0 bzserv - ok
    17:13:49.0647 0x08d0 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    17:13:49.0710 0x08d0 c2cautoupdatesvc - ok
    17:13:49.0756 0x08d0 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    17:13:49.0834 0x08d0 c2cpnrsvc - ok
    17:13:49.0834 0x08d0 catchme - ok
    17:13:49.0834 0x08d0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    17:13:49.0881 0x08d0 cdfs - ok
    17:13:49.0897 0x08d0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
    17:13:49.0912 0x08d0 cdrom - ok
    17:13:49.0928 0x08d0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
    17:13:49.0975 0x08d0 CertPropSvc - ok
    17:13:49.0975 0x08d0 [ 7B0203A0503B18197C97F5CF598AD5B6, F30B19632670CB8C47B8D334324B7DA1A8FAEDD7B7D5C9B649182EE16595DA25 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
    17:13:50.0006 0x08d0 CinemaNow Service - ok
    17:13:50.0006 0x08d0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    17:13:50.0037 0x08d0 circlass - ok
    17:13:50.0037 0x08d0 [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys
    17:13:50.0053 0x08d0 cleanhlp - ok
    17:13:50.0068 0x08d0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
    17:13:50.0100 0x08d0 CLFS - ok
    17:13:50.0115 0x08d0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    17:13:50.0131 0x08d0 clr_optimization_v2.0.50727_32 - ok
    17:13:50.0131 0x08d0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    17:13:50.0162 0x08d0 clr_optimization_v2.0.50727_64 - ok
    17:13:50.0178 0x08d0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    17:13:50.0193 0x08d0 clr_optimization_v4.0.30319_32 - ok
    17:13:50.0209 0x08d0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    17:13:50.0224 0x08d0 clr_optimization_v4.0.30319_64 - ok
    17:13:50.0240 0x08d0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    17:13:50.0256 0x08d0 CmBatt - ok
    17:13:50.0256 0x08d0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
    17:13:50.0287 0x08d0 cmdide - ok
    17:13:50.0302 0x08d0 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
    17:13:50.0334 0x08d0 CNG - ok
    17:13:50.0349 0x08d0 [ 9F50DBE58A98F6B96331F4606CA3188E, BCA2C9F4CB587242470CF07EA2A7E0C33DE8C8026C06F37A181ACE1992D6108B ] com0com C:\Windows\system32\DRIVERS\com0com.sys
    17:13:50.0380 0x08d0 com0com - ok
    17:13:50.0380 0x08d0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    17:13:50.0396 0x08d0 Compbatt - ok
    17:13:50.0412 0x08d0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    17:13:50.0427 0x08d0 CompositeBus - ok
    17:13:50.0443 0x08d0 COMSysApp - ok
    17:13:50.0443 0x08d0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    17:13:50.0458 0x08d0 crcdisk - ok
    17:13:50.0474 0x08d0 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
    17:13:50.0505 0x08d0 CryptSvc - ok
    17:13:50.0521 0x08d0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
    17:13:50.0583 0x08d0 DcomLaunch - ok
    17:13:50.0599 0x08d0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
    17:13:50.0646 0x08d0 defragsvc - ok
    17:13:50.0646 0x08d0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    17:13:50.0708 0x08d0 DfsC - ok
    17:13:50.0708 0x08d0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
    17:13:50.0739 0x08d0 Dhcp - ok
    17:13:50.0755 0x08d0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
    17:13:50.0802 0x08d0 discache - ok
    17:13:50.0802 0x08d0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
    17:13:50.0833 0x08d0 Disk - ok
    17:13:50.0848 0x08d0 [ E2AFD2E1FE8F9360139FA4425EB72136, 5068E21CCDD0D6957046AFBF12313F94306BF46FDF41C62A7DA2F9918140CEC6 ] Diskeeper C:\Program Files (x86)\Executive Software\Diskeeper\DkService.exe
    17:13:50.0864 0x08d0 Diskeeper - detected UnsignedFile.Multi.Generic ( 1 )
    17:13:53.0594 0x08d0 Detect skipped due to KSN trusted
    17:13:53.0594 0x08d0 Diskeeper - ok
    17:13:53.0594 0x08d0 dlbk_device - ok
    17:13:53.0594 0x08d0 dlcx_device - ok
    17:13:53.0610 0x08d0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    17:13:53.0641 0x08d0 Dnscache - ok
    17:13:53.0656 0x08d0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
    17:13:53.0719 0x08d0 dot3svc - ok
    17:13:53.0734 0x08d0 [ EAC9D9868D37C8785D12475A9BB65A11, 7C7B168867D7F7BF347918E6F0937ED242CB0A23698362AB8F2E4D77B4D45B74 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
    17:13:53.0812 0x08d0 DpHost - ok
    17:13:53.0828 0x08d0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
    17:13:53.0875 0x08d0 DPS - ok
    17:13:53.0890 0x08d0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    17:13:53.0906 0x08d0 drmkaud - ok
    17:13:53.0922 0x08d0 [ 0040A0132AAC1004E50055F8FBB14C08, A336CA41DA09AC749242852827C1F2FB645E8E81A707217C360C5E4ACD1760BA ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys
    17:13:53.0937 0x08d0 dsNcAdpt - ok
    17:13:53.0968 0x08d0 [ 5B2CA612CAAEFF6D3B7AD13440A26B06, B687251195929535B60B3C139392B58CF86E7F579EEB41F99AA4B44D47337467 ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
    17:13:54.0015 0x08d0 dsNcService - ok
    17:13:54.0015 0x08d0 [ A298AEA9FCA253E7EFF040A08C7C6376, 3A0B0C375D5C029ACF4BAF7881094D447E20E76C83049DBAD0F5FDB7802A7CDC ] DVMIO C:\Windows\system32\DRIVERS\dvmio.sys
    17:13:54.0046 0x08d0 DVMIO - ok
    17:13:54.0062 0x08d0 [ 291A3DEE24999EE4618ED0C7A9A8DB7A, CD287E6913B20B20E6D4FC5036462AAD6A248DDF16028B4ECC9BDEFDB3A9FF1D ] DvmMDES C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
    17:13:54.0156 0x08d0 DvmMDES - ok
    17:13:54.0187 0x08d0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    17:13:54.0234 0x08d0 DXGKrnl - ok
    17:13:54.0249 0x08d0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
    17:13:54.0296 0x08d0 EapHost - ok
    17:13:54.0390 0x08d0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    17:13:54.0530 0x08d0 ebdrv - ok
    17:13:54.0546 0x08d0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
    17:13:54.0577 0x08d0 EFS - ok
    17:13:54.0592 0x08d0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    17:13:54.0639 0x08d0 ehRecvr - ok
    17:13:54.0655 0x08d0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
    17:13:54.0686 0x08d0 ehSched - ok
    17:13:54.0702 0x08d0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    17:13:54.0748 0x08d0 elxstor - ok
    17:13:54.0748 0x08d0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
    17:13:54.0780 0x08d0 ErrDev - ok
    17:13:54.0795 0x08d0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
    17:13:54.0873 0x08d0 EventSystem - ok
    17:13:54.0873 0x08d0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
    17:13:54.0936 0x08d0 exfat - ok
    17:13:54.0951 0x08d0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    17:13:55.0014 0x08d0 fastfat - ok
    17:13:55.0029 0x08d0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
    17:13:55.0076 0x08d0 Fax - ok
    17:13:55.0092 0x08d0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    17:13:55.0123 0x08d0 fdc - ok
    17:13:55.0123 0x08d0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
    17:13:55.0170 0x08d0 fdPHost - ok
    17:13:55.0185 0x08d0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
    17:13:55.0232 0x08d0 FDResPub - ok
    17:13:55.0248 0x08d0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    17:13:55.0263 0x08d0 FileInfo - ok
    17:13:55.0279 0x08d0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    17:13:55.0326 0x08d0 Filetrace - ok
    17:13:55.0341 0x08d0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    17:13:55.0372 0x08d0 flpydisk - ok
    17:13:55.0388 0x08d0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    17:13:55.0419 0x08d0 FltMgr - ok
    17:13:55.0450 0x08d0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
    17:13:55.0513 0x08d0 FontCache - ok
    17:13:55.0528 0x08d0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    17:13:55.0544 0x08d0 FontCache3.0.0.0 - ok
    17:13:55.0560 0x08d0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    17:13:55.0575 0x08d0 FsDepends - ok
    17:13:55.0591 0x08d0 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
    17:13:55.0606 0x08d0 fssfltr - ok
    17:13:55.0638 0x08d0 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
    17:13:55.0700 0x08d0 fsssvc - ok
    17:13:55.0700 0x08d0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    17:13:55.0731 0x08d0 Fs_Rec - ok
    17:13:55.0731 0x08d0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    17:13:55.0762 0x08d0 fvevol - ok
    17:13:55.0778 0x08d0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    17:13:55.0794 0x08d0 gagp30kx - ok
    17:13:55.0809 0x08d0 [ E49C66240C7043A805B5C83A6FD6BEB0, C3FA9B6D94B76AA6AF7A6F600E9FBC6BFC2851A88026CA27C225E59DB59B5294 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    17:13:55.0872 0x08d0 Garmin Core Update Service - ok
    17:13:55.0872 0x08d0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    17:13:55.0887 0x08d0 GEARAspiWDM - ok
    17:13:55.0918 0x08d0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
    17:13:55.0981 0x08d0 gpsvc - ok
    17:13:55.0996 0x08d0 [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
    17:13:56.0012 0x08d0 grmnusb - ok
    17:13:56.0012 0x08d0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    17:13:56.0028 0x08d0 gupdate - ok
    17:13:56.0043 0x08d0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    17:13:56.0059 0x08d0 gupdatem - ok
    17:13:56.0059 0x08d0 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    17:13:56.0090 0x08d0 gusvc - ok
    17:13:56.0090 0x08d0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    17:13:56.0121 0x08d0 hcw85cir - ok
    17:13:56.0121 0x08d0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    17:13:56.0168 0x08d0 HdAudAddService - ok
    17:13:56.0168 0x08d0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    17:13:56.0199 0x08d0 HDAudBus - ok
    17:13:56.0199 0x08d0 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
    17:13:56.0215 0x08d0 HECIx64 - ok
    17:13:56.0230 0x08d0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    17:13:56.0246 0x08d0 HidBatt - ok
    17:13:56.0262 0x08d0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    17:13:56.0277 0x08d0 HidBth - ok
    17:13:56.0293 0x08d0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    17:13:56.0308 0x08d0 HidIr - ok
    17:13:56.0324 0x08d0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
    17:13:56.0371 0x08d0 hidserv - ok
    17:13:56.0371 0x08d0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    17:13:56.0402 0x08d0 HidUsb - ok
    17:13:56.0402 0x08d0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
    17:13:56.0464 0x08d0 hkmsvc - ok
    17:13:56.0464 0x08d0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    17:13:56.0496 0x08d0 HomeGroupListener - ok
    17:13:56.0511 0x08d0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    17:13:56.0527 0x08d0 HomeGroupProvider - ok
    17:13:56.0542 0x08d0 [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    17:13:56.0542 0x08d0 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
    17:13:59.0163 0x08d0 Detect skipped due to KSN trusted
    17:13:59.0163 0x08d0 HP Support Assistant Service - ok
    17:13:59.0179 0x08d0 [ A2DE0A67C77EBC6DFAD3D55232790ADD, 12374AD692CE8FA2462DA590D31BF847B61EBC3EFBC0690C1A746AFFA6C13C3A ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    17:13:59.0226 0x08d0 HP Wireless Assistant Service - ok
    17:13:59.0226 0x08d0 [ 05712FDDBD45A5864EB326FAABC6A4E3, 8BACA990971A331E6EC7F896EF2404F09E381DAA3519FC6E3027C0DBD991BA7F ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
    17:13:59.0257 0x08d0 hpdskflt - ok
    17:13:59.0288 0x08d0 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    17:13:59.0335 0x08d0 hpqwmiex - ok
    17:13:59.0351 0x08d0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    17:13:59.0366 0x08d0 HpSAMD - ok
    17:13:59.0382 0x08d0 [ AA036CC5F5221D9B915F4D4DCE74BA9A, B90B9F7753B45387AD56A7CE1365BEBC9EB67011B6D2F8C785717942133775AA ] hpsrv C:\Windows\system32\Hpservice.exe
    17:13:59.0397 0x08d0 hpsrv - ok
    17:13:59.0413 0x08d0 [ B6492D01712A22FF3FEA25A999DBD321, DA0BB9F4EC5352409F492378168C5A256186B1E76463C72ADE06C63F46363BEF ] HPWMISVC C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    17:13:59.0429 0x08d0 HPWMISVC - detected UnsignedFile.Multi.Generic ( 1 )
    17:14:01.0909 0x08d0 Detect skipped due to KSN trusted
    17:14:01.0909 0x08d0 HPWMISVC - ok
    17:14:01.0940 0x08d0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    17:14:02.0018 0x08d0 HTTP - ok
    17:14:02.0018 0x08d0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    17:14:02.0049 0x08d0 hwpolicy - ok
    17:14:02.0049 0x08d0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
    17:14:02.0081 0x08d0 i8042prt - ok
    17:14:02.0112 0x08d0 [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
    17:14:02.0143 0x08d0 iaStor - ok
    17:14:02.0159 0x08d0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    17:14:02.0190 0x08d0 iaStorV - ok
    17:14:02.0205 0x08d0 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    17:14:02.0221 0x08d0 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
    17:14:04.0748 0x08d0 Detect skipped due to KSN trusted
    17:14:04.0748 0x08d0 IDriverT - ok
    17:14:04.0764 0x08d0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    17:14:04.0811 0x08d0 idsvc - ok
    17:14:04.0826 0x08d0 IEEtwCollectorService - ok
    17:14:05.0107 0x08d0 [ 1BE8D9CA4F2363B8E8015621878E0043, 695B5F88A6F6943156D033DAA86188F50308AD71FCF26CF0AEDF7E23F774FB56 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    17:14:05.0481 0x08d0 igfx - ok
    17:14:05.0513 0x08d0 [ 922EFF369684B31BE2BCF0663ECF8560, 97B484EF0BAB546C0E27CB8A3CBB21B946824EFB4CACA98237DC09110FB5642A ] IHA_MessageCenter C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
    17:14:05.0559 0x08d0 IHA_MessageCenter - ok
    17:14:05.0559 0x08d0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    17:14:05.0575 0x08d0 iirsp - ok
    17:14:05.0606 0x08d0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
    17:14:05.0653 0x08d0 IKEEXT - ok
    17:14:05.0653 0x08d0 [ C48567D80AD357613CD0EEADE18780AE, AFFAB3C915C5B48A39F7F8F9438A3085DBEBA1E431DD35861A5A08EA1CBE4D37 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
    17:14:05.0684 0x08d0 Impcd - ok
    17:14:05.0700 0x08d0 [ DA24C1F66EE1B5A92E045376D7A44B58, BEF1072E0869DC93FF81FA8B712EDAA02F08D5CDD443A6A0EFA69C79C23D39AC ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    17:14:05.0731 0x08d0 IntcDAud - ok
    17:14:05.0731 0x08d0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
    17:14:05.0747 0x08d0 intelide - ok
    17:14:05.0762 0x08d0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    17:14:05.0778 0x08d0 intelppm - ok
    17:14:05.0793 0x08d0 [ 0895CDD7F1542FFCC5BBB560EC78BC16, 383D9FFE7FB313EA201DE877F3D48B5116FFA261EDEF5D0D0FE79F14E9682D25 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    17:14:05.0809 0x08d0 IntuitUpdateServiceV4 - ok
    17:14:05.0809 0x08d0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    17:14:05.0856 0x08d0 IPBusEnum - ok
    17:14:05.0871 0x08d0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    17:14:05.0918 0x08d0 IpFilterDriver - ok
    17:14:05.0934 0x08d0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    17:14:05.0981 0x08d0 iphlpsvc - ok
    17:14:05.0981 0x08d0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    17:14:06.0012 0x08d0 IPMIDRV - ok
    17:14:06.0012 0x08d0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    17:14:06.0059 0x08d0 IPNAT - ok
    17:14:06.0090 0x08d0 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    17:14:06.0121 0x08d0 iPod Service - ok
    17:14:06.0121 0x08d0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
    17:14:06.0168 0x08d0 IRENUM - ok
    17:14:06.0168 0x08d0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    17:14:06.0183 0x08d0 isapnp - ok
    17:14:06.0199 0x08d0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    17:14:06.0230 0x08d0 iScsiPrt - ok
    17:14:06.0230 0x08d0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
    17:14:06.0246 0x08d0 kbdclass - ok
    17:14:06.0261 0x08d0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
    17:14:06.0277 0x08d0 kbdhid - ok
    17:14:06.0293 0x08d0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
    17:14:06.0308 0x08d0 KeyIso - ok
    17:14:06.0324 0x08d0 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    17:14:06.0339 0x08d0 KSecDD - ok
    17:14:06.0355 0x08d0 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    17:14:06.0371 0x08d0 KSecPkg - ok
    17:14:06.0386 0x08d0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    17:14:06.0433 0x08d0 ksthunk - ok
    17:14:06.0449 0x08d0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
    17:14:06.0511 0x08d0 KtmRm - ok
    17:14:06.0527 0x08d0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
    17:14:06.0589 0x08d0 LanmanServer - ok
    17:14:06.0589 0x08d0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    17:14:06.0636 0x08d0 LanmanWorkstation - ok
    17:14:06.0651 0x08d0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    17:14:06.0698 0x08d0 lltdio - ok
    17:14:06.0714 0x08d0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    17:14:06.0776 0x08d0 lltdsvc - ok
    17:14:06.0776 0x08d0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
    17:14:06.0823 0x08d0 lmhosts - ok
    17:14:06.0839 0x08d0 [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    17:14:06.0870 0x08d0 LMS - ok
    17:14:06.0870 0x08d0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    17:14:06.0901 0x08d0 LSI_FC - ok
    17:14:06.0901 0x08d0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    17:14:06.0932 0x08d0 LSI_SAS - ok
    17:14:06.0932 0x08d0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    17:14:06.0963 0x08d0 LSI_SAS2 - ok
    17:14:06.0963 0x08d0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    17:14:06.0979 0x08d0 LSI_SCSI - ok
    17:14:06.0995 0x08d0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
    17:14:07.0041 0x08d0 luafv - ok
    17:14:07.0057 0x08d0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    17:14:07.0073 0x08d0 Mcx2Svc - ok
    17:14:07.0088 0x08d0 [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    17:14:07.0104 0x08d0 MDM - detected UnsignedFile.Multi.Generic ( 1 )
    17:14:09.0709 0x08d0 Detect skipped due to KSN trusted
    17:14:09.0709 0x08d0 MDM - ok
    17:14:09.0725 0x08d0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    17:14:09.0756 0x08d0 megasas - ok
    17:14:09.0771 0x08d0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    17:14:09.0787 0x08d0 MegaSR - ok
    17:14:09.0803 0x08d0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
    17:14:09.0849 0x08d0 MMCSS - ok
    17:14:09.0849 0x08d0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
    17:14:09.0896 0x08d0 Modem - ok
    17:14:09.0912 0x08d0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    17:14:09.0927 0x08d0 monitor - ok
    17:14:09.0943 0x08d0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    17:14:09.0959 0x08d0 mouclass - ok
    17:14:09.0974 0x08d0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    17:14:10.0005 0x08d0 mouhid - ok
    17:14:10.0005 0x08d0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    17:14:10.0037 0x08d0 mountmgr - ok
    17:14:10.0037 0x08d0 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
    17:14:10.0068 0x08d0 MpFilter - ok
    17:14:10.0083 0x08d0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
    17:14:10.0099 0x08d0 mpio - ok
    17:14:10.0115 0x08d0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    17:14:10.0161 0x08d0 mpsdrv - ok
    17:14:10.0193 0x08d0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
    17:14:10.0255 0x08d0 MpsSvc - ok
    17:14:10.0271 0x08d0 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    17:14:10.0286 0x08d0 MRxDAV - ok
    17:14:10.0302 0x08d0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    17:14:10.0333 0x08d0 mrxsmb - ok
    17:14:10.0349 0x08d0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    17:14:10.0380 0x08d0 mrxsmb10 - ok
    17:14:10.0380 0x08d0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    17:14:10.0411 0x08d0 mrxsmb20 - ok
    17:14:10.0411 0x08d0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
    17:14:10.0427 0x08d0 msahci - ok
    17:14:10.0442 0x08d0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    17:14:10.0473 0x08d0 msdsm - ok
    17:14:10.0473 0x08d0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
    17:14:10.0505 0x08d0 MSDTC - ok
    17:14:10.0520 0x08d0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    17:14:10.0567 0x08d0 Msfs - ok
    17:14:10.0567 0x08d0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    17:14:10.0614 0x08d0 mshidkmdf - ok
    17:14:10.0614 0x08d0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    17:14:10.0645 0x08d0 msisadrv - ok
    17:14:10.0645 0x08d0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    17:14:10.0707 0x08d0 MSiSCSI - ok
    17:14:10.0707 0x08d0 msiserver - ok
    17:14:10.0707 0x08d0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    17:14:10.0754 0x08d0 MSKSSRV - ok
    17:14:10.0770 0x08d0 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
    17:14:10.0785 0x08d0 MsMpSvc - ok
    17:14:10.0801 0x08d0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    17:14:10.0848 0x08d0 MSPCLOCK - ok
    17:14:10.0848 0x08d0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    17:14:10.0895 0x08d0 MSPQM - ok
    17:14:10.0910 0x08d0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    17:14:10.0941 0x08d0 MsRPC - ok
    17:14:10.0957 0x08d0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    17:14:10.0973 0x08d0 mssmbios - ok
    17:14:10.0973 0x08d0 MSSQL$SQLEXPRESS - ok
    17:14:10.0988 0x08d0 [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
    17:14:11.0004 0x08d0 MSSQLServerADHelper - ok
    17:14:11.0019 0x08d0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    17:14:11.0066 0x08d0 MSTEE - ok
    17:14:11.0175 0x08d0 [ 0F4DD44765A7D23E0CD9965EE900558F, 4D61960F02C2F9281263833F04B203398A9D4E72F3819383420DA31FF8D581FE ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
    17:14:11.0316 0x08d0 msvsmon90 - ok
    17:14:11.0331 0x08d0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    17:14:11.0347 0x08d0 MTConfig - ok
    17:14:11.0363 0x08d0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
    17:14:11.0378 0x08d0 Mup - ok
    17:14:11.0394 0x08d0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
    17:14:11.0456 0x08d0 napagent - ok
    17:14:11.0472 0x08d0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    17:14:11.0503 0x08d0 NativeWifiP - ok
    17:14:11.0534 0x08d0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
    17:14:11.0581 0x08d0 NDIS - ok
    17:14:11.0581 0x08d0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    17:14:11.0628 0x08d0 NdisCap - ok
    17:14:11.0643 0x08d0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    17:14:11.0690 0x08d0 NdisTapi - ok
    17:14:11.0690 0x08d0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    17:14:11.0737 0x08d0 Ndisuio - ok
    17:14:11.0753 0x08d0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    17:14:11.0799 0x08d0 NdisWan - ok
    17:14:11.0799 0x08d0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    17:14:11.0846 0x08d0 NDProxy - ok
    17:14:11.0862 0x08d0 [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
    17:14:11.0862 0x08d0 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
    17:14:14.0561 0x08d0 Detect skipped due to KSN trusted
    17:14:14.0561 0x08d0 Netaapl - ok
    17:14:14.0576 0x08d0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    17:14:14.0639 0x08d0 NetBIOS - ok
    17:14:14.0654 0x08d0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    17:14:14.0701 0x08d0 NetBT - ok
    17:14:14.0717 0x08d0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
    17:14:14.0732 0x08d0 Netlogon - ok
    17:14:14.0748 0x08d0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
    17:14:14.0826 0x08d0 Netman - ok
    17:14:14.0841 0x08d0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:14:14.0857 0x08d0 NetMsmqActivator - ok
    17:14:14.0873 0x08d0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:14:14.0888 0x08d0 NetPipeActivator - ok
    17:14:14.0919 0x08d0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
    17:14:14.0966 0x08d0 netprofm - ok
    17:14:14.0982 0x08d0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:14:15.0013 0x08d0 NetTcpActivator - ok
    17:14:15.0013 0x08d0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:14:15.0044 0x08d0 NetTcpPortSharing - ok
    17:14:15.0185 0x08d0 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
    17:14:15.0356 0x08d0 netw5v64 - ok
    17:14:15.0372 0x08d0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    17:14:15.0403 0x08d0 nfrd960 - ok
    17:14:15.0403 0x08d0 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    17:14:15.0434 0x08d0 NisDrv - ok
    17:14:15.0450 0x08d0 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
    17:14:15.0481 0x08d0 NisSrv - ok
    17:14:15.0497 0x08d0 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
    17:14:15.0528 0x08d0 NlaSvc - ok
    17:14:15.0528 0x08d0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
    17:14:15.0575 0x08d0 Npfs - ok
    17:14:15.0590 0x08d0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
    17:14:15.0637 0x08d0 nsi - ok
    17:14:15.0637 0x08d0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    17:14:15.0684 0x08d0 nsiproxy - ok
    17:14:15.0731 0x08d0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    17:14:15.0793 0x08d0 Ntfs - ok
    17:14:15.0809 0x08d0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
    17:14:15.0855 0x08d0 Null - ok
    17:14:15.0871 0x08d0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    17:14:15.0887 0x08d0 nvraid - ok
    17:14:15.0902 0x08d0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    17:14:15.0918 0x08d0 nvstor - ok
    17:14:15.0933 0x08d0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    17:14:15.0949 0x08d0 nv_agp - ok
    17:14:15.0965 0x08d0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    17:14:15.0980 0x08d0 ohci1394 - ok
    17:14:15.0996 0x08d0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    17:14:16.0011 0x08d0 ose - ok
    17:14:16.0043 0x08d0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    17:14:16.0074 0x08d0 p2pimsvc - ok
    17:14:16.0089 0x08d0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
    17:14:16.0121 0x08d0 p2psvc - ok
    17:14:16.0136 0x08d0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    17:14:16.0152 0x08d0 Parport - ok
    17:14:16.0167 0x08d0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    17:14:16.0183 0x08d0 partmgr - ok
    17:14:16.0199 0x08d0 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
    17:14:16.0230 0x08d0 PcaSvc - ok
    17:14:16.0230 0x08d0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
    17:14:16.0261 0x08d0 pci - ok
    17:14:16.0261 0x08d0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
    17:14:16.0292 0x08d0 pciide - ok
    17:14:16.0292 0x08d0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    17:14:16.0339 0x08d0 pcmcia - ok
    17:14:16.0339 0x08d0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
    17:14:16.0370 0x08d0 pcw - ok
    17:14:16.0386 0x08d0 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    17:14:16.0417 0x08d0 PEAUTH - ok
    17:14:16.0464 0x08d0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
    17:14:16.0479 0x08d0 PerfHost - ok
    17:14:16.0542 0x08d0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
    17:14:16.0620 0x08d0 pla - ok
    17:14:16.0635 0x08d0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    17:14:16.0682 0x08d0 PlugPlay - ok
    17:14:16.0682 0x08d0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    17:14:16.0713 0x08d0 PNRPAutoReg - ok
    17:14:16.0729 0x08d0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    17:14:16.0745 0x08d0 PNRPsvc - ok
    17:14:16.0776 0x08d0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    17:14:16.0823 0x08d0 PolicyAgent - ok
    17:14:16.0838 0x08d0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
    17:14:16.0901 0x08d0 Power - ok
    17:14:16.0901 0x08d0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    17:14:16.0947 0x08d0 PptpMiniport - ok
    17:14:16.0963 0x08d0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
    17:14:16.0979 0x08d0 Processor - ok
    17:14:16.0994 0x08d0 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
    17:14:17.0025 0x08d0 ProfSvc - ok
    17:14:17.0025 0x08d0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
    17:14:17.0057 0x08d0 ProtectedStorage - ok
    17:14:17.0072 0x08d0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    17:14:17.0119 0x08d0 Psched - ok
    17:14:17.0150 0x08d0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    17:14:17.0213 0x08d0 ql2300 - ok
    17:14:17.0228 0x08d0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    17:14:17.0244 0x08d0 ql40xx - ok
    17:14:17.0259 0x08d0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
    17:14:17.0291 0x08d0 QWAVE - ok
    17:14:17.0306 0x08d0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    17:14:17.0337 0x08d0 QWAVEdrv - ok
    17:14:17.0337 0x08d0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    17:14:17.0384 0x08d0 RasAcd - ok
    17:14:17.0400 0x08d0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    17:14:17.0447 0x08d0 RasAgileVpn - ok
    17:14:17.0447 0x08d0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
    17:14:17.0493 0x08d0 RasAuto - ok
    17:14:17.0509 0x08d0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    17:14:17.0556 0x08d0 Rasl2tp - ok
    17:14:17.0571 0x08d0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
    17:14:17.0634 0x08d0 RasMan - ok
    17:14:17.0649 0x08d0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    17:14:17.0696 0x08d0 RasPppoe - ok
    17:14:17.0696 0x08d0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    17:14:17.0743 0x08d0 RasSstp - ok
    17:14:17.0759 0x08d0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    17:14:17.0821 0x08d0 rdbss - ok
    17:14:17.0821 0x08d0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    17:14:17.0852 0x08d0 rdpbus - ok
    17:14:17.0852 0x08d0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    17:14:17.0899 0x08d0 RDPCDD - ok
    17:14:17.0915 0x08d0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    17:14:17.0961 0x08d0 RDPENCDD - ok
    17:14:17.0977 0x08d0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    17:14:18.0024 0x08d0 RDPREFMP - ok
    17:14:18.0039 0x08d0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    17:14:18.0055 0x08d0 RdpVideoMiniport - ok
    17:14:18.0071 0x08d0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    17:14:18.0102 0x08d0 RDPWD - ok
    17:14:18.0102 0x08d0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    17:14:18.0133 0x08d0 rdyboost - ok
    17:14:18.0149 0x08d0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
    17:14:18.0195 0x08d0 RemoteAccess - ok
    17:14:18.0211 0x08d0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    17:14:18.0258 0x08d0 RemoteRegistry - ok
    17:14:18.0258 0x08d0 [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
    17:14:18.0289 0x08d0 Revoflt - ok
    17:14:18.0305 0x08d0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    17:14:18.0351 0x08d0 RpcEptMapper - ok
    17:14:18.0351 0x08d0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
    17:14:18.0383 0x08d0 RpcLocator - ok
    17:14:18.0398 0x08d0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
    17:14:18.0461 0x08d0 RpcSs - ok
    17:14:18.0461 0x08d0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    17:14:18.0507 0x08d0 rspndr - ok
    17:14:18.0523 0x08d0 [ 907C4464381B5EBDFDC60F6C7D0DEDFC, A39EB4C0858A3CA2D8AFE6D52809EC41795FD7A2F3F157D9CBCCB84BE7958A89 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
    17:14:18.0554 0x08d0 RSUSBSTOR - ok
    17:14:18.0570 0x08d0 [ 777FC2C418465404E3D8A290DC247D24, D053ABB41B0F859762E4BE724EF4EB9F39B83215BC1C7C02B3BE8F02B2A4B094 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    17:14:18.0617 0x08d0 RTL8167 - ok
    17:14:18.0617 0x08d0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
    17:14:18.0648 0x08d0 SamSs - ok
    17:14:18.0648 0x08d0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    17:14:18.0679 0x08d0 sbp2port - ok
    17:14:18.0679 0x08d0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    17:14:18.0741 0x08d0 SCardSvr - ok
    17:14:18.0741 0x08d0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    17:14:18.0788 0x08d0 scfilter - ok
    17:14:18.0819 0x08d0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
    17:14:18.0897 0x08d0 Schedule - ok
    17:14:18.0913 0x08d0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
    17:14:18.0960 0x08d0 SCPolicySvc - ok
    17:14:18.0960 0x08d0 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
    17:14:18.0991 0x08d0 sdbus - ok
    17:14:19.0007 0x08d0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    17:14:19.0038 0x08d0 SDRSVC - ok
    17:14:19.0038 0x08d0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
    17:14:19.0085 0x08d0 secdrv - ok
    17:14:19.0100 0x08d0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
    17:14:19.0147 0x08d0 seclogon - ok
    17:14:19.0147 0x08d0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
    17:14:19.0194 0x08d0 SENS - ok
    17:14:19.0209 0x08d0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
    17:14:19.0225 0x08d0 SensrSvc - ok
    17:14:19.0241 0x08d0 [ 9F6490423AC3271E84A90A0DD9D30A3B, 7F8559B06A2E8FC35F71A099F320A87BB90FC9783133C19F49046F06ECBC9605 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
    17:14:19.0256 0x08d0 Ser2pl - ok
    17:14:19.0272 0x08d0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    17:14:19.0287 0x08d0 Serenum - ok
    17:14:19.0303 0x08d0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
    17:14:19.0334 0x08d0 Serial - ok
    17:14:19.0334 0x08d0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    17:14:19.0365 0x08d0 sermouse - ok
    17:14:19.0381 0x08d0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
    17:14:19.0428 0x08d0 SessionEnv - ok
    17:14:19.0443 0x08d0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    17:14:19.0475 0x08d0 sffdisk - ok
    17:14:19.0475 0x08d0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    17:14:19.0506 0x08d0 sffp_mmc - ok
    17:14:19.0506 0x08d0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    17:14:19.0537 0x08d0 sffp_sd - ok
    17:14:19.0537 0x08d0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    17:14:19.0568 0x08d0 sfloppy - ok
    17:14:19.0584 0x08d0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    17:14:19.0631 0x08d0 SharedAccess - ok
    17:14:19.0646 0x08d0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    17:14:19.0709 0x08d0 ShellHWDetection - ok
    17:14:19.0724 0x08d0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    17:14:19.0740 0x08d0 SiSRaid2 - ok
    17:14:19.0740 0x08d0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    17:14:19.0771 0x08d0 SiSRaid4 - ok
    17:14:19.0787 0x08d0 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    17:14:19.0802 0x08d0 SkypeUpdate - ok
    17:14:19.0818 0x08d0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    17:14:19.0865 0x08d0 Smb - ok
    17:14:19.0880 0x08d0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    17:14:19.0911 0x08d0 SNMPTRAP - ok
    17:14:19.0911 0x08d0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
    17:14:19.0943 0x08d0 spldr - ok
    17:14:19.0958 0x08d0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
    17:14:20.0005 0x08d0 Spooler - ok
    17:14:20.0083 0x08d0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
    17:14:20.0223 0x08d0 sppsvc - ok
    17:14:20.0239 0x08d0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    17:14:20.0286 0x08d0 sppuinotify - ok
    17:14:20.0301 0x08d0 [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    17:14:20.0333 0x08d0 SQLBrowser - ok
    17:14:20.0333 0x08d0 [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    17:14:20.0364 0x08d0 SQLWriter - ok
    17:14:20.0379 0x08d0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
    17:14:20.0411 0x08d0 srv - ok
    17:14:20.0442 0x08d0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    17:14:20.0473 0x08d0 srv2 - ok
    17:14:20.0489 0x08d0 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    17:14:20.0520 0x08d0 SrvHsfHDA - ok
    17:14:20.0551 0x08d0 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    17:14:20.0613 0x08d0 SrvHsfV92 - ok
    17:14:20.0645 0x08d0 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    17:14:20.0691 0x08d0 SrvHsfWinac - ok
    17:14:20.0691 0x08d0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    17:14:20.0723 0x08d0 srvnet - ok
    17:14:20.0738 0x08d0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    17:14:20.0785 0x08d0 SSDPSRV - ok
    17:14:20.0801 0x08d0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
    17:14:20.0847 0x08d0 SstpSvc - ok
    17:14:20.0863 0x08d0 [ B00068BA94F5F306911B14B425AAEB56, E340DFD70776D70C12FC93CBE5E9D594A8C7C80A8E5FD06541558E27260B6D8F ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
    17:14:20.0894 0x08d0 STacSV - ok
    17:14:20.0910 0x08d0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    17:14:20.0925 0x08d0 stexstor - ok
    17:14:20.0941 0x08d0 [ DA40D9C9CCB9836D6ABD1706935A2277, 743BC896974BA79EDE353F0AF2272591EAAAAFB27D6F498F58AFC7A0BADD9AEA ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
    17:14:20.0988 0x08d0 STHDA - ok
    17:14:20.0988 0x08d0 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
    17:14:21.0019 0x08d0 StillCam - ok
    17:14:21.0035 0x08d0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
    17:14:21.0081 0x08d0 stisvc - ok
    17:14:21.0081 0x08d0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
    17:14:21.0113 0x08d0 swenum - ok
    17:14:21.0128 0x08d0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
    17:14:21.0191 0x08d0 swprv - ok
    17:14:21.0206 0x08d0 [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
    17:14:21.0237 0x08d0 SynTP - ok
    17:14:21.0300 0x08d0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
    17:14:21.0362 0x08d0 SysMain - ok
    17:14:21.0378 0x08d0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
    17:14:21.0409 0x08d0 TabletInputService - ok
    17:14:21.0425 0x08d0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
    17:14:21.0487 0x08d0 TapiSrv - ok
    17:14:21.0487 0x08d0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
    17:14:21.0549 0x08d0 TBS - ok
    17:14:21.0596 0x08d0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    17:14:21.0674 0x08d0 Tcpip - ok
    17:14:21.0721 0x08d0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    17:14:21.0783 0x08d0 TCPIP6 - ok
    17:14:21.0799 0x08d0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    17:14:21.0830 0x08d0 tcpipreg - ok
    17:14:21.0846 0x08d0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    17:14:21.0861 0x08d0 TDPIPE - ok
    17:14:21.0877 0x08d0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    17:14:21.0893 0x08d0 TDTCP - ok
    17:14:21.0908 0x08d0 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    17:14:21.0955 0x08d0 tdx - ok
    17:14:21.0971 0x08d0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
    17:14:21.0986 0x08d0 TermDD - ok
    17:14:22.0017 0x08d0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
    17:14:22.0064 0x08d0 TermService - ok
    17:14:22.0064 0x08d0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
    17:14:22.0111 0x08d0 Themes - ok
    17:14:22.0127 0x08d0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
    17:14:22.0173 0x08d0 THREADORDER - ok
    17:14:22.0189 0x08d0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
    17:14:22.0251 0x08d0 TrkWks - ok
    17:14:22.0267 0x08d0 [ A1965DFC0CD91E7CFC42925F8F597274, 7478D7DACD94F0C3D4F0CDAC9CD71CB03CB45C503DE6B1207A51F989844CB1F3 ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
    17:14:22.0314 0x08d0 TrueSight - ok
    17:14:22.0329 0x08d0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    17:14:22.0392 0x08d0 TrustedInstaller - ok
    17:14:22.0407 0x08d0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    17:14:22.0439 0x08d0 tssecsrv - ok
    17:14:22.0454 0x08d0 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    17:14:22.0470 0x08d0 TsUsbFlt - ok
    17:14:22.0485 0x08d0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    17:14:22.0548 0x08d0 tunnel - ok
    17:14:22.0563 0x08d0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    17:14:22.0579 0x08d0 uagp35 - ok
    17:14:22.0610 0x08d0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    17:14:22.0673 0x08d0 udfs - ok
    17:14:22.0704 0x08d0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
    17:14:22.0735 0x08d0 UI0Detect - ok
    17:14:22.0751 0x08d0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    17:14:22.0782 0x08d0 uliagpkx - ok
    17:14:22.0797 0x08d0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
    17:14:22.0813 0x08d0 umbus - ok
    17:14:22.0829 0x08d0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    17:14:22.0860 0x08d0 UmPass - ok
    17:14:22.0938 0x08d0 [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    17:14:23.0031 0x08d0 UNS - ok
    17:14:23.0063 0x08d0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
    17:14:23.0141 0x08d0 upnphost - ok
    17:14:23.0156 0x08d0 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
    17:14:23.0187 0x08d0 USBAAPL64 - ok
    17:14:23.0203 0x08d0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    17:14:23.0234 0x08d0 usbccgp - ok
    17:14:23.0250 0x08d0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
    17:14:23.0281 0x08d0 usbcir - ok
    17:14:23.0297 0x08d0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
    17:14:23.0328 0x08d0 usbehci - ok
    17:14:23.0343 0x08d0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    17:14:23.0390 0x08d0 usbhub - ok
    17:14:23.0406 0x08d0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
    17:14:23.0421 0x08d0 usbohci - ok
    17:14:23.0437 0x08d0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    17:14:23.0468 0x08d0 usbprint - ok
    17:14:23.0484 0x08d0 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    17:14:23.0499 0x08d0 usbscan - ok
    17:14:23.0515 0x08d0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    17:14:23.0546 0x08d0 USBSTOR - ok
    17:14:23.0562 0x08d0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    17:14:23.0593 0x08d0 usbuhci - ok
    17:14:23.0609 0x08d0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
    17:14:23.0640 0x08d0 usbvideo - ok
    17:14:23.0640 0x08d0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
    17:14:23.0702 0x08d0 UxSms - ok
    17:14:23.0718 0x08d0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
    17:14:23.0749 0x08d0 VaultSvc - ok
    17:14:23.0811 0x08d0 [ 8159F83408230045F731C6C7799A7D44, 0800E3E467FF1F9337BBEB6B4ECB1567EFBE31FE0C2A08E1849F26A7A063724D ] vcsFPService C:\Windows\system32\vcsFPService.exe
    17:14:23.0905 0x08d0 vcsFPService - ok
    17:14:23.0921 0x08d0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    17:14:23.0936 0x08d0 vdrvroot - ok
    17:14:23.0967 0x08d0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
    17:14:24.0030 0x08d0 vds - ok
    17:14:24.0045 0x08d0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    17:14:24.0077 0x08d0 vga - ok
    17:14:24.0092 0x08d0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
    17:14:24.0155 0x08d0 VgaSave - ok
    17:14:24.0170 0x08d0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    17:14:24.0186 0x08d0 vhdmp - ok
    17:14:24.0201 0x08d0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
    17:14:24.0233 0x08d0 viaide - ok
    17:14:24.0248 0x08d0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    17:14:24.0264 0x08d0 volmgr - ok
    17:14:24.0295 0x08d0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    17:14:24.0326 0x08d0 volmgrx - ok
    17:14:24.0342 0x08d0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
    17:14:24.0373 0x08d0 volsnap - ok
    17:14:24.0389 0x08d0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    17:14:24.0420 0x08d0 vsmraid - ok
    17:14:24.0467 0x08d0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
    17:14:24.0560 0x08d0 VSS - ok
    17:14:24.0576 0x08d0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    17:14:24.0607 0x08d0 vwifibus - ok
    17:14:24.0623 0x08d0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    17:14:24.0654 0x08d0 vwififlt - ok
    17:14:24.0669 0x08d0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    17:14:24.0685 0x08d0 vwifimp - ok
    17:14:24.0716 0x08d0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
    17:14:24.0794 0x08d0 W32Time - ok
    17:14:24.0810 0x08d0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    17:14:24.0841 0x08d0 WacomPen - ok
    17:14:24.0857 0x08d0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    17:14:24.0919 0x08d0 WANARP - ok
    17:14:24.0919 0x08d0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    17:14:24.0981 0x08d0 Wanarpv6 - ok
    17:14:25.0028 0x08d0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    17:14:25.0091 0x08d0 WatAdminSvc - ok
    17:14:25.0137 0x08d0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
    17:14:25.0215 0x08d0 wbengine - ok
    17:14:25.0231 0x08d0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    17:14:25.0278 0x08d0 WbioSrvc - ok
    17:14:25.0293 0x08d0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
    17:14:25.0340 0x08d0 wcncsvc - ok
    17:14:25.0356 0x08d0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    17:14:25.0387 0x08d0 WcsPlugInService - ok
    17:14:25.0387 0x08d0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
    17:14:25.0418 0x08d0 Wd - ok
    17:14:25.0449 0x08d0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    17:14:25.0496 0x08d0 Wdf01000 - ok
    17:14:25.0512 0x08d0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
    17:14:25.0559 0x08d0 WdiServiceHost - ok
    17:14:25.0574 0x08d0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
    17:14:25.0621 0x08d0 WdiSystemHost - ok
    17:14:25.0637 0x08d0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
    17:14:25.0668 0x08d0 WebClient - ok
    17:14:25.0683 0x08d0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
    17:14:25.0761 0x08d0 Wecsvc - ok
    17:14:25.0761 0x08d0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    17:14:25.0824 0x08d0 wercplsupport - ok
    17:14:25.0824 0x08d0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
    17:14:25.0871 0x08d0 WerSvc - ok
    17:14:25.0886 0x08d0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    17:14:25.0933 0x08d0 WfpLwf - ok
    17:14:25.0949 0x08d0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    17:14:25.0964 0x08d0 WIMMount - ok
    17:14:25.0980 0x08d0 WinDefend - ok
    17:14:25.0995 0x08d0 WinHttpAutoProxySvc - ok
    17:14:26.0011 0x08d0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    17:14:26.0073 0x08d0 Winmgmt - ok
    17:14:26.0136 0x08d0 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
    17:14:26.0229 0x08d0 WinRM - ok
    17:14:26.0261 0x08d0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
    17:14:26.0292 0x08d0 WinUSB - ok
    17:14:26.0323 0x08d0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
    17:14:26.0370 0x08d0 Wlansvc - ok
    17:14:26.0385 0x08d0 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    17:14:26.0401 0x08d0 wlcrasvc - ok
    17:14:26.0463 0x08d0 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    17:14:26.0541 0x08d0 wlidsvc - ok
    17:14:26.0573 0x08d0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    17:14:26.0588 0x08d0 WmiAcpi - ok
    17:14:26.0604 0x08d0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    17:14:26.0635 0x08d0 wmiApSrv - ok
    17:14:26.0651 0x08d0 WMPNetworkSvc - ok
    17:14:26.0666 0x08d0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
    17:14:26.0682 0x08d0 WPCSvc - ok
    17:14:26.0697 0x08d0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    17:14:26.0729 0x08d0 WPDBusEnum - ok
    17:14:26.0729 0x08d0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    17:14:26.0775 0x08d0 ws2ifsl - ok
    17:14:26.0791 0x08d0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
    17:14:26.0822 0x08d0 wscsvc - ok
    17:14:26.0822 0x08d0 WSearch - ok
    17:14:26.0900 0x08d0 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
    17:14:26.0994 0x08d0 wuauserv - ok
    17:14:27.0009 0x08d0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    17:14:27.0025 0x08d0 WudfPf - ok
    17:14:27.0041 0x08d0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    17:14:27.0072 0x08d0 WUDFRd - ok
    17:14:27.0087 0x08d0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    17:14:27.0103 0x08d0 wudfsvc - ok
    17:14:27.0119 0x08d0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
    17:14:27.0150 0x08d0 WwanSvc - ok
    17:14:27.0165 0x08d0 [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets C:\PROGRA~2\COMMON~1\X10\Common\X10nets.exe
    17:14:27.0165 0x08d0 x10nets - detected UnsignedFile.Multi.Generic ( 1 )
    17:14:29.0817 0x08d0 Detect skipped due to KSN trusted
    17:14:29.0817 0x08d0 x10nets - ok
    17:14:29.0849 0x08d0 [ A4B2A8751A8F96134BE6063B8A759116, F8E8A5554C8E4364C127CCDCF2F816C6CB34E14C677A350A3DAF6ED168F0643D ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
    17:14:29.0864 0x08d0 XUIF - ok
    17:14:29.0880 0x08d0 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
    17:14:29.0927 0x08d0 yukonw7 - ok
    17:14:29.0958 0x08d0 [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
    17:14:29.0989 0x08d0 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
    17:14:30.0005 0x08d0 ================ Scan global ===============================
    17:14:30.0005 0x08d0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
    17:14:30.0020 0x08d0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
    17:14:30.0036 0x08d0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
    17:14:30.0036 0x08d0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
    17:14:30.0051 0x08d0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
    17:14:30.0051 0x08d0 [ Global ] - ok
    17:14:30.0051 0x08d0 ================ Scan MBR ==================================
    17:14:30.0067 0x08d0 [ 85ADFBA3275944AA4268F94F133FBB06 ] \Device\Harddisk0\DR0
    17:14:30.0129 0x08d0 \Device\Harddisk0\DR0 - ok
    17:14:30.0129 0x08d0 ================ Scan VBR ==================================
    17:14:30.0129 0x08d0 [ 98843A54E398C814421D6D901C6AACB0 ] \Device\Harddisk0\DR0\Partition1
    17:14:30.0129 0x08d0 \Device\Harddisk0\DR0\Partition1 - ok
    17:14:30.0129 0x08d0 [ 66DB8CC6D58B62161DE4144C197CE3CD ] \Device\Harddisk0\DR0\Partition2
    17:14:30.0145 0x08d0 \Device\Harddisk0\DR0\Partition2 - ok
    17:14:30.0145 0x08d0 [ 5F9819A7193AF8BF07FB00EBA2D07CF6 ] \Device\Harddisk0\DR0\Partition3
    17:14:30.0145 0x08d0 \Device\Harddisk0\DR0\Partition3 - ok
    17:14:30.0145 0x08d0 ================ Scan generic autorun ======================
    17:14:30.0161 0x08d0 [ B38841D728E1A2802EE1624E15C2DE4C, 51BB4F6F816D861DC58BEE774B048AF0F09FD4E5AD341BAD7D930A2FA2EBDEE4 ] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    17:14:30.0176 0x08d0 HP Quick Launch - detected UnsignedFile.Multi.Generic ( 1 )
    17:14:32.0813 0x08d0 Detect skipped due to KSN trusted
    17:14:32.0813 0x08d0 HP Quick Launch - ok
    17:14:32.0844 0x08d0 [ 89BD2A491AFF80014199DE4159EA2409, 0C6A0A0764A8324165EE8DA94F25291FEFCCA90E0D4AB7F7B7B9551343EF2D3D ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    17:14:32.0891 0x08d0 SmartMenu - ok
    17:14:32.0906 0x08d0 [ 6198E06469703D4D225EE092C53DA779, AF49F6FB012BF0600FEDCD3AE961BD27120D21350328C7F640AACDAE0B6591F5 ] C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe
    17:14:32.0922 0x08d0 HPToneControl - ok
    17:14:32.0922 0x08d0 [ A0ABBAD8CE99CBF8467D697073B38E87, C71F58580D93F0B78BDA735DA6201A6F1BDA36CC9F72D15B4E6DD62D6C3A43D0 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
    17:14:32.0922 0x08d0 HPWirelessAssistant - detected UnsignedFile.Multi.Generic ( 1 )
    17:14:35.0511 0x08d0 Detect skipped due to KSN trusted
    17:14:35.0511 0x08d0 HPWirelessAssistant - ok
    17:14:35.0527 0x08d0 [ 1D5BADF51C73219837A82B739C95C2CC, 4FEA53A65F88D5A770C44B766086B40C5D09E0A3E3A417E4990CDC3AECD635F2 ] C:\Program Files\IDT\WDM\sttray64.exe
    17:14:35.0574 0x08d0 SysTrayApp - ok
    17:14:35.0574 0x08d0 SynTPEnh - ok
    17:14:35.0605 0x08d0 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
    17:14:35.0667 0x08d0 MSC - ok
    17:14:35.0683 0x08d0 [ 5DF7E326D8640A5803399DFE5F500F59, D32F206660A9B1DC4F7B3138E494A9D8F20F98F7F148063615595AD2CE29F9AA ] C:\Windows\system32\igfxtray.exe
    17:14:35.0699 0x08d0 IgfxTray - ok
    17:14:35.0714 0x08d0 [ DA7098874BDE1EF2659B2E5164321F61, 280B0CEFA23D3595E2345D6B9504356FEA6ECA05190C7FE7B64C052A23376B0E ] C:\Windows\system32\hkcmd.exe
    17:14:35.0745 0x08d0 HotKeysCmds - ok
    17:14:35.0761 0x08d0 [ D8EA8066BC468584A790D4F99A46C8C5, F254BCB94C45754F05DE597B4E51F85D1B70D49652DEC4F88C481A8BBD7B8578 ] C:\Windows\system32\igfxpers.exe
    17:14:35.0792 0x08d0 Persistence - ok
    17:14:35.0792 0x08d0 [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
    17:14:35.0808 0x08d0 NCPluginUpdater - ok
    17:14:35.0823 0x08d0 [ 8D8770C0FA1A0C981C19190E4F58B2E5, 865410B5CB908699F8FC24D78CE9E5F9155B91845D8EBA12262C11795A59C3EA ] C:\Program Files (x86)\Executive Software\Diskeeper\DkIcon.exe
    17:14:35.0823 0x08d0 DiskeeperSystray - detected UnsignedFile.Multi.Generic ( 1 )
    17:14:38.0382 0x08d0 Detect skipped due to KSN trusted
    17:14:38.0382 0x08d0 DiskeeperSystray - ok
    17:14:38.0429 0x08d0 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    17:14:38.0475 0x08d0 Adobe ARM - ok
    17:14:38.0475 0x08d0 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    17:14:38.0491 0x08d0 APSDaemon - ok
    17:14:38.0491 0x08d0 [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    17:14:38.0507 0x08d0 HP Software Update - ok
    17:14:38.0553 0x08d0 [ 8759845095580093F74CF788EA6D2C86, 0E1A90B0C97EFCA14030EA29558868B1EF077897E321FD077A37DB60CABEEFB7 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
    17:14:38.0616 0x08d0 HPAdvisorDock - ok
    17:14:38.0663 0x08d0 [ 8759845095580093F74CF788EA6D2C86, 0E1A90B0C97EFCA14030EA29558868B1EF077897E321FD077A37DB60CABEEFB7 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
    17:14:38.0725 0x08d0 HPADVISOR - ok
    17:14:38.0725 0x08d0 [ D0F15BE1DC05A29BEC2C7D03921A4072, 926463E6620E77E241354EA9284D7232EBC9F1F8423E1DECDC2946750EB621B6 ] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
    17:14:38.0756 0x08d0 ISUSPM - ok
    17:14:38.0772 0x08d0 [ EF781AFBC36024FDB024D67ED8EFB44A, FC91AB3C391695456B5849987E73DCF1CFBD1B31675B25E5B01D3865270A8CFB ] C:\Program Files (x86)\Backblaze\bzbui.exe
    17:14:38.0787 0x08d0 Backblaze - ok
    17:14:38.0803 0x08d0 [ EC58C1A9A3281CE0C8FCC05BDBFECB37, 3738BBC112346B32F686F1CB4B4AAD89B06AA1F8FB2D333BC2D2F554212A0A59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    17:14:38.0819 0x08d0 iCloudServices - ok
    17:14:38.0819 0x08d0 [ 2D29BAC8469818E04AA9AA1CBB5D6FED, 5239A6238A442B4799B8266F45DE2A85902D85505AAE6FA864367335813F0342 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    17:14:38.0850 0x08d0 ApplePhotoStreams - ok
    17:14:38.0865 0x08d0 [ 496EFC8A18F27B923C825F9E8D6A6D1D, FCC0B7605F1EBE10A92D603385FA006EC0937A0EB00FEF9CB20847EFE6A082A6 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
    17:14:38.0897 0x08d0 GarminExpressTrayApp - ok
    17:14:38.0959 0x08d0 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
    17:14:39.0053 0x08d0 HP Photosmart 7520 series (NET) - ok
    17:14:39.0053 0x08d0 Waiting for KSN requests completion. In queue: 17
    17:14:40.0067 0x08d0 Waiting for KSN requests completion. In queue: 17
    17:14:41.0081 0x08d0 Waiting for KSN requests completion. In queue: 17
    17:14:42.0110 0x08d0 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
    17:14:42.0110 0x08d0 Win FW state via NFP2: enabled
    17:14:44.0715 0x08d0 ============================================================
    17:14:44.0715 0x08d0 Scan finished
    17:14:44.0715 0x08d0 ============================================================
    17:14:44.0715 0x0ec0 Detected object count: 0
    17:14:44.0715 0x0ec0 Actual detected object count: 0
  5. 2014-12-05, 00:19 #45
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    I didn't do anything with Google DNS, because you didn't specifically request I do so.
    Wanted you to try it to see if it came AdChoice free.

    Good to know you don't have any rootkits



    1.Please download HitmanPro
    • For 32-bit Operating System - .
    • For 64-bit Operating System -

    2.Launch the program by double clicking on the icon.

    Note: If the program won't run please then open the program while holding down the left CTRL key until the program is loaded.

    3.Click on the next button. You must agree with the terms of EULA. (if asked)

    4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

    5.Click on the next button.

    6.The program will start to scan the computer. The scan will typically take no more than 5-10 minutes.

    7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!

    8.Click on the next button.

    9.Click on the "Save Log" button.

    10.Save that file to your desktop and post the content of that file in your next reply.

    Note: if there isn't a dropdown menu when the scan is done then please don't delete anything and close HitmanPro



    Navigate to C:\Documents and Settings\All Users\Application Data\HitmanPro\Logs (for Windows XP) or to C:\ProgramData\HitmanPro\Logs (for Windows Vista/7) open the report and copy and paste it to your next reply.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
  6. 2014-12-05, 03:13 #46
    captngaryr
    captngaryr is offline
    Member
    Join Date
    Nov 2014
    Posts
    71

    Default

    Code:
    HitmanPro 3.7.9.232
www.hitmanpro.com

   Computer name . . . . : GARY-PC
No threats found by HitmanPro.   


Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Gary-PC\Gary
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-12-04 20:53:01
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 16m 1s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 22

   Objects scanned . . . : 2,544,925
   Files scanned . . . . : 125,643
   Remnants scanned  . . : 614,560 files / 1,804,722 keys

Suspicious files ____________________________________________________________

   C:\Users\Gary\Documents\Desktop\FRST64.exe
      Size . . . . . . . : 2,117,120 bytes
      Age  . . . . . . . : 1.4 days (2014-12-03 10:45:14)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : E1ED88101A9684F15DC44DF32A3E6122EA5CF137F6938EE7E5824EF14DB3135C
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      References
         HKU\S-1-5-21-4182513893-1721642328-4106206644-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Gary\Documents\Desktop\FRST64.exe
      Forensic Cluster
          0.0s C:\Users\Gary\Documents\Desktop\FRST64.exe
          3.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{665B722D-92F9-4A19-8EA7-4D667D627141}


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026} (Iminent)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} (Iminent)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (Iminent)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026} (Iminent)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} (Iminent)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (Iminent)

Cookies _____________________________________________________________________

   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.auditude.com
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
  7. 2014-12-05, 15:54 #47
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    click the Start button, then click on the Control Panel menu option Uninstall a program option
    scroll through the list of currently installed programs and uninstall Iminent Toolbar, Iminent ---> IF found
    I think what we're seeing are remnants but we're going to take them out.

    Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

    start
    CloseProcesses:
    Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}" /f
    Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}" /f
    Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}" /f
    Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}" /f
    Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}" /f
    Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}" /f
    EmptyTemp:
    Hosts:
    End
    Open FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    ~~~~~~~~~~~~~~~

    We need to remove those bad cookies

    Click the Chrome menu
    Select Settings.
    Click Show advanced settings.
    In the "Privacy" section, click the Content settings button.
    In the "Cookies" section, you can change the following cookies settings:
    Click All cookies and site data to open the Cookies and site data dialog.

    To delete all cookies, click Remove all at the bottom of the dialog.

    Delete all your data

    Click the Chrome menu on the browser toolbar.
    Select Tools.
    Select Clear browsing data.
    In the dialog that appears, select the checkboxes for the types of information that you want to remove.
    Use the menu at the top to select the amount of data that you want to delete. Select beginning of time to delete everything.
    Click Clear browsing data.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~``
    We need to power cycle your router and Reset it back to default.

    STEP 1
    Router Power Cycle
    • Switch your computer off.
    • Turn your router/modem off.
    • Unplug your router/modem and all cables from the wall.
    • Wait 60 seconds.
    • Plug your router/modem back in and turn on.
    • Switch your computer on.
    • Check for issues.

    ------------------------------------

    STEP 1
    Router Reset

    Please read: Malware Silently Alters Wireless Router Settings
    Consult Router Passwords to find out what default username and password for your brand of router and make a note of that for future reference. Alternatively, your may find the username/password written on the base of your router. If neither options are applicable, please contact the manufacturer of your router.

    Reset Router to Factory Default Settings:
    • Typically a reset can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router
    • Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 30 seconds)
    • In order to get to the router's server, type http:\\192.168.1.1 in the address bar and click Enter. You should see the log in window.
    • Fill in the password you have already found and you will get the configuration page.
    • Configure the router to allow you to connect to your ISP server. In some routers it is done by a setup wizard.
    • If you do not have a setup wizard you have to fill in the log in password your ISP has initially given to you. You can also call your ISP if you don't have your initial password.
    • Don't forget to change the routers default password and set a stronger, more complex password. Note down the password and keep it somewhere for future reference.

    Please make sure of the following settings on your computer:
    • Click Start, Control panel, then double-click Network and Sharing Center.
    • In the left window select Manage Network Connection.
    • In the right window right-click Local Area Connection and select Properties .
    • Internet Protocol Version 6 (IP6v) should be checked. Double-click on it. Make sure of the following settings:
    • The option Obtain an IP address automatically should be checked.
    • The option Obtain DNS server address automatically should be checked.
    • Click OK.
    • Internet Protocol Version 4 (IP4v) should be checked. Double-click on it.
    • The option Obtain an IP address automatically should be checked.
    • The option Obtain DNS server address automatically should be checked.
    • Click OK twice.[/*]
    • If you need to change any of these settings you will need to reboot your computer.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
  8. 2014-12-05, 16:34 #48
    captngaryr
    captngaryr is offline
    Member
    Join Date
    Nov 2014
    Posts
    71

    Default

    Hi Juliet,
    I am out of town for the day. I will get back to you late tonight.
    Best regards,
    Gary
  9. 2014-12-05, 16:47 #49
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Travel safely
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
  10. 2014-12-06, 12:34 #50
    captngaryr
    captngaryr is offline
    Member
    Join Date
    Nov 2014
    Posts
    71

    Default

    Hi Juliet,
    I completed all steps in post #47. Problem still exists. See Fixlog.txt below:

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014
    Ran by Gary at 2014-12-05 10:31:07 Run:2
    Running from C:\Users\Gary\Documents\Desktop
    Loaded Profile: Gary (Available profiles: Gary)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    start
    CloseProcesses:
    Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}" /f
    Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}" /f
    Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}" /f
    Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}" /f
    Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}" /f
    Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}" /f
    EmptyTemp:
    Hosts:
    End
    *****************

    Processes closed successfully.

    ========= reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}" /f =========

    ERROR: The system was unable to find the specified registry key or value.


    ========= End of Reg: =========


    ========= reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}" /f =========

    ERROR: The system was unable to find the specified registry key or value.


    ========= End of Reg: =========


    ========= reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}" /f =========

    ERROR: The system was unable to find the specified registry key or value.


    ========= End of Reg: =========


    ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}" /f =========

    ERROR: The system was unable to find the specified registry key or value.


    ========= End of Reg: =========


    ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}" /f =========

    ERROR: The system was unable to find the specified registry key or value.


    ========= End of Reg: =========


    ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}" /f =========

    ERROR: The system was unable to find the specified registry key or value.


    ========= End of Reg: =========

    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 440.2 MB temporary data.


    The system needed a reboot.

    ==== End of Fixlog ====
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules