Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Adware.DealPly - Ads by Browser Shop - alerts "from" Norton, J

Adware.DealPly Browser Shop

  • This topic is locked This topic is locked

#16
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

# AdwCleaner v4.109 - Report created 27/01/2015 at 19:26:56
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : modar_000 - NEPTUNE
# Running from : C:\Users\modar_000\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\modar_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
Folder Found : C:\ProgramData\6420060629236911117
Folder Found : C:\ProgramData\glfcfacamfioohghjbmefdhmakmlicea

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.tb.ask.com
Key Found : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{20c738c9-346f-4938-8a71-ecbbca145469}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6cdab83a-974d-4b52-a1ad-098ae83bb44c}
Key Found : HKLM\SOFTWARE\Classes\P20c738c9_346f_4938_8a71_ecbbca145469_.P20c738c9_346f_4938_8a71_ecbbca145469_
Key Found : HKLM\SOFTWARE\Classes\P20c738c9_346f_4938_8a71_ecbbca145469_.P20c738c9_346f_4938_8a71_ecbbca145469_.9
Key Found : HKLM\SOFTWARE\Classes\P6cdab83a_974d_4b52_a1ad_098ae83bb44c_.P6cdab83a_974d_4b52_a1ad_098ae83bb44c_
Key Found : HKLM\SOFTWARE\Classes\P6cdab83a_974d_4b52_a1ad_098ae83bb44c_.P6cdab83a_974d_4b52_a1ad_098ae83bb44c_.9
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82024F98-F9FB-47F4-860F-887E41883C9D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E70EAE41-BB5A-440E-BF6E-BE2A280FD49C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{20c738c9-346f-4938-8a71-ecbbca145469}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6cdab83a-974d-4b52-a1ad-098ae83bb44c}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{20c738c9-346f-4938-8a71-ecbbca145469}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6cdab83a-974d-4b52-a1ad-098ae83bb44c}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v39.0.2171.99

[C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^9N^xdm002^YYA^us&si=CJGW19rB470CFcyTfgodLCsAEg&ptb=5855B344-DBBF-4184-8930-B11DE4C59B8B&ind=2014041518&n=780bd5ae&psa=&st=sb&searchfor={searchTerms}
[C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=714&r=2015/01/19&hid=16000770465720348356&lg=EN&cc=US&unqvl=74
[C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : glfcfacamfioohghjbmefdhmakmlicea
[C:\Users\modar_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\modar_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\modar_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^9N^xdm002^YYA^us&si=CJGW19rB470CFcyTfgodLCsAEg&ptb=5855B344-DBBF-4184-8930-B11DE4C59B8B&ind=2014041611&n=780bd60b&psa=&st=sb&searchfor={searchTerms}

*************************

AdwCleaner[R0].txt - [3963 octets] - [27/01/2015 19:26:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4023 octets] ##########


  • 0

Advertisements


#17
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

My computer has been somewhat slow. And, of course, my browsing experiences have been less than optimal! I have to watch myself so I don't accidentally click on one of the Browser Shop windows.

 

Right now, since the reboot after the AdwCleaner run, every time I open Chrome I get into the "can't go anywhere, must download this 'fix' for Java" mode, so I am actually using IE to post the logs above and this reply. I almost never use IE. (Something carried over from my job where my technical colleagues had advised in favor of Chrome over IE.)

 

Also, Java.exe has downloaded a couple of times without my asking for or permitting it. So I just removed it before the latest cleaning steps. I will turn on Malwarebytes and Windows Defender now, per my understanding of your instructions.


Edited by ArielAZ, 27 January 2015 - 08:52 PM.

  • 0

#18
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

My computer has been somewhat slow. And, of course, my browsing experiences have been less than optimal! I have to watch myself so I don't accidentally click on one of the Browser Shop windows.



Right now, since the reboot after the AdwCleaner run, every time I open Chrome I get into the "can't go anywhere, must download this 'fix' for Java" mode, so I am actually using IE to post the logs above and this reply. I almost never use IE. (Something carried over from my job where my technical colleagues had advised in favor of Chrome over IE.)


Hello :)

No worries about that Chrome browser, we're going to remove and replace it when the cleaning is finished. Let's continue.

We're going to run AdwCleaner again check your machine for any potential rootkits as well.



Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Re-run AdwCleaner

Please re-run AdwCleaner again, and when it finishes, this time press Clean to remove the items it found. When it's done, please post the log. :thumbsup:


Step 2: Scan with TDSSKiller

Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

AdwCleaner Log

TDSSKiller Log

  • 0

#19
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

R0 log from AdwCleaner first run:

 

# AdwCleaner v4.109 - Report created 27/01/2015 at 19:26:56
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : modar_000 - NEPTUNE
# Running from : C:\Users\modar_000\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\modar_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
Folder Found : C:\ProgramData\6420060629236911117
Folder Found : C:\ProgramData\glfcfacamfioohghjbmefdhmakmlicea
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.tb.ask.com
Key Found : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{20c738c9-346f-4938-8a71-ecbbca145469}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6cdab83a-974d-4b52-a1ad-098ae83bb44c}
Key Found : HKLM\SOFTWARE\Classes\P20c738c9_346f_4938_8a71_ecbbca145469_.P20c738c9_346f_4938_8a71_ecbbca145469_
Key Found : HKLM\SOFTWARE\Classes\P20c738c9_346f_4938_8a71_ecbbca145469_.P20c738c9_346f_4938_8a71_ecbbca145469_.9
Key Found : HKLM\SOFTWARE\Classes\P6cdab83a_974d_4b52_a1ad_098ae83bb44c_.P6cdab83a_974d_4b52_a1ad_098ae83bb44c_
Key Found : HKLM\SOFTWARE\Classes\P6cdab83a_974d_4b52_a1ad_098ae83bb44c_.P6cdab83a_974d_4b52_a1ad_098ae83bb44c_.9
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82024F98-F9FB-47F4-860F-887E41883C9D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E70EAE41-BB5A-440E-BF6E-BE2A280FD49C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{20c738c9-346f-4938-8a71-ecbbca145469}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6cdab83a-974d-4b52-a1ad-098ae83bb44c}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{20c738c9-346f-4938-8a71-ecbbca145469}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6cdab83a-974d-4b52-a1ad-098ae83bb44c}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v39.0.2171.99
 
[C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^9N^xdm002^YYA^us&si=CJGW19rB470CFcyTfgodLCsAEg&ptb=5855B344-DBBF-4184-8930-B11DE4C59B8B&ind=2014041518&n=780bd5ae&psa=&st=sb&searchfor={searchTerms}
[C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=714&r=2015/01/19&hid=16000770465720348356&lg=EN&cc=US&unqvl=74
[C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : glfcfacamfioohghjbmefdhmakmlicea
[C:\Users\modar_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\modar_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\modar_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^9N^xdm002^YYA^us&si=CJGW19rB470CFcyTfgodLCsAEg&ptb=5855B344-DBBF-4184-8930-B11DE4C59B8B&ind=2014041611&n=780bd60b&psa=&st=sb&searchfor={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [3963 octets] - [27/01/2015 19:26:56]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4023 octets] ##########

  • 0

#20
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

S1 log from AdwCleaner 2nd run:

 

# AdwCleaner v4.109 - Report created 27/01/2015 at 19:59:20
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : modar_000 - NEPTUNE
# Running from : C:\Users\modar_000\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v39.0.2171.99
 
 
*************************
 
AdwCleaner[R0].txt - [4111 octets] - [27/01/2015 19:26:56]
AdwCleaner[R1].txt - [846 octets] - [27/01/2015 19:58:20]
AdwCleaner[S0].txt - [4226 octets] - [27/01/2015 19:28:28]
AdwCleaner[S1].txt - [768 octets] - [27/01/2015 19:59:20]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [827 octets] ##########

  • 0

#21
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

R1 log from AdwCleaner 2nd run:

 

# AdwCleaner v4.109 - Report created 27/01/2015 at 19:58:20
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : modar_000 - NEPTUNE
# Running from : C:\Users\modar_000\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v39.0.2171.99
 
 
*************************
 
AdwCleaner[R0].txt - [4111 octets] - [27/01/2015 19:26:56]
AdwCleaner[R1].txt - [648 octets] - [27/01/2015 19:58:20]
AdwCleaner[S0].txt - [4226 octets] - [27/01/2015 19:28:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [767 octets] ##########

  • 0

#22
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

No rootkit problems were found by TDSSKiller. I don't see the subdirectory you mentioned on my Win8.1 PC, but this is the TDSSKiller log from my C: directory --

 

20:08:03.0968 0x13b8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:08:03.0968 0x13b8  UEFI system
20:08:11.0189 0x13b8  ============================================================
20:08:11.0189 0x13b8  Current date / time: 2015/01/27 20:08:11.0189
20:08:11.0189 0x13b8  SystemInfo:
20:08:11.0189 0x13b8  
20:08:11.0189 0x13b8  OS Version: 6.3.9600 ServicePack: 0.0
20:08:11.0189 0x13b8  Product type: Workstation
20:08:11.0189 0x13b8  ComputerName: NEPTUNE
20:08:11.0189 0x13b8  UserName: modar_000
20:08:11.0189 0x13b8  Windows directory: C:\WINDOWS
20:08:11.0189 0x13b8  System windows directory: C:\WINDOWS
20:08:11.0189 0x13b8  Running under WOW64
20:08:11.0189 0x13b8  Processor architecture: Intel x64
20:08:11.0189 0x13b8  Number of processors: 8
20:08:11.0189 0x13b8  Page size: 0x1000
20:08:11.0189 0x13b8  Boot type: Normal boot
20:08:11.0189 0x13b8  ============================================================
20:08:11.0658 0x13b8  KLMD registered as C:\WINDOWS\system32\drivers\95711221.sys
20:08:11.0720 0x13b8  System UUID: {FEBD9968-C3E3-F847-7DD2-99D93DC66F9A}
20:08:11.0955 0x13b8  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C0EE0E00 ( 1863.01 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:08:11.0955 0x13b8  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C0F00000 ( 1863.01 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:08:11.0971 0x13b8  ============================================================
20:08:11.0971 0x13b8  \Device\Harddisk0\DR0:
20:08:11.0971 0x13b8  GPT partitions:
20:08:11.0971 0x13b8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E2E15959-3F16-426A-A294-4722B8252580}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFB800
20:08:11.0971 0x13b8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {496CFB5F-3737-4CB0-83C1-73D40696C523}, Name: Basic data partition, StartLBA 0xFC000, BlocksNum 0x14000
20:08:11.0971 0x13b8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FB6972C6-9687-4EA3-8187-C279D0DA6E4B}, Name: Microsoft reserved partition, StartLBA 0x110000, BlocksNum 0x40000
20:08:11.0971 0x13b8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2D582479-D401-4BFB-A34A-E210AC0AF4C5}, Name: Microsoft recovery partition, StartLBA 0x150000, BlocksNum 0xFA000
20:08:11.0971 0x13b8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A17F5183-629B-466A-AE74-83D63CF79826}, Name: Basic data partition, StartLBA 0x24A000, BlocksNum 0xE7924000
20:08:11.0971 0x13b8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F60C51D5-2336-4BC7-97D6-6EE751FA22CE}, Name: , StartLBA 0xE7B6E000, BlocksNum 0xE1000
20:08:11.0971 0x13b8  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4B5A022D-E446-4976-90D1-39CA15CA1D95}, Name: Microsoft recovery partition, StartLBA 0xE7C4F000, BlocksNum 0x11B7F07
20:08:11.0971 0x13b8  MBR partitions:
20:08:11.0971 0x13b8  \Device\Harddisk1\DR1:
20:08:11.0971 0x13b8  MBR partitions:
20:08:11.0971 0x13b8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
20:08:11.0971 0x13b8  ============================================================
20:08:11.0971 0x13b8  C: <-> \Device\Harddisk0\DR0\Partition5
20:08:12.0377 0x13b8  I: <-> \Device\Harddisk1\DR1\Partition1
20:08:12.0377 0x13b8  ============================================================
20:08:12.0377 0x13b8  Initialize success
20:08:12.0377 0x13b8  ============================================================
20:09:11.0409 0x11e8  ============================================================
20:09:11.0409 0x11e8  Scan started
20:09:11.0409 0x11e8  Mode: Manual; SigCheck; TDLFS; 
20:09:11.0409 0x11e8  ============================================================
20:09:11.0409 0x11e8  KSN ping started
20:09:13.0894 0x11e8  KSN ping finished: true
20:09:14.0753 0x11e8  ================ Scan system memory ========================
20:09:14.0753 0x11e8  System memory - ok
20:09:14.0769 0x11e8  ================ Scan services =============================
20:09:14.0833 0x11e8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
20:09:14.0879 0x11e8  1394ohci - ok
20:09:14.0895 0x11e8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
20:09:14.0896 0x11e8  3ware - ok
20:09:14.0912 0x11e8  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
20:09:14.0927 0x11e8  ACPI - ok
20:09:14.0927 0x11e8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
20:09:14.0943 0x11e8  acpiex - ok
20:09:14.0943 0x11e8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
20:09:14.0943 0x11e8  acpipagr - ok
20:09:14.0974 0x11e8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:09:15.0006 0x11e8  AcpiPmi - ok
20:09:15.0006 0x11e8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
20:09:15.0021 0x11e8  acpitime - ok
20:09:15.0037 0x11e8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:09:15.0052 0x11e8  ADP80XX - ok
20:09:15.0052 0x11e8  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
20:09:15.0068 0x11e8  AeLookupSvc - ok
20:09:15.0068 0x11e8  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:09:15.0084 0x11e8  AERTFilters - ok
20:09:15.0099 0x11e8  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
20:09:15.0115 0x11e8  AFD - ok
20:09:15.0115 0x11e8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
20:09:15.0115 0x11e8  agp440 - ok
20:09:15.0131 0x11e8  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:09:15.0131 0x11e8  ahcache - ok
20:09:15.0146 0x11e8  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
20:09:15.0146 0x11e8  ALG - ok
20:09:15.0162 0x11e8  [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
20:09:15.0193 0x11e8  AMD External Events Utility - ok
20:09:15.0193 0x11e8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
20:09:15.0224 0x11e8  AmdK8 - ok
20:09:15.0459 0x11e8  [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
20:09:15.0740 0x11e8  amdkmdag - ok
20:09:15.0756 0x11e8  [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
20:09:15.0771 0x11e8  amdkmdap - ok
20:09:15.0787 0x11e8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
20:09:15.0787 0x11e8  AmdPPM - ok
20:09:15.0787 0x11e8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
20:09:15.0802 0x11e8  amdsata - ok
20:09:15.0802 0x11e8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
20:09:15.0818 0x11e8  amdsbs - ok
20:09:15.0818 0x11e8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
20:09:15.0818 0x11e8  amdxata - ok
20:09:15.0834 0x11e8  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
20:09:15.0834 0x11e8  AppID - ok
20:09:15.0834 0x11e8  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
20:09:15.0849 0x11e8  AppIDSvc - ok
20:09:15.0849 0x11e8  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
20:09:15.0865 0x11e8  Appinfo - ok
20:09:15.0865 0x11e8  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:09:15.0865 0x11e8  Apple Mobile Device - ok
20:09:15.0881 0x11e8  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
20:09:15.0927 0x11e8  AppReadiness - ok
20:09:15.0943 0x11e8  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
20:09:15.0974 0x11e8  AppXSvc - ok
20:09:15.0974 0x11e8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
20:09:15.0990 0x11e8  arcsas - ok
20:09:15.0990 0x11e8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
20:09:15.0990 0x11e8  atapi - ok
20:09:15.0990 0x11e8  [ 2FDA876CBC0D120630CD7CA9A4206B61, B72801439C936896477AD4B4B6A38E0FF3D05A4BF2AB250B9A90DCE141033952 ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
20:09:16.0006 0x11e8  AthBTPort - ok
20:09:16.0006 0x11e8  [ AAFE7F86188ADA29CD475FEF5FCF7586, B5E57BC87A11C359AF4510BB0993F1CBC279C78D2CC096ED59A8160E4CB3D4BB ] AtherosSvc      C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
20:09:16.0021 0x11e8  AtherosSvc - ok
20:09:16.0021 0x11e8  athr - ok
20:09:16.0021 0x11e8  AtiHDAudioService - ok
20:09:16.0021 0x11e8  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:09:16.0037 0x11e8  AudioEndpointBuilder - ok
20:09:16.0052 0x11e8  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
20:09:16.0068 0x11e8  Audiosrv - ok
20:09:16.0084 0x11e8  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
20:09:16.0084 0x11e8  AxInstSV - ok
20:09:16.0099 0x11e8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
20:09:16.0115 0x11e8  b06bdrv - ok
20:09:16.0115 0x11e8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:09:16.0115 0x11e8  BasicDisplay - ok
20:09:16.0131 0x11e8  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
20:09:16.0131 0x11e8  BasicRender - ok
20:09:16.0131 0x11e8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:09:16.0146 0x11e8  bcmfn2 - ok
20:09:16.0146 0x11e8  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
20:09:16.0162 0x11e8  BDESVC - ok
20:09:16.0162 0x11e8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:09:16.0178 0x11e8  Beep - ok
20:09:16.0193 0x11e8  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
20:09:16.0209 0x11e8  BFE - ok
20:09:16.0224 0x11e8  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
20:09:16.0256 0x11e8  BITS - ok
20:09:16.0271 0x11e8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:09:16.0271 0x11e8  Bonjour Service - ok
20:09:16.0271 0x11e8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
20:09:16.0287 0x11e8  bowser - ok
20:09:16.0287 0x11e8  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:09:16.0303 0x11e8  BrokerInfrastructure - ok
20:09:16.0303 0x11e8  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
20:09:16.0318 0x11e8  Browser - ok
20:09:16.0334 0x11e8  [ 942F3F6286056D6BBB5B02ED2B7088BD, 9F187C480BD40815ECFFC208BD1B00ACDFAD16899B4C8BE79C803FE48E322EA0 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
20:09:16.0334 0x11e8  BTATH_A2DP - ok
20:09:16.0334 0x11e8  [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
20:09:16.0349 0x11e8  btath_avdt - ok
20:09:16.0349 0x11e8  [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
20:09:16.0349 0x11e8  BTATH_BUS - ok
20:09:16.0349 0x11e8  [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
20:09:16.0365 0x11e8  BTATH_HCRP - ok
20:09:16.0365 0x11e8  [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
20:09:16.0365 0x11e8  BTATH_LWFLT - ok
20:09:16.0381 0x11e8  [ EC7BB341229E9E6B04349580F55218B2, 4227CE6787DD1432EB054B1EE85C399188A61B23E2E8B0B615DA101C4AABD6C0 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
20:09:16.0381 0x11e8  BTATH_RCP - ok
20:09:16.0396 0x11e8  [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
20:09:16.0412 0x11e8  BtFilter - ok
20:09:16.0412 0x11e8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:09:16.0428 0x11e8  BthAvrcpTg - ok
20:09:16.0428 0x11e8  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
20:09:16.0443 0x11e8  BthEnum - ok
20:09:16.0459 0x11e8  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:09:16.0459 0x11e8  BthHFEnum - ok
20:09:16.0459 0x11e8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
20:09:16.0474 0x11e8  bthhfhid - ok
20:09:16.0474 0x11e8  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
20:09:16.0490 0x11e8  BthLEEnum - ok
20:09:16.0490 0x11e8  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:09:16.0490 0x11e8  BTHMODEM - ok
20:09:16.0506 0x11e8  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
20:09:16.0521 0x11e8  BthPan - ok
20:09:16.0553 0x11e8  [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
20:09:16.0568 0x11e8  BTHPORT - ok
20:09:16.0584 0x11e8  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:09:16.0584 0x11e8  bthserv - ok
20:09:16.0584 0x11e8  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
20:09:16.0599 0x11e8  BTHUSB - ok
20:09:16.0599 0x11e8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:09:16.0615 0x11e8  cdfs - ok
20:09:16.0615 0x11e8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
20:09:16.0631 0x11e8  cdrom - ok
20:09:16.0631 0x11e8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
20:09:16.0647 0x11e8  CertPropSvc - ok
20:09:16.0647 0x11e8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:09:16.0647 0x11e8  circlass - ok
20:09:16.0663 0x11e8  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
20:09:16.0678 0x11e8  CLFS - ok
20:09:16.0725 0x11e8  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
20:09:16.0756 0x11e8  ClickToRunSvc - ok
20:09:16.0772 0x11e8  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
20:09:16.0772 0x11e8  CLVirtualDrive - ok
20:09:16.0772 0x11e8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
20:09:16.0788 0x11e8  CmBatt - ok
20:09:16.0803 0x11e8  [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
20:09:16.0819 0x11e8  CNG - ok
20:09:16.0819 0x11e8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
20:09:16.0819 0x11e8  CompositeBus - ok
20:09:16.0819 0x11e8  COMSysApp - ok
20:09:16.0835 0x11e8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
20:09:16.0835 0x11e8  condrv - ok
20:09:16.0835 0x11e8  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
20:09:16.0850 0x11e8  CryptSvc - ok
20:09:16.0850 0x11e8  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
20:09:16.0866 0x11e8  dam - ok
20:09:16.0881 0x11e8  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:09:16.0897 0x11e8  DcomLaunch - ok
20:09:16.0913 0x11e8  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
20:09:16.0928 0x11e8  defragsvc - ok
20:09:16.0928 0x11e8  [ EDC701B55802DE6B5A27546991D6900D, 65D0A86B210C401EF01EE032F80B0EB04E036146DC1902EA52462A12ED89E3FE ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
20:09:16.0944 0x11e8  DellDigitalDelivery - ok
20:09:16.0944 0x11e8  [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn        C:\WINDOWS\System32\drivers\DellRbtn.sys
20:09:16.0975 0x11e8  DellRbtn - ok
20:09:16.0975 0x11e8  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:09:16.0991 0x11e8  DeviceAssociationService - ok
20:09:16.0991 0x11e8  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
20:09:17.0006 0x11e8  DeviceInstall - ok
20:09:17.0006 0x11e8  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
20:09:17.0053 0x11e8  Dfsc - ok
20:09:17.0053 0x11e8  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
20:09:17.0069 0x11e8  Dhcp - ok
20:09:17.0085 0x11e8  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
20:09:17.0085 0x11e8  disk - ok
20:09:17.0085 0x11e8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
20:09:17.0100 0x11e8  dmvsc - ok
20:09:17.0100 0x11e8  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:09:17.0116 0x11e8  Dnscache - ok
20:09:17.0116 0x11e8  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:09:17.0131 0x11e8  dot3svc - ok
20:09:17.0131 0x11e8  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
20:09:17.0147 0x11e8  DPS - ok
20:09:17.0163 0x11e8  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:09:17.0163 0x11e8  drmkaud - ok
20:09:17.0163 0x11e8  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
20:09:17.0178 0x11e8  DsmSvc - ok
20:09:17.0210 0x11e8  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:09:17.0241 0x11e8  DXGKrnl - ok
20:09:17.0241 0x11e8  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
20:09:17.0256 0x11e8  Eaphost - ok
20:09:17.0335 0x11e8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
20:09:17.0397 0x11e8  ebdrv - ok
20:09:17.0397 0x11e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
20:09:17.0397 0x11e8  EFS - ok
20:09:17.0413 0x11e8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
20:09:17.0413 0x11e8  EhStorClass - ok
20:09:17.0413 0x11e8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:09:17.0428 0x11e8  EhStorTcgDrv - ok
20:09:17.0428 0x11e8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
20:09:17.0428 0x11e8  ErrDev - ok
20:09:17.0444 0x11e8  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
20:09:17.0460 0x11e8  EventSystem - ok
20:09:17.0475 0x11e8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
20:09:17.0475 0x11e8  exfat - ok
20:09:17.0491 0x11e8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
20:09:17.0491 0x11e8  fastfat - ok
20:09:17.0506 0x11e8  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:09:17.0522 0x11e8  Fax - ok
20:09:17.0538 0x11e8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
20:09:17.0538 0x11e8  fdc - ok
20:09:17.0538 0x11e8  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:09:17.0553 0x11e8  fdPHost - ok
20:09:17.0553 0x11e8  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:09:17.0553 0x11e8  FDResPub - ok
20:09:17.0569 0x11e8  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
20:09:17.0569 0x11e8  fhsvc - ok
20:09:17.0585 0x11e8  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
20:09:17.0585 0x11e8  FileInfo - ok
20:09:17.0585 0x11e8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
20:09:17.0601 0x11e8  Filetrace - ok
20:09:17.0601 0x11e8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
20:09:17.0601 0x11e8  flpydisk - ok
20:09:17.0616 0x11e8  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:09:17.0632 0x11e8  FltMgr - ok
20:09:17.0647 0x11e8  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
20:09:17.0679 0x11e8  FontCache - ok
20:09:17.0679 0x11e8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:09:17.0694 0x11e8  FontCache3.0.0.0 - ok
20:09:17.0694 0x11e8  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
20:09:17.0694 0x11e8  FsDepends - ok
20:09:17.0694 0x11e8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:09:17.0710 0x11e8  Fs_Rec - ok
20:09:17.0726 0x11e8  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:09:17.0741 0x11e8  fvevol - ok
20:09:17.0741 0x11e8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
20:09:17.0741 0x11e8  FxPPM - ok
20:09:17.0741 0x11e8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
20:09:17.0757 0x11e8  gagp30kx - ok
20:09:17.0757 0x11e8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:09:17.0757 0x11e8  GEARAspiWDM - ok
20:09:17.0757 0x11e8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:09:17.0773 0x11e8  gencounter - ok
20:09:17.0777 0x11e8  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:09:17.0777 0x11e8  GPIOClx0101 - ok
20:09:17.0808 0x11e8  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
20:09:17.0855 0x11e8  gpsvc - ok
20:09:17.0855 0x11e8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:09:17.0855 0x11e8  gupdate - ok
20:09:17.0855 0x11e8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:09:17.0871 0x11e8  gupdatem - ok
20:09:17.0871 0x11e8  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
20:09:17.0871 0x11e8  HDAudBus - ok
20:09:17.0887 0x11e8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
20:09:17.0887 0x11e8  HidBatt - ok
20:09:17.0887 0x11e8  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
20:09:17.0902 0x11e8  HidBth - ok
20:09:17.0902 0x11e8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
20:09:17.0902 0x11e8  hidi2c - ok
20:09:17.0918 0x11e8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:09:17.0918 0x11e8  HidIr - ok
20:09:17.0918 0x11e8  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
20:09:17.0933 0x11e8  hidserv - ok
20:09:17.0933 0x11e8  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
20:09:17.0933 0x11e8  HidUsb - ok
20:09:17.0949 0x11e8  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
20:09:17.0965 0x11e8  hkmsvc - ok
20:09:17.0966 0x11e8  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:09:17.0982 0x11e8  HomeGroupListener - ok
20:09:17.0982 0x11e8  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:09:17.0998 0x11e8  HomeGroupProvider - ok
20:09:17.0998 0x11e8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
20:09:18.0013 0x11e8  HpSAMD - ok
20:09:18.0029 0x11e8  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
20:09:18.0044 0x11e8  HTTP - ok
20:09:18.0060 0x11e8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
20:09:18.0060 0x11e8  hwpolicy - ok
20:09:18.0060 0x11e8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
20:09:18.0076 0x11e8  hyperkbd - ok
20:09:18.0076 0x11e8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:09:18.0076 0x11e8  HyperVideo - ok
20:09:18.0076 0x11e8  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
20:09:18.0091 0x11e8  i8042prt - ok
20:09:18.0091 0x11e8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:09:18.0091 0x11e8  iaLPSSi_GPIO - ok
20:09:18.0107 0x11e8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:09:18.0107 0x11e8  iaLPSSi_I2C - ok
20:09:18.0123 0x11e8  [ 459016E8A4FA6426EDB5A9456A6E5E58, 92B73EE5559ABD8783EC5AF8A2B6EBDE0D937745B4BEDBEA6DF06DD8606AE56C ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
20:09:18.0138 0x11e8  iaStorA - ok
20:09:18.0154 0x11e8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
20:09:18.0169 0x11e8  iaStorAV - ok
20:09:18.0169 0x11e8  [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:09:18.0169 0x11e8  IAStorDataMgrSvc - ok
20:09:18.0185 0x11e8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
20:09:18.0201 0x11e8  iaStorV - ok
20:09:18.0201 0x11e8  IEEtwCollectorService - ok
20:09:18.0216 0x11e8  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
20:09:18.0248 0x11e8  IKEEXT - ok
20:09:18.0341 0x11e8  [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:09:18.0404 0x11e8  IntcAzAudAddService - ok
20:09:18.0419 0x11e8  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
20:09:18.0419 0x11e8  IntcDAud - ok
20:09:18.0435 0x11e8  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
20:09:18.0451 0x11e8  Intel® Capability Licensing Service Interface - ok
20:09:18.0451 0x11e8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
20:09:18.0466 0x11e8  intelide - ok
20:09:18.0466 0x11e8  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
20:09:18.0466 0x11e8  intelpep - ok
20:09:18.0482 0x11e8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
20:09:18.0482 0x11e8  intelppm - ok
20:09:18.0482 0x11e8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:09:18.0498 0x11e8  IpFilterDriver - ok
20:09:18.0513 0x11e8  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
20:09:18.0529 0x11e8  iphlpsvc - ok
20:09:18.0544 0x11e8  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:09:18.0544 0x11e8  IPMIDRV - ok
20:09:18.0560 0x11e8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:09:18.0560 0x11e8  IPNAT - ok
20:09:18.0576 0x11e8  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:09:18.0591 0x11e8  iPod Service - ok
20:09:18.0591 0x11e8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
20:09:18.0591 0x11e8  IRENUM - ok
20:09:18.0607 0x11e8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
20:09:18.0607 0x11e8  isapnp - ok
20:09:18.0623 0x11e8  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
20:09:18.0623 0x11e8  iScsiPrt - ok
20:09:18.0638 0x11e8  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:09:18.0638 0x11e8  jhi_service - ok
20:09:18.0638 0x11e8  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
20:09:18.0654 0x11e8  kbdclass - ok
20:09:18.0654 0x11e8  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
20:09:18.0654 0x11e8  kbdhid - ok
20:09:18.0654 0x11e8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:09:18.0669 0x11e8  kdnic - ok
20:09:18.0669 0x11e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
20:09:18.0685 0x11e8  KeyIso - ok
20:09:18.0685 0x11e8  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
20:09:18.0685 0x11e8  KSecDD - ok
20:09:18.0701 0x11e8  [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:09:18.0701 0x11e8  KSecPkg - ok
20:09:18.0701 0x11e8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
20:09:18.0716 0x11e8  ksthunk - ok
20:09:18.0716 0x11e8  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:09:18.0732 0x11e8  KtmRm - ok
20:09:18.0732 0x11e8  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
20:09:18.0748 0x11e8  LanmanServer - ok
20:09:18.0763 0x11e8  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:09:18.0763 0x11e8  LanmanWorkstation - ok
20:09:18.0785 0x11e8  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
20:09:18.0799 0x11e8  lfsvc - ok
20:09:18.0799 0x11e8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:09:18.0814 0x11e8  lltdio - ok
20:09:18.0814 0x11e8  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
20:09:18.0830 0x11e8  lltdsvc - ok
20:09:18.0830 0x11e8  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
20:09:18.0861 0x11e8  lmhosts - ok
20:09:18.0861 0x11e8  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:09:18.0861 0x11e8  LMS - ok
20:09:18.0877 0x11e8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
20:09:18.0877 0x11e8  LSI_SAS - ok
20:09:18.0877 0x11e8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:09:18.0893 0x11e8  LSI_SAS2 - ok
20:09:18.0893 0x11e8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
20:09:18.0908 0x11e8  LSI_SAS3 - ok
20:09:18.0908 0x11e8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
20:09:18.0908 0x11e8  LSI_SSS - ok
20:09:18.0924 0x11e8  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
20:09:18.0939 0x11e8  LSM - ok
20:09:18.0939 0x11e8  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
20:09:18.0955 0x11e8  luafv - ok
20:09:18.0955 0x11e8  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
20:09:18.0955 0x11e8  MBAMProtector - ok
20:09:19.0002 0x11e8  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
20:09:19.0033 0x11e8  MBAMScheduler - ok
20:09:19.0049 0x11e8  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
20:09:19.0065 0x11e8  MBAMService - ok
20:09:19.0065 0x11e8  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
20:09:19.0080 0x11e8  MBAMSwissArmy - ok
20:09:19.0080 0x11e8  [ 9D7BFFDB5FA62B600DF1FCB4919D9D79, B610B18E25366F56A785C1BECE0EC534C836FAB0DF13E0BC3AF7A626E6CD6A5F ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
20:09:19.0080 0x11e8  MBAMWebAccessControl - ok
20:09:19.0080 0x11e8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
20:09:19.0096 0x11e8  megasas - ok
20:09:19.0111 0x11e8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
20:09:19.0127 0x11e8  megasr - ok
20:09:19.0127 0x11e8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
20:09:19.0127 0x11e8  MEIx64 - ok
20:09:19.0127 0x11e8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
20:09:19.0143 0x11e8  MMCSS - ok
20:09:19.0143 0x11e8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
20:09:19.0158 0x11e8  Modem - ok
20:09:19.0158 0x11e8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
20:09:19.0158 0x11e8  monitor - ok
20:09:19.0158 0x11e8  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
20:09:19.0174 0x11e8  mouclass - ok
20:09:19.0174 0x11e8  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
20:09:19.0174 0x11e8  mouhid - ok
20:09:19.0190 0x11e8  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
20:09:19.0190 0x11e8  mountmgr - ok
20:09:19.0190 0x11e8  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
20:09:19.0205 0x11e8  mpsdrv - ok
20:09:19.0221 0x11e8  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
20:09:19.0236 0x11e8  MpsSvc - ok
20:09:19.0252 0x11e8  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:09:19.0252 0x11e8  MRxDAV - ok
20:09:19.0268 0x11e8  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:09:19.0283 0x11e8  mrxsmb - ok
20:09:19.0283 0x11e8  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:09:19.0299 0x11e8  mrxsmb10 - ok
20:09:19.0299 0x11e8  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:09:19.0315 0x11e8  mrxsmb20 - ok
20:09:19.0315 0x11e8  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
20:09:19.0330 0x11e8  MsBridge - ok
20:09:19.0330 0x11e8  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:09:19.0346 0x11e8  MSDTC - ok
20:09:19.0346 0x11e8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:09:19.0346 0x11e8  Msfs - ok
20:09:19.0361 0x11e8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:09:19.0361 0x11e8  msgpiowin32 - ok
20:09:19.0361 0x11e8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:09:19.0377 0x11e8  mshidkmdf - ok
20:09:19.0377 0x11e8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:09:19.0377 0x11e8  mshidumdf - ok
20:09:19.0377 0x11e8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
20:09:19.0393 0x11e8  msisadrv - ok
20:09:19.0393 0x11e8  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
20:09:19.0393 0x11e8  MSiSCSI - ok
20:09:19.0408 0x11e8  msiserver - ok
20:09:19.0408 0x11e8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:09:19.0408 0x11e8  MSKSSRV - ok
20:09:19.0408 0x11e8  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:09:19.0424 0x11e8  MsLldp - ok
20:09:19.0424 0x11e8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:09:19.0424 0x11e8  MSPCLOCK - ok
20:09:19.0440 0x11e8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:09:19.0440 0x11e8  MSPQM - ok
20:09:19.0440 0x11e8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
20:09:19.0455 0x11e8  MsRPC - ok
20:09:19.0455 0x11e8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
20:09:19.0471 0x11e8  mssmbios - ok
20:09:19.0471 0x11e8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
20:09:19.0471 0x11e8  MSTEE - ok
20:09:19.0471 0x11e8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
20:09:19.0486 0x11e8  MTConfig - ok
20:09:19.0486 0x11e8  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
20:09:19.0486 0x11e8  Mup - ok
20:09:19.0502 0x11e8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
20:09:19.0502 0x11e8  mvumis - ok
20:09:19.0549 0x11e8  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
20:09:19.0565 0x11e8  napagent - ok
20:09:19.0580 0x11e8  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:09:19.0580 0x11e8  NativeWifiP - ok
20:09:19.0596 0x11e8  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:09:19.0611 0x11e8  NcaSvc - ok
20:09:19.0627 0x11e8  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
20:09:19.0627 0x11e8  NcbService - ok
20:09:19.0645 0x11e8  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:09:19.0660 0x11e8  NcdAutoSetup - ok
20:09:19.0676 0x11e8  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
20:09:19.0707 0x11e8  NDIS - ok
20:09:19.0707 0x11e8  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:09:19.0707 0x11e8  NdisCap - ok
20:09:19.0723 0x11e8  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:09:19.0723 0x11e8  NdisImPlatform - ok
20:09:19.0739 0x11e8  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:09:19.0739 0x11e8  NdisTapi - ok
20:09:19.0739 0x11e8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:09:19.0754 0x11e8  Ndisuio - ok
20:09:19.0754 0x11e8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:09:19.0754 0x11e8  NdisVirtualBus - ok
20:09:19.0770 0x11e8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:09:19.0770 0x11e8  NdisWan - ok
20:09:19.0786 0x11e8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:09:19.0786 0x11e8  NdisWanLegacy - ok
20:09:19.0786 0x11e8  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:09:19.0801 0x11e8  NDProxy - ok
20:09:19.0801 0x11e8  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:09:19.0817 0x11e8  Ndu - ok
20:09:19.0817 0x11e8  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:09:19.0817 0x11e8  NetBIOS - ok
20:09:19.0834 0x11e8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:09:19.0849 0x11e8  NetBT - ok
20:09:19.0849 0x11e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:09:19.0849 0x11e8  Netlogon - ok
20:09:19.0865 0x11e8  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
20:09:19.0865 0x11e8  Netman - ok
20:09:19.0881 0x11e8  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
20:09:19.0943 0x11e8  netprofm - ok
20:09:19.0959 0x11e8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:09:19.0974 0x11e8  NetTcpPortSharing - ok
20:09:19.0974 0x11e8  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
20:09:19.0990 0x11e8  netvsc - ok
20:09:20.0006 0x11e8  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
20:09:20.0021 0x11e8  NlaSvc - ok
20:09:20.0021 0x11e8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:09:20.0021 0x11e8  Npfs - ok
20:09:20.0037 0x11e8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
20:09:20.0037 0x11e8  npsvctrig - ok
20:09:20.0037 0x11e8  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
20:09:20.0052 0x11e8  nsi - ok
20:09:20.0052 0x11e8  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
20:09:20.0068 0x11e8  nsiproxy - ok
20:09:20.0115 0x11e8  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:09:20.0146 0x11e8  Ntfs - ok
20:09:20.0162 0x11e8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:09:20.0162 0x11e8  Null - ok
20:09:20.0162 0x11e8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:09:20.0177 0x11e8  nvraid - ok
20:09:20.0177 0x11e8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
20:09:20.0193 0x11e8  nvstor - ok
20:09:20.0193 0x11e8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
20:09:20.0193 0x11e8  nv_agp - ok
20:09:20.0209 0x11e8  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:09:20.0209 0x11e8  ose - ok
20:09:20.0224 0x11e8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
20:09:20.0224 0x11e8  p2pimsvc - ok
20:09:20.0256 0x11e8  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:09:20.0271 0x11e8  p2psvc - ok
20:09:20.0271 0x11e8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
20:09:20.0287 0x11e8  Parport - ok
20:09:20.0287 0x11e8  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
20:09:20.0287 0x11e8  partmgr - ok
20:09:20.0302 0x11e8  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
20:09:20.0318 0x11e8  PcaSvc - ok
20:09:20.0334 0x11e8  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:09:20.0336 0x11e8  pci - ok
20:09:20.0336 0x11e8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
20:09:20.0351 0x11e8  pciide - ok
20:09:20.0351 0x11e8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
20:09:20.0351 0x11e8  pcmcia - ok
20:09:20.0367 0x11e8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
20:09:20.0367 0x11e8  pcw - ok
20:09:20.0367 0x11e8  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
20:09:20.0382 0x11e8  pdc - ok
20:09:20.0382 0x11e8  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
20:09:20.0414 0x11e8  PEAUTH - ok
20:09:20.0434 0x11e8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:09:20.0450 0x11e8  PerfHost - ok
20:09:20.0481 0x11e8  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
20:09:20.0512 0x11e8  pla - ok
20:09:20.0512 0x11e8  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
20:09:20.0528 0x11e8  PlugPlay - ok
20:09:20.0544 0x11e8  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:09:20.0559 0x11e8  PNRPAutoReg - ok
20:09:20.0559 0x11e8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
20:09:20.0575 0x11e8  PNRPsvc - ok
20:09:20.0591 0x11e8  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
20:09:20.0591 0x11e8  PolicyAgent - ok
20:09:20.0608 0x11e8  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
20:09:20.0608 0x11e8  Power - ok
20:09:20.0671 0x11e8  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:09:20.0718 0x11e8  PrintNotify - ok
20:09:20.0733 0x11e8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
20:09:20.0734 0x11e8  Processor - ok
20:09:20.0734 0x11e8  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
20:09:20.0750 0x11e8  ProfSvc - ok
20:09:20.0750 0x11e8  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
20:09:20.0765 0x11e8  Psched - ok
20:09:20.0796 0x11e8  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:09:20.0812 0x11e8  QWAVE - ok
20:09:20.0812 0x11e8  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:09:20.0812 0x11e8  QWAVEdrv - ok
20:09:20.0828 0x11e8  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:09:20.0828 0x11e8  RasAcd - ok
20:09:20.0828 0x11e8  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:09:20.0843 0x11e8  RasAuto - ok
20:09:20.0859 0x11e8  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:09:20.0875 0x11e8  RasMan - ok
20:09:20.0875 0x11e8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:09:20.0890 0x11e8  RasPppoe - ok
20:09:20.0890 0x11e8  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:09:20.0921 0x11e8  rdbss - ok
20:09:20.0921 0x11e8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:09:20.0953 0x11e8  rdpbus - ok
20:09:20.0953 0x11e8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
20:09:20.0968 0x11e8  RDPDR - ok
20:09:20.0968 0x11e8  [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:09:20.0984 0x11e8  RdpVideoMiniport - ok
20:09:20.0984 0x11e8  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:09:21.0000 0x11e8  rdyboost - ok
20:09:21.0031 0x11e8  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
20:09:21.0046 0x11e8  ReFS - ok
20:09:21.0046 0x11e8  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:09:21.0062 0x11e8  RemoteAccess - ok
20:09:21.0078 0x11e8  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:09:21.0081 0x11e8  RemoteRegistry - ok
20:09:21.0096 0x11e8  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
20:09:21.0096 0x11e8  RFCOMM - ok
20:09:21.0112 0x11e8  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:09:21.0112 0x11e8  RichVideo - ok
20:09:21.0112 0x11e8  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
20:09:21.0128 0x11e8  RpcEptMapper - ok
20:09:21.0128 0x11e8  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:09:21.0143 0x11e8  RpcLocator - ok
20:09:21.0159 0x11e8  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:09:21.0175 0x11e8  RpcSs - ok
20:09:21.0175 0x11e8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:09:21.0175 0x11e8  rspndr - ok
20:09:21.0190 0x11e8  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
20:09:21.0206 0x11e8  RTL8168 - ok
20:09:21.0221 0x11e8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:09:21.0221 0x11e8  s3cap - ok
20:09:21.0221 0x11e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:09:21.0237 0x11e8  SamSs - ok
20:09:21.0237 0x11e8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
20:09:21.0237 0x11e8  sbp2port - ok
20:09:21.0253 0x11e8  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
20:09:21.0253 0x11e8  SCardSvr - ok
20:09:21.0268 0x11e8  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
20:09:21.0268 0x11e8  ScDeviceEnum - ok
20:09:21.0300 0x11e8  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:09:21.0315 0x11e8  scfilter - ok
20:09:21.0331 0x11e8  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:09:21.0362 0x11e8  Schedule - ok
20:09:21.0362 0x11e8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
20:09:21.0378 0x11e8  SCPolicySvc - ok
20:09:21.0378 0x11e8  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
20:09:21.0409 0x11e8  sdbus - ok
20:09:21.0409 0x11e8  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
20:09:21.0425 0x11e8  sdstor - ok
20:09:21.0425 0x11e8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
20:09:21.0425 0x11e8  secdrv - ok
20:09:21.0440 0x11e8  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:09:21.0440 0x11e8  seclogon - ok
20:09:21.0440 0x11e8  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
20:09:21.0456 0x11e8  SENS - ok
20:09:21.0456 0x11e8  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:09:21.0471 0x11e8  SensrSvc - ok
20:09:21.0471 0x11e8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
20:09:21.0487 0x11e8  SerCx - ok
20:09:21.0491 0x11e8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
20:09:21.0491 0x11e8  SerCx2 - ok
20:09:21.0491 0x11e8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
20:09:21.0506 0x11e8  Serenum - ok
20:09:21.0506 0x11e8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
20:09:21.0522 0x11e8  Serial - ok
20:09:21.0522 0x11e8  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
20:09:21.0522 0x11e8  sermouse - ok
20:09:21.0537 0x11e8  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
20:09:21.0553 0x11e8  SessionEnv - ok
20:09:21.0553 0x11e8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
20:09:21.0553 0x11e8  sfloppy - ok
20:09:21.0616 0x11e8  [ AA37EE4C012656A974561D68E0A40291, 3C029D3A0929B698ED02185354DD2AAF9575774B3AE1FC2AEF65F08F19235A8C ] SftService      C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
20:09:21.0647 0x11e8  SftService - ok
20:09:21.0663 0x11e8  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:09:21.0678 0x11e8  SharedAccess - ok
20:09:21.0694 0x11e8  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:09:21.0709 0x11e8  ShellHWDetection - ok
20:09:21.0709 0x11e8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:09:21.0709 0x11e8  SiSRaid2 - ok
20:09:21.0725 0x11e8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
20:09:21.0725 0x11e8  SiSRaid4 - ok
20:09:21.0725 0x11e8  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
20:09:21.0756 0x11e8  smphost - ok
20:09:21.0756 0x11e8  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:09:21.0756 0x11e8  SNMPTRAP - ok
20:09:21.0772 0x11e8  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:09:21.0788 0x11e8  spaceport - ok
20:09:21.0788 0x11e8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
20:09:21.0803 0x11e8  SpbCx - ok
20:09:21.0819 0x11e8  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
20:09:21.0834 0x11e8  Spooler - ok
20:09:21.0944 0x11e8  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
20:09:22.0100 0x11e8  sppsvc - ok
20:09:22.0116 0x11e8  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:09:22.0131 0x11e8  srv - ok
20:09:22.0147 0x11e8  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
20:09:22.0163 0x11e8  srv2 - ok
20:09:22.0178 0x11e8  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:09:22.0178 0x11e8  srvnet - ok
20:09:22.0194 0x11e8  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:09:22.0209 0x11e8  SSDPSRV - ok
20:09:22.0209 0x11e8  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
20:09:22.0209 0x11e8  SstpSvc - ok
20:09:22.0225 0x11e8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
20:09:22.0225 0x11e8  stexstor - ok
20:09:22.0241 0x11e8  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
20:09:22.0256 0x11e8  stisvc - ok
20:09:22.0256 0x11e8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:09:22.0272 0x11e8  storahci - ok
20:09:22.0272 0x11e8  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
20:09:22.0272 0x11e8  storflt - ok
20:09:22.0303 0x11e8  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:09:22.0303 0x11e8  stornvme - ok
20:09:22.0319 0x11e8  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
20:09:22.0319 0x11e8  StorSvc - ok
20:09:22.0319 0x11e8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
20:09:22.0335 0x11e8  storvsc - ok
20:09:22.0335 0x11e8  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
20:09:22.0350 0x11e8  svsvc - ok
20:09:22.0350 0x11e8  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
20:09:22.0350 0x11e8  swenum - ok
20:09:22.0381 0x11e8  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
20:09:22.0413 0x11e8  swprv - ok
20:09:22.0428 0x11e8  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
20:09:22.0460 0x11e8  SysMain - ok
20:09:22.0460 0x11e8  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:09:22.0475 0x11e8  SystemEventsBroker - ok
20:09:22.0475 0x11e8  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:09:22.0491 0x11e8  TabletInputService - ok
20:09:22.0506 0x11e8  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:09:22.0506 0x11e8  TapiSrv - ok
20:09:22.0553 0x11e8  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
20:09:22.0600 0x11e8  Tcpip - ok
20:09:22.0647 0x11e8  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:09:22.0694 0x11e8  TCPIP6 - ok
20:09:22.0694 0x11e8  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:09:22.0710 0x11e8  tcpipreg - ok
20:09:22.0710 0x11e8  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
20:09:22.0725 0x11e8  tdx - ok
20:09:22.0725 0x11e8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:09:22.0725 0x11e8  terminpt - ok
20:09:22.0741 0x11e8  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
20:09:22.0772 0x11e8  TermService - ok
20:09:22.0772 0x11e8  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
20:09:22.0788 0x11e8  Themes - ok
20:09:22.0788 0x11e8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
20:09:22.0803 0x11e8  THREADORDER - ok
20:09:22.0803 0x11e8  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
20:09:22.0819 0x11e8  TimeBroker - ok
20:09:22.0819 0x11e8  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
20:09:22.0835 0x11e8  TPM - ok
20:09:22.0835 0x11e8  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:09:22.0850 0x11e8  TrkWks - ok
20:09:22.0850 0x11e8  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:09:22.0850 0x11e8  TrustedInstaller - ok
20:09:22.0866 0x11e8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
20:09:22.0866 0x11e8  TsUsbFlt - ok
20:09:22.0866 0x11e8  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:09:22.0881 0x11e8  TsUsbGD - ok
20:09:22.0881 0x11e8  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
20:09:22.0897 0x11e8  tunnel - ok
20:09:22.0897 0x11e8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
20:09:22.0897 0x11e8  uagp35 - ok
20:09:22.0913 0x11e8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
20:09:22.0913 0x11e8  UASPStor - ok
20:09:22.0913 0x11e8  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
20:09:22.0928 0x11e8  UCX01000 - ok
20:09:22.0928 0x11e8  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
20:09:22.0944 0x11e8  udfs - ok
20:09:22.0960 0x11e8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
20:09:22.0960 0x11e8  UEFI - ok
20:09:22.0960 0x11e8  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
20:09:22.0975 0x11e8  UI0Detect - ok
20:09:22.0991 0x11e8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
20:09:23.0006 0x11e8  uliagpkx - ok
20:09:23.0006 0x11e8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
20:09:23.0006 0x11e8  umbus - ok
20:09:23.0006 0x11e8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
20:09:23.0022 0x11e8  UmPass - ok
20:09:23.0022 0x11e8  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
20:09:23.0038 0x11e8  UmRdpService - ok
20:09:23.0053 0x11e8  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:09:23.0053 0x11e8  UNS - ok
20:09:23.0069 0x11e8  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:09:23.0085 0x11e8  upnphost - ok
20:09:23.0085 0x11e8  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
20:09:23.0085 0x11e8  USBAAPL64 - ok
20:09:23.0100 0x11e8  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
20:09:23.0116 0x11e8  usbaudio - ok
20:09:23.0131 0x11e8  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
20:09:23.0131 0x11e8  usbccgp - ok
20:09:23.0147 0x11e8  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:09:23.0147 0x11e8  usbcir - ok
20:09:23.0163 0x11e8  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
20:09:23.0163 0x11e8  usbehci - ok
20:09:23.0178 0x11e8  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
20:09:23.0194 0x11e8  usbhub - ok
20:09:23.0210 0x11e8  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
20:09:23.0225 0x11e8  USBHUB3 - ok
20:09:23.0225 0x11e8  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
20:09:23.0241 0x11e8  usbohci - ok
20:09:23.0241 0x11e8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
20:09:23.0256 0x11e8  usbprint - ok
20:09:23.0256 0x11e8  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:09:23.0272 0x11e8  USBSTOR - ok
20:09:23.0272 0x11e8  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
20:09:23.0272 0x11e8  usbuhci - ok
20:09:23.0288 0x11e8  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:09:23.0303 0x11e8  USBXHCI - ok
20:09:23.0303 0x11e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
20:09:23.0303 0x11e8  VaultSvc - ok
20:09:23.0303 0x11e8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
20:09:23.0319 0x11e8  vdrvroot - ok
20:09:23.0351 0x11e8  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
20:09:23.0398 0x11e8  vds - ok
20:09:23.0414 0x11e8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
20:09:23.0414 0x11e8  VerifierExt - ok
20:09:23.0430 0x11e8  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
20:09:23.0445 0x11e8  vhdmp - ok
20:09:23.0445 0x11e8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
20:09:23.0461 0x11e8  viaide - ok
20:09:23.0461 0x11e8  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
20:09:23.0476 0x11e8  vmbus - ok
20:09:23.0476 0x11e8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
20:09:23.0476 0x11e8  VMBusHID - ok
20:09:23.0492 0x11e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:09:23.0496 0x11e8  vmicguestinterface - ok
20:09:23.0512 0x11e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
20:09:23.0527 0x11e8  vmicheartbeat - ok
20:09:23.0527 0x11e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:09:23.0543 0x11e8  vmickvpexchange - ok
20:09:23.0559 0x11e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
20:09:23.0559 0x11e8  vmicrdv - ok
20:09:23.0574 0x11e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
20:09:23.0590 0x11e8  vmicshutdown - ok
20:09:23.0590 0x11e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
20:09:23.0606 0x11e8  vmictimesync - ok
20:09:23.0621 0x11e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
20:09:23.0621 0x11e8  vmicvss - ok
20:09:23.0637 0x11e8  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
20:09:23.0637 0x11e8  volmgr - ok
20:09:23.0652 0x11e8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
20:09:23.0652 0x11e8  volmgrx - ok
20:09:23.0668 0x11e8  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
20:09:23.0684 0x11e8  volsnap - ok
20:09:23.0684 0x11e8  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:09:23.0684 0x11e8  vpci - ok
20:09:23.0699 0x11e8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
20:09:23.0699 0x11e8  vsmraid - ok
20:09:23.0731 0x11e8  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
20:09:23.0762 0x11e8  VSS - ok
20:09:23.0778 0x11e8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
20:09:23.0778 0x11e8  VSTXRAID - ok
20:09:23.0793 0x11e8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
20:09:23.0793 0x11e8  vwifibus - ok
20:09:23.0793 0x11e8  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
20:09:23.0809 0x11e8  vwififlt - ok
20:09:23.0809 0x11e8  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
20:09:23.0809 0x11e8  vwifimp - ok
20:09:23.0841 0x11e8  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
20:09:23.0872 0x11e8  W32Time - ok
20:09:23.0872 0x11e8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
20:09:23.0887 0x11e8  WacomPen - ok
20:09:23.0903 0x11e8  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
20:09:23.0934 0x11e8  wbengine - ok
20:09:23.0950 0x11e8  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
20:09:23.0966 0x11e8  WbioSrvc - ok
20:09:23.0981 0x11e8  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
20:09:23.0981 0x11e8  Wcmsvc - ok
20:09:23.0998 0x11e8  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
20:09:24.0014 0x11e8  wcncsvc - ok
20:09:24.0014 0x11e8  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:09:24.0030 0x11e8  WcsPlugInService - ok
20:09:24.0030 0x11e8  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
20:09:24.0030 0x11e8  WdBoot - ok
20:09:24.0030 0x11e8  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
20:09:24.0045 0x11e8  WDC_SAM - ok
20:09:24.0061 0x11e8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
20:09:24.0077 0x11e8  Wdf01000 - ok
20:09:24.0092 0x11e8  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
20:09:24.0108 0x11e8  WdFilter - ok
20:09:24.0108 0x11e8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:09:24.0123 0x11e8  WdiServiceHost - ok
20:09:24.0123 0x11e8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:09:24.0139 0x11e8  WdiSystemHost - ok
20:09:24.0139 0x11e8  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:09:24.0155 0x11e8  WdNisDrv - ok
20:09:24.0155 0x11e8  WdNisSvc - ok
20:09:24.0170 0x11e8  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:09:24.0186 0x11e8  WebClient - ok
20:09:24.0202 0x11e8  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
20:09:24.0217 0x11e8  Wecsvc - ok
20:09:24.0217 0x11e8  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:09:24.0233 0x11e8  WEPHOSTSVC - ok
20:09:24.0233 0x11e8  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
20:09:24.0264 0x11e8  wercplsupport - ok
20:09:24.0264 0x11e8  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
20:09:24.0280 0x11e8  WerSvc - ok
20:09:24.0280 0x11e8  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
20:09:24.0295 0x11e8  WFPLWFS - ok
20:09:24.0295 0x11e8  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
20:09:24.0295 0x11e8  WiaRpc - ok
20:09:24.0311 0x11e8  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
20:09:24.0311 0x11e8  WIMMount - ok
20:09:24.0311 0x11e8  WinDefend - ok
20:09:24.0327 0x11e8  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:09:24.0342 0x11e8  WinHttpAutoProxySvc - ok
20:09:24.0358 0x11e8  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:09:24.0373 0x11e8  Winmgmt - ok
20:09:24.0405 0x11e8  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:09:24.0452 0x11e8  WinRM - ok
20:09:24.0467 0x11e8  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
20:09:24.0467 0x11e8  WinUsb - ok
20:09:24.0532 0x11e8  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
20:09:24.0563 0x11e8  WlanSvc - ok
20:09:24.0594 0x11e8  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
20:09:24.0610 0x11e8  wlidsvc - ok
20:09:24.0626 0x11e8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
20:09:24.0626 0x11e8  WmiAcpi - ok
20:09:24.0626 0x11e8  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:09:24.0641 0x11e8  wmiApSrv - ok
20:09:24.0641 0x11e8  WMPNetworkSvc - ok
20:09:24.0641 0x11e8  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:09:24.0657 0x11e8  Wof - ok
20:09:24.0704 0x11e8  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
20:09:24.0751 0x11e8  workfolderssvc - ok
20:09:24.0751 0x11e8  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:09:24.0766 0x11e8  wpcfltr - ok
20:09:24.0766 0x11e8  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
20:09:24.0782 0x11e8  WPCSvc - ok
20:09:24.0782 0x11e8  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:09:24.0782 0x11e8  WPDBusEnum - ok
20:09:24.0797 0x11e8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:09:24.0797 0x11e8  WpdUpFltr - ok
20:09:24.0797 0x11e8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:09:24.0813 0x11e8  ws2ifsl - ok
20:09:24.0813 0x11e8  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
20:09:24.0813 0x11e8  wscsvc - ok
20:09:24.0829 0x11e8  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
20:09:24.0829 0x11e8  WSDPrintDevice - ok
20:09:24.0829 0x11e8  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\WINDOWS\System32\drivers\WSDScan.sys
20:09:24.0844 0x11e8  WSDScan - ok
20:09:24.0844 0x11e8  WSearch - ok
20:09:24.0922 0x11e8  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
20:09:24.0986 0x11e8  WSService - ok
20:09:25.0064 0x11e8  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
20:09:25.0127 0x11e8  wuauserv - ok
20:09:25.0127 0x11e8  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:09:25.0142 0x11e8  WudfPf - ok
20:09:25.0142 0x11e8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
20:09:25.0158 0x11e8  WUDFRd - ok
20:09:25.0158 0x11e8  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
20:09:25.0173 0x11e8  wudfsvc - ok
20:09:25.0173 0x11e8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:09:25.0189 0x11e8  WUDFWpdFs - ok
20:09:25.0189 0x11e8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:09:25.0189 0x11e8  WUDFWpdMtp - ok
20:09:25.0220 0x11e8  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
20:09:25.0236 0x11e8  WwanSvc - ok
20:09:25.0252 0x11e8  [ 67BB3DC074C640AD609B19E0BBA42BDC, 452CCC94F361A9BE5C032DEA16742B788AF1BA44277E9C8B27A259347C0AB358 ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
20:09:25.0252 0x11e8  ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic ( 1 )
20:09:27.0662 0x06ac  Object required for P2P: [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci
20:09:30.0600 0x06ac  Object send P2P result: true
20:09:30.0772 0x11e8  Detect skipped due to KSN trusted
20:09:30.0772 0x11e8  ZAtheros Wlan Agent - ok
20:09:30.0772 0x11e8  ================ Scan global ===============================
20:09:30.0803 0x11e8  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
20:09:30.0819 0x11e8  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
20:09:30.0835 0x11e8  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
20:09:30.0850 0x11e8  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
20:09:30.0866 0x11e8  [ Global ] - ok
20:09:30.0866 0x11e8  ================ Scan MBR ==================================
20:09:30.0866 0x11e8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:09:30.0944 0x11e8  \Device\Harddisk0\DR0 - ok
20:09:30.0944 0x11e8  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:09:31.0444 0x11e8  \Device\Harddisk1\DR1 - ok
20:09:31.0444 0x11e8  ================ Scan VBR ==================================
20:09:31.0444 0x11e8  [ 08C4F6F77661A4182493503C67563735 ] \Device\Harddisk0\DR0\Partition1
20:09:31.0475 0x11e8  \Device\Harddisk0\DR0\Partition1 - ok
20:09:31.0491 0x11e8  [ BBF323A0677BBB6B1A8B69ED01AE99CE ] \Device\Harddisk0\DR0\Partition2
20:09:31.0522 0x11e8  \Device\Harddisk0\DR0\Partition2 - ok
20:09:31.0522 0x11e8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
20:09:31.0522 0x11e8  \Device\Harddisk0\DR0\Partition3 - ok
20:09:31.0522 0x11e8  [ 122D5ACDCBD43B3FF71697AA9ACD584F ] \Device\Harddisk0\DR0\Partition4
20:09:31.0585 0x11e8  \Device\Harddisk0\DR0\Partition4 - ok
20:09:31.0585 0x11e8  [ 86C55B91FBF51A97F0D91333A66C4E4C ] \Device\Harddisk0\DR0\Partition5
20:09:31.0616 0x11e8  \Device\Harddisk0\DR0\Partition5 - ok
20:09:31.0616 0x11e8  [ 5BE288FA94963DF575CE632E072BC959 ] \Device\Harddisk0\DR0\Partition6
20:09:31.0616 0x11e8  \Device\Harddisk0\DR0\Partition6 - ok
20:09:31.0632 0x11e8  [ BF2C9E7DF29AB6FA1AD0E9B7C2B317E4 ] \Device\Harddisk0\DR0\Partition7
20:09:31.0632 0x11e8  \Device\Harddisk0\DR0\Partition7 - ok
20:09:31.0632 0x11e8  [ E6B5D5B2469F32A16C47AFF493D0F3AC ] \Device\Harddisk1\DR1\Partition1
20:09:31.0725 0x11e8  \Device\Harddisk1\DR1\Partition1 - ok
20:09:31.0725 0x11e8  ================ Scan generic autorun ======================
20:09:31.0882 0x11e8  [ AF04B6DDF123991C625472494BC1221C, D02BEC96FF466187130B5868DCB70E56CEE25101A8889A1AEF3CFE60ECBE6DC6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:09:31.0991 0x11e8  RTHDVCPL - ok
20:09:32.0022 0x11e8  [ 5890F875035DBF84037CD3502AAA96CD, C3CA9040E1761C3C78A467208FC5B52075E7954AABC6FF7FB5A20AC6CF456FA1 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:09:32.0038 0x11e8  RtHDVBg - ok
20:09:32.0054 0x11e8  [ AB8B9DF053C2D2631BDDC244A9DFD961, A7F9570F995DA74674FF4E33806527282D1353C950925CEB72BE013DC01D9860 ] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
20:09:32.0069 0x11e8  BtTray - ok
20:09:32.0069 0x11e8  [ EFC5E0BF90D0071993D40F242DD56C04, BDAD48FEC8C6818E322C9B2745CD1C5F77A890379CBB3C5B54AAF7BD78D41EA7 ] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
20:09:32.0085 0x11e8  BtvStack - ok
20:09:32.0100 0x11e8  [ 18CED0D0539693A78FFCBDCEC91E67FD, F9C161B8CE26C0FAD6EEAE9D6F76102F260B7DF87481645AD90D1DE6CE32E5CD ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:09:32.0116 0x11e8  StartCCC - ok
20:09:32.0132 0x11e8  [ E7861EAA7881E086B2DB88ADF4279D4B, D040BCEC5B7519357D4E28653FC0F9F4FEAA88D291726A0763EA5E84C8C5D840 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
20:09:32.0132 0x11e8  IAStorIcon - ok
20:09:32.0132 0x11e8  [ D8E7C04575940803299B318C96832C88, E2BE88EF154813A973630969450B28184EF77F3C76E0DB58CDC89F42EE86E432 ] C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe
20:09:32.0147 0x11e8  Shwicon9106 - detected UnsignedFile.Multi.Generic ( 1 )
20:09:34.0648 0x11e8  Detect skipped due to KSN trusted
20:09:34.0648 0x11e8  Shwicon9106 - ok
20:09:34.0648 0x11e8  [ 139C3E683C64935D397A3A656D443E29, 56A914FC51ED13541987DBE2DE9ED28D9130DD3CF8DD90F9550A1D8818B24983 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
20:09:34.0663 0x11e8  RemoteControl10 - ok
20:09:34.0663 0x11e8  mcui_exe - ok
20:09:34.0679 0x11e8  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:09:34.0679 0x11e8  APSDaemon - ok
20:09:34.0695 0x11e8  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
20:09:34.0710 0x11e8  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
20:09:37.0648 0x11e8  Detect skipped due to KSN trusted
20:09:37.0648 0x11e8  QuickTime Task - ok
20:09:37.0664 0x11e8  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
20:09:37.0679 0x11e8  iTunesHelper - ok
20:09:37.0679 0x11e8  Waiting for KSN requests completion. In queue: 9
20:09:38.0695 0x11e8  Waiting for KSN requests completion. In queue: 9
20:09:39.0695 0x11e8  Waiting for KSN requests completion. In queue: 1
20:09:40.0715 0x11e8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
20:09:40.0715 0x11e8  Win FW state via NFP2: enabled
20:09:43.0345 0x11e8  ============================================================
20:09:43.0345 0x11e8  Scan finished
20:09:43.0345 0x11e8  ============================================================
20:09:43.0345 0x08c0  Detected object count: 0
20:09:43.0345 0x08c0  Actual detected object count: 0
20:10:28.0971 0x11c0  Deinitialize success

  • 0

#23
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello :)

Those logs look good. Let's run a scan for remnants and orphans.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Scan with Malwarebytes


Start Malwarebytes and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings_zpsb6b9ada0.jpg

Go back to the Dashboard and select Scan Now

MBAMScan_zps8ba7d192.jpg

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot_zps9089ab30.jpg

MBAMLog_zpsade07f42.jpg

On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list.

Click View, then click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.



Step 2: Scan with ESET Online Scanner


Please note: You can use Internet Explorer or Firefox for this step. Either browser used will have to be ran in admin mode.

Right click on either the Internet Explorer icon or the Firefox icon in the Start Menu or Quick Launch Bar on the Task bar and select Run as Administrator from the menu.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->esetbar_zps93905f48.jpg
  • Select the option YES, I accept the Terms of Use then click on Start
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours. It may appear to hang on a file here and there, but let it continue.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish
  • Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Step 3: SecurityCheck Scan


Download Security Checksecuritycheck_zpsb7736812.jpg by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.
  • ESET Scan Log
  • MBAM Log
  • SecurityCheck Log

  • 0

#24
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

I may not be on much more tonight. And I'll be away for some (or perhaps all) of the day tomorrow. Might get a chance to work on this when I get up before I have to leave (assuming you've left further instructions -- no pressure.)


  • 0

#25
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

I may not be on much more tonight. And I'll be away for some (or perhaps all) of the day tomorrow. Might get a chance to work on this when I get up before I have to leave (assuming you've left further instructions -- no pressure.)


No worries, I'm about to go offline for the night and the last set of instructions could take quite a while. As for when you can work on it, we do this on the schedule that works best for you. :) So, whenever is convenient for you will be fine. :thumbsup:
  • 0

Advertisements


#26
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

The ads by Browser Shop are still popping up everywhere on my screen. I will now post the 3 logs from the latest scans.


  • 0

#27
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/27/2015
Scan Time: 8:29:43 PM
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.01.28.02
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Enabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: modar_000
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 378218
Time Elapsed: 5 min, 14 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 2
PUP.Optional.OutBrowse, C:\$Recycle.Bin\S-1-5-21-2087107950-1864272675-2276528128-1004\$RV2G4U5.exe, Quarantined, [5af713e4d1b8979f6808d53eec16a55b], 
PUP.Optional.OutBrowse, C:\$Recycle.Bin\S-1-5-21-2087107950-1864272675-2276528128-1004\$R4SCOKV.exe, Quarantined, [163bb83f2366ed49a9c7947fda282dd3], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#28
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
[email protected] as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16384 (winblue_rtm.130821-1623)
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8c767cd8aaa0614384ec72ee54e0b20f
# engine=22179
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-01-28 04:57:00
# local_time=2015-01-27 09:57:00 (-0700, US Mountain Standard Time)
# country="United States"
# lang=1033
# osver=6.3.9600 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 47215913 0 0
# scanned=284985
# found=12
# cleaned=0
# scan_time=3183
sh=83EE16EE0664AAD1DCB5404B1FD03CC1DF6062F2 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL trojan" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\glfcfacamfioohghjbmefdhmakmlicea\EBNej1d8.js.vir"
sh=C7A16067BF3F2F17A5F5C5D89B824E240F741F37 ft=1 fh=93e48df091c754d1 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\hstart.exe"
sh=E978937AC7FAAC9A69609B2A4A3B8E2D43466DF9 ft=1 fh=b7b8c96c17c22525 vn="Win32/Patched.NFQ trojan" ac=I fn="C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dll"
sh=6609AB250752946BCD1F2083B2113D7F88C5FBC6 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL trojan" ac=I fn="C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef\182\smJt.js"
sh=6609AB250752946BCD1F2083B2113D7F88C5FBC6 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL trojan" ac=I fn="C:\Users\modar_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef\182\smJt.js"
sh=FAC10B38706012358BC7F864FF7BEA295C344E47 ft=1 fh=8c80c7d9cdd22076 vn="a variant of Win32/InstallCore.PX potentially unwanted application" ac=I fn="C:\Users\modar_000\Downloads\adobe_flash_setup.exe"
sh=F42434EB673DF4B135D8D509943965FE20F75B22 ft=1 fh=84267000d91c779b vn="Win32/ReImageRepair.E potentially unwanted application" ac=I fn="C:\Users\modar_000\Downloads\ReimageRepair.exe"
sh=FAC10B38706012358BC7F864FF7BEA295C344E47 ft=1 fh=8c80c7d9cdd22076 vn="a variant of Win32/InstallCore.PX potentially unwanted application" ac=I fn="I:\FileHistory\modar_000\NEPTUNE\Data\C\Users\modar_000\Downloads\adobe_flash_setup (2015_01_20 22_58_09 UTC).exe"
sh=00FEB283AD09BCA04F81775583A7F35BA51DA005 ft=1 fh=9a65c8d077d6bffc vn="a variant of Win32/OutBrowse.BS potentially unwanted application" ac=I fn="I:\FileHistory\modar_000\NEPTUNE\Data\C\Users\modar_000\Downloads\Java (2015_01_23 23_34_04 UTC).exe"
sh=5F791A5EC81F428B486EBDE5B1F14C4AE1932A3D ft=1 fh=7063aea2352fc2e8 vn="a variant of Win32/OutBrowse.BS potentially unwanted application" ac=I fn="I:\FileHistory\modar_000\NEPTUNE\Data\C\Users\modar_000\Downloads\Java (2015_01_28 01_45_45 UTC).exe"
sh=369E9F021698FB4B3A4991A8AC163E1327EBC5B3 ft=1 fh=0c87f31e89fd5d77 vn="a variant of Win32/Toolbar.MyWebSearch.V potentially unwanted application" ac=I fn="I:\FileHistory\modar_000\NEPTUNE\Data\C\Users\modar_000\Downloads\MyScrapNookSetup2.5.14.83.pd^9N^xdm002^YYA^us.CJGW19rB470CFcyTfgodLCsAEg (2015_01_20 22_58_09 UTC).exe"
sh=F42434EB673DF4B135D8D509943965FE20F75B22 ft=1 fh=84267000d91c779b vn="Win32/ReImageRepair.E potentially unwanted application" ac=I fn="I:\FileHistory\modar_000\NEPTUNE\Data\C\Users\modar_000\Downloads\ReimageRepair (2015_01_20 22_58_09 UTC).exe"

  • 0

#29
ArielAZ

ArielAZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
 Results of screen317's Security Check version 0.99.95  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
  Java 64-bit 8 Update 31  
 Google Chrome (39.0.2171.95) 
 Google Chrome (39.0.2171.99) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 

  • 0

#30
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

The ads by Browser Shop are still popping up everywhere on my screen. I will now post the 3 logs from the latest scans.


Acknowledged. Is this occuring only in Chrome?

We're going to remove the files found by ESET and then completely remove Chrome from your system and install the latest version. When these steps are complete, please let me know how the machine is performing. :thumbsup:

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
Createrestorepoint:
C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dll
C:\Users\DAVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef\182\smJt.js
C:\Users\modar_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef\182\smJt.js
C:\Users\modar_000\Downloads\adobe_flash_setup.exe
C:\Users\modar_000\Downloads\ReimageRepair.exe
I:\FileHistory\modar_000\NEPTUNE\Data\C\Users\modar_000\Downloads\adobe_flash_setup (2015_01_20 22_58_09 UTC).exe
I:\FileHistory\modar_000\NEPTUNE\Data\C\Users\modar_000\Downloads\Java (2015_01_23 23_34_04 UTC).exe
I:\FileHistory\modar_000\NEPTUNE\Data\C\Users\modar_000\Downloads\Java (2015_01_28 01_45_45 UTC).exe"
I:\FileHistory\modar_000\NEPTUNE\Data\C\Users\modar_000\Downloads\MyScrapNookSetup2.5.14.83.pd^9N^xdm002^YYA^us.CJGW19rB470CFcyTfgodLCsAEg (2015_01_20 22_58_09 UTC).exe
I:\FileHistory\modar_000\NEPTUNE\Data\C\Users\modar_000\Downloads\ReimageRepair (2015_01_20 22_58_09 UTC).exe
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 2: Chrome Removal and Re-Install


Backup Chrome Bookmarks

If you wish to backup your bookmarks in Chrome before removal, please follow the steps below.
  • In the top-right corner of the browser window, click the Chrome menu.
  • Select Bookmarks > Bookmark Manager.
  • Click the "Organize" menu in the manager.
  • Don't see the "Organize" menu? Try using the alternate directions below.
  • Select Export bookmarks.
Chrome will export your bookmarks as an HTML file, which you can then import into another browser


Remove Chrome From your System

Please follow the steps below to remove Chrome from your system.
  • Close all Chrome windows and tabs.
  • Go to the Start menu > Control Panel. (Windows 8 users: Learn how to access the Control Panel)
  • Click Programs and Features.
  • Double-click Google Chrome.
  • Click Uninstall from the confirmation dialog. Please delete your user profile information, like your browser preferences, bookmarks, and history, by selecting the "Also delete your browsing data" checkbox.
Download and Re-install Chrome

Please click the link below to go to Google's Chrome page and download the latest version.

https://www.google.c...rowser/desktop/


Things I need to see in your next post:

Fixlog.txt Log

Upon reinstallation of Chrome are you still experiencing the ads?

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP