Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browsers out of control - Refresh to homepage and more - WIN7x64


  • Please log in to reply
14 replies to this topic

#1 steff88

steff88

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:33 AM

Posted 14 February 2014 - 03:48 PM

I feel like ripping this laptop to pieces as i am rewriting this message in a notepad while my chrome refreshed the message on your forum and i lost yet again 10 minutes of my life..
Just to make the long story shorter:
My laptop is a Sony Vaio VPCEB4J1E and i run a win7 x64 installation with genuine windows and all updates.
 
One week ago my chrome (and as it turned out all browsers) started refreshing active tab to homepage or bring up homepages on it's own. No links to porn or anything.. just plain homepages (chrome to google.com, opera cu quick dial, iexplore to msn and so on). There is no telling when the refresh starts acting out or how long it takes.
 
I decided to reinstall windows so i downloaded a retail trial from microsoft and used the cdkey to activate as i don't like using recovery partitions that install lots of bloatware.
 
After the fresh install i decided to use the 16 gb that the recovery partition was using so i installed partition magic (big mistake) and after agreeing to let it "fix" my hdd i got a blue screen. Long story short again: 10 hours worth of forum reading, cmd commands, format, reformat, bootfix, write zeros, etc nothing worked.
 
I bought a new HDD and i reinstalled win7 on it. The old hdd i put it in a rack and tried to use it as well but after running Seagate tools i got no errors but still the hdd is not responding, freezing and so on.
 
Getting back to the big picture problem..
As soon as i finished the installation i got the same problems on the new hdd as well.. any browser i use does the same.. refreshing pages to homepage, bringing up new tabs with homepage. I googled and googled.. no fixes work.. 
 
Please help as i have reached my limits and the next step i see to be left is to buy a new laptop and i can't even sell this one because of this error while it is in tip top shape and quite a good config.
 
 
I ran tdss
 
 
 
 
 
 
22:18:04.0991 0x12dc  TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
22:18:09.0330 0x12dc  ============================================================
22:18:09.0330 0x12dc  Current date / time: 2014/02/14 22:18:09.0330
22:18:09.0330 0x12dc  SystemInfo:
22:18:09.0331 0x12dc  
22:18:09.0331 0x12dc  OS Version: 6.1.7601 ServicePack: 1.0
22:18:09.0331 0x12dc  Product type: Workstation
22:18:09.0331 0x12dc  ComputerName: STEFAN-PC
22:18:09.0331 0x12dc  UserName: Stefan
22:18:09.0331 0x12dc  Windows directory: C:\Windows
22:18:09.0331 0x12dc  System windows directory: C:\Windows
22:18:09.0331 0x12dc  Running under WOW64
22:18:09.0331 0x12dc  Processor architecture: Intel x64
22:18:09.0331 0x12dc  Number of processors: 2
22:18:09.0331 0x12dc  Page size: 0x1000
22:18:09.0331 0x12dc  Boot type: Normal boot
22:18:09.0331 0x12dc  ============================================================
22:18:11.0515 0x12dc  KLMD registered as C:\Windows\system32\drivers\98218018.sys
22:18:11.0571 0x12dc  System UUID: {654637D4-AA49-C0EB-FD24-80B402BB3377}
22:18:11.0983 0x12dc  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:18:12.0043 0x12dc  ============================================================
22:18:12.0043 0x12dc  \Device\Harddisk0\DR0:
22:18:12.0043 0x12dc  MBR partitions:
22:18:12.0044 0x12dc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:18:12.0044 0x12dc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x124C5800
22:18:12.0044 0x12dc  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x124F8000, BlocksNum 0x222E0000
22:18:12.0044 0x12dc  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x347D8000, BlocksNum 0x22D6D800
22:18:12.0044 0x12dc  ============================================================
22:18:12.0070 0x12dc  C: <-> \Device\Harddisk0\DR0\Partition2
22:18:12.0089 0x12dc  D: <-> \Device\Harddisk0\DR0\Partition3
22:18:12.0116 0x12dc  E: <-> \Device\Harddisk0\DR0\Partition4
22:18:12.0116 0x12dc  ============================================================
22:18:12.0117 0x12dc  Initialize success
22:18:12.0117 0x12dc  ============================================================
22:18:13.0721 0x11a8  ============================================================
22:18:13.0721 0x11a8  Scan started
22:18:13.0721 0x11a8  Mode: Manual; 
22:18:13.0721 0x11a8  ============================================================
22:18:13.0721 0x11a8  KSN ping started
22:18:16.0915 0x11a8  KSN ping finished: true
22:18:17.0440 0x11a8  ================ Scan system memory ========================
22:18:17.0440 0x11a8  System memory - ok
22:18:17.0441 0x11a8  ================ Scan services =============================
22:18:17.0598 0x11a8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:18:17.0608 0x11a8  1394ohci - ok
22:18:17.0649 0x11a8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:18:17.0658 0x11a8  ACPI - ok
22:18:17.0668 0x11a8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:18:17.0669 0x11a8  AcpiPmi - ok
22:18:17.0745 0x11a8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:18:17.0749 0x11a8  AdobeARMservice - ok
22:18:17.0814 0x11a8  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:18:17.0820 0x11a8  AdobeFlashPlayerUpdateSvc - ok
22:18:17.0856 0x11a8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:18:17.0867 0x11a8  adp94xx - ok
22:18:17.0900 0x11a8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:18:17.0908 0x11a8  adpahci - ok
22:18:17.0918 0x11a8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:18:17.0924 0x11a8  adpu320 - ok
22:18:17.0947 0x11a8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:18:17.0949 0x11a8  AeLookupSvc - ok
22:18:17.0991 0x11a8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
22:18:18.0003 0x11a8  AFD - ok
22:18:18.0026 0x11a8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:18:18.0028 0x11a8  agp440 - ok
22:18:18.0043 0x11a8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:18:18.0046 0x11a8  ALG - ok
22:18:18.0079 0x11a8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:18:18.0079 0x11a8  aliide - ok
22:18:18.0122 0x11a8  [ 3F9B03B72577A6A7405BF30801CBD159, BBB2A26136D6F9BBE0D2982689797C6FF89E2026589CCFBB35D9B845C88472DD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:18:18.0128 0x11a8  AMD External Events Utility - ok
22:18:18.0150 0x11a8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:18:18.0151 0x11a8  amdide - ok
22:18:18.0193 0x11a8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:18:18.0196 0x11a8  AmdK8 - ok
22:18:18.0427 0x11a8  [ EA244A8B88DE8B5986BF3B7903B063AF, 44BB9CCCB9A15BF64494318CE047017AF27B373FB5B57E5D05C88A16AE913672 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:18:18.0574 0x11a8  amdkmdag - ok
22:18:18.0612 0x11a8  [ DCA6E341A4A7C31EA8A14C6166C9B249, 35319D428DD5BC055DC1E9B17BFC56C339E408929E9BC83878975DD01A68D652 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:18:18.0616 0x11a8  amdkmdap - ok
22:18:18.0622 0x11a8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:18:18.0624 0x11a8  AmdPPM - ok
22:18:18.0655 0x11a8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:18:18.0658 0x11a8  amdsata - ok
22:18:18.0688 0x11a8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:18:18.0693 0x11a8  amdsbs - ok
22:18:18.0707 0x11a8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:18:18.0708 0x11a8  amdxata - ok
22:18:18.0749 0x11a8  [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38, 916CA4FE1899609AB36E66CB90D69EC487C1913C9C542760564BCFFF1B6E8070 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
22:18:18.0757 0x11a8  ApfiltrService - ok
22:18:18.0800 0x11a8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
22:18:18.0802 0x11a8  AppID - ok
22:18:18.0818 0x11a8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:18:18.0820 0x11a8  AppIDSvc - ok
22:18:18.0850 0x11a8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:18:18.0853 0x11a8  Appinfo - ok
22:18:18.0880 0x11a8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:18:18.0882 0x11a8  arc - ok
22:18:18.0897 0x11a8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:18:18.0901 0x11a8  arcsas - ok
22:18:19.0012 0x11a8  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:18:19.0014 0x11a8  aspnet_state - ok
22:18:19.0053 0x11a8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:18:19.0054 0x11a8  AsyncMac - ok
22:18:19.0085 0x11a8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:18:19.0086 0x11a8  atapi - ok
22:18:19.0156 0x11a8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:18:19.0173 0x11a8  AudioEndpointBuilder - ok
22:18:19.0212 0x11a8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:18:19.0229 0x11a8  AudioSrv - ok
22:18:19.0250 0x11a8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:18:19.0254 0x11a8  AxInstSV - ok
22:18:19.0297 0x11a8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:18:19.0309 0x11a8  b06bdrv - ok
22:18:19.0337 0x11a8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:18:19.0343 0x11a8  b57nd60a - ok
22:18:19.0371 0x11a8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:18:19.0374 0x11a8  BDESVC - ok
22:18:19.0388 0x11a8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:18:19.0389 0x11a8  Beep - ok
22:18:19.0438 0x11a8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:18:19.0454 0x11a8  BFE - ok
22:18:19.0501 0x11a8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:18:19.0521 0x11a8  BITS - ok
22:18:19.0554 0x11a8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:18:19.0556 0x11a8  blbdrive - ok
22:18:19.0580 0x11a8  [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
22:18:19.0586 0x11a8  Bonjour Service - ok
22:18:19.0613 0x11a8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:18:19.0616 0x11a8  bowser - ok
22:18:19.0633 0x11a8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:18:19.0634 0x11a8  BrFiltLo - ok
22:18:19.0652 0x11a8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:18:19.0653 0x11a8  BrFiltUp - ok
22:18:19.0685 0x11a8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:18:19.0689 0x11a8  Browser - ok
22:18:19.0702 0x11a8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:18:19.0709 0x11a8  Brserid - ok
22:18:19.0715 0x11a8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:18:19.0718 0x11a8  BrSerWdm - ok
22:18:19.0722 0x11a8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:18:19.0723 0x11a8  BrUsbMdm - ok
22:18:19.0734 0x11a8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:18:19.0735 0x11a8  BrUsbSer - ok
22:18:19.0784 0x11a8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
22:18:19.0786 0x11a8  BthEnum - ok
22:18:19.0792 0x11a8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:18:19.0794 0x11a8  BTHMODEM - ok
22:18:19.0813 0x11a8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:18:19.0817 0x11a8  BthPan - ok
22:18:19.0879 0x11a8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
22:18:19.0891 0x11a8  BTHPORT - ok
22:18:19.0936 0x11a8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:18:19.0941 0x11a8  bthserv - ok
22:18:19.0962 0x11a8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
22:18:19.0967 0x11a8  BTHUSB - ok
22:18:19.0998 0x11a8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:18:20.0001 0x11a8  cdfs - ok
22:18:20.0040 0x11a8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:18:20.0045 0x11a8  cdrom - ok
22:18:20.0083 0x11a8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:18:20.0087 0x11a8  CertPropSvc - ok
22:18:20.0100 0x11a8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:18:20.0101 0x11a8  circlass - ok
22:18:20.0125 0x11a8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
22:18:20.0134 0x11a8  CLFS - ok
22:18:20.0184 0x11a8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:18:20.0186 0x11a8  clr_optimization_v2.0.50727_32 - ok
22:18:20.0225 0x11a8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:18:20.0228 0x11a8  clr_optimization_v2.0.50727_64 - ok
22:18:20.0283 0x11a8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:18:20.0300 0x11a8  clr_optimization_v4.0.30319_32 - ok
22:18:20.0329 0x11a8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:18:20.0337 0x11a8  clr_optimization_v4.0.30319_64 - ok
22:18:20.0374 0x11a8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:18:20.0376 0x11a8  CmBatt - ok
22:18:20.0402 0x11a8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:18:20.0404 0x11a8  cmdide - ok
22:18:20.0454 0x11a8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
22:18:20.0465 0x11a8  CNG - ok
22:18:20.0496 0x11a8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:18:20.0497 0x11a8  Compbatt - ok
22:18:20.0516 0x11a8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:18:20.0518 0x11a8  CompositeBus - ok
22:18:20.0528 0x11a8  COMSysApp - ok
22:18:20.0544 0x11a8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:18:20.0545 0x11a8  crcdisk - ok
22:18:20.0567 0x11a8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:18:20.0572 0x11a8  CryptSvc - ok
22:18:20.0621 0x11a8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:18:20.0633 0x11a8  DcomLaunch - ok
22:18:20.0662 0x11a8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:18:20.0669 0x11a8  defragsvc - ok
22:18:20.0705 0x11a8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:18:20.0708 0x11a8  DfsC - ok
22:18:20.0734 0x11a8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:18:20.0742 0x11a8  Dhcp - ok
22:18:20.0759 0x11a8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:18:20.0760 0x11a8  discache - ok
22:18:20.0802 0x11a8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:18:20.0805 0x11a8  Disk - ok
22:18:20.0834 0x11a8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:18:20.0840 0x11a8  Dnscache - ok
22:18:20.0875 0x11a8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:18:20.0882 0x11a8  dot3svc - ok
22:18:20.0900 0x11a8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:18:20.0904 0x11a8  DPS - ok
22:18:20.0932 0x11a8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:18:20.0933 0x11a8  drmkaud - ok
22:18:21.0037 0x11a8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:18:21.0062 0x11a8  DXGKrnl - ok
22:18:21.0114 0x11a8  [ FE96AA1A36E76588C80DF1040286DDE1, 86EED8A0B59CD1930E6282997537ED94333FC7D45E3FE5A4D82057E1C8E5C2CD ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
22:18:21.0121 0x11a8  eamonm - ok
22:18:21.0143 0x11a8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:18:21.0147 0x11a8  EapHost - ok
22:18:21.0294 0x11a8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:18:21.0365 0x11a8  ebdrv - ok
22:18:21.0406 0x11a8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
22:18:21.0408 0x11a8  EFS - ok
22:18:21.0487 0x11a8  [ 807BA90D47F8885C09E1D6AFBB706E18, A803FE639C9C87733CA73D8F6C04A8CEB28DC45EEEA6CEC01ED3D4124C8E48EA ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
22:18:21.0496 0x11a8  ehdrv - ok
22:18:21.0676 0x11a8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:18:21.0693 0x11a8  ehRecvr - ok
22:18:21.0714 0x11a8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:18:21.0717 0x11a8  ehSched - ok
22:18:21.0895 0x11a8  [ 4CB575D97653FA91FFB02DA3105EB084, 59FB4D2485EEDBCC56D92C1F5DF3FEAE67D751F3AD7AEA7590F3C73107C829E8 ] ekrn            C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
22:18:21.0925 0x11a8  ekrn - ok
22:18:21.0983 0x11a8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:18:21.0996 0x11a8  elxstor - ok
22:18:22.0066 0x11a8  [ 00A81DC02BA17FB4BFCFA026DC47458F, 1B95BD51727E66B023BA4F2C9F57E69496790582CB272D57FE4BC15BA64952D8 ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
22:18:22.0071 0x11a8  epfw - ok
22:18:22.0091 0x11a8  [ 3B085449438B2BCFD09CC84A0B90D1DB, 098DD64CC446E3960F93C0CDA495069DB6E7D9397CAC857E09E9FA323F5D31B2 ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
22:18:22.0092 0x11a8  EpfwLWF - ok
22:18:22.0130 0x11a8  [ 91D54747A07F56ADCE1B6CFD3387AF60, 6F27AC896EA360284F6868BA1FEB55AE9325C914E54D73AECC5EBC8328650D41 ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
22:18:22.0132 0x11a8  epfwwfp - ok
22:18:22.0144 0x11a8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:18:22.0145 0x11a8  ErrDev - ok
22:18:22.0196 0x11a8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:18:22.0207 0x11a8  EventSystem - ok
22:18:22.0367 0x11a8  [ B56D9602DB5FE1C116B1CA5EFD8E2E50, 34F52939089A98860E659BEF6AB8275BC50C33CC282DD3D34E13909BB7E3E575 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:18:22.0401 0x11a8  EvtEng - ok
22:18:22.0420 0x11a8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:18:22.0425 0x11a8  exfat - ok
22:18:22.0447 0x11a8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:18:22.0452 0x11a8  fastfat - ok
22:18:22.0507 0x11a8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:18:22.0523 0x11a8  Fax - ok
22:18:22.0529 0x11a8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:18:22.0530 0x11a8  fdc - ok
22:18:22.0561 0x11a8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:18:22.0562 0x11a8  fdPHost - ok
22:18:22.0571 0x11a8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:18:22.0572 0x11a8  FDResPub - ok
22:18:22.0594 0x11a8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:18:22.0597 0x11a8  FileInfo - ok
22:18:22.0611 0x11a8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:18:22.0613 0x11a8  Filetrace - ok
22:18:22.0667 0x11a8  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:18:22.0683 0x11a8  FLEXnet Licensing Service - ok
22:18:22.0689 0x11a8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:18:22.0690 0x11a8  flpydisk - ok
22:18:22.0707 0x11a8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:18:22.0716 0x11a8  FltMgr - ok
22:18:22.0783 0x11a8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
22:18:22.0810 0x11a8  FontCache - ok
22:18:22.0871 0x11a8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:18:22.0873 0x11a8  FontCache3.0.0.0 - ok
22:18:22.0884 0x11a8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:18:22.0885 0x11a8  FsDepends - ok
22:18:22.0911 0x11a8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:18:22.0912 0x11a8  Fs_Rec - ok
22:18:22.0959 0x11a8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:18:22.0967 0x11a8  fvevol - ok
22:18:23.0061 0x11a8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:18:23.0065 0x11a8  gagp30kx - ok
22:18:23.0179 0x11a8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:18:23.0197 0x11a8  gpsvc - ok
22:18:23.0256 0x11a8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:18:23.0260 0x11a8  gupdate - ok
22:18:23.0269 0x11a8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:18:23.0273 0x11a8  gupdatem - ok
22:18:23.0288 0x11a8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:18:23.0289 0x11a8  hcw85cir - ok
22:18:23.0320 0x11a8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:18:23.0329 0x11a8  HdAudAddService - ok
22:18:23.0351 0x11a8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:18:23.0355 0x11a8  HDAudBus - ok
22:18:23.0384 0x11a8  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
22:18:23.0386 0x11a8  HECIx64 - ok
22:18:23.0402 0x11a8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:18:23.0403 0x11a8  HidBatt - ok
22:18:23.0410 0x11a8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:18:23.0413 0x11a8  HidBth - ok
22:18:23.0419 0x11a8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:18:23.0421 0x11a8  HidIr - ok
22:18:23.0444 0x11a8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:18:23.0446 0x11a8  hidserv - ok
22:18:23.0485 0x11a8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:18:23.0487 0x11a8  HidUsb - ok
22:18:23.0500 0x11a8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:18:23.0504 0x11a8  hkmsvc - ok
22:18:23.0522 0x11a8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:18:23.0530 0x11a8  HomeGroupListener - ok
22:18:23.0613 0x11a8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:18:23.0625 0x11a8  HomeGroupProvider - ok
22:18:23.0661 0x11a8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:18:23.0664 0x11a8  HpSAMD - ok
22:18:23.0710 0x11a8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:18:23.0731 0x11a8  HTTP - ok
22:18:23.0748 0x11a8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:18:23.0750 0x11a8  hwpolicy - ok
22:18:23.0761 0x11a8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:18:23.0763 0x11a8  i8042prt - ok
22:18:23.0790 0x11a8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:18:23.0800 0x11a8  iaStorV - ok
22:18:23.0874 0x11a8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:18:23.0908 0x11a8  idsvc - ok
22:18:23.0934 0x11a8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:18:23.0936 0x11a8  iirsp - ok
22:18:23.0981 0x11a8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:18:24.0001 0x11a8  IKEEXT - ok
22:18:24.0115 0x11a8  [ 526E482AFB586CB1CDD687869DECF686, DCF1D4772181AD14E8846C9B34387ADB6A8D56BE305A8926896AE35D3496A49F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:18:24.0167 0x11a8  IntcAzAudAddService - ok
22:18:24.0194 0x11a8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:18:24.0195 0x11a8  intelide - ok
22:18:24.0226 0x11a8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:18:24.0228 0x11a8  intelppm - ok
22:18:24.0254 0x11a8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:18:24.0260 0x11a8  IPBusEnum - ok
22:18:24.0271 0x11a8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:18:24.0274 0x11a8  IpFilterDriver - ok
22:18:24.0319 0x11a8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:18:24.0343 0x11a8  iphlpsvc - ok
22:18:24.0360 0x11a8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:18:24.0363 0x11a8  IPMIDRV - ok
22:18:24.0370 0x11a8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:18:24.0373 0x11a8  IPNAT - ok
22:18:24.0388 0x11a8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:18:24.0390 0x11a8  IRENUM - ok
22:18:24.0399 0x11a8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:18:24.0400 0x11a8  isapnp - ok
22:18:24.0421 0x11a8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:18:24.0429 0x11a8  iScsiPrt - ok
22:18:24.0449 0x11a8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:18:24.0451 0x11a8  kbdclass - ok
22:18:24.0467 0x11a8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:18:24.0469 0x11a8  kbdhid - ok
22:18:24.0483 0x11a8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
22:18:24.0485 0x11a8  KeyIso - ok
22:18:24.0512 0x11a8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:18:24.0516 0x11a8  KSecDD - ok
22:18:24.0526 0x11a8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:18:24.0532 0x11a8  KSecPkg - ok
22:18:24.0555 0x11a8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:18:24.0556 0x11a8  ksthunk - ok
22:18:24.0595 0x11a8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:18:24.0605 0x11a8  KtmRm - ok
22:18:24.0631 0x11a8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:18:24.0638 0x11a8  LanmanServer - ok
22:18:24.0659 0x11a8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:18:24.0664 0x11a8  LanmanWorkstation - ok
22:18:24.0698 0x11a8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:18:24.0700 0x11a8  lltdio - ok
22:18:24.0732 0x11a8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:18:24.0740 0x11a8  lltdsvc - ok
22:18:24.0750 0x11a8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:18:24.0753 0x11a8  lmhosts - ok
22:18:24.0796 0x11a8  [ AD1CF8471B06BADB93D87CC4D63B8483, 0465CFBA7A12F74CCD155949837694D3F67F57B831A9BA7D40E08882AD3E1815 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:18:24.0804 0x11a8  LMS - ok
22:18:24.0859 0x11a8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:18:24.0863 0x11a8  LSI_FC - ok
22:18:24.0873 0x11a8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:18:24.0877 0x11a8  LSI_SAS - ok
22:18:24.0896 0x11a8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:18:24.0898 0x11a8  LSI_SAS2 - ok
22:18:24.0906 0x11a8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:18:24.0909 0x11a8  LSI_SCSI - ok
22:18:24.0928 0x11a8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:18:24.0932 0x11a8  luafv - ok
22:18:24.0951 0x11a8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:18:24.0954 0x11a8  Mcx2Svc - ok
22:18:24.0964 0x11a8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:18:24.0966 0x11a8  megasas - ok
22:18:24.0978 0x11a8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:18:24.0985 0x11a8  MegaSR - ok
22:18:25.0009 0x11a8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:18:25.0012 0x11a8  MMCSS - ok
22:18:25.0021 0x11a8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:18:25.0023 0x11a8  Modem - ok
22:18:25.0052 0x11a8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:18:25.0053 0x11a8  monitor - ok
22:18:25.0073 0x11a8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:18:25.0076 0x11a8  mouclass - ok
22:18:25.0090 0x11a8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:18:25.0092 0x11a8  mouhid - ok
22:18:25.0112 0x11a8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:18:25.0115 0x11a8  mountmgr - ok
22:18:25.0170 0x11a8  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:18:25.0177 0x11a8  MozillaMaintenance - ok
22:18:25.0205 0x11a8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:18:25.0211 0x11a8  mpio - ok
22:18:25.0218 0x11a8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:18:25.0220 0x11a8  mpsdrv - ok
22:18:25.0273 0x11a8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:18:25.0292 0x11a8  MpsSvc - ok
22:18:25.0329 0x11a8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:18:25.0333 0x11a8  MRxDAV - ok
22:18:25.0359 0x11a8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:18:25.0364 0x11a8  mrxsmb - ok
22:18:25.0389 0x11a8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:18:25.0397 0x11a8  mrxsmb10 - ok
22:18:25.0454 0x11a8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:18:25.0460 0x11a8  mrxsmb20 - ok
22:18:25.0478 0x11a8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:18:25.0481 0x11a8  msahci - ok
22:18:25.0514 0x11a8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:18:25.0518 0x11a8  msdsm - ok
22:18:25.0549 0x11a8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:18:25.0555 0x11a8  MSDTC - ok
22:18:25.0577 0x11a8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:18:25.0579 0x11a8  Msfs - ok
22:18:25.0595 0x11a8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:18:25.0597 0x11a8  mshidkmdf - ok
22:18:25.0614 0x11a8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:18:25.0616 0x11a8  msisadrv - ok
22:18:25.0643 0x11a8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:18:25.0647 0x11a8  MSiSCSI - ok
22:18:25.0651 0x11a8  msiserver - ok
22:18:25.0666 0x11a8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:18:25.0667 0x11a8  MSKSSRV - ok
22:18:25.0689 0x11a8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:18:25.0690 0x11a8  MSPCLOCK - ok
22:18:25.0694 0x11a8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:18:25.0696 0x11a8  MSPQM - ok
22:18:25.0777 0x11a8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:18:25.0800 0x11a8  MsRPC - ok
22:18:25.0817 0x11a8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:18:25.0819 0x11a8  mssmbios - ok
22:18:25.0837 0x11a8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:18:25.0838 0x11a8  MSTEE - ok
22:18:25.0852 0x11a8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:18:25.0853 0x11a8  MTConfig - ok
22:18:25.0860 0x11a8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:18:25.0863 0x11a8  Mup - ok
22:18:25.0895 0x11a8  [ A9BC2302FBDF52C8AF4E2FC966288D21, 4CBDCDCC2BA8133BDC0BA1A1EB47FB9241CAACF93544BAD37175417DA9E616D6 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:18:25.0903 0x11a8  MyWiFiDHCPDNS - ok
22:18:25.0947 0x11a8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:18:25.0959 0x11a8  napagent - ok
22:18:25.0991 0x11a8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:18:25.0998 0x11a8  NativeWifiP - ok
22:18:26.0052 0x11a8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:18:26.0088 0x11a8  NDIS - ok
22:18:26.0104 0x11a8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:18:26.0105 0x11a8  NdisCap - ok
22:18:26.0139 0x11a8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:18:26.0141 0x11a8  NdisTapi - ok
22:18:26.0154 0x11a8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:18:26.0156 0x11a8  Ndisuio - ok
22:18:26.0172 0x11a8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:18:26.0177 0x11a8  NdisWan - ok
22:18:26.0193 0x11a8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:18:26.0195 0x11a8  NDProxy - ok
22:18:26.0221 0x11a8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:18:26.0224 0x11a8  NetBIOS - ok
22:18:26.0234 0x11a8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:18:26.0242 0x11a8  NetBT - ok
22:18:26.0254 0x11a8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
22:18:26.0256 0x11a8  Netlogon - ok
22:18:26.0281 0x11a8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:18:26.0290 0x11a8  Netman - ok
22:18:26.0348 0x11a8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:18:26.0352 0x11a8  NetMsmqActivator - ok
22:18:26.0364 0x11a8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:18:26.0367 0x11a8  NetPipeActivator - ok
22:18:26.0444 0x11a8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:18:26.0455 0x11a8  netprofm - ok
22:18:26.0464 0x11a8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:18:26.0467 0x11a8  NetTcpActivator - ok
22:18:26.0491 0x11a8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:18:26.0495 0x11a8  NetTcpPortSharing - ok
22:18:26.0929 0x11a8  [ 18555F48844C2861D9DCE8F2B7223AE5, 35F8C0DFCF14780F86AD9A476A7AE22A98589B27ED9C7E109945CBBD227E6E2B ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
22:18:27.0106 0x11a8  NETw5s64 - ok
22:18:27.0160 0x11a8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:18:27.0161 0x11a8  nfrd960 - ok
22:18:27.0179 0x11a8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:18:27.0188 0x11a8  NlaSvc - ok
22:18:27.0204 0x11a8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:18:27.0206 0x11a8  Npfs - ok
22:18:27.0230 0x11a8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:18:27.0232 0x11a8  nsi - ok
22:18:27.0247 0x11a8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:18:27.0248 0x11a8  nsiproxy - ok
22:18:27.0318 0x11a8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:18:27.0411 0x11a8  Ntfs - ok
22:18:27.0428 0x11a8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:18:27.0429 0x11a8  Null - ok
22:18:27.0466 0x11a8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:18:27.0471 0x11a8  nvraid - ok
22:18:27.0498 0x11a8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:18:27.0502 0x11a8  nvstor - ok
22:18:27.0536 0x11a8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:18:27.0540 0x11a8  nv_agp - ok
22:18:27.0546 0x11a8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:18:27.0549 0x11a8  ohci1394 - ok
22:18:27.0633 0x11a8  [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:18:27.0645 0x11a8  ose64 - ok
22:18:27.0868 0x11a8  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:18:28.0088 0x11a8  osppsvc - ok
22:18:28.0155 0x11a8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:18:28.0176 0x11a8  p2pimsvc - ok
22:18:28.0241 0x11a8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:18:28.0252 0x11a8  p2psvc - ok
22:18:28.0296 0x11a8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
22:18:28.0301 0x11a8  Parport - ok
22:18:28.0323 0x11a8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:18:28.0325 0x11a8  partmgr - ok
22:18:28.0392 0x11a8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:18:28.0400 0x11a8  PcaSvc - ok
22:18:28.0474 0x11a8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:18:28.0478 0x11a8  pci - ok
22:18:28.0493 0x11a8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:18:28.0494 0x11a8  pciide - ok
22:18:28.0520 0x11a8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:18:28.0525 0x11a8  pcmcia - ok
22:18:28.0543 0x11a8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:18:28.0550 0x11a8  pcw - ok
22:18:28.0570 0x11a8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:18:28.0589 0x11a8  PEAUTH - ok
22:18:28.0684 0x11a8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:18:28.0686 0x11a8  PerfHost - ok
22:18:28.0778 0x11a8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:18:28.0811 0x11a8  pla - ok
22:18:28.0872 0x11a8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:18:28.0883 0x11a8  PlugPlay - ok
22:18:28.0922 0x11a8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:18:28.0924 0x11a8  PNRPAutoReg - ok
22:18:28.0963 0x11a8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:18:28.0971 0x11a8  PNRPsvc - ok
22:18:29.0042 0x11a8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:18:29.0054 0x11a8  PolicyAgent - ok
22:18:29.0101 0x11a8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:18:29.0107 0x11a8  Power - ok
22:18:29.0150 0x11a8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:18:29.0153 0x11a8  PptpMiniport - ok
22:18:29.0178 0x11a8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:18:29.0192 0x11a8  Processor - ok
22:18:29.0240 0x11a8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:18:29.0246 0x11a8  ProfSvc - ok
22:18:29.0265 0x11a8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:18:29.0266 0x11a8  ProtectedStorage - ok
22:18:29.0300 0x11a8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:18:29.0304 0x11a8  Psched - ok
22:18:29.0429 0x11a8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:18:29.0463 0x11a8  ql2300 - ok
22:18:29.0487 0x11a8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:18:29.0491 0x11a8  ql40xx - ok
22:18:29.0528 0x11a8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:18:29.0536 0x11a8  QWAVE - ok
22:18:29.0562 0x11a8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:18:29.0564 0x11a8  QWAVEdrv - ok
22:18:29.0593 0x11a8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:18:29.0594 0x11a8  RasAcd - ok
22:18:29.0651 0x11a8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:18:29.0653 0x11a8  RasAgileVpn - ok
22:18:29.0683 0x11a8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:18:29.0687 0x11a8  RasAuto - ok
22:18:29.0701 0x11a8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:18:29.0705 0x11a8  Rasl2tp - ok
22:18:29.0773 0x11a8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:18:29.0785 0x11a8  RasMan - ok
22:18:29.0826 0x11a8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:18:29.0829 0x11a8  RasPppoe - ok
22:18:29.0981 0x11a8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:18:29.0983 0x11a8  RasSstp - ok
22:18:30.0013 0x11a8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:18:30.0038 0x11a8  rdbss - ok
22:18:30.0073 0x11a8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:18:30.0075 0x11a8  rdpbus - ok
22:18:30.0127 0x11a8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:18:30.0160 0x11a8  RDPCDD - ok
22:18:30.0167 0x11a8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:18:30.0168 0x11a8  RDPENCDD - ok
22:18:30.0177 0x11a8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:18:30.0179 0x11a8  RDPREFMP - ok
22:18:30.0277 0x11a8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:18:30.0282 0x11a8  RDPWD - ok
22:18:30.0331 0x11a8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:18:30.0337 0x11a8  rdyboost - ok
22:18:30.0434 0x11a8  [ 0AA473966357C4A41B5EB19649EB6E5E, D4F1EADDECE41481332CBF03B8CAB4AC6AB048834DF013DB30757E7941F306FE ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:18:30.0459 0x11a8  RegSrvc - ok
22:18:30.0493 0x11a8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:18:30.0496 0x11a8  RemoteAccess - ok
22:18:30.0575 0x11a8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:18:30.0580 0x11a8  RemoteRegistry - ok
22:18:30.0611 0x11a8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:18:30.0615 0x11a8  RFCOMM - ok
22:18:30.0640 0x11a8  [ FA6ABC06B629DA29634D31F1FE0347BD, 6469EB5C43CFBF9D774DE09042E3E0B4A08B8A146A43450F591725418BF5104E ] rimspci         C:\Windows\system32\DRIVERS\rimssne64.sys
22:18:30.0642 0x11a8  rimspci - ok
22:18:30.0676 0x11a8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:18:30.0679 0x11a8  RpcEptMapper - ok
22:18:30.0708 0x11a8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:18:30.0715 0x11a8  RpcLocator - ok
22:18:30.0761 0x11a8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:18:30.0774 0x11a8  RpcSs - ok
22:18:30.0817 0x11a8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:18:30.0820 0x11a8  rspndr - ok
22:18:30.0840 0x11a8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
22:18:30.0842 0x11a8  SamSs - ok
22:18:30.0867 0x11a8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:18:30.0870 0x11a8  sbp2port - ok
22:18:30.0913 0x11a8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:18:30.0919 0x11a8  SCardSvr - ok
22:18:30.0952 0x11a8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:18:30.0953 0x11a8  scfilter - ok
22:18:31.0070 0x11a8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:18:31.0096 0x11a8  Schedule - ok
22:18:31.0129 0x11a8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:18:31.0131 0x11a8  SCPolicySvc - ok
22:18:31.0165 0x11a8  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
22:18:31.0168 0x11a8  sdbus - ok
22:18:31.0221 0x11a8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:18:31.0226 0x11a8  SDRSVC - ok
22:18:31.0294 0x11a8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:18:31.0298 0x11a8  secdrv - ok
22:18:31.0320 0x11a8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:18:31.0323 0x11a8  seclogon - ok
22:18:31.0341 0x11a8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:18:31.0344 0x11a8  SENS - ok
22:18:31.0427 0x11a8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:18:31.0430 0x11a8  SensrSvc - ok
22:18:31.0484 0x11a8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:18:31.0486 0x11a8  Serenum - ok
22:18:31.0548 0x11a8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:18:31.0552 0x11a8  Serial - ok
22:18:31.0584 0x11a8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:18:31.0585 0x11a8  sermouse - ok
22:18:31.0646 0x11a8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:18:31.0651 0x11a8  SessionEnv - ok
22:18:31.0713 0x11a8  [ 70F9C476B62DE4F2823E918A6C181ADE, E1A641418A6CB4FA38BB29B86934838B28D8909B8066E5089D85BF72FD61F4C4 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
22:18:31.0714 0x11a8  SFEP - ok
22:18:31.0730 0x11a8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:18:31.0731 0x11a8  sffdisk - ok
22:18:31.0753 0x11a8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:18:31.0755 0x11a8  sffp_mmc - ok
22:18:31.0764 0x11a8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:18:31.0765 0x11a8  sffp_sd - ok
22:18:31.0773 0x11a8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:18:31.0774 0x11a8  sfloppy - ok
22:18:31.0815 0x11a8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:18:31.0825 0x11a8  SharedAccess - ok
22:18:31.0897 0x11a8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:18:31.0907 0x11a8  ShellHWDetection - ok
22:18:31.0932 0x11a8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:18:31.0933 0x11a8  SiSRaid2 - ok
22:18:31.0958 0x11a8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:18:31.0961 0x11a8  SiSRaid4 - ok
22:18:32.0027 0x11a8  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:18:32.0032 0x11a8  SkypeUpdate - ok
22:18:32.0068 0x11a8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:18:32.0070 0x11a8  Smb - ok
22:18:32.0092 0x11a8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:18:32.0094 0x11a8  SNMPTRAP - ok
22:18:32.0114 0x11a8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:18:32.0116 0x11a8  spldr - ok
22:18:32.0155 0x11a8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:18:32.0170 0x11a8  Spooler - ok
22:18:32.0291 0x11a8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:18:32.0371 0x11a8  sppsvc - ok
22:18:32.0394 0x11a8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:18:32.0398 0x11a8  sppuinotify - ok
22:18:32.0446 0x11a8  [ 656736958178461D25B51BB0D9EC7D09, A1C987CD3C1B36516691B6FB6B0589897826E9237C72AD8B5D79D20ACAFCC883 ] sptd            C:\Windows\System32\Drivers\sptd.sys
22:18:32.0456 0x11a8  sptd - ok
22:18:32.0501 0x11a8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:18:32.0521 0x11a8  srv - ok
22:18:32.0554 0x11a8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:18:32.0569 0x11a8  srv2 - ok
22:18:32.0590 0x11a8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:18:32.0595 0x11a8  srvnet - ok
22:18:32.0627 0x11a8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:18:32.0635 0x11a8  SSDPSRV - ok
22:18:32.0652 0x11a8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:18:32.0655 0x11a8  SstpSvc - ok
22:18:32.0683 0x11a8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:18:32.0684 0x11a8  stexstor - ok
22:18:32.0734 0x11a8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:18:32.0748 0x11a8  stisvc - ok
22:18:32.0762 0x11a8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:18:32.0764 0x11a8  swenum - ok
22:18:32.0793 0x11a8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:18:32.0806 0x11a8  swprv - ok
22:18:32.0887 0x11a8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:18:32.0928 0x11a8  SysMain - ok
22:18:32.0948 0x11a8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:18:32.0953 0x11a8  TabletInputService - ok
22:18:32.0983 0x11a8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:18:32.0993 0x11a8  TapiSrv - ok
22:18:33.0015 0x11a8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:18:33.0018 0x11a8  TBS - ok
22:18:33.0110 0x11a8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:18:33.0175 0x11a8  Tcpip - ok
22:18:33.0260 0x11a8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:18:33.0302 0x11a8  TCPIP6 - ok
22:18:33.0330 0x11a8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:18:33.0332 0x11a8  tcpipreg - ok
22:18:33.0353 0x11a8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:18:33.0354 0x11a8  TDPIPE - ok
22:18:33.0382 0x11a8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:18:33.0383 0x11a8  TDTCP - ok
22:18:33.0404 0x11a8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:18:33.0407 0x11a8  tdx - ok
22:18:33.0676 0x11a8  [ C32E6295D7D024B2302EFF1A7FEFD720, A9E5C78FD8765367863FFCA4954E52EEC77BE4956A6910CD09BBBF9D5BC96D4E ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
22:18:33.0843 0x11a8  TeamViewer9 - ok
22:18:33.0870 0x11a8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:18:33.0872 0x11a8  TermDD - ok
22:18:33.0914 0x11a8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
22:18:33.0930 0x11a8  TermService - ok
22:18:33.0947 0x11a8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:18:33.0950 0x11a8  Themes - ok
22:18:33.0963 0x11a8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:18:33.0968 0x11a8  THREADORDER - ok
22:18:34.0000 0x11a8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:18:34.0005 0x11a8  TrkWks - ok
22:18:34.0047 0x11a8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:18:34.0053 0x11a8  TrustedInstaller - ok
22:18:34.0082 0x11a8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:18:34.0084 0x11a8  tssecsrv - ok
22:18:34.0133 0x11a8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:18:34.0135 0x11a8  TsUsbFlt - ok
22:18:34.0140 0x11a8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:18:34.0142 0x11a8  TsUsbGD - ok
22:18:34.0171 0x11a8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:18:34.0175 0x11a8  tunnel - ok
22:18:34.0194 0x11a8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:18:34.0196 0x11a8  uagp35 - ok
22:18:34.0210 0x11a8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:18:34.0218 0x11a8  udfs - ok
22:18:34.0259 0x11a8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:18:34.0262 0x11a8  UI0Detect - ok
22:18:34.0288 0x11a8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:18:34.0291 0x11a8  uliagpkx - ok
22:18:34.0300 0x11a8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:18:34.0302 0x11a8  umbus - ok
22:18:34.0306 0x11a8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:18:34.0307 0x11a8  UmPass - ok
22:18:34.0533 0x11a8  [ AD88AF249ABDC546151F9BFC4093FA9B, DA8D17CFDBC671F3699E9A4CCFC0F4A5557DA0A9887984E96115E774555AA5D4 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:18:34.0613 0x11a8  UNS - ok
22:18:34.0667 0x11a8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:18:34.0677 0x11a8  upnphost - ok
22:18:34.0708 0x11a8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:18:34.0710 0x11a8  usbccgp - ok
22:18:34.0737 0x11a8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:18:34.0740 0x11a8  usbcir - ok
22:18:34.0775 0x11a8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:18:34.0777 0x11a8  usbehci - ok
22:18:34.0840 0x11a8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:18:34.0850 0x11a8  usbhub - ok
22:18:34.0888 0x11a8  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:18:34.0890 0x11a8  usbohci - ok
22:18:34.0910 0x11a8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:18:34.0914 0x11a8  usbprint - ok
22:18:34.0946 0x11a8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:18:34.0947 0x11a8  usbscan - ok
22:18:34.0982 0x11a8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
22:18:34.0985 0x11a8  USBSTOR - ok
22:18:35.0022 0x11a8  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:18:35.0023 0x11a8  usbuhci - ok
22:18:35.0105 0x11a8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:18:35.0109 0x11a8  usbvideo - ok
22:18:35.0135 0x11a8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:18:35.0138 0x11a8  UxSms - ok
22:18:35.0175 0x11a8  [ A60605FC66552B421EE1F3D4EBB9A4E0, DCAC76EACAABD38E3896F78B56F51D08ECCC46E360DC29857526929900455E07 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
22:18:35.0182 0x11a8  VAIO Event Service - ok
22:18:35.0198 0x11a8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
22:18:35.0200 0x11a8  VaultSvc - ok
22:18:35.0227 0x11a8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:18:35.0229 0x11a8  vdrvroot - ok
22:18:35.0296 0x11a8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:18:35.0311 0x11a8  vds - ok
22:18:35.0349 0x11a8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:18:35.0351 0x11a8  vga - ok
22:18:35.0382 0x11a8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:18:35.0383 0x11a8  VgaSave - ok
22:18:35.0421 0x11a8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:18:35.0426 0x11a8  vhdmp - ok
22:18:35.0448 0x11a8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:18:35.0449 0x11a8  viaide - ok
22:18:35.0492 0x11a8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:18:35.0495 0x11a8  volmgr - ok
22:18:35.0518 0x11a8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:18:35.0528 0x11a8  volmgrx - ok
22:18:35.0550 0x11a8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:18:35.0559 0x11a8  volsnap - ok
22:18:35.0636 0x11a8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:18:35.0640 0x11a8  vsmraid - ok
22:18:35.0737 0x11a8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:18:35.0774 0x11a8  VSS - ok
22:18:35.0792 0x11a8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:18:35.0794 0x11a8  vwifibus - ok
22:18:35.0834 0x11a8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:18:35.0836 0x11a8  vwififlt - ok
22:18:35.0911 0x11a8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:18:35.0913 0x11a8  vwifimp - ok
22:18:35.0952 0x11a8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:18:35.0962 0x11a8  W32Time - ok
22:18:35.0970 0x11a8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:18:35.0973 0x11a8  WacomPen - ok
22:18:36.0024 0x11a8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:18:36.0026 0x11a8  WANARP - ok
22:18:36.0042 0x11a8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:18:36.0045 0x11a8  Wanarpv6 - ok
22:18:36.0210 0x11a8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:18:36.0239 0x11a8  WatAdminSvc - ok
22:18:36.0359 0x11a8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:18:36.0398 0x11a8  wbengine - ok
22:18:36.0410 0x11a8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:18:36.0416 0x11a8  WbioSrvc - ok
22:18:36.0453 0x11a8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:18:36.0464 0x11a8  wcncsvc - ok
22:18:36.0489 0x11a8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:18:36.0502 0x11a8  WcsPlugInService - ok
22:18:36.0548 0x11a8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:18:36.0550 0x11a8  Wd - ok
22:18:36.0634 0x11a8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:18:36.0671 0x11a8  Wdf01000 - ok
22:18:36.0735 0x11a8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:18:36.0739 0x11a8  WdiServiceHost - ok
22:18:36.0765 0x11a8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:18:36.0769 0x11a8  WdiSystemHost - ok
22:18:36.0833 0x11a8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
22:18:36.0850 0x11a8  WebClient - ok
22:18:36.0890 0x11a8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:18:36.0897 0x11a8  Wecsvc - ok
22:18:36.0929 0x11a8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:18:36.0933 0x11a8  wercplsupport - ok
22:18:36.0951 0x11a8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:18:36.0956 0x11a8  WerSvc - ok
22:18:37.0052 0x11a8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:18:37.0055 0x11a8  WfpLwf - ok
22:18:37.0118 0x11a8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:18:37.0120 0x11a8  WIMMount - ok
22:18:37.0170 0x11a8  WinDefend - ok
22:18:37.0214 0x11a8  WinHttpAutoProxySvc - ok
22:18:37.0317 0x11a8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:18:37.0323 0x11a8  Winmgmt - ok
22:18:37.0525 0x11a8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:18:37.0602 0x11a8  WinRM - ok
22:18:37.0672 0x11a8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:18:37.0673 0x11a8  WinUsb - ok
22:18:37.0791 0x11a8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:18:37.0816 0x11a8  Wlansvc - ok
22:18:37.0837 0x11a8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:18:37.0839 0x11a8  WmiAcpi - ok
22:18:37.0892 0x11a8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:18:37.0897 0x11a8  wmiApSrv - ok
22:18:37.0964 0x11a8  WMPNetworkSvc - ok
22:18:38.0000 0x11a8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:18:38.0003 0x11a8  WPCSvc - ok
22:18:38.0024 0x11a8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:18:38.0028 0x11a8  WPDBusEnum - ok
22:18:38.0094 0x11a8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:18:38.0096 0x11a8  ws2ifsl - ok
22:18:38.0125 0x11a8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:18:38.0129 0x11a8  wscsvc - ok
22:18:38.0135 0x11a8  WSearch - ok
22:18:38.0309 0x11a8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:18:38.0366 0x11a8  wuauserv - ok
22:18:38.0412 0x11a8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:18:38.0416 0x11a8  WudfPf - ok
22:18:38.0479 0x11a8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:18:38.0485 0x11a8  WUDFRd - ok
22:18:38.0529 0x11a8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:18:38.0534 0x11a8  wudfsvc - ok
22:18:38.0572 0x11a8  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:18:38.0579 0x11a8  WwanSvc - ok
22:18:38.0697 0x11a8  [ 5250193EF8E173AA7491250F00EB367F, FF33B5112C5702CBD8EF2B0B5E49428973054B961F3B105419F7A47E2057B8A6 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
22:18:38.0706 0x11a8  yukonw7 - ok
22:18:38.0722 0x11a8  ================ Scan global ===============================
22:18:38.0799 0x11a8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:18:38.0822 0x11a8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:18:38.0860 0x11a8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:18:38.0908 0x11a8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:18:39.0070 0x11a8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:18:39.0082 0x11a8  [ Global ] - ok
22:18:39.0086 0x11a8  ================ Scan MBR ==================================
22:18:39.0094 0x11a8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:18:39.0774 0x11a8  \Device\Harddisk0\DR0 - ok
22:18:39.0775 0x11a8  ================ Scan VBR ==================================
22:18:39.0787 0x11a8  [ 783A8E003397019EE732B02496EFC996 ] \Device\Harddisk0\DR0\Partition1
22:18:39.0789 0x11a8  \Device\Harddisk0\DR0\Partition1 - ok
22:18:39.0805 0x11a8  [ BA208AF5D718F3A26D42ADC06DB3EDA1 ] \Device\Harddisk0\DR0\Partition2
22:18:39.0806 0x11a8  \Device\Harddisk0\DR0\Partition2 - ok
22:18:39.0823 0x11a8  [ CEAC1B71A75BABC6DA95DC23ACD670F1 ] \Device\Harddisk0\DR0\Partition3
22:18:39.0824 0x11a8  \Device\Harddisk0\DR0\Partition3 - ok
22:18:39.0845 0x11a8  [ 24E926DAF737709DBF9D76A1609B2575 ] \Device\Harddisk0\DR0\Partition4
22:18:39.0846 0x11a8  \Device\Harddisk0\DR0\Partition4 - ok
22:18:39.0847 0x11a8  Waiting for KSN requests completion. In queue: 329
22:18:40.0847 0x11a8  Waiting for KSN requests completion. In queue: 329
22:18:41.0847 0x11a8  Waiting for KSN requests completion. In queue: 17
22:18:42.0847 0x11a8  Waiting for KSN requests completion. In queue: 17
22:18:43.0878 0x11a8  AV detected via SS2: ESET Smart Security 7.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x41000 ( enabled : updated )
22:18:43.0880 0x11a8  FW detected via SS2: ESET Personal firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x41010 ( enabled )
22:18:47.0056 0x11a8  ============================================================
22:18:47.0056 0x11a8  Scan finished
22:18:47.0056 0x11a8  ============================================================
22:18:47.0071 0x0530  Detected object count: 0
22:18:47.0071 0x0530  Actual detected object count: 0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-02-14 21:57:48
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD7500BPVX-22JC3T0 rev.01.01A01 698.64GB
Running: 0godlbzt.exe; Driver: C:\Users\Stefan\AppData\Local\Temp\ugliqpob.sys
 
 
---- Kernel code sections - GMER 2.1 ----
 
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                           fffff80002daf000 45 bytes [00, 00, 08, 02, 45, 76, 65, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                           fffff80002daf02f 16 bytes [00, 01, 00, 00, 00, 00, 00, ...]
 
---- User code sections - GMER 2.1 ----
 
.text     C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1540] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                    0000000075098769 4 bytes [C2, 04, 00, 00]
.text     C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1540] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                         00000000753e1465 2 bytes [3E, 75]
.text     C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1540] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                        00000000753e14bb 2 bytes [3E, 75]
.text     ...                                                                                                                                          * 2
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3496] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                   00000000753e1465 2 bytes [3E, 75]
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3496] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                  00000000753e14bb 2 bytes [3E, 75]
.text     ...                                                                                                                                          * 2
.text     C:\Users\Stefan\AppData\Roaming\uTorrent\uTorrent.exe[3592] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                          00000000753e1465 2 bytes [3E, 75]
.text     C:\Users\Stefan\AppData\Roaming\uTorrent\uTorrent.exe[3592] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                         00000000753e14bb 2 bytes [3E, 75]
.text     ...                                                                                                                                          * 2
 
---- Kernel IAT/EAT - GMER 2.1 ----
 
IAT       C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort]                                                               [fffff880010a8e94] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT       C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar]                                                                      [fffff880010a8c38] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT       C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar]                                                                     [fffff880010a9614] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT       C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong]                                                                     [fffff880010a9a10] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT       C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort]                                                              [fffff880010a986c] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortCopyMemory]                                                                      [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortGetPhysicalAddress]                                                              [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortReadRegisterUlong]                                                               [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortInitializeEx]                                                                    [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortDeviceStateChange]                                                               [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortEtwTraceLog]                                                                     [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortRegistryFreeBuffer]                                                              [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortGetBusData]                                                                      [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortRegistryRead]                                                                    [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortRequestCallback]                                                                 [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortStallExecution]                                                                  [ffffb0a015ff5024]  [unknown section]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortGetUnCachedExtension]                                                            [fffffa60e8cb8b48]  [unknown section]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortReadRegisterUchar]                                                               [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortBuildRequestSenseIrb]                                                            [fff9c3e8d2330000]  [unknown section]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortReleaseRequestSenseIrb]                                                          [fffa47e8cb8b48ff]  [unknown section]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortCompleteRequest]                                                                 [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortNotification]                                                                    [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortGetDeviceBase]                                                                   [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortGetScatterGatherList]                                                            [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortRegistryAllocateBuffer]                                                          [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[PCIIDEX.SYS!AtaPortWriteRegisterUlong]                                                              [?]
IAT       C:\Windows\System32\Drivers\aib53eio.SYS[NTOSKRNL.exe!KeBugCheckEx]                                                                          [?]
 
---- Devices - GMER 2.1 ----
 
Device    \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0                                                                                                  fffffa8003e712c0
Device    \Driver\atapi \Device\Ide\IdePort0                                                                                                           fffffa8003e712c0
Device    \Driver\atapi \Device\Ide\IdePort1                                                                                                           fffffa8003e712c0
Device    \Driver\atapi \Device\Ide\IdePort2                                                                                                           fffffa8003e712c0
Device    \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1                                                                                                  fffffa8003e712c0
Device    \Driver\aib53eio \Device\Scsi\aib53eio1Port3Path0Target0Lun0                                                                                 fffffa8004bb42c0
Device    \Driver\aib53eio \Device\Scsi\aib53eio1                                                                                                      fffffa8004bb42c0
Device    \FileSystem\Ntfs \Ntfs                                                                                                                       fffffa8003e792c0
Device    \Driver\usbehci \Device\USBPDO-1                                                                                                             fffffa8004b272c0
Device    \Driver\cdrom \Device\CdRom0                                                                                                                 fffffa80047582c0
Device    \Driver\cdrom \Device\CdRom1                                                                                                                 fffffa80047582c0
Device    \Driver\usbehci \Device\USBFDO-0                                                                                                             fffffa8004b272c0
Device    \Driver\NetBT \Device\NetBT_Tcpip_{68FF0D97-36B3-4C1A-89BA-2C4D8BDE22DC}                                                                     fffffa80048dc2c0
Device    \Driver\NetBT \Device\NetBT_Tcpip_{4F7B083F-964A-411E-A86E-FA12090A17D5}                                                                     fffffa80048dc2c0
Device    \Driver\usbehci \Device\USBFDO-1                                                                                                             fffffa8004b272c0
Device    \Driver\NetBT \Device\NetBT_Tcpip_{3856C57C-ADE0-44F8-93C1-7D3EB0AC357D}                                                                     fffffa80048dc2c0
Device    \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                      fffffa80048dc2c0
Device    \Driver\atapi \Device\ScsiPort0                                                                                                              fffffa8003e712c0
Device    \Driver\NetBT \Device\NetBT_Tcpip_{7346B5A5-F0F0-4BD3-A06F-85425A06A7BE}                                                                     fffffa80048dc2c0
Device    \Driver\usbehci \Device\USBPDO-0                                                                                                             fffffa8004b272c0
Device    \Driver\atapi \Device\ScsiPort1                                                                                                              fffffa8003e712c0
Device    \Driver\NetBT \Device\NetBT_Tcpip_{3D94C25F-79DB-4124-9C6A-C52499E4EF24}                                                                     fffffa80048dc2c0
Device    \Driver\atapi \Device\ScsiPort2                                                                                                              fffffa8003e712c0
Device    \Driver\aib53eio \Device\ScsiPort3                                                                                                           fffffa8004bb42c0
 
---- Trace I/O - GMER 2.1 ----
 
Trace     ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8003e712c0]<< sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys                      fffffa8003e712c0
Trace     1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80044eb240]                                                                              fffffa80044eb240
Trace     3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004364060]                                    fffffa8004364060
Trace     \Driver\atapi[0xfffffa8004327af0] -> IRP_MJ_CREATE -> 0xfffffa8003e712c0                                                                     fffffa8003e712c0
 
---- Modules - GMER 2.1 ----
 
Module    \SystemRoot\System32\Drivers\aib53eio.SYS (MS AHCI 1.0 Standard Driver/Microsoft Corporation SIGNED)(2010-11-21 03:23:47)                    fffff88004247000-fffff88004298000 (331776 bytes)
 
---- Threads - GMER 2.1 ----
 
Thread    C:\Windows\system32\WLANExt.exe [1224:1756]                                                                                                  000007fef93f2f9c
Thread    C:\Windows\system32\WLANExt.exe [1224:1760]                                                                                                  0000000001d18bc8
Thread    C:\Windows\system32\WLANExt.exe [1224:1764]                                                                                                  0000000001d18be4
Thread    C:\Windows\system32\WLANExt.exe [1224:1768]                                                                                                  0000000001d18bac
Thread    C:\Windows\system32\WLANExt.exe [1224:1772]                                                                                                  000007fef93f2f9c
Thread    C:\Windows\System32\spoolsv.exe [1288:2164]                                                                                                  000007fef7ae10c8
Thread    C:\Windows\System32\spoolsv.exe [1288:2184]                                                                                                  000007fef7aa6144
Thread    C:\Windows\System32\spoolsv.exe [1288:2188]                                                                                                  000007fef7895fd0
Thread    C:\Windows\System32\spoolsv.exe [1288:2192]                                                                                                  000007fef7883438
Thread    C:\Windows\System32\spoolsv.exe [1288:2196]                                                                                                  000007fef78963ec
Thread     [1412:1472]                                                                                                                                 0000000077093e85
Thread     [1412:1476]                                                                                                                                 0000000075407587
Thread     [1412:1480]                                                                                                                                 0000000077092e65
Thread    C:\Windows\system32\taskhost.exe [2900:2736]                                                                                                 000007fef62e5170
Thread    C:\Windows\system32\svchost.exe [4120:4848]                                                                                                  000007fef0fd8470
Thread    C:\Windows\system32\svchost.exe [4120:4852]                                                                                                  000007fef0fe2418
Thread    C:\Windows\system32\svchost.exe [4120:4564]                                                                                                  000007fef060f130
Thread    C:\Windows\System32\svchost.exe [1596:4256]                                                                                                  000007fef00d9688
 
---- Registry - GMER 2.1 ----
 
Reg       HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{9DE792D2-91BE-4581-9644-329DCEA70C37}\Connection@Name  isatap.{68FF0D97-36B3-4C1A-89BA-2C4D8BDE22DC}
Reg       HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{F9A1909E-2A12-45C2-82D4-39AFE82989CF}\Connection@Name  isatap.{3D94C25F-79DB-4124-9C6A-C52499E4EF24}
Reg       HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind     \Device\{CAC65700-55C8-4FA1-9E8B-0681A4E8ABD9}?\Device\{F9A1909E-2A12-45C2-82D4-39AFE82989CF}?\Device\{9DE792D2-91BE-4581-9644-329DCEA70C37}?\Device\{CFE17799-E080-4BBA-9BD1-7ABA6771A8C7}?\Device\{4BCBE3A7-D998-484F-A5AD-F476D20F3055}?
Reg       HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route    "{CAC65700-55C8-4FA1-9E8B-0681A4E8ABD9}"?"{F9A1909E-2A12-45C2-82D4-39AFE82989CF}"?"{9DE792D2-91BE-4581-9644-329DCEA70C37}"?"{CFE17799-E080-4BBA-9BD1-7ABA6771A8C7}"?"{4BCBE3A7-D998-484F-A5AD-F476D20F3055}"?
Reg       HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export   \Device\TCPIP6TUNNEL_{CAC65700-55C8-4FA1-9E8B-0681A4E8ABD9}?\Device\TCPIP6TUNNEL_{F9A1909E-2A12-45C2-82D4-39AFE82989CF}?\Device\TCPIP6TUNNEL_{9DE792D2-91BE-4581-9644-329DCEA70C37}?\Device\TCPIP6TUNNEL_{CFE17799-E080-4BBA-9BD1-7ABA6771A8C7}?\Device\TCPIP6TUNNEL_{4BCBE3A7-D998-484F-A5AD-F476D20F3055}?
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004ea88a0d                                                                  
Reg       HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{9DE792D2-91BE-4581-9644-329DCEA70C37}@InterfaceName                       isatap.{68FF0D97-36B3-4C1A-89BA-2C4D8BDE22DC}
Reg       HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{9DE792D2-91BE-4581-9644-329DCEA70C37}@ReusableType                        0
Reg       HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{F9A1909E-2A12-45C2-82D4-39AFE82989CF}@InterfaceName                       isatap.{3D94C25F-79DB-4124-9C6A-C52499E4EF24}
Reg       HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{F9A1909E-2A12-45C2-82D4-39AFE82989CF}@ReusableType                        0
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                             
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                          C:\Program Files (x86)\DAEMON Tools Lite\
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                          0x00 0x00 0x00 0x00 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                          0
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                       0x21 0xAC 0x52 0xF7 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                                                    
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                 0xA0 0x02 0x00 0x00 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                              0xE9 0x20 0x10 0x13 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                                               
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                         0x08 0x74 0x38 0x16 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004ea88a0d (not active ControlSet)                                              
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                         
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                              C:\Program Files (x86)\DAEMON Tools Lite\
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                              0x00 0x00 0x00 0x00 ...
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                              0
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                           0x21 0xAC 0x52 0xF7 ...
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                                
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                     0xA0 0x02 0x00 0x00 ...
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                                  0xE9 0x20 0x10 0x13 ...
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                           
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                             0x08 0x74 0x38 0x16 ...
 
---- EOF - GMER 2.1 ----

Edited by hamluis, 14 February 2014 - 04:32 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 TazzyOpz

TazzyOpz

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:33 AM

Posted 14 February 2014 - 05:54 PM

If it's still happening even after you reformatted and everything I doubt it would be a virus? Are you sure one of the keys on your keyboard isn't stuck and keeps spamming (F5) or something? F5 is the key to refresh webpages. There might be a key that is stuck that is making multiple tabs? Just a thought...
 
 
Other then that I'm not really sure.

I suppose you could try running Adw Cleaner, Or Malware Bytes.... 
 
Download AdwCleaner
 
Download Malware Bytes
 
If you want to you could even try a Root kit scan with Malwarebytes Anti-Rootkit: Download

Mod Edit by quietman7: Removed instructions to run ComboFix.

#3 steff88

steff88
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:33 AM

Posted 14 February 2014 - 07:29 PM

i'm installing a keylogger to keep track of everything.. i'm running the programs you've said and tmrw i'm buying a thin screwdriver and i'm opening up this laptop to make sure all keys are clean... keep you updated!



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,771 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:33 AM

Posted 14 February 2014 - 08:48 PM

@ TazzyOpz

Please read Instructions for posting advice in Am I Infected
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,771 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:33 AM

Posted 14 February 2014 - 08:49 PM

@ steff88

Ignore the advice to use ComboFix. If you already ran it, do not post the log as they are not permitted in this forum.

Am I Infected? How do I get help? Who is helping me?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 TazzyOpz

TazzyOpz

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:33 AM

Posted 14 February 2014 - 09:00 PM

Sorry about that.. I thought I could Link programs that were on this website. My mistake. Wont happen again.



#7 steff88

steff88
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:33 AM

Posted 15 February 2014 - 04:32 AM

hey! thank you guys for the replies.. i feel puzzled.. ever since i installed and ran they keylogger (syrix free keylogger) and all i stopped having this issue but you can imagine i am extremely reluctant to believe the problem is anything but not solved..

15 minutes after writing the sentence above i got the issue again.

It's not just refresh.. i creates tab as well so F5 is out of the question. I have on my sony vaio some special buttons (assist , web and vaio). The web button does exactly this.. creates tab and goes back to homepage but i checked it and it works ok.

 

i ran combo fix but i won't post the log (i have it in case i have to pm it to someone.

 

here are the other logs:

MBantirootkit said no infections

 

MBantimalware

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.15.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16798
Stefan :: STEFAN-PC [administrator]
 
Protection: Enabled
 
2/15/2014 10:41:01 AM
mbam-log-2014-02-15 (10-41-01).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214382
Time elapsed: 3 minute(s), 9 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 

adwcleaner:

# AdwCleaner v3.018 - Report created 15/02/2014 at 02:31:26
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Stefan - STEFAN-PC
# Running from : C:\Users\Stefan\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16798
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\my7u8j7z.default\prefs.js ]
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [905 octets] - [15/02/2014 02:30:37]
AdwCleaner[S0].txt - [827 octets] - [15/02/2014 02:31:26]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [886 octets] ##########


#8 steff88

steff88
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:33 AM

Posted 15 February 2014 - 05:05 AM

i keep getting an error when accesing this site "site cannot be reached please access a cached copy". i restart and it works again. just for this site.

 

any feedback on the logs?


Edited by steff88, 15 February 2014 - 05:56 AM.


#9 TazzyOpz

TazzyOpz

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:33 AM

Posted 15 February 2014 - 12:29 PM

Mhmm, I'm honestly not sure.. Your issue is one of the weirdest ones I've seen in awhile... Especially since you bought an entirely new Hard drive.

You've ran all those Rootkit Tools etc and Checked for sticky keys... I'm out of ideas.   :scratchhead:

 

Does anyone else have any ideas?



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,771 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:33 AM

Posted 15 February 2014 - 01:03 PM

Some infections are difficult to remove completely because their may be a sophisticated rootkit involved which could have altered/overwritten the master boot record...created a hidden partition by modifying a free partition table entry in the MBR partition table...infected the VBR (volume boot record), etc. Further investigation is required since many of the tools we use in this forum are not capable of detecting (repairing/removing) all malware variants. If that is the case, then disinfection will probably require the use of more powerful tools. Before that can be done you will need to create and post a DDS log for further assistance.

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running DDS which will create two logs. (Note: Windows 8.1 Users will not be able run DDS and create a log)
When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs, then still start the new topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can closed this one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 TazzyOpz

TazzyOpz

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:33 AM

Posted 15 February 2014 - 02:28 PM

Some infections are difficult to remove completely because their may be a sophisticated rootkit involved which could have altered/overwritten the master boot record...created a hidden partition by modifying a free partition table entry in the MBR partition table...infected the VBR (volume boot record), etc. Further investigation is required since many of the tools we use in this forum are not capable of detecting (repairing/removing) all malware variants. If that is the case, then disinfection will probably require the use of more powerful tools. Before that can be done you will need to create and post a DDS log for further assistance.

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running DDS which will create two logs. (Note: Windows 8.1 Users will not be able run DDS and create a log)
When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs, then still start the new topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can closed this one.

 

I was also thinking it was a rootkit as well. But I thought Malware-Bytes anti-rootkit and TDS would have picked that up. He also replaced is hard drive. If it is a Rootkit it is a nasty little one. 



#12 technonymous

technonymous

  • Members
  • 2,516 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:01:33 AM

Posted 17 February 2014 - 01:10 AM

Unless the fresh install is infected itself. It could be just a shoddy laptop software that is being installed with the fresh install. LIke as an example...Dell installs quickset application. Maybe something else you're installing aftwards, perhaps a browser addon? As mentioned earlier it could be a special function key, ctrl key, alt key that is stuck down and as you type you hit that one combination and the browser responds. Even though you clean out the keys it could technically still be the keys as under the keys is a membrane underneath that is shorting out due to liquid spill or the membrane pad is somehow broken or stuck. When they are worn and broke they generally get stuck down and not popup like they should. Give you an idea what I mean...

 

https://www.google.com/search?q=keyboard+membrane&tbm=isch&tbo=u&source=univ&sa=X&ei=zKYBU7q-JJDnoASSgoGYCw&ved=0CDEQsAQ&biw=1440&bih=714


Edited by technonymous, 17 February 2014 - 01:16 AM.


#13 steff88

steff88
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:33 AM

Posted 17 February 2014 - 04:52 PM

well.. i have an oem windows 7 license so i downloaded a fresh iso directly from microsoft.

then i installed drivers directly from sony's website

 

straight away i used an up to date antivirus and straight away the problem started happening.

 

there's another laptop in my network (my wifes) and we share info (we both work on our laptops) but her laptop.. surprisingly.. is ok.

 

i'm begining to belive it is a hardware problem and i have a dirty keyboard or something.

 

tomorrow it's going straight to a laptop service and then i'm buying a new one anyway. this laptop is dead to me!

 

i'll post the updates i get from the professionals.



#14 steff88

steff88
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:33 AM

Posted 19 February 2014 - 11:22 AM

hey guys! just picked up my laptop from the service. They cleaned the keyboard and especially the special Web button. So far i'm seeing no more problem. Please close this topic in the next days. Thank you for the support and for trying to help me. Regards,Stefan.



#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,771 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:33 AM

Posted 19 February 2014 - 02:01 PM

We do not close topics in this forum unless a member has been asked to post a log in the Malware Removal Logs forum.

Anyway, glad to hear you were able to solve this issue.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users