Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Am I Rootkitted?


  • Please log in to reply
15 replies to this topic

#1 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 19 February 2014 - 08:46 PM

I have Windows 8.1 so I can't run DDS nor Combofix 

 

Ok, so lately I had installed some patcher to crack ESET NOD32 because my time had run out(I know, I shouldn't have done this, I've learned my lesson). The patcher's name was ESET Purefix 2.02. What you had to do was boot into safe mode and run the patcher and then click enable. So I did all of that, and then rebooted. So I get to the desktop and first thing I see is the patcher disappears from the desktop. Like, I actually witness it disappear. Now this worried me that the file melted somewhere. I scanned with MBAM and the now fully working ESET and I got nothing. Then, I got GMER, RKIlL, and TDSSKiller. I'll show you the logs. The reason I am starting this thread is that the GMER log scared me.

 

GMER:

Rootkit scan 2014-02-19 19:41:44
Windows 6.2.9200  x64 \Device\Harddisk1\DR1 -> \Device\00000037  rev. 0.00MB
 
 
---- Disk sectors - GMER 2.1 ----
 
Disk    \Device\Harddisk1\DR1                                sector 0: rootkit-like behavior
 
---- Threads - GMER 2.1 ----
 
Thread  C:\WINDOWS\system32\csrss.exe [772:796]              fffff9600087f4d0
Thread  C:\Windows\System32\SettingSyncHost.exe [5848:4544]  00007ffb0f1f6b3c
 
---- EOF - GMER 2.1 ----
 
RKILL:
Program started at: 02/19/2014 07:43:20 PM in x64 mode.
Windows Version: Windows 8.1 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * MsKeyboardFilter [Missing Service]
 * CSC [Missing Service]
 * E1G60 [Missing Service]
 * kbldfltr [Missing Service]
 * storvsp [Missing Service]
 * Vid [Missing Service]
 * vmbusr [Missing Service]
 * vpcivsp [Missing Service]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 02/19/2014 07:43:23 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)
 
TDSSKILLER:
19:43:52.0254 0x1bf4  TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
19:43:56.0529 0x1bf4  ============================================================
19:43:56.0529 0x1bf4  Current date / time: 2014/02/19 19:43:56.0529
19:43:56.0529 0x1bf4  SystemInfo:
19:43:56.0529 0x1bf4  
19:43:56.0529 0x1bf4  OS Version: 6.3.9600 ServicePack: 0.0
19:43:56.0529 0x1bf4  Product type: Workstation
19:43:56.0529 0x1bf4  ComputerName: GDAWGHOLMES
19:43:56.0529 0x1bf4  UserName: Dawg
19:43:56.0529 0x1bf4  Windows directory: C:\WINDOWS
19:43:56.0529 0x1bf4  System windows directory: C:\WINDOWS
19:43:56.0529 0x1bf4  Running under WOW64
19:43:56.0529 0x1bf4  Processor architecture: Intel x64
19:43:56.0529 0x1bf4  Number of processors: 8
19:43:56.0529 0x1bf4  Page size: 0x1000
19:43:56.0529 0x1bf4  Boot type: Normal boot
19:43:56.0529 0x1bf4  ============================================================
19:43:56.0656 0x1bf4  KLMD registered as C:\WINDOWS\system32\drivers\29672952.sys
19:43:56.0717 0x1bf4  System UUID: {B555CEC9-A3F2-3F75-897B-3E7B474D37FA}
19:43:56.0944 0x1bf4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:43:56.0945 0x1bf4  Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:43:56.0947 0x1bf4  ============================================================
19:43:56.0947 0x1bf4  \Device\Harddisk0\DR0:
19:43:56.0947 0x1bf4  MBR partitions:
19:43:56.0947 0x1bf4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
19:43:56.0947 0x1bf4  \Device\Harddisk1\DR1:
19:43:56.0947 0x1bf4  MBR partitions:
19:43:56.0947 0x1bf4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800
19:43:56.0947 0x1bf4  ============================================================
19:43:56.0948 0x1bf4  C: <-> \Device\Harddisk1\DR1\Partition1
19:43:56.0978 0x1bf4  D: <-> \Device\Harddisk0\DR0\Partition1
19:43:56.0978 0x1bf4  ============================================================
19:43:56.0978 0x1bf4  Initialize success
19:43:56.0978 0x1bf4  ============================================================
19:44:26.0716 0x097c  ============================================================
19:44:26.0716 0x097c  Scan started
19:44:26.0716 0x097c  Mode: Manual; 
19:44:26.0716 0x097c  ============================================================
19:44:26.0716 0x097c  KSN ping started
19:44:29.0144 0x097c  KSN ping finished: true
19:44:29.0641 0x097c  ================ Scan system memory ========================
19:44:29.0641 0x097c  System memory - ok
19:44:29.0641 0x097c  ================ Scan services =============================
19:44:29.0676 0x097c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
19:44:29.0678 0x097c  1394ohci - ok
19:44:29.0686 0x097c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
19:44:29.0688 0x097c  3ware - ok
19:44:29.0696 0x097c  [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
19:44:29.0701 0x097c  ACPI - ok
19:44:29.0704 0x097c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
19:44:29.0705 0x097c  acpiex - ok
19:44:29.0707 0x097c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
19:44:29.0707 0x097c  acpipagr - ok
19:44:29.0709 0x097c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
19:44:29.0709 0x097c  AcpiPmi - ok
19:44:29.0711 0x097c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
19:44:29.0711 0x097c  acpitime - ok
19:44:29.0724 0x097c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:44:29.0731 0x097c  ADP80XX - ok
19:44:29.0736 0x097c  [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
19:44:29.0739 0x097c  AeLookupSvc - ok
19:44:29.0747 0x097c  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
19:44:29.0753 0x097c  AFD - ok
19:44:29.0756 0x097c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
19:44:29.0757 0x097c  agp440 - ok
19:44:29.0759 0x097c  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:44:29.0760 0x097c  ahcache - ok
19:44:29.0763 0x097c  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
19:44:29.0764 0x097c  ALG - ok
19:44:29.0767 0x097c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
19:44:29.0768 0x097c  AmdK8 - ok
19:44:29.0770 0x097c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
19:44:29.0771 0x097c  AmdPPM - ok
19:44:29.0774 0x097c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
19:44:29.0775 0x097c  amdsata - ok
19:44:29.0779 0x097c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
19:44:29.0782 0x097c  amdsbs - ok
19:44:29.0784 0x097c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
19:44:29.0784 0x097c  amdxata - ok
19:44:29.0787 0x097c  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
19:44:29.0788 0x097c  AppID - ok
19:44:29.0790 0x097c  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
19:44:29.0791 0x097c  AppIDSvc - ok
19:44:29.0794 0x097c  [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo         C:\WINDOWS\System32\appinfo.dll
19:44:29.0795 0x097c  Appinfo - ok
19:44:29.0797 0x097c  [ 1C726705935E89FD59E652E4F09148D0, 5D72DB5C493ED48ACBD1A520283C7B16E656FB1E8B00885696C79A09FC37487D ] AppleCharger    C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
19:44:29.0797 0x097c  AppleCharger - ok
19:44:29.0799 0x097c  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe
19:44:29.0800 0x097c  AppleChargerSrv - ok
19:44:29.0808 0x097c  [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
19:44:29.0813 0x097c  AppReadiness - ok
19:44:29.0830 0x097c  [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
19:44:29.0843 0x097c  AppXSvc - ok
19:44:29.0847 0x097c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
19:44:29.0848 0x097c  arcsas - ok
19:44:29.0850 0x097c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
19:44:29.0850 0x097c  atapi - ok
19:44:29.0854 0x097c  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:44:29.0856 0x097c  AudioEndpointBuilder - ok
19:44:29.0868 0x097c  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
19:44:29.0876 0x097c  Audiosrv - ok
19:44:29.0880 0x097c  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
19:44:29.0881 0x097c  AxInstSV - ok
19:44:29.0889 0x097c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
19:44:29.0894 0x097c  b06bdrv - ok
19:44:29.0897 0x097c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:44:29.0898 0x097c  BasicDisplay - ok
19:44:29.0900 0x097c  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
19:44:29.0900 0x097c  BasicRender - ok
19:44:29.0903 0x097c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
19:44:29.0903 0x097c  bcmfn2 - ok
19:44:29.0909 0x097c  [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
19:44:29.0912 0x097c  BDESVC - ok
19:44:29.0914 0x097c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:44:29.0915 0x097c  Beep - ok
19:44:29.0926 0x097c  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE             C:\WINDOWS\System32\bfe.dll
19:44:29.0934 0x097c  BFE - ok
19:44:29.0948 0x097c  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
19:44:29.0959 0x097c  BITS - ok
19:44:29.0962 0x097c  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
19:44:29.0964 0x097c  bowser - ok
19:44:29.0968 0x097c  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:44:29.0971 0x097c  BrokerInfrastructure - ok
19:44:29.0975 0x097c  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
19:44:29.0976 0x097c  Browser - ok
19:44:29.0979 0x097c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:44:29.0979 0x097c  BthAvrcpTg - ok
19:44:29.0981 0x097c  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
19:44:29.0982 0x097c  BthHFEnum - ok
19:44:29.0984 0x097c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
19:44:29.0984 0x097c  bthhfhid - ok
19:44:29.0987 0x097c  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
19:44:29.0987 0x097c  BTHMODEM - ok
19:44:29.0991 0x097c  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
19:44:29.0992 0x097c  bthserv - ok
19:44:29.0995 0x097c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:44:29.0996 0x097c  cdfs - ok
19:44:29.0999 0x097c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
19:44:30.0001 0x097c  cdrom - ok
19:44:30.0005 0x097c  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
19:44:30.0007 0x097c  CertPropSvc - ok
19:44:30.0009 0x097c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
19:44:30.0010 0x097c  circlass - ok
19:44:30.0016 0x097c  [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
19:44:30.0020 0x097c  CLFS - ok
19:44:30.0025 0x097c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
19:44:30.0026 0x097c  CmBatt - ok
19:44:30.0034 0x097c  [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
19:44:30.0040 0x097c  CNG - ok
19:44:30.0043 0x097c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
19:44:30.0044 0x097c  CompositeBus - ok
19:44:30.0046 0x097c  COMSysApp - ok
19:44:30.0048 0x097c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
19:44:30.0048 0x097c  condrv - ok
19:44:30.0073 0x097c  [ D5F868A46AED8E7CAD6C30E0599DD100, F016C3BAC207B5A513CB28E78F93D1347398B9BEEF8D1A32339D034AFB74CF6C ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:44:30.0076 0x097c  cphs - ok
19:44:30.0080 0x097c  [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
19:44:30.0080 0x097c  Creative ALchemy AL6 Licensing Service - ok
19:44:30.0083 0x097c  [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
19:44:30.0084 0x097c  Creative Audio Engine Licensing Service - ok
19:44:30.0088 0x097c  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
19:44:30.0090 0x097c  CryptSvc - ok
19:44:30.0097 0x097c  [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
19:44:30.0101 0x097c  CTAudSvcService - ok
19:44:30.0117 0x097c  [ A2D4288A7412D0D6AEA3490FB7D26BC8, 6FF5AAABA159E93E01FE6F5861D07C040DD4808597B85107E426F013DFAFE5AC ] cthda           C:\WINDOWS\system32\drivers\cthda.sys
19:44:30.0127 0x097c  cthda - ok
19:44:30.0131 0x097c  [ 39DFCFD2C32A7A4F5E3F9C77389F3BE1, 81C06CA42A8E1D495017019E41DE1A5B1DEA450D41BDDFB131EA33E11B60337B ] CtHdaSvc        C:\WINDOWS\sysWow64\CtHdaSvc.exe
19:44:30.0132 0x097c  CtHdaSvc - ok
19:44:30.0134 0x097c  [ 823702E03DBBADD5488992122EC86D7C, 8EFB9E871EEAD1A2CAE945356C8EC90B52845772BFAC02ACAFA0F8E5CEBB9C40 ] cthdb           C:\WINDOWS\system32\DRIVERS\cthdb.sys
19:44:30.0135 0x097c  cthdb - ok
19:44:30.0137 0x097c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
19:44:30.0138 0x097c  dam - ok
19:44:30.0149 0x097c  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:44:30.0157 0x097c  DcomLaunch - ok
19:44:30.0165 0x097c  [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
19:44:30.0169 0x097c  defragsvc - ok
19:44:30.0176 0x097c  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:44:30.0180 0x097c  DeviceAssociationService - ok
19:44:30.0185 0x097c  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
19:44:30.0187 0x097c  DeviceInstall - ok
19:44:30.0190 0x097c  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
19:44:30.0191 0x097c  Dfsc - ok
19:44:30.0197 0x097c  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
19:44:30.0201 0x097c  Dhcp - ok
19:44:30.0205 0x097c  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
19:44:30.0206 0x097c  disk - ok
19:44:30.0207 0x097c  dlea_device - ok
19:44:30.0209 0x097c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
19:44:30.0210 0x097c  dmvsc - ok
19:44:30.0215 0x097c  [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:44:30.0217 0x097c  Dnscache - ok
19:44:30.0223 0x097c  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:44:30.0225 0x097c  dot3svc - ok
19:44:30.0230 0x097c  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
19:44:30.0231 0x097c  DPS - ok
19:44:30.0234 0x097c  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:44:30.0234 0x097c  drmkaud - ok
19:44:30.0238 0x097c  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
19:44:30.0240 0x097c  DsmSvc - ok
19:44:30.0261 0x097c  [ A3D1CB64DF885ACE126543E6D7067348, AFB5EF73F7B2854669137F586171500E4EB00F12BFCFD6B743FABD165B4AEED3 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:44:30.0276 0x097c  DXGKrnl - ok
19:44:30.0285 0x097c  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
19:44:30.0289 0x097c  e1iexpress - ok
19:44:30.0295 0x097c  [ FE96AA1A36E76588C80DF1040286DDE1, 86EED8A0B59CD1930E6282997537ED94333FC7D45E3FE5A4D82057E1C8E5C2CD ] eamonm          C:\WINDOWS\system32\DRIVERS\eamonm.sys
19:44:30.0297 0x097c  eamonm - ok
19:44:30.0300 0x097c  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
19:44:30.0302 0x097c  Eaphost - ok
19:44:30.0342 0x097c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
19:44:30.0374 0x097c  ebdrv - ok
19:44:30.0384 0x097c  [ FD4BC52A6978A50A81B01E2C74D8737E, 5F12870CB83E7821F12A27E9BB30A80C58A7E81C36DA972194EBF333A5C90E62 ] edevmon         C:\WINDOWS\system32\DRIVERS\edevmon.sys
19:44:30.0386 0x097c  edevmon - ok
19:44:30.0389 0x097c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
19:44:30.0390 0x097c  EFS - ok
19:44:30.0394 0x097c  [ 807BA90D47F8885C09E1D6AFBB706E18, A803FE639C9C87733CA73D8F6C04A8CEB28DC45EEEA6CEC01ED3D4124C8E48EA ] ehdrv           C:\WINDOWS\system32\DRIVERS\ehdrv.sys
19:44:30.0395 0x097c  ehdrv - ok
19:44:30.0398 0x097c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
19:44:30.0399 0x097c  EhStorClass - ok
19:44:30.0402 0x097c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:44:30.0403 0x097c  EhStorTcgDrv - ok
19:44:30.0421 0x097c  [ 4CB575D97653FA91FFB02DA3105EB084, 59FB4D2485EEDBCC56D92C1F5DF3FEAE67D751F3AD7AEA7590F3C73107C829E8 ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
19:44:30.0434 0x097c  ekrn - ok
19:44:30.0438 0x097c  [ FEE856E92AFCC61DA146F186E291FFD7, 37F703320EFBA75B9AEF1969CAFFBF32463E1D3B1C4BD05DC9E4C6CA60AA81AB ] epfwwfpr        C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys
19:44:30.0440 0x097c  epfwwfpr - ok
19:44:30.0442 0x097c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
19:44:30.0442 0x097c  ErrDev - ok
19:44:30.0451 0x097c  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
19:44:30.0455 0x097c  EventSystem - ok
19:44:30.0460 0x097c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
19:44:30.0462 0x097c  exfat - ok
19:44:30.0466 0x097c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
19:44:30.0468 0x097c  fastfat - ok
19:44:30.0478 0x097c  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:44:30.0484 0x097c  Fax - ok
19:44:30.0487 0x097c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
19:44:30.0487 0x097c  fdc - ok
19:44:30.0489 0x097c  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
19:44:30.0490 0x097c  fdPHost - ok
19:44:30.0492 0x097c  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
19:44:30.0493 0x097c  FDResPub - ok
19:44:30.0496 0x097c  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
19:44:30.0497 0x097c  fhsvc - ok
19:44:30.0500 0x097c  [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
19:44:30.0501 0x097c  FileInfo - ok
19:44:30.0503 0x097c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
19:44:30.0504 0x097c  Filetrace - ok
19:44:30.0505 0x097c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
19:44:30.0506 0x097c  flpydisk - ok
19:44:30.0512 0x097c  [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:44:30.0515 0x097c  FltMgr - ok
19:44:30.0532 0x097c  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\WINDOWS\system32\FntCache.dll
19:44:30.0545 0x097c  FontCache - ok
19:44:30.0549 0x097c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:44:30.0550 0x097c  FontCache3.0.0.0 - ok
19:44:30.0552 0x097c  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
19:44:30.0552 0x097c  FsDepends - ok
19:44:30.0554 0x097c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:44:30.0555 0x097c  Fs_Rec - ok
19:44:30.0563 0x097c  [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:44:30.0569 0x097c  fvevol - ok
19:44:30.0571 0x097c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
19:44:30.0572 0x097c  FxPPM - ok
19:44:30.0574 0x097c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
19:44:30.0575 0x097c  gagp30kx - ok
19:44:30.0577 0x097c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
19:44:30.0578 0x097c  gencounter - ok
19:44:30.0581 0x097c  [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:44:30.0582 0x097c  GPIOClx0101 - ok
19:44:30.0600 0x097c  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
19:44:30.0613 0x097c  gpsvc - ok
19:44:30.0617 0x097c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:44:30.0618 0x097c  gupdate - ok
19:44:30.0621 0x097c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:44:30.0622 0x097c  gupdatem - ok
19:44:30.0628 0x097c  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
19:44:30.0632 0x097c  HdAudAddService - ok
19:44:30.0635 0x097c  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
19:44:30.0636 0x097c  HDAudBus - ok
19:44:30.0638 0x097c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
19:44:30.0638 0x097c  HidBatt - ok
19:44:30.0641 0x097c  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
19:44:30.0643 0x097c  HidBth - ok
19:44:30.0645 0x097c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
19:44:30.0645 0x097c  hidi2c - ok
19:44:30.0647 0x097c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
19:44:30.0648 0x097c  HidIr - ok
19:44:30.0650 0x097c  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
19:44:30.0651 0x097c  hidserv - ok
19:44:30.0653 0x097c  [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
19:44:30.0653 0x097c  HidUsb - ok
19:44:30.0656 0x097c  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
19:44:30.0657 0x097c  hkmsvc - ok
19:44:30.0662 0x097c  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:44:30.0665 0x097c  HomeGroupListener - ok
19:44:30.0672 0x097c  [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:44:30.0676 0x097c  HomeGroupProvider - ok
19:44:30.0679 0x097c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
19:44:30.0680 0x097c  HpSAMD - ok
19:44:30.0693 0x097c  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
19:44:30.0703 0x097c  HTTP - ok
19:44:30.0705 0x097c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
19:44:30.0706 0x097c  hwpolicy - ok
19:44:30.0708 0x097c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
19:44:30.0708 0x097c  hyperkbd - ok
19:44:30.0710 0x097c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
19:44:30.0710 0x097c  HyperVideo - ok
19:44:30.0713 0x097c  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
19:44:30.0714 0x097c  i8042prt - ok
19:44:30.0716 0x097c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:44:30.0717 0x097c  iaLPSSi_GPIO - ok
19:44:30.0719 0x097c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:44:30.0720 0x097c  iaLPSSi_I2C - ok
19:44:30.0730 0x097c  [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
19:44:30.0736 0x097c  iaStorA - ok
19:44:30.0746 0x097c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
19:44:30.0752 0x097c  iaStorAV - ok
19:44:30.0755 0x097c  [ D5854F77CEEAFC5A8405F8ECCBEC09DF, 06D94EAF55787F807FB40E95011E90B0A719AC1A1529C2C110C1EABC5BE02C5B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:44:30.0755 0x097c  IAStorDataMgrSvc - ok
19:44:30.0762 0x097c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
19:44:30.0765 0x097c  iaStorV - ok
19:44:30.0770 0x097c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:44:30.0770 0x097c  IDriverT - ok
19:44:30.0772 0x097c  IEEtwCollectorService - ok
19:44:30.0822 0x097c  [ 4F6363C26B4A3DDBC9FAFCBA68602B01, 0920551F9312D967AAA68003BD8C4A312AA8F1E8B826DDE8BF59B9B639AB5F3B ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:44:30.0860 0x097c  igfx - ok
19:44:30.0877 0x097c  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
19:44:30.0888 0x097c  IKEEXT - ok
19:44:30.0892 0x097c  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
19:44:30.0892 0x097c  intaud_WaveExtensible - ok
19:44:30.0932 0x097c  [ 6CB00AE4D2CEF52995D420656E02C30A, EDE13D7A650022CB75318159C57161F5FF9A128DB80D055555E6CB4F5F469EA4 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:44:30.0963 0x097c  IntcAzAudAddService - ok
19:44:30.0972 0x097c  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:44:30.0977 0x097c  IntcDAud - ok
19:44:30.0988 0x097c  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:44:30.0995 0x097c  Intel® Capability Licensing Service Interface - ok
19:44:31.0006 0x097c  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:44:31.0014 0x097c  Intel® Capability Licensing Service TCP IP Interface - ok
19:44:31.0019 0x097c  [ 7F8C8EBD02EBDF83C9E9E9F8BDB1F579, B527CF0BDF989F7555C41558B8A19050134CE48445D993D7A9230BD083F02040 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:44:31.0021 0x097c  Intel® PROSet Monitoring Service - ok
19:44:31.0023 0x097c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
19:44:31.0023 0x097c  intelide - ok
19:44:31.0025 0x097c  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
19:44:31.0026 0x097c  intelpep - ok
19:44:31.0029 0x097c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
19:44:31.0030 0x097c  intelppm - ok
19:44:31.0032 0x097c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:44:31.0033 0x097c  IpFilterDriver - ok
19:44:31.0046 0x097c  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
19:44:31.0055 0x097c  iphlpsvc - ok
19:44:31.0058 0x097c  [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:44:31.0059 0x097c  IPMIDRV - ok
19:44:31.0063 0x097c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
19:44:31.0064 0x097c  IPNAT - ok
19:44:31.0066 0x097c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
19:44:31.0066 0x097c  IRENUM - ok
19:44:31.0068 0x097c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
19:44:31.0068 0x097c  isapnp - ok
19:44:31.0073 0x097c  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
19:44:31.0076 0x097c  iScsiPrt - ok
19:44:31.0079 0x097c  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
19:44:31.0079 0x097c  iwdbus - ok
19:44:31.0083 0x097c  [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
19:44:31.0085 0x097c  jhi_service - ok
19:44:31.0088 0x097c  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
19:44:31.0089 0x097c  kbdclass - ok
19:44:31.0091 0x097c  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
19:44:31.0091 0x097c  kbdhid - ok
19:44:31.0093 0x097c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
19:44:31.0093 0x097c  kdnic - ok
19:44:31.0095 0x097c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
19:44:31.0096 0x097c  KeyIso - ok
19:44:31.0099 0x097c  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
19:44:31.0100 0x097c  KSecDD - ok
19:44:31.0104 0x097c  [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:44:31.0106 0x097c  KSecPkg - ok
19:44:31.0108 0x097c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
19:44:31.0109 0x097c  ksthunk - ok
19:44:31.0116 0x097c  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
19:44:31.0120 0x097c  KtmRm - ok
19:44:31.0126 0x097c  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
19:44:31.0129 0x097c  LanmanServer - ok
19:44:31.0135 0x097c  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:44:31.0139 0x097c  LanmanWorkstation - ok
19:44:31.0147 0x097c  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
19:44:31.0152 0x097c  lfsvc - ok
19:44:31.0155 0x097c  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
19:44:31.0155 0x097c  LGBusEnum - ok
19:44:31.0157 0x097c  [ F705A641C18DF31B48B5DBDA94B425E4, 1F47EE43CAFE5458E56467E127EE99B5FDBFF8B810CF92B232094B475DD42B21 ] LGPBTDD         C:\WINDOWS\System32\Drivers\LGPBTDD.sys
19:44:31.0158 0x097c  LGPBTDD - ok
19:44:31.0167 0x097c  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys
19:44:31.0168 0x097c  LGSHidFilt - ok
19:44:31.0170 0x097c  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
19:44:31.0170 0x097c  LGVirHid - ok
19:44:31.0173 0x097c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
19:44:31.0173 0x097c  lltdio - ok
19:44:31.0178 0x097c  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
19:44:31.0181 0x097c  lltdsvc - ok
19:44:31.0183 0x097c  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
19:44:31.0184 0x097c  lmhosts - ok
19:44:31.0190 0x097c  [ 3EA307C51069BC72DD74A4964F2A30A9, EB8F9C936AE43B7E31CB6C46F76FB918509D529E897C0E82B865A2854458996A ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:44:31.0194 0x097c  LMS - ok
19:44:31.0198 0x097c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
19:44:31.0199 0x097c  LSI_SAS - ok
19:44:31.0202 0x097c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
19:44:31.0203 0x097c  LSI_SAS2 - ok
19:44:31.0205 0x097c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
19:44:31.0206 0x097c  LSI_SAS3 - ok
19:44:31.0209 0x097c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
19:44:31.0210 0x097c  LSI_SSS - ok
19:44:31.0220 0x097c  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM             C:\WINDOWS\System32\lsm.dll
19:44:31.0227 0x097c  LSM - ok
19:44:31.0231 0x097c  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
19:44:31.0232 0x097c  luafv - ok
19:44:31.0238 0x097c  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64          C:\WINDOWS\system32\DRIVERS\lvrs64.sys
19:44:31.0242 0x097c  LVRS64 - ok
19:44:31.0299 0x097c  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
19:44:31.0344 0x097c  LVUVC64 - ok
19:44:31.0350 0x097c  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
19:44:31.0350 0x097c  MBAMProtector - ok
19:44:31.0357 0x097c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:44:31.0361 0x097c  MBAMScheduler - ok
19:44:31.0371 0x097c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:44:31.0378 0x097c  MBAMService - ok
19:44:31.0381 0x097c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
19:44:31.0382 0x097c  megasas - ok
19:44:31.0391 0x097c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
19:44:31.0396 0x097c  megasr - ok
19:44:31.0399 0x097c  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
19:44:31.0400 0x097c  MEIx64 - ok
19:44:31.0402 0x097c  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
19:44:31.0404 0x097c  MMCSS - ok
19:44:31.0406 0x097c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
19:44:31.0407 0x097c  Modem - ok
19:44:31.0409 0x097c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
19:44:31.0409 0x097c  monitor - ok
19:44:31.0412 0x097c  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
19:44:31.0412 0x097c  mouclass - ok
19:44:31.0414 0x097c  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
19:44:31.0415 0x097c  mouhid - ok
19:44:31.0417 0x097c  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
19:44:31.0418 0x097c  mountmgr - ok
19:44:31.0421 0x097c  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
19:44:31.0422 0x097c  mpsdrv - ok
19:44:31.0435 0x097c  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
19:44:31.0444 0x097c  MpsSvc - ok
19:44:31.0449 0x097c  [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
19:44:31.0450 0x097c  MRxDAV - ok
19:44:31.0457 0x097c  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:44:31.0461 0x097c  mrxsmb - ok
19:44:31.0466 0x097c  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:44:31.0469 0x097c  mrxsmb10 - ok
19:44:31.0474 0x097c  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:44:31.0476 0x097c  mrxsmb20 - ok
19:44:31.0479 0x097c  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
19:44:31.0480 0x097c  MsBridge - ok
19:44:31.0483 0x097c  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:44:31.0485 0x097c  MSDTC - ok
19:44:31.0489 0x097c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:44:31.0489 0x097c  Msfs - ok
19:44:31.0491 0x097c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:44:31.0492 0x097c  msgpiowin32 - ok
19:44:31.0494 0x097c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:44:31.0494 0x097c  mshidkmdf - ok
19:44:31.0496 0x097c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
19:44:31.0496 0x097c  mshidumdf - ok
19:44:31.0498 0x097c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
19:44:31.0498 0x097c  msisadrv - ok
19:44:31.0502 0x097c  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
19:44:31.0503 0x097c  MSiSCSI - ok
19:44:31.0505 0x097c  msiserver - ok
19:44:31.0507 0x097c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:44:31.0507 0x097c  MSKSSRV - ok
19:44:31.0510 0x097c  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
19:44:31.0510 0x097c  MsLldp - ok
19:44:31.0512 0x097c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:44:31.0512 0x097c  MSPCLOCK - ok
19:44:31.0514 0x097c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:44:31.0514 0x097c  MSPQM - ok
19:44:31.0520 0x097c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
19:44:31.0524 0x097c  MsRPC - ok
19:44:31.0527 0x097c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
19:44:31.0528 0x097c  mssmbios - ok
19:44:31.0529 0x097c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:44:31.0530 0x097c  MSTEE - ok
19:44:31.0532 0x097c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
19:44:31.0532 0x097c  MTConfig - ok
19:44:31.0535 0x097c  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
19:44:31.0536 0x097c  Mup - ok
19:44:31.0541 0x097c  [ F69D71B33C64F979E4F2544AE6A9736B, A5DBD810A3921D5C6C5E79D1EEACD8E6FF9FA86AAEA65BB76CA2E4A881EC9B7B ] mvs91xx         C:\WINDOWS\system32\drivers\mvs91xx.sys
19:44:31.0544 0x097c  mvs91xx - ok
19:44:31.0547 0x097c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
19:44:31.0548 0x097c  mvumis - ok
19:44:31.0555 0x097c  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
19:44:31.0560 0x097c  napagent - ok
19:44:31.0568 0x097c  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:44:31.0572 0x097c  NativeWifiP - ok
19:44:31.0577 0x097c  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
19:44:31.0580 0x097c  NcaSvc - ok
19:44:31.0583 0x097c  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
19:44:31.0585 0x097c  NcbService - ok
19:44:31.0588 0x097c  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
19:44:31.0589 0x097c  NcdAutoSetup - ok
19:44:31.0604 0x097c  [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
19:44:31.0615 0x097c  NDIS - ok
19:44:31.0618 0x097c  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
19:44:31.0619 0x097c  NdisCap - ok
19:44:31.0622 0x097c  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
19:44:31.0623 0x097c  NdisImPlatform - ok
19:44:31.0625 0x097c  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:44:31.0626 0x097c  NdisTapi - ok
19:44:31.0628 0x097c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:44:31.0629 0x097c  Ndisuio - ok
19:44:31.0630 0x097c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:44:31.0631 0x097c  NdisVirtualBus - ok
19:44:31.0635 0x097c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:44:31.0637 0x097c  NdisWan - ok
19:44:31.0641 0x097c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:44:31.0643 0x097c  NdisWanLegacy - ok
19:44:31.0646 0x097c  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:44:31.0646 0x097c  NDProxy - ok
19:44:31.0649 0x097c  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
19:44:31.0650 0x097c  Ndu - ok
19:44:31.0652 0x097c  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:44:31.0653 0x097c  NetBIOS - ok
19:44:31.0658 0x097c  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:44:31.0660 0x097c  NetBT - ok
19:44:31.0663 0x097c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:44:31.0664 0x097c  Netlogon - ok
19:44:31.0669 0x097c  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
19:44:31.0672 0x097c  Netman - ok
19:44:31.0680 0x097c  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
19:44:31.0686 0x097c  netprofm - ok
19:44:31.0692 0x097c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:44:31.0693 0x097c  NetTcpPortSharing - ok
19:44:31.0696 0x097c  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
19:44:31.0697 0x097c  netvsc - ok
19:44:31.0704 0x097c  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
19:44:31.0708 0x097c  NlaSvc - ok
19:44:31.0711 0x097c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:44:31.0712 0x097c  Npfs - ok
19:44:31.0714 0x097c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
19:44:31.0715 0x097c  npsvctrig - ok
19:44:31.0717 0x097c  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
19:44:31.0718 0x097c  nsi - ok
19:44:31.0720 0x097c  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
19:44:31.0721 0x097c  nsiproxy - ok
19:44:31.0748 0x097c  [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:44:31.0767 0x097c  Ntfs - ok
19:44:31.0771 0x097c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:44:31.0771 0x097c  Null - ok
19:44:31.0775 0x097c  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
19:44:31.0777 0x097c  NVHDA - ok
19:44:31.0921 0x097c  [ 52B33E12FF8C9E219CAEC1BB4A5F5E4C, 5272178B39FEDB3F001249FE7C852787EFD715FC49BBAAE58158A189AFB8A337 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
19:44:32.0033 0x097c  nvlddmkm - ok
19:44:32.0063 0x097c  [ 6F5D2728019DCE7BFF3BAC1885CC0449, D62ECFE384361F04E6AF446CBB8CF64A58556AEFC0E04204F81073B016960EB8 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:44:32.0078 0x097c  NvNetworkService - ok
19:44:32.0082 0x097c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
19:44:32.0084 0x097c  nvraid - ok
19:44:32.0088 0x097c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
19:44:32.0089 0x097c  nvstor - ok
19:44:32.0280 0x097c  [ F9C2484E42EDB56E1FFE8378DA3AA778, FB200D950A3BC92B5207A31E9B8255F1DA3989F2DEA160FB653AD1D283FFBFC4 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
19:44:32.0431 0x097c  NvStreamSvc - ok
19:44:32.0455 0x097c  [ 2B47EDD27365F9F5D8E87648BECF52C4, CADA4B19791441373580919FFF89623489C7A1737857760B96CC3F0A08DB8D59 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
19:44:32.0464 0x097c  nvsvc - ok
19:44:32.0467 0x097c  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
19:44:32.0468 0x097c  nvvad_WaveExtensible - ok
19:44:32.0471 0x097c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
19:44:32.0472 0x097c  nv_agp - ok
19:44:32.0479 0x097c  [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
19:44:32.0484 0x097c  p2pimsvc - ok
19:44:32.0491 0x097c  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
19:44:32.0496 0x097c  p2psvc - ok
19:44:32.0499 0x097c  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
19:44:32.0500 0x097c  Parport - ok
19:44:32.0502 0x097c  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
19:44:32.0503 0x097c  partmgr - ok
19:44:32.0511 0x097c  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
19:44:32.0515 0x097c  PcaSvc - ok
19:44:32.0522 0x097c  [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci             C:\WINDOWS\system32\drivers\pci.sys
19:44:32.0524 0x097c  pci - ok
19:44:32.0527 0x097c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
19:44:32.0527 0x097c  pciide - ok
19:44:32.0530 0x097c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
19:44:32.0531 0x097c  pcmcia - ok
19:44:32.0533 0x097c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
19:44:32.0534 0x097c  pcw - ok
19:44:32.0537 0x097c  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
19:44:32.0538 0x097c  pdc - ok
19:44:32.0547 0x097c  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
19:44:32.0554 0x097c  PEAUTH - ok
19:44:32.0576 0x097c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
19:44:32.0577 0x097c  PerfHost - ok
19:44:32.0598 0x097c  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
19:44:32.0611 0x097c  pla - ok
19:44:32.0616 0x097c  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
19:44:32.0617 0x097c  PlugPlay - ok
19:44:32.0619 0x097c  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
19:44:32.0620 0x097c  PNRPAutoReg - ok
19:44:32.0627 0x097c  [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
19:44:32.0632 0x097c  PNRPsvc - ok
19:44:32.0639 0x097c  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
19:44:32.0644 0x097c  PolicyAgent - ok
19:44:32.0647 0x097c  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
19:44:32.0649 0x097c  Power - ok
19:44:32.0683 0x097c  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
19:44:32.0710 0x097c  PrintNotify - ok
19:44:32.0714 0x097c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
19:44:32.0715 0x097c  Processor - ok
19:44:32.0720 0x097c  [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
19:44:32.0722 0x097c  ProfSvc - ok
19:44:32.0726 0x097c  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
19:44:32.0728 0x097c  Psched - ok
19:44:32.0733 0x097c  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
19:44:32.0736 0x097c  QWAVE - ok
19:44:32.0739 0x097c  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
19:44:32.0739 0x097c  QWAVEdrv - ok
19:44:32.0742 0x097c  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:44:32.0742 0x097c  RasAcd - ok
19:44:32.0745 0x097c  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:44:32.0747 0x097c  RasAuto - ok
19:44:32.0755 0x097c  [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:44:32.0760 0x097c  RasMan - ok
19:44:32.0763 0x097c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:44:32.0764 0x097c  RasPppoe - ok
19:44:32.0771 0x097c  [ B939A2A0F9D6C6C186721E268EB6FA93, 8AF03945428D8F0E9B6DE1C24627336398320C7C78E5F594E0A57AB2DB6E0A24 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:44:32.0774 0x097c  rdbss - ok
19:44:32.0777 0x097c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
19:44:32.0778 0x097c  rdpbus - ok
19:44:32.0782 0x097c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
19:44:32.0784 0x097c  RDPDR - ok
19:44:32.0787 0x097c  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:44:32.0787 0x097c  RdpVideoMiniport - ok
19:44:32.0792 0x097c  [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
19:44:32.0794 0x097c  rdyboost - ok
19:44:32.0807 0x097c  [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
19:44:32.0816 0x097c  ReFS - ok
19:44:32.0821 0x097c  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:44:32.0823 0x097c  RemoteAccess - ok
19:44:32.0828 0x097c  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:44:32.0830 0x097c  RemoteRegistry - ok
19:44:32.0833 0x097c  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
19:44:32.0835 0x097c  RpcEptMapper - ok
19:44:32.0836 0x097c  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:44:32.0837 0x097c  RpcLocator - ok
19:44:32.0847 0x097c  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:44:32.0855 0x097c  RpcSs - ok
19:44:32.0858 0x097c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
19:44:32.0859 0x097c  rspndr - ok
19:44:32.0861 0x097c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
19:44:32.0861 0x097c  s3cap - ok
19:44:32.0863 0x097c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:44:32.0864 0x097c  SamSs - ok
19:44:32.0939 0x097c  [ E20128053F3F4641A2627ECFA7149ECA, CE5620BC170E76E53FEDCCEE12BBFBEE7C67B96E53E5D9C63FA7773C36699DC6 ] SbieDrv         D:\Sandboxie\SbieDrv.sys
19:44:32.0942 0x097c  SbieDrv - ok
19:44:32.0977 0x097c  [ 0FA1025D7AC725EEA5EA3076965EEA6B, 80AFCFD77BCE07F34C1276F5F416A156ABB9FEDC2AAF7AE68CEA500A4468D125 ] SbieSvc         D:\Sandboxie\SbieSvc.exe
19:44:32.0979 0x097c  SbieSvc - ok
19:44:32.0984 0x097c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
19:44:32.0985 0x097c  sbp2port - ok
19:44:32.0989 0x097c  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
19:44:32.0991 0x097c  SCardSvr - ok
19:44:32.0995 0x097c  [ D33BFF730B222D00A2F665F8F3E0A788, 371C7E62FD8F1628F6130E0A67A90FBDB34BBCADB3ADA1E41481EFE073ADDC65 ] SCDEmu          C:\WINDOWS\system32\drivers\SCDEmu.sys
19:44:32.0996 0x097c  SCDEmu - ok
19:44:33.0000 0x097c  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
19:44:33.0002 0x097c  ScDeviceEnum - ok
19:44:33.0004 0x097c  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:44:33.0005 0x097c  scfilter - ok
19:44:33.0020 0x097c  [ 888A30EAB651502352C18745367FD179, 00CD9FA55F3E896D8BA81368DF1E855E2F64B5AC488EB4F9BF2C4E45ED63FD5F ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:44:33.0033 0x097c  Schedule - ok
19:44:33.0037 0x097c  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
19:44:33.0039 0x097c  SCPolicySvc - ok
19:44:33.0043 0x097c  [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
19:44:33.0046 0x097c  sdbus - ok
19:44:33.0048 0x097c  [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
19:44:33.0049 0x097c  sdstor - ok
19:44:33.0051 0x097c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
19:44:33.0052 0x097c  secdrv - ok
19:44:33.0054 0x097c  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
19:44:33.0055 0x097c  seclogon - ok
19:44:33.0057 0x097c  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
19:44:33.0058 0x097c  SENS - ok
19:44:33.0063 0x097c  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] SensorsSimulatorDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:44:33.0065 0x097c  SensorsSimulatorDriver - ok
19:44:33.0070 0x097c  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
19:44:33.0072 0x097c  SensrSvc - ok
19:44:33.0075 0x097c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
19:44:33.0076 0x097c  SerCx - ok
19:44:33.0080 0x097c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
19:44:33.0081 0x097c  SerCx2 - ok
19:44:33.0083 0x097c  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
19:44:33.0083 0x097c  Serenum - ok
19:44:33.0086 0x097c  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
19:44:33.0087 0x097c  Serial - ok
19:44:33.0089 0x097c  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
19:44:33.0089 0x097c  sermouse - ok
19:44:33.0097 0x097c  [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
19:44:33.0100 0x097c  SessionEnv - ok
19:44:33.0102 0x097c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
19:44:33.0103 0x097c  sfloppy - ok
19:44:33.0110 0x097c  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:44:33.0115 0x097c  SharedAccess - ok
19:44:33.0124 0x097c  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:44:33.0131 0x097c  ShellHWDetection - ok
19:44:33.0133 0x097c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:44:33.0134 0x097c  SiSRaid2 - ok
19:44:33.0136 0x097c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
19:44:33.0137 0x097c  SiSRaid4 - ok
19:44:33.0141 0x097c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:44:33.0143 0x097c  SkypeUpdate - ok
19:44:33.0145 0x097c  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
19:44:33.0146 0x097c  smphost - ok
19:44:33.0149 0x097c  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
19:44:33.0150 0x097c  SNMPTRAP - ok
19:44:33.0156 0x097c  [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
19:44:33.0160 0x097c  spaceport - ok
19:44:33.0163 0x097c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
19:44:33.0164 0x097c  SpbCx - ok
19:44:33.0175 0x097c  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
19:44:33.0183 0x097c  Spooler - ok
19:44:33.0258 0x097c  [ E6DEC72A2A23FAA53EB9FEC3C7E29D66, 58BB3B9D50DFFF99E790D5B768FAA387F16385436BA6EB704BE6DB1F63B8E4B2 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
19:44:33.0316 0x097c  sppsvc - ok
19:44:33.0325 0x097c  [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:44:33.0326 0x097c  SQLWriter - ok
19:44:33.0333 0x097c  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:44:33.0338 0x097c  srv - ok
19:44:33.0348 0x097c  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
19:44:33.0354 0x097c  srv2 - ok
19:44:33.0359 0x097c  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:44:33.0361 0x097c  srvnet - ok
19:44:33.0366 0x097c  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:44:33.0369 0x097c  SSDPSRV - ok
19:44:33.0373 0x097c  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
19:44:33.0375 0x097c  SstpSvc - ok
19:44:33.0384 0x097c  [ BE1B9FB1DE0CFA058D5A52B7C71268D3, 4B2A423A586284773AE5C0CFF2AF140A03D793C14315424B0E9E624948407225 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:44:33.0389 0x097c  Steam Client Service - ok
19:44:33.0396 0x097c  [ B5D2F4BF587FD60AF75B09EFC1AD0E0A, 2033D6DFCA7A48E338D94427AEC82DA761618D5D3AEB22E5A64427D2C2DB0350 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:44:33.0400 0x097c  Stereo Service - ok
19:44:33.0408 0x097c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
19:44:33.0408 0x097c  stexstor - ok
19:44:33.0436 0x097c  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
19:44:33.0443 0x097c  stisvc - ok
19:44:33.0446 0x097c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
19:44:33.0448 0x097c  storahci - ok
19:44:33.0450 0x097c  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
19:44:33.0451 0x097c  storflt - ok
19:44:33.0453 0x097c  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
19:44:33.0454 0x097c  stornvme - ok
19:44:33.0455 0x097c  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
19:44:33.0457 0x097c  StorSvc - ok
19:44:33.0459 0x097c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
19:44:33.0460 0x097c  storvsc - ok
19:44:33.0461 0x097c  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
19:44:33.0463 0x097c  svsvc - ok
19:44:33.0464 0x097c  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
19:44:33.0465 0x097c  swenum - ok
19:44:33.0475 0x097c  [ A5DC2E63F5E5D3C0B843307374998479, B3156296D1750FEAF2354E217735B8D888C50599869233FB1B537167F2CECE0B ] swprv           C:\WINDOWS\System32\swprv.dll
19:44:33.0483 0x097c  swprv - ok
19:44:33.0500 0x097c  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain         C:\WINDOWS\system32\sysmain.dll
19:44:33.0512 0x097c  SysMain - ok
19:44:33.0518 0x097c  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:44:33.0521 0x097c  SystemEventsBroker - ok
19:44:33.0525 0x097c  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:44:33.0527 0x097c  TabletInputService - ok
19:44:33.0533 0x097c  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:44:33.0537 0x097c  TapiSrv - ok
19:44:33.0567 0x097c  [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
19:44:33.0590 0x097c  Tcpip - ok
19:44:33.0624 0x097c  [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:44:33.0647 0x097c  TCPIP6 - ok
19:44:33.0651 0x097c  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
19:44:33.0652 0x097c  tcpipreg - ok
19:44:33.0655 0x097c  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
19:44:33.0657 0x097c  tdx - ok
19:44:33.0659 0x097c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
19:44:33.0659 0x097c  terminpt - ok
19:44:33.0673 0x097c  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\WINDOWS\System32\termsrv.dll
19:44:33.0683 0x097c  TermService - ok
19:44:33.0687 0x097c  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
19:44:33.0688 0x097c  Themes - ok
19:44:33.0690 0x097c  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
19:44:33.0692 0x097c  THREADORDER - ok
19:44:33.0696 0x097c  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
19:44:33.0699 0x097c  TimeBroker - ok
19:44:33.0703 0x097c  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
19:44:33.0705 0x097c  TPM - ok
19:44:33.0708 0x097c  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
19:44:33.0710 0x097c  TrkWks - ok
19:44:33.0712 0x097c  [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:44:33.0714 0x097c  TrustedInstaller - ok
19:44:33.0717 0x097c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
19:44:33.0717 0x097c  TsUsbFlt - ok
19:44:33.0719 0x097c  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:44:33.0720 0x097c  TsUsbGD - ok
19:44:33.0723 0x097c  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
19:44:33.0725 0x097c  tunnel - ok
19:44:33.0727 0x097c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
19:44:33.0728 0x097c  uagp35 - ok
19:44:33.0730 0x097c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
19:44:33.0731 0x097c  UASPStor - ok
19:44:33.0735 0x097c  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
19:44:33.0737 0x097c  UCX01000 - ok
19:44:33.0742 0x097c  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
19:44:33.0745 0x097c  udfs - ok
19:44:33.0747 0x097c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
19:44:33.0748 0x097c  UEFI - ok
19:44:33.0751 0x097c  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
19:44:33.0753 0x097c  UI0Detect - ok
19:44:33.0755 0x097c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
19:44:33.0756 0x097c  uliagpkx - ok
19:44:33.0758 0x097c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
19:44:33.0759 0x097c  umbus - ok
19:44:33.0761 0x097c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
19:44:33.0761 0x097c  UmPass - ok
19:44:33.0766 0x097c  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
19:44:33.0770 0x097c  UmRdpService - ok
19:44:33.0777 0x097c  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:44:33.0782 0x097c  upnphost - ok
19:44:33.0785 0x097c  [ 755A90F1C949B8260D7670AEF6DB4912, 0408112B3277D00C92BD9265DC9A7C8CA46FB160D0B4BB0318B86DB4A5EA2DA7 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
19:44:33.0786 0x097c  usbaudio - ok
19:44:33.0790 0x097c  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
19:44:33.0791 0x097c  usbccgp - ok
19:44:33.0793 0x097c  [ BA1E9E3550F6D578FF68DA2873077C96, 40C533C1C59ADD2057F9B95D631A2540A0B246C532AE69B64C629DEEB770A238 ] UsbCharger      C:\WINDOWS\system32\DRIVERS\UsbCharger.sys
19:44:33.0794 0x097c  UsbCharger - ok
19:44:33.0796 0x097c  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
19:44:33.0798 0x097c  usbcir - ok
19:44:33.0800 0x097c  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
19:44:33.0801 0x097c  usbehci - ok
19:44:33.0808 0x097c  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
19:44:33.0812 0x097c  usbhub - ok
19:44:33.0819 0x097c  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
19:44:33.0823 0x097c  USBHUB3 - ok
19:44:33.0826 0x097c  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
19:44:33.0827 0x097c  usbohci - ok
19:44:33.0829 0x097c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
19:44:33.0830 0x097c  usbprint - ok
19:44:33.0833 0x097c  [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:44:33.0835 0x097c  USBSTOR - ok
19:44:33.0837 0x097c  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
19:44:33.0837 0x097c  usbuhci - ok
19:44:33.0843 0x097c  [ 3B44CB989757428208CCFCC028C13110, E71BFA4BB0F4FAEDA79606C44F7DAAB317CD99C9382942E5830F440CF96D9B35 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:44:33.0846 0x097c  USBXHCI - ok
19:44:33.0848 0x097c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
19:44:33.0849 0x097c  VaultSvc - ok
19:44:33.0851 0x097c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
19:44:33.0852 0x097c  vdrvroot - ok
19:44:33.0869 0x097c  [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds             C:\WINDOWS\System32\vds.exe
19:44:33.0881 0x097c  vds - ok
19:44:33.0887 0x097c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
19:44:33.0889 0x097c  VerifierExt - ok
19:44:33.0897 0x097c  [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
19:44:33.0902 0x097c  vhdmp - ok
19:44:33.0905 0x097c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
19:44:33.0905 0x097c  viaide - ok
19:44:33.0908 0x097c  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
19:44:33.0909 0x097c  vmbus - ok
19:44:33.0911 0x097c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
19:44:33.0912 0x097c  VMBusHID - ok
19:44:33.0919 0x097c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:44:33.0925 0x097c  vmicguestinterface - ok
19:44:33.0932 0x097c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
19:44:33.0937 0x097c  vmicheartbeat - ok
19:44:33.0944 0x097c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:44:33.0949 0x097c  vmickvpexchange - ok
19:44:33.0956 0x097c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
19:44:33.0962 0x097c  vmicrdv - ok
19:44:33.0969 0x097c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
19:44:33.0974 0x097c  vmicshutdown - ok
19:44:33.0981 0x097c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
19:44:33.0986 0x097c  vmictimesync - ok
19:44:33.0993 0x097c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
19:44:33.0999 0x097c  vmicvss - ok
19:44:34.0001 0x097c  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
19:44:34.0002 0x097c  volmgr - ok
19:44:34.0008 0x097c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
19:44:34.0013 0x097c  volmgrx - ok
19:44:34.0019 0x097c  [ 9F9CE33B50611A1C61A46B8911E0B30B, FE4EDF16CE8FC36BB2125FC7D1CF45C65B06A2C31D426635115D879987DF2159 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
19:44:34.0022 0x097c  volsnap - ok
19:44:34.0024 0x097c  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
19:44:34.0025 0x097c  vpci - ok
19:44:34.0148 0x097c  [ 9B4F6978628D07FAEBF77FF6F8F2960D, FC36FE6BE77445D55E4E92CE3EAF172E253EC8CF8D2EBCA204969CF21FFA5600 ] VsEtwService120 D:\Visual Studio\Common7\Packages\Debugger\Services\VsEtwService.exe
19:44:34.0149 0x097c  VsEtwService120 - ok
19:44:34.0154 0x097c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
19:44:34.0155 0x097c  vsmraid - ok
19:44:34.0175 0x097c  [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS             C:\WINDOWS\system32\vssvc.exe
19:44:34.0188 0x097c  VSS - ok
19:44:34.0195 0x097c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
19:44:34.0198 0x097c  VSTXRAID - ok
19:44:34.0201 0x097c  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
19:44:34.0201 0x097c  vwifibus - ok
19:44:34.0208 0x097c  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
19:44:34.0212 0x097c  W32Time - ok
19:44:34.0215 0x097c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
19:44:34.0215 0x097c  WacomPen - ok
19:44:34.0234 0x097c  [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine        C:\WINDOWS\system32\wbengine.exe
19:44:34.0249 0x097c  wbengine - ok
19:44:34.0257 0x097c  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
19:44:34.0262 0x097c  WbioSrvc - ok
19:44:34.0268 0x097c  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
19:44:34.0272 0x097c  Wcmsvc - ok
19:44:34.0280 0x097c  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
19:44:34.0285 0x097c  wcncsvc - ok
19:44:34.0287 0x097c  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:44:34.0289 0x097c  WcsPlugInService - ok
19:44:34.0291 0x097c  [ 694B28DE12AD47031FFB4B052662131A, FF3B1B1A69C82BB123073E10D9F1322ED8587F5BAC36F8AB7DAED22C7DD5C7DB ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
19:44:34.0292 0x097c  WdBoot - ok
19:44:34.0303 0x097c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
19:44:34.0311 0x097c  Wdf01000 - ok
19:44:34.0316 0x097c  [ 0B99529A3BECC3528D865DDECB62503B, 28E6B44BDC52E212D2EB269491D3574B45EE9B19821FE15167D7FA05566C89F4 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
19:44:34.0319 0x097c  WdFilter - ok
19:44:34.0322 0x097c  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
19:44:34.0323 0x097c  WdiServiceHost - ok
19:44:34.0325 0x097c  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
19:44:34.0327 0x097c  WdiSystemHost - ok
19:44:34.0330 0x097c  [ 282E7D46310338FF4A6B7680440EB0DA, 04242798DD82F583154AEA3D775C9BFD574FC471D01CDEB9D070872425094D82 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:44:34.0331 0x097c  WdNisDrv - ok
19:44:34.0332 0x097c  WdNisSvc - ok
19:44:34.0337 0x097c  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:44:34.0340 0x097c  WebClient - ok
19:44:34.0344 0x097c  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
19:44:34.0347 0x097c  Wecsvc - ok
19:44:34.0349 0x097c  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
19:44:34.0350 0x097c  WEPHOSTSVC - ok
19:44:34.0353 0x097c  [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
19:44:34.0354 0x097c  wercplsupport - ok
19:44:34.0357 0x097c  [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
19:44:34.0359 0x097c  WerSvc - ok
19:44:34.0362 0x097c  [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
19:44:34.0364 0x097c  WFPLWFS - ok
19:44:34.0366 0x097c  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
19:44:34.0368 0x097c  WiaRpc - ok
19:44:34.0371 0x097c  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
19:44:34.0371 0x097c  WIMMount - ok
19:44:34.0372 0x097c  WinDefend - ok
19:44:34.0385 0x097c  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:44:34.0393 0x097c  WinHttpAutoProxySvc - ok
19:44:34.0400 0x097c  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:44:34.0402 0x097c  Winmgmt - ok
19:44:34.0403 0x097c  WinRing0_1_2_0 - ok
19:44:34.0433 0x097c  [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:44:34.0456 0x097c  WinRM - ok
19:44:34.0479 0x097c  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
19:44:34.0493 0x097c  WlanSvc - ok
19:44:34.0514 0x097c  [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
19:44:34.0529 0x097c  wlidsvc - ok
19:44:34.0532 0x097c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
19:44:34.0533 0x097c  WmiAcpi - ok
19:44:34.0537 0x097c  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:44:34.0539 0x097c  wmiApSrv - ok
19:44:34.0541 0x097c  WMPNetworkSvc - ok
19:44:34.0562 0x097c  [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
19:44:34.0577 0x097c  workfolderssvc - ok
19:44:34.0581 0x097c  [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:44:34.0582 0x097c  wpcfltr - ok
19:44:34.0583 0x097c  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
19:44:34.0585 0x097c  WPCSvc - ok
19:44:34.0587 0x097c  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
19:44:34.0589 0x097c  WPDBusEnum - ok
19:44:34.0591 0x097c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:44:34.0591 0x097c  WpdUpFltr - ok
19:44:34.0594 0x097c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:44:34.0594 0x097c  ws2ifsl - ok
19:44:34.0598 0x097c  [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
19:44:34.0600 0x097c  wscsvc - ok
19:44:34.0602 0x097c  WSearch - ok
19:44:34.0643 0x097c  [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService       C:\WINDOWS\System32\WSService.dll
19:44:34.0674 0x097c  WSService - ok
19:44:34.0719 0x097c  [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
19:44:34.0752 0x097c  wuauserv - ok
19:44:34.0757 0x097c  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
19:44:34.0758 0x097c  WudfPf - ok
19:44:34.0763 0x097c  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
19:44:34.0765 0x097c  WUDFRd - ok
19:44:34.0770 0x097c  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:44:34.0772 0x097c  WUDFSensorLP - ok
19:44:34.0775 0x097c  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
19:44:34.0777 0x097c  wudfsvc - ok
19:44:34.0781 0x097c  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:44:34.0784 0x097c  WUDFWpdFs - ok
19:44:34.0792 0x097c  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
19:44:34.0797 0x097c  WwanSvc - ok
19:44:34.0801 0x097c  [ 18D476A18E4DCC9B5823EBF6DAD96C58, 536DCA54E36BFA6916C550A747FD297BBB1DC0D31206536A386B1C8E024FFBCC ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
19:44:34.0802 0x097c  xusb22 - ok
19:44:34.0803 0x097c  ================ Scan global ===============================
19:44:34.0806 0x097c  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
19:44:34.0811 0x097c  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\WINDOWS\system32\winsrv.dll
19:44:34.0815 0x097c  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
19:44:34.0822 0x097c  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
19:44:34.0827 0x097c  [ Global ] - ok
19:44:34.0827 0x097c  ================ Scan MBR ==================================
19:44:34.0828 0x097c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:44:34.0830 0x097c  \Device\Harddisk0\DR0 - ok
19:44:34.0832 0x097c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:44:34.0861 0x097c  \Device\Harddisk1\DR1 - ok
19:44:34.0861 0x097c  ================ Scan VBR ==================================
19:44:34.0862 0x097c  [ 173E10BB00328589EE7257DAEE355C41 ] \Device\Harddisk0\DR0\Partition1
19:44:34.0863 0x097c  \Device\Harddisk0\DR0\Partition1 - ok
19:44:34.0864 0x097c  [ 6FE18F7BD93AD88C4524DA869A57C93D ] \Device\Harddisk1\DR1\Partition1
19:44:34.0865 0x097c  \Device\Harddisk1\DR1\Partition1 - ok
19:44:34.0865 0x097c  Waiting for KSN requests completion. In queue: 240
19:44:35.0866 0x097c  Waiting for KSN requests completion. In queue: 240
19:44:36.0867 0x097c  Waiting for KSN requests completion. In queue: 69
19:44:37.0875 0x097c  AV detected via SS2: ESET NOD32 Antivirus 7.0, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe ( 7.0.302.0 ), 0x41000 ( enabled : updated )
19:44:37.0876 0x097c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9600.16384 ), 0x60100 ( disabled : updated )
19:44:37.0878 0x097c  Win FW state via NFP2: enabled
19:44:40.0333 0x097c  ============================================================
19:44:40.0333 0x097c  Scan finished
19:44:40.0333 0x097c  ============================================================
19:44:40.0336 0x1804  Detected object count: 0
19:44:40.0336 0x1804  Actual detected object count: 0
 
So, am I infected with a rootkit? 
P.S I apologize if these threads reguarding patchers/keygens or whatever aren't allowed, I just am very worried I very stupidly infected myself and this website would be a great place to ask.

Edited by gdawgholmes, 20 February 2014 - 05:05 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA

Posted 20 February 2014 - 04:37 PM

Hello, Yes you are and we will need you to repost this in a new topic to get it out.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 20 February 2014 - 04:49 PM

Hello, Yes you are and we will need you to repost this in a new topic to get it out.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.

 

 


Edited by gdawgholmes, 20 February 2014 - 04:53 PM.


#4 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 20 February 2014 - 04:54 PM

 

Hello, Yes you are and we will need you to repost this in a new topic to get it out.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.

 

 

DDS says it can't run in compatibility mode and will now exit.



#5 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 20 February 2014 - 04:56 PM

Hello, Yes you are and we will need you to repost this in a new topic to get it out.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.

 

Hello, Yes you are and we will need you to repost this in a new topic to get it out.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.

DDS says it can't run in compatibility mode and will now exit.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:51 PM

Posted 20 February 2014 - 05:00 PM

Ok,, I see you have Win 8.. Please make the topic Stating you have win 8 and cannot use DDS.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 20 February 2014 - 05:05 PM

Ok,, I see you have Win 8.. Please make the topic Stating you have win 8 and cannot use DDS.

Okay, done. So what next? 



#8 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 20 February 2014 - 05:19 PM

For some reason GMER will not run anymore it just stops responding



#9 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 20 February 2014 - 05:25 PM

Ok,, I see you have Win 8.. Please make the topic Stating you have win 8 and cannot use DDS.

Is there any alternative I should use?



#10 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 20 February 2014 - 05:29 PM

OH bleep OK GMER IS GOING CRAZY AND DETECTING TONS OF bleep NOW



#11 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 20 February 2014 - 05:31 PM

Ok I will post new log after it's done scanning



#12 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 20 February 2014 - 05:36 PM

NEW GMER LOG

 

Rootkit scan 2014-02-20 16:34:55
Windows 6.2.9200  x64 \Device\Harddisk1\DR1 -> \Device\00000037  rev. 0.00MB
Running: zmvyl411.exe; Driver: C:\Users\Dawg\AppData\Local\Temp\fwryqaob.sys
 
 
---- User code sections - GMER 2.1 ----
 
.text    C:\WINDOWS\system32\dwm.exe[348] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                      00007ffad54c169a 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\system32\dwm.exe[348] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                      00007ffad54c16a2 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\system32\dwm.exe[348] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                         00007ffad54c181a 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\system32\dwm.exe[348] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                         00007ffad54c1832 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[728] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                   00007ffad54c169a 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[728] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                   00007ffad54c16a2 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[728] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                      00007ffad54c181a 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[728] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                      00007ffad54c1832 4 bytes [4C, D5, FA, 7F]
.text    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2184] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                   00007ffad54c169a 4 bytes [4C, D5, FA, 7F]
.text    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2184] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                   00007ffad54c16a2 4 bytes [4C, D5, FA, 7F]
.text    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2184] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                      00007ffad54c181a 4 bytes [4C, D5, FA, 7F]
.text    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2184] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                      00007ffad54c1832 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\Explorer.EXE[3524] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                         00007ffad54c169a 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\Explorer.EXE[3524] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                         00007ffad54c16a2 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\Explorer.EXE[3524] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                            00007ffad54c181a 4 bytes [4C, D5, FA, 7F]
.text    C:\WINDOWS\Explorer.EXE[3524] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                            00007ffad54c1832 4 bytes [4C, D5, FA, 7F]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4476] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                             00007ffad54c169a 4 bytes [4C, D5, FA, 7F]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4476] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                             00007ffad54c16a2 4 bytes [4C, D5, FA, 7F]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4476] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                                00007ffad54c181a 4 bytes [4C, D5, FA, 7F]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4476] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                                00007ffad54c1832 4 bytes [4C, D5, FA, 7F]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!av_packet_split_side_data + 972                                                         0000000063022a9c 3 bytes [20, 8D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!av_packet_split_side_data + 987                                                         0000000063022aab 3 bytes [20, 8D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!init_vlc_sparse + 289                                                                   0000000063023151 3 bytes [20, 8D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!init_vlc_sparse + 299                                                                   000000006302315b 3 bytes [20, 8D, 00]
.text    ...                                                                                                                                          * 7
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!avcodec_get_chroma_sub_sample + 13                                                      000000006306fced 3 bytes [40, 9D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!ff_is_hwaccel_pix_fmt + 10                                                              000000006306fd2a 3 bytes [47, 9D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!avpicture_layout + 85                                                                   000000006306fef5 3 bytes [44, 9D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!avpicture_layout + 115                                                                  000000006306ff13 3 bytes [48, 9D, 00]
.text    ...                                                                                                                                          * 3
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!avcodec_get_pix_fmt_loss + 108                                                          00000000630700ac 3 bytes [40, 9D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!avcodec_get_pix_fmt_loss + 114                                                          00000000630700b2 3 bytes [40, 9D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!avcodec_find_best_pix_fmt + 90                                                          000000006307025a 3 bytes [44, 9D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!avcodec_find_best_pix_fmt + 107                                                         000000006307026b 3 bytes [46, 9D, 00]
.text    ...                                                                                                                                          * 2
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!av_picture_crop + 51                                                                    0000000063070823 3 bytes [40, 9D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!av_picture_pad + 750                                                                    0000000063070bfe 3 bytes [40, 9D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!avcodec_pix_fmt_to_codec_tag + 497                                                      0000000063077121 3 bytes [47, 9D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!avcodec_align_dimensions + 30                                                           000000006307aabe 3 bytes [45, 9D, 00]
.text    D:\Steam\Steam.exe[2152] D:\Steam\bin\avcodec-53.dll!avcodec_default_get_buffer + 796                                                        000000006307ce5c 3 bytes [48, 9D, 00]
.text    D:\Security\Misc\KeyScrambler\x64\KeyScrambler.exe[5764] C:\WINDOWS\system32\IMM32.DLL!ImmProcessKey                                         00007ffad3474e40 14 bytes {JMP QWORD [RIP+0x0]}
 
---- Threads - GMER 2.1 ----
 
Thread   C:\WINDOWS\system32\csrss.exe [748:772]                                                                                                      fffff960009b14d0
Thread   C:\WINDOWS\SYSTEM32\ntdll.dll [4212:4216]                                                                                                    00000000002f727e
 
---- Services - GMER 2.1 ----
 
Service  system32\drivers\56926063.sys (*** hidden *** )                                                                                              [BOOT] 09785182                                                                                                                                                                                                                                                                                                 <-- ROOTKIT !!!
 
---- Registry - GMER 2.1 ----
 
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime                                                                            0xCB 0x79 0x6E 0xF5 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime                                                                        0x58 0xAF 0x9E 0xBA ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@en-US                                                                        13
Reg      HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\SAM091B1513436208_13_07DC_42^ABE52D30BF3ACB76B03CB38F79200986@Timestamp  0xF5 0xB3 0x6D 0xF6 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid                                                                                             804
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber                                                           4521587
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                            808637607
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId                                            15
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime                                          404916501
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime                                                                         12377
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID                                                                             0080150f-dd6f-4498-965a-cf9b902
Reg      HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\AITEventLog@FileCounter                                                                 3
Reg      HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter                                                               3
Reg      HKLM\SYSTEM\CurrentControlSet\Services\09785182                                                                                              
Reg      HKLM\SYSTEM\CurrentControlSet\Services\09785182@Type                                                                                         2
Reg      HKLM\SYSTEM\CurrentControlSet\Services\09785182@ErrorControl                                                                                 1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\09785182@Start                                                                                        0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\09785182@ImagePath                                                                                    system32\drivers\56926063.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\09785182@Group                                                                                        System Reserved
Reg      HKLM\SYSTEM\CurrentControlSet\Services\09785182                                                                                              
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{82ec279a-e980-46de-8f6e-344a87202b51}@LastProbeTime                        1392912905
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-1d-d5-8a-29-a1@ClientLocalPort                                       58393
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-1d-d5-8a-29-a1@AddressCreationTimestamp                              0x8D 0x2B 0x17 0x09 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-1d-d5-8a-29-a1@TeredoAddress                                         2001:0:9d38:6ab8:14e2:1be6:e7f2:13fb
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-1d-d5-8a-29-a1@UPnPExternalPort                                      58393
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                              2664
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                             48
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In   v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|LPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-200|Desc=@%systemroot%\system32\provsvc.dll,-201|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out  v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|RPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-203|Desc=@%systemroot%\system32\provsvc.dll,-204|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In   v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|LPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-205|Desc=@%systemroot%\system32\provsvc.dll,-206|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out  v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|RPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-207|Desc=@%systemroot%\system32\provsvc.dll,-208|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg      HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence                                                                       13
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{999F8FA1-2170-408B-870E-C67DD036481B}@LeaseObtainedTime                  1392941702
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{999F8FA1-2170-408B-870E-C67DD036481B}@T1                                 1393244102
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{999F8FA1-2170-408B-870E-C67DD036481B}@T2                                 1393470902
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{999F8FA1-2170-408B-870E-C67DD036481B}@LeaseTerminatesTime                1393546502
Reg      HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Parameters\Interfaces\{999F8FA1-2170-408B-870E-C67DD036481B}@Dhcpv6InformationObtainedTime     1392941702
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop                                                             0
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw                                                                                           0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask                                                                                       0x64 0x62 0x03 0x00 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown                                                               1
 
---- Disk sectors - GMER 2.1 ----
 
Disk     \Device\Harddisk1\DR1                                                                                                                        sector 0: rootkit-like behavior
 
---- EOF - GMER 2.1 ----


#13 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 20 February 2014 - 05:58 PM

It started flipping out after I installed the TDDSKiller driver so it may be mistaking the driver as a rootkit



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA

Posted 20 February 2014 - 07:41 PM

Ok,we'll find out as you have rootkit activity and we need to isolate it.

You need to make the new post here....
 
Virus, Trojan, Spyware, and Malware Removal Logs        
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Guest_gdawgholmes_*

Guest_gdawgholmes_*

  • Guests
  • OFFLINE
  •  

Posted 21 February 2014 - 08:34 PM

Ok,we'll find out as you have rootkit activity and we need to isolate it.

You need to make the new post here....
 
Virus, Trojan, Spyware, and Malware Removal Logs        

Ok I just found the new scan definately was TDSSKiller coming up with a false positive. I probably don't even have a rootkit, because from what I just saw(the false positive with tdsskiller), GMER apparently claims everything is a rootkit -_-.


Edited by gdawgholmes, 21 February 2014 - 10:23 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users