Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Process "dllhost.exe *32" taking up massive CPU and crashing computer


  • This topic is locked This topic is locked
7 replies to this topic

#1 DevDep

DevDep

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:22 AM

Posted 11 May 2014 - 11:03 AM

I had some help earlier with this same problem on the website and everything went well for about a week, then the virus returned.  I took the steps over again in the original thread to see if I could remove the problem again but had no luck.  I don't know where or how the virus came back, but basically it showed up out of nowhere a week or two after it was gone.

 

As of right now it is taking up 50-70% of my CPU while idling which causes my PC to crash when I am playing any CPU intensive game.  I am looking for some help to get this thing removed and what I need to do in order to make sure it doesn't come back again.

 

Thanks ahead of time!



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:22 AM

Posted 16 May 2014 - 10:47 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Run these tools and submit the files for my review.

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 DevDep

DevDep
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:22 AM

Posted 16 May 2014 - 04:44 PM

Hey there!  Thanks ahead of time for the help you are offering and I hope this goes smoothly for us both.  I have the three logs pasted below, but for some reason it does not seem FRST produced a "Addition.txt" file that you mentioned it would; I searched around with no luck.  I have ran the program before through another thread, would that be the reason it didn't show up?

 

As of right now the CPU usage from dllhost.exe *32 seems to be lower, although this has happened before and it will come right back up to 50-60% CPU usage.  Let me know what else needs to be done or if I missed anything or didn't do something correctly!  Thanks!

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/16/2014
Scan Time: 5:31:54 PM
Logfile: Malwarebyteslog.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.16.15
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: Devin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 328149
Time Elapsed: 22 min, 23 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 3
Rootkit.Pihar.c.MBR, Physical Sector #47 on Drive #0, , [53343e92f0bca61cfa4e7b2c1f3cac06],
Rootkit.Pihar.c.MBR, Master Boot Record on Drive #0, , [e7d76a7eeed3478e626b4c12b4581f69],
Forged physical sector, Physical Sector #976771856 on Drive #0, , [bf619eac0cdf3f68d496ea9344137e8b],


(end)

 

 

# AdwCleaner v3.208 - Report created 16/05/2014 at 17:37:26
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : Devin - DEVIN-PC
# Running from : C:\Users\Devin\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16476


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Devin\AppData\Roaming\Mozilla\Firefox\Profiles\ytr6xwjh.default\prefs.js ]


-\\ Google Chrome v34.0.1847.137

[ File : C:\Users\Devin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1082 octets] - [15/05/2014 20:56:18]
AdwCleaner[R1].txt - [1001 octets] - [15/05/2014 21:17:51]
AdwCleaner[R2].txt - [865 octets] - [16/05/2014 17:37:26]
AdwCleaner[S0].txt - [1150 octets] - [15/05/2014 21:03:02]
AdwCleaner[S1].txt - [1062 octets] - [15/05/2014 21:18:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1044 octets] ##########
 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by Devin (administrator) on DEVIN-PC on 16-05-2014 17:40:48
Running from C:\Users\Devin\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_206_ActiveX.exe -update activex
HKU\S-1-5-21-3636146119-3856516131-4203037938-1000\...\Policies\system: [DisableLockWorkstation] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDBFD80E3A6AACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE941DED1-3B0B-4D17-B621-218243A8DB05&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKCU - {BBB8D162-49A1-4382-B28E-4CECF0542A77} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

FireFox:
========
FF ProfilePath: C:\Users\Devin\AppData\Roaming\Mozilla\Firefox\Profiles\ytr6xwjh.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF HKCU\...\Firefox\Extensions: [uc@uc.com] - C:\Program Files (x86)\Unfriend Checker\FF\

Chrome:
=======
CHR HomePage:
CHR StartupUrls: "startup_urls_migration_time": "13036267303441068"
    },
    "sync": {
        "suppress_start": true
    },
    "sync_promo": {
        "startup_count": 10,
        "view_count": 8
    },
    "translate_blocked_languages": [
        "en"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchProvider: AVG Secure Search
CHR DefaultSearchURL: http://mysearch.avg.com/search?cid={4AFB1250-BDF8-4C68-BDA8-DB1B6A88B571}&mid=8e0e543b08a947d3bb80a9628d4a6c45-2f9c8f0a4e37fa1114267f516baba995b3463b19&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-08 18:34:33&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

==================== Services (Whitelisted) =================

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-28] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-10] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-16] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-09-06] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-16 17:40 - 2014-05-16 17:40 - 02067456 _____ (Farbar) C:\Users\Devin\Desktop\FRST64.exe
2014-05-16 17:40 - 2014-05-16 17:40 - 00008924 _____ () C:\Users\Devin\Desktop\FRST.txt
2014-05-16 17:39 - 2014-05-16 17:39 - 00001124 _____ () C:\Users\Devin\Desktop\ADW.txt
2014-05-16 17:07 - 2014-05-16 17:07 - 617077585 _____ () C:\Windows\MEMORY.DMP
2014-05-16 17:07 - 2014-05-16 17:07 - 00291560 _____ () C:\Windows\Minidump\051614-35349-01.dmp
2014-05-16 01:14 - 2009-07-13 21:41 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-05-15 22:09 - 2014-05-15 22:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Devin\Desktop\HijackThis.exe
2014-05-15 21:54 - 2014-05-15 21:54 - 00018708 _____ () C:\ComboFix.txt
2014-05-15 21:34 - 2014-05-15 21:54 - 00000000 ____D () C:\Qoobox
2014-05-15 21:34 - 2014-05-15 21:34 - 05200050 ____R (Swearware) C:\Users\Devin\Desktop\ComboFix.exe
2014-05-15 21:34 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-15 21:34 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-15 21:34 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-15 21:34 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-15 21:34 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-15 21:34 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-15 21:34 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-15 21:34 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-15 21:31 - 2014-05-15 21:31 - 00000828 _____ () C:\Users\Devin\Desktop\JRT.txt
2014-05-15 21:23 - 2014-05-15 21:23 - 01016261 _____ (Thisisu) C:\Users\Devin\Desktop\JRT.exe
2014-05-15 21:23 - 2014-05-15 21:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-15 20:56 - 2014-05-16 17:37 - 00000000 ____D () C:\AdwCleaner
2014-05-15 20:56 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-15 20:55 - 2014-05-15 20:56 - 01325827 _____ () C:\Users\Devin\Desktop\AdwCleaner.exe
2014-05-08 09:06 - 2014-05-08 09:06 - 00001326 _____ () C:\Users\Devin\Desktop\Run Hunter Mode.lnk
2014-05-08 08:53 - 2014-05-08 08:53 - 00001310 _____ () C:\Users\Devin\Desktop\Revo Uninstaller (2).lnk
2014-05-08 08:53 - 2014-05-08 08:53 - 00001274 _____ () C:\Users\Devin\Desktop\Revo Uninstaller.lnk
2014-05-08 08:53 - 2014-05-08 08:53 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-08 08:50 - 2014-05-08 08:52 - 00002692 _____ () C:\DelFix.txt
2014-05-08 08:45 - 2014-05-08 08:45 - 00001130 _____ () C:\Users\Devin\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-02 12:10 - 2014-05-02 12:10 - 00000557 _____ () C:\Users\Devin\Desktop\ESETSCAN.txt
2014-05-02 11:17 - 2014-05-02 11:17 - 00000000 ____D () C:\Users\Devin\Desktop\backups
2014-05-01 23:39 - 2014-05-02 11:12 - 319631442 _____ () C:\Users\Devin\Downloads\BattleAcademy-Demo-2.0.7.exe
2014-04-29 13:29 - 2014-04-29 13:29 - 00000000 ____D () C:\Users\Devin\AppData\Local\Macromedia
2014-04-29 13:23 - 2014-05-16 17:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-29 13:23 - 2014-05-15 23:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 13:23 - 2014-04-29 13:29 - 00000000 ____D () C:\Users\Devin\AppData\Local\Adobe
2014-04-29 13:08 - 2014-05-16 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-29 13:08 - 2014-04-29 13:19 - 00000000 ____D () C:\Users\Devin\AppData\Roaming\Mozilla
2014-04-29 13:08 - 2014-04-29 13:19 - 00000000 ____D () C:\Users\Devin\AppData\Local\Mozilla
2014-04-29 13:08 - 2014-04-29 13:08 - 00001169 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-29 13:08 - 2014-04-29 13:08 - 00001157 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-29 13:08 - 2014-04-29 13:08 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-29 13:06 - 2014-04-29 17:13 - 00000000 ____D () C:\Users\Devin\Desktop\DXTORY
2014-04-28 05:37 - 2014-04-28 05:37 - 00000184 _____ () C:\Users\Devin\Documents\DxtoryLicenseFile.dxtorylic
2014-04-28 05:25 - 2014-04-28 05:25 - 00001127 _____ () C:\Users\Devin\Desktop\Dxtory.lnk
2014-04-28 05:25 - 2014-04-28 05:25 - 00000000 ____D () C:\Users\Devin\AppData\Local\Dxtory Software
2014-04-28 05:25 - 2014-04-28 05:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-04-28 05:25 - 2014-04-28 05:25 - 00000000 ____D () C:\Program Files (x86)\ExKode
2014-04-28 05:25 - 2013-02-15 22:44 - 08300544 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll
2014-04-28 05:25 - 2013-02-15 22:44 - 08043008 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec.dll
2014-04-28 05:24 - 2014-04-28 05:24 - 03874080 _____ (ExKode Co. Ltd. ) C:\Users\Devin\Desktop\DxtorySetup2.0.126.exe
2014-04-21 23:50 - 2014-05-08 08:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 11:36 - 2014-05-16 17:40 - 00000000 ____D () C:\FRST

==================== One Month Modified Files and Folders =======

2014-05-16 17:40 - 2014-05-16 17:40 - 02067456 _____ (Farbar) C:\Users\Devin\Desktop\FRST64.exe
2014-05-16 17:40 - 2014-05-16 17:40 - 00008924 _____ () C:\Users\Devin\Desktop\FRST.txt
2014-05-16 17:40 - 2014-04-16 11:36 - 00000000 ____D () C:\FRST
2014-05-16 17:39 - 2014-05-16 17:39 - 00001124 _____ () C:\Users\Devin\Desktop\ADW.txt
2014-05-16 17:37 - 2014-05-15 20:56 - 00000000 ____D () C:\AdwCleaner
2014-05-16 17:37 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-16 17:33 - 2014-03-31 01:12 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-16 17:32 - 2013-02-18 12:42 - 00139017 _____ () C:\Windows\setupact.log
2014-05-16 17:32 - 2013-02-17 14:28 - 01677550 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 17:32 - 2013-02-17 12:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-16 17:32 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-16 17:23 - 2014-03-31 01:12 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-16 17:15 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-16 17:15 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-16 17:09 - 2014-04-29 13:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-16 17:09 - 2014-04-15 17:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-16 17:07 - 2014-05-16 17:07 - 617077585 _____ () C:\Windows\MEMORY.DMP
2014-05-16 17:07 - 2014-05-16 17:07 - 00291560 _____ () C:\Windows\Minidump\051614-35349-01.dmp
2014-05-16 17:07 - 2013-02-17 12:43 - 00000000 ____D () C:\Windows\Minidump
2014-05-16 16:53 - 2014-04-29 13:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-16 16:53 - 2013-02-17 12:43 - 00218640 _____ () C:\Windows\PFRO.log
2014-05-15 23:09 - 2014-04-29 13:23 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-15 23:09 - 2013-02-19 18:44 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 23:09 - 2013-02-19 18:44 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 22:09 - 2014-05-15 22:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Devin\Desktop\HijackThis.exe
2014-05-15 21:54 - 2014-05-15 21:54 - 00018708 _____ () C:\ComboFix.txt
2014-05-15 21:54 - 2014-05-15 21:34 - 00000000 ____D () C:\Qoobox
2014-05-15 21:53 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-15 21:34 - 2014-05-15 21:34 - 05200050 ____R (Swearware) C:\Users\Devin\Desktop\ComboFix.exe
2014-05-15 21:34 - 2014-04-15 17:23 - 00000000 ____D () C:\Windows\erdnt
2014-05-15 21:31 - 2014-05-15 21:31 - 00000828 _____ () C:\Users\Devin\Desktop\JRT.txt
2014-05-15 21:23 - 2014-05-15 21:23 - 01016261 _____ (Thisisu) C:\Users\Devin\Desktop\JRT.exe
2014-05-15 21:23 - 2014-05-15 21:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-15 20:56 - 2014-05-15 20:55 - 01325827 _____ () C:\Users\Devin\Desktop\AdwCleaner.exe
2014-05-11 12:22 - 2013-12-16 19:39 - 00000000 ____D () C:\Users\Devin\AppData\Local\DayZ
2014-05-11 12:22 - 2013-03-26 01:25 - 00000000 ____D () C:\Users\Devin\AppData\Roaming\TS3Client
2014-05-11 12:22 - 2013-02-19 11:02 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-11 00:18 - 2014-03-31 01:12 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 00:18 - 2014-03-31 01:12 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 09:06 - 2014-05-08 09:06 - 00001326 _____ () C:\Users\Devin\Desktop\Run Hunter Mode.lnk
2014-05-08 08:53 - 2014-05-08 08:53 - 00001310 _____ () C:\Users\Devin\Desktop\Revo Uninstaller (2).lnk
2014-05-08 08:53 - 2014-05-08 08:53 - 00001274 _____ () C:\Users\Devin\Desktop\Revo Uninstaller.lnk
2014-05-08 08:53 - 2014-05-08 08:53 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-08 08:52 - 2014-05-08 08:50 - 00002692 _____ () C:\DelFix.txt
2014-05-08 08:50 - 2014-04-21 23:50 - 00000000 ____D () C:\Windows\ERUNT
2014-05-08 08:45 - 2014-05-08 08:45 - 00001130 _____ () C:\Users\Devin\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-03 10:07 - 2013-02-17 11:36 - 00000000 ____D () C:\Users\Devin\AppData\Local\VirtualStore
2014-05-02 12:10 - 2014-05-02 12:10 - 00000557 _____ () C:\Users\Devin\Desktop\ESETSCAN.txt
2014-05-02 11:17 - 2014-05-02 11:17 - 00000000 ____D () C:\Users\Devin\Desktop\backups
2014-05-02 11:12 - 2014-05-01 23:39 - 319631442 _____ () C:\Users\Devin\Downloads\BattleAcademy-Demo-2.0.7.exe
2014-05-01 19:08 - 2013-02-17 12:26 - 00000000 ____D () C:\Users\Devin\AppData\Local\Apps\2.0
2014-04-29 17:13 - 2014-04-29 13:06 - 00000000 ____D () C:\Users\Devin\Desktop\DXTORY
2014-04-29 16:47 - 2013-08-17 18:06 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-29 16:42 - 2013-10-07 18:04 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-29 13:29 - 2014-04-29 13:29 - 00000000 ____D () C:\Users\Devin\AppData\Local\Macromedia
2014-04-29 13:29 - 2014-04-29 13:23 - 00000000 ____D () C:\Users\Devin\AppData\Local\Adobe
2014-04-29 13:19 - 2014-04-29 13:08 - 00000000 ____D () C:\Users\Devin\AppData\Roaming\Mozilla
2014-04-29 13:19 - 2014-04-29 13:08 - 00000000 ____D () C:\Users\Devin\AppData\Local\Mozilla
2014-04-29 13:08 - 2014-04-29 13:08 - 00001169 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-29 13:08 - 2014-04-29 13:08 - 00001157 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-29 13:08 - 2014-04-29 13:08 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-28 05:37 - 2014-04-28 05:37 - 00000184 _____ () C:\Users\Devin\Documents\DxtoryLicenseFile.dxtorylic
2014-04-28 05:25 - 2014-04-28 05:25 - 00001127 _____ () C:\Users\Devin\Desktop\Dxtory.lnk
2014-04-28 05:25 - 2014-04-28 05:25 - 00000000 ____D () C:\Users\Devin\AppData\Local\Dxtory Software
2014-04-28 05:25 - 2014-04-28 05:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-04-28 05:25 - 2014-04-28 05:25 - 00000000 ____D () C:\Program Files (x86)\ExKode
2014-04-28 05:24 - 2014-04-28 05:24 - 03874080 _____ (ExKode Co. Ltd. ) C:\Users\Devin\Desktop\DxtorySetup2.0.126.exe
2014-04-21 23:38 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Cursors

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-15 23:01

==================== End Of Log ============================


Edited by DevDep, 16 May 2014 - 04:47 PM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:22 AM

Posted 17 May 2014 - 08:48 AM


Is this some setting you entered in your Google prerefences?

CHR StartupUrls: "startup_urls_migration_time": "13036267303441068"
},
"sync": {
"suppress_start": true
},
"sync_promo": {
"startup_count": 10,
"view_count": 8
},
"translate_blocked_languages": [
"en"


Check it out.
http://superuser.com/questions/432822/disabling-sign-in-tab-on-startup
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE941DED1-3B0B-4D17-B621-218243A8DB05&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchProvider: AVG Secure Search
CHR DefaultSearchURL: http://mysearch.avg.com/search?cid={4AFB1250-BDF8-4C68-BDA8-DB1B6A88B571}&mid=8e0e543b08a947d3bb80a9628d4a6c45-2f9c8f0a4e37fa1114267f516baba995b3463b19&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-08 18:34:33&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply
===

Lets check this.

Physical Sectors: 3
Rootkit.Pihar.c.MBR, Physical Sector #47 on Drive #0, , [53343e92f0bca61cfa4e7b2c1f3cac06],
Rootkit.Pihar.c.MBR, Master Boot Record on Drive #0, , [e7d76a7eeed3478e626b4c12b4581f69],
Forged physical sector, Physical Sector #976771856 on Drive #0, , [bf619eac0cdf3f68d496ea9344137e8b],



Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
  • There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

    Note: You may be asked if you want to download Avast Free Antivirus I suggest you deny this download unless you do not have any Antivirus protection on the computer.
    ===


#5 DevDep

DevDep
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:22 AM

Posted 17 May 2014 - 09:12 AM

Hey nasdaq! The first part of your post I did not understand what I was supposed to be doing... regarding the Google part?  But i have not messed with my Google preferences what so ever, if that helps at all?

 

Here are the 3 logs you requested (in order):

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-05-2014
Ran by Devin at 2014-05-17 09:53:28 Run:5
Running from C:\Users\Devin\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE941DED1-3B0B-4D17-B621-218243A8DB05&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchProvider: AVG Secure Search
CHR DefaultSearchURL: http://mysearch.avg.com/search?cid={4AFB1250-BDF8-4C68-BDA8-DB1B6A88B571}&mid=8e0e543b08a947d3bb80a9628d4a6c45-2f9c8f0a4e37fa1114267f516baba995b3463b19&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-08 18:34:33&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]

End
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => Value deleted successfully.
CHR DefaultSearchKeyword: mysearch.avg.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: AVG Secure Search ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://mysearch.avg.com/search?cid={4AFB1250-BDF8-4C68-BDA8-DB1B6A88B571}&mid=8e0e543b08a947d3bb80a9628d4a6c45-2f9c8f0a4e37fa1114267f516baba995b3463b19&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-08 18:34:33&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
catchme => Service deleted successfully.
MSICDSetup => Service deleted successfully.

==== End of Fixlog ====

 

10:06:53.0412 0x0cb4  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
10:06:59.0362 0x0cb4  ============================================================
10:06:59.0362 0x0cb4  Current date / time: 2014/05/17 10:06:59.0362
10:06:59.0362 0x0cb4  SystemInfo:
10:06:59.0362 0x0cb4  
10:06:59.0362 0x0cb4  OS Version: 6.1.7600 ServicePack: 0.0
10:06:59.0362 0x0cb4  Product type: Workstation
10:06:59.0362 0x0cb4  ComputerName: DEVIN-PC
10:06:59.0362 0x0cb4  UserName: Devin
10:06:59.0362 0x0cb4  Windows directory: C:\Windows
10:06:59.0362 0x0cb4  System windows directory: C:\Windows
10:06:59.0362 0x0cb4  Running under WOW64
10:06:59.0362 0x0cb4  Processor architecture: Intel x64
10:06:59.0362 0x0cb4  Number of processors: 4
10:06:59.0362 0x0cb4  Page size: 0x1000
10:06:59.0362 0x0cb4  Boot type: Normal boot
10:06:59.0362 0x0cb4  ============================================================
10:07:00.0682 0x0cb4  KLMD registered as C:\Windows\system32\drivers\32007492.sys
10:07:00.0732 0x0cb4  System UUID: {9BF0CC8B-725E-B362-9B88-7AF2EE00D3A4}
10:07:01.0042 0x0cb4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:07:01.0042 0x0cb4  Drive \Device\Harddisk1\DR1 - Size: 0x3CB00000 (0.95 Gb), SectorSize: 0x200, Cylinders: 0x7B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:07:01.0062 0x0cb4  ============================================================
10:07:01.0062 0x0cb4  \Device\Harddisk0\DR0:
10:07:01.0062 0x0cb4  MBR partitions:
10:07:01.0062 0x0cb4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0x3882BC48
10:07:01.0062 0x0cb4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3882BC88, BlocksNum 0x1B58FB9
10:07:01.0062 0x0cb4  \Device\Harddisk1\DR1:
10:07:01.0062 0x0cb4  MBR partitions:
10:07:01.0062 0x0cb4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1E57E0
10:07:01.0062 0x0cb4  ============================================================
10:07:01.0082 0x0cb4  C: <-> \Device\Harddisk0\DR0\Partition1
10:07:01.0112 0x0cb4  D: <-> \Device\Harddisk0\DR0\Partition2
10:07:01.0112 0x0cb4  ============================================================
10:07:01.0112 0x0cb4  Initialize success
10:07:01.0112 0x0cb4  ============================================================
10:07:03.0082 0x0e1c  ============================================================
10:07:03.0082 0x0e1c  Scan started
10:07:03.0082 0x0e1c  Mode: Manual;
10:07:03.0082 0x0e1c  ============================================================
10:07:03.0082 0x0e1c  KSN ping started
10:07:05.0712 0x0e1c  KSN ping finished: true
10:07:06.0172 0x0e1c  ================ Scan system memory ========================
10:07:06.0172 0x0e1c  System memory - ok
10:07:06.0172 0x0e1c  ================ Scan services =============================
10:07:06.0292 0x0e1c  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
10:07:06.0292 0x0e1c  1394ohci - ok
10:07:06.0332 0x0e1c  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
10:07:06.0332 0x0e1c  ACPI - ok
10:07:06.0342 0x0e1c  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
10:07:06.0342 0x0e1c  AcpiPmi - ok
10:07:06.0422 0x0e1c  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:07:06.0432 0x0e1c  AdobeFlashPlayerUpdateSvc - ok
10:07:06.0462 0x0e1c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:07:06.0472 0x0e1c  adp94xx - ok
10:07:06.0492 0x0e1c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:07:06.0502 0x0e1c  adpahci - ok
10:07:06.0512 0x0e1c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:07:06.0512 0x0e1c  adpu320 - ok
10:07:06.0532 0x0e1c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:07:06.0532 0x0e1c  AeLookupSvc - ok
10:07:06.0582 0x0e1c  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys
10:07:06.0592 0x0e1c  AFD - ok
10:07:06.0612 0x0e1c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
10:07:06.0612 0x0e1c  agp440 - ok
10:07:06.0632 0x0e1c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:07:06.0632 0x0e1c  ALG - ok
10:07:06.0642 0x0e1c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
10:07:06.0642 0x0e1c  aliide - ok
10:07:06.0652 0x0e1c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
10:07:06.0652 0x0e1c  amdide - ok
10:07:06.0662 0x0e1c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:07:06.0662 0x0e1c  AmdK8 - ok
10:07:06.0672 0x0e1c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:07:06.0682 0x0e1c  AmdPPM - ok
10:07:06.0702 0x0e1c  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:07:06.0702 0x0e1c  amdsata - ok
10:07:06.0712 0x0e1c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:07:06.0722 0x0e1c  amdsbs - ok
10:07:06.0732 0x0e1c  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:07:06.0732 0x0e1c  amdxata - ok
10:07:06.0752 0x0e1c  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
10:07:06.0752 0x0e1c  AppID - ok
10:07:06.0772 0x0e1c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:07:06.0772 0x0e1c  AppIDSvc - ok
10:07:06.0782 0x0e1c  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
10:07:06.0782 0x0e1c  Appinfo - ok
10:07:06.0812 0x0e1c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:07:06.0812 0x0e1c  arc - ok
10:07:06.0842 0x0e1c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:07:06.0842 0x0e1c  arcsas - ok
10:07:06.0922 0x0e1c  [ 041672BAC20B34EAEDEB033129655DD8, 14264732F0CACF5732C7652C411F0A1C3B4A4417C31DD289C8AFF170BE683E5A ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:07:06.0932 0x0e1c  aspnet_state - ok
10:07:06.0932 0x0e1c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:07:06.0932 0x0e1c  AsyncMac - ok
10:07:06.0962 0x0e1c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
10:07:06.0962 0x0e1c  atapi - ok
10:07:07.0002 0x0e1c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:07:07.0012 0x0e1c  AudioEndpointBuilder - ok
10:07:07.0032 0x0e1c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:07:07.0042 0x0e1c  AudioSrv - ok
10:07:07.0072 0x0e1c  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:07:07.0072 0x0e1c  AxInstSV - ok
10:07:07.0102 0x0e1c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:07:07.0102 0x0e1c  b06bdrv - ok
10:07:07.0132 0x0e1c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:07:07.0132 0x0e1c  b57nd60a - ok
10:07:07.0152 0x0e1c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:07:07.0152 0x0e1c  BDESVC - ok
10:07:07.0152 0x0e1c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:07:07.0162 0x0e1c  Beep - ok
10:07:07.0222 0x0e1c  [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
10:07:07.0222 0x0e1c  BEService - ok
10:07:07.0282 0x0e1c  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
10:07:07.0292 0x0e1c  BFE - ok
10:07:07.0322 0x0e1c  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\system32\qmgr.dll
10:07:07.0342 0x0e1c  BITS - ok
10:07:07.0362 0x0e1c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:07:07.0362 0x0e1c  blbdrive - ok
10:07:07.0382 0x0e1c  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:07:07.0382 0x0e1c  bowser - ok
10:07:07.0402 0x0e1c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:07:07.0402 0x0e1c  BrFiltLo - ok
10:07:07.0412 0x0e1c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:07:07.0412 0x0e1c  BrFiltUp - ok
10:07:07.0432 0x0e1c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
10:07:07.0442 0x0e1c  BridgeMP - ok
10:07:07.0472 0x0e1c  [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser         C:\Windows\System32\browser.dll
10:07:07.0482 0x0e1c  Browser - ok
10:07:07.0492 0x0e1c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:07:07.0502 0x0e1c  Brserid - ok
10:07:07.0512 0x0e1c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:07:07.0512 0x0e1c  BrSerWdm - ok
10:07:07.0522 0x0e1c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:07:07.0522 0x0e1c  BrUsbMdm - ok
10:07:07.0532 0x0e1c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:07:07.0532 0x0e1c  BrUsbSer - ok
10:07:07.0542 0x0e1c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:07:07.0542 0x0e1c  BTHMODEM - ok
10:07:07.0562 0x0e1c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:07:07.0562 0x0e1c  bthserv - ok
10:07:07.0572 0x0e1c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:07:07.0572 0x0e1c  cdfs - ok
10:07:07.0592 0x0e1c  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:07:07.0602 0x0e1c  cdrom - ok
10:07:07.0622 0x0e1c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:07:07.0622 0x0e1c  CertPropSvc - ok
10:07:07.0632 0x0e1c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:07:07.0632 0x0e1c  circlass - ok
10:07:07.0662 0x0e1c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:07:07.0662 0x0e1c  CLFS - ok
10:07:07.0722 0x0e1c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:07:07.0722 0x0e1c  clr_optimization_v2.0.50727_32 - ok
10:07:07.0752 0x0e1c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:07:07.0762 0x0e1c  clr_optimization_v2.0.50727_64 - ok
10:07:07.0822 0x0e1c  [ 397C2677C25CBE213F3270245A401624, 8121E37108DE7A0402DC5111EBF452F91893B63EECE3AAD9EACF61C40D3FC182 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:07:07.0822 0x0e1c  clr_optimization_v4.0.30319_32 - ok
10:07:07.0832 0x0e1c  [ 29139759FCC4E4E0531ABE2EA82CE646, CFF7B2F4A9B37D343BE18DC40161DC03FA9DB308CAE9E0B3DF1FCDC3EBAC0C08 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:07:07.0842 0x0e1c  clr_optimization_v4.0.30319_64 - ok
10:07:07.0872 0x0e1c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:07:07.0872 0x0e1c  CmBatt - ok
10:07:07.0872 0x0e1c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
10:07:07.0872 0x0e1c  cmdide - ok
10:07:07.0922 0x0e1c  [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG             C:\Windows\system32\Drivers\cng.sys
10:07:07.0932 0x0e1c  CNG - ok
10:07:07.0942 0x0e1c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:07:07.0942 0x0e1c  Compbatt - ok
10:07:07.0962 0x0e1c  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
10:07:07.0962 0x0e1c  CompositeBus - ok
10:07:07.0972 0x0e1c  COMSysApp - ok
10:07:07.0992 0x0e1c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:07:07.0992 0x0e1c  crcdisk - ok
10:07:08.0012 0x0e1c  [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:07:08.0022 0x0e1c  CryptSvc - ok
10:07:08.0072 0x0e1c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:07:08.0082 0x0e1c  DcomLaunch - ok
10:07:08.0102 0x0e1c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:07:08.0102 0x0e1c  defragsvc - ok
10:07:08.0122 0x0e1c  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:07:08.0122 0x0e1c  DfsC - ok
10:07:08.0152 0x0e1c  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:07:08.0152 0x0e1c  Dhcp - ok
10:07:08.0192 0x0e1c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:07:08.0192 0x0e1c  discache - ok
10:07:08.0222 0x0e1c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:07:08.0222 0x0e1c  Disk - ok
10:07:08.0262 0x0e1c  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:07:08.0262 0x0e1c  Dnscache - ok
10:07:08.0292 0x0e1c  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:07:08.0292 0x0e1c  dot3svc - ok
10:07:08.0322 0x0e1c  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
10:07:08.0332 0x0e1c  DPS - ok
10:07:08.0352 0x0e1c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:07:08.0352 0x0e1c  drmkaud - ok
10:07:08.0422 0x0e1c  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:07:08.0432 0x0e1c  DXGKrnl - ok
10:07:08.0442 0x0e1c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:07:08.0442 0x0e1c  EapHost - ok
10:07:08.0552 0x0e1c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:07:08.0602 0x0e1c  ebdrv - ok
10:07:08.0632 0x0e1c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe
10:07:08.0632 0x0e1c  EFS - ok
10:07:08.0682 0x0e1c  [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:07:08.0692 0x0e1c  ehRecvr - ok
10:07:08.0712 0x0e1c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:07:08.0712 0x0e1c  ehSched - ok
10:07:08.0742 0x0e1c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:07:08.0752 0x0e1c  elxstor - ok
10:07:08.0762 0x0e1c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
10:07:08.0772 0x0e1c  ErrDev - ok
10:07:08.0802 0x0e1c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:07:08.0812 0x0e1c  EventSystem - ok
10:07:08.0822 0x0e1c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:07:08.0832 0x0e1c  exfat - ok
10:07:08.0832 0x0e1c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:07:08.0842 0x0e1c  fastfat - ok
10:07:08.0872 0x0e1c  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
10:07:08.0882 0x0e1c  Fax - ok
10:07:08.0912 0x0e1c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:07:08.0912 0x0e1c  fdc - ok
10:07:08.0912 0x0e1c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:07:08.0912 0x0e1c  fdPHost - ok
10:07:08.0922 0x0e1c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:07:08.0922 0x0e1c  FDResPub - ok
10:07:08.0942 0x0e1c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:07:08.0942 0x0e1c  FileInfo - ok
10:07:08.0942 0x0e1c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:07:08.0942 0x0e1c  Filetrace - ok
10:07:09.0022 0x0e1c  [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:07:09.0042 0x0e1c  FLEXnet Licensing Service - ok
10:07:09.0062 0x0e1c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:07:09.0062 0x0e1c  flpydisk - ok
10:07:09.0072 0x0e1c  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:07:09.0072 0x0e1c  FltMgr - ok
10:07:09.0142 0x0e1c  [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache       C:\Windows\system32\FntCache.dll
10:07:09.0162 0x0e1c  FontCache - ok
10:07:09.0192 0x0e1c  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:07:09.0192 0x0e1c  FontCache3.0.0.0 - ok
10:07:09.0202 0x0e1c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:07:09.0212 0x0e1c  FsDepends - ok
10:07:09.0232 0x0e1c  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:07:09.0232 0x0e1c  Fs_Rec - ok
10:07:09.0272 0x0e1c  [ 1F44F8559E61A8306ECC67BB1E168B7C, 5B7CDD4EDF128B48817145357BB36E2107F0D081C26004B44BFF7C63AD29D99B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:07:09.0282 0x0e1c  fvevol - ok
10:07:09.0302 0x0e1c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:07:09.0302 0x0e1c  gagp30kx - ok
10:07:09.0362 0x0e1c  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:07:09.0382 0x0e1c  gpsvc - ok
10:07:09.0412 0x0e1c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:07:09.0422 0x0e1c  gupdate - ok
10:07:09.0422 0x0e1c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:07:09.0432 0x0e1c  gupdatem - ok
10:07:09.0442 0x0e1c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:07:09.0442 0x0e1c  hcw85cir - ok
10:07:09.0482 0x0e1c  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:07:09.0492 0x0e1c  HdAudAddService - ok
10:07:09.0512 0x0e1c  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:07:09.0512 0x0e1c  HDAudBus - ok
10:07:09.0522 0x0e1c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:07:09.0522 0x0e1c  HidBatt - ok
10:07:09.0532 0x0e1c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:07:09.0532 0x0e1c  HidBth - ok
10:07:09.0552 0x0e1c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:07:09.0552 0x0e1c  HidIr - ok
10:07:09.0572 0x0e1c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
10:07:09.0572 0x0e1c  hidserv - ok
10:07:09.0592 0x0e1c  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:07:09.0592 0x0e1c  HidUsb - ok
10:07:09.0602 0x0e1c  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:07:09.0602 0x0e1c  hkmsvc - ok
10:07:09.0622 0x0e1c  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:07:09.0622 0x0e1c  HomeGroupListener - ok
10:07:09.0642 0x0e1c  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:07:09.0652 0x0e1c  HomeGroupProvider - ok
10:07:09.0672 0x0e1c  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
10:07:09.0672 0x0e1c  HpSAMD - ok
10:07:09.0712 0x0e1c  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:07:09.0722 0x0e1c  HTTP - ok
10:07:09.0752 0x0e1c  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:07:09.0752 0x0e1c  hwpolicy - ok
10:07:09.0762 0x0e1c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:07:09.0772 0x0e1c  i8042prt - ok
10:07:09.0792 0x0e1c  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:07:09.0802 0x0e1c  iaStorV - ok
10:07:09.0842 0x0e1c  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:07:09.0862 0x0e1c  idsvc - ok
10:07:09.0872 0x0e1c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:07:09.0872 0x0e1c  iirsp - ok
10:07:09.0912 0x0e1c  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
10:07:09.0922 0x0e1c  IKEEXT - ok
10:07:10.0022 0x0e1c  [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:07:10.0062 0x0e1c  IntcAzAudAddService - ok
10:07:10.0072 0x0e1c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
10:07:10.0072 0x0e1c  intelide - ok
10:07:10.0082 0x0e1c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:07:10.0092 0x0e1c  intelppm - ok
10:07:10.0102 0x0e1c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:07:10.0112 0x0e1c  IPBusEnum - ok
10:07:10.0122 0x0e1c  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:07:10.0132 0x0e1c  IpFilterDriver - ok
10:07:10.0162 0x0e1c  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:07:10.0172 0x0e1c  iphlpsvc - ok
10:07:10.0182 0x0e1c  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
10:07:10.0182 0x0e1c  IPMIDRV - ok
10:07:10.0202 0x0e1c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:07:10.0202 0x0e1c  IPNAT - ok
10:07:10.0222 0x0e1c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:07:10.0222 0x0e1c  IRENUM - ok
10:07:10.0232 0x0e1c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
10:07:10.0232 0x0e1c  isapnp - ok
10:07:10.0252 0x0e1c  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:07:10.0252 0x0e1c  iScsiPrt - ok
10:07:10.0292 0x0e1c  [ 12E27942DBB7C91880163634B0D8A776, DEE56DB8993A915E8FC32F9F50FAEED591799B0694655926C4F260EBFB99FC7E ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
10:07:10.0302 0x0e1c  k57nd60a - ok
10:07:10.0312 0x0e1c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:07:10.0312 0x0e1c  kbdclass - ok
10:07:10.0322 0x0e1c  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:07:10.0322 0x0e1c  kbdhid - ok
10:07:10.0332 0x0e1c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe
10:07:10.0332 0x0e1c  KeyIso - ok
10:07:10.0352 0x0e1c  [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:07:10.0352 0x0e1c  KSecDD - ok
10:07:10.0362 0x0e1c  [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:07:10.0362 0x0e1c  KSecPkg - ok
10:07:10.0372 0x0e1c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:07:10.0372 0x0e1c  ksthunk - ok
10:07:10.0402 0x0e1c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:07:10.0412 0x0e1c  KtmRm - ok
10:07:10.0442 0x0e1c  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\System32\srvsvc.dll
10:07:10.0442 0x0e1c  LanmanServer - ok
10:07:10.0472 0x0e1c  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:07:10.0482 0x0e1c  LanmanWorkstation - ok
10:07:10.0532 0x0e1c  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
10:07:10.0532 0x0e1c  LGBusEnum - ok
10:07:10.0572 0x0e1c  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
10:07:10.0572 0x0e1c  LGSHidFilt - ok
10:07:10.0612 0x0e1c  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
10:07:10.0612 0x0e1c  LGVirHid - ok
10:07:10.0652 0x0e1c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:07:10.0652 0x0e1c  lltdio - ok
10:07:10.0682 0x0e1c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:07:10.0692 0x0e1c  lltdsvc - ok
10:07:10.0712 0x0e1c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:07:10.0712 0x0e1c  lmhosts - ok
10:07:10.0792 0x0e1c  [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:07:10.0802 0x0e1c  LMS - ok
10:07:10.0832 0x0e1c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:07:10.0832 0x0e1c  LSI_FC - ok
10:07:10.0852 0x0e1c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:07:10.0862 0x0e1c  LSI_SAS - ok
10:07:10.0872 0x0e1c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:07:10.0872 0x0e1c  LSI_SAS2 - ok
10:07:10.0882 0x0e1c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:07:10.0892 0x0e1c  LSI_SCSI - ok
10:07:10.0912 0x0e1c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:07:10.0912 0x0e1c  luafv - ok
10:07:10.0972 0x0e1c  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
10:07:10.0982 0x0e1c  MBAMSwissArmy - ok
10:07:11.0002 0x0e1c  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:07:11.0002 0x0e1c  Mcx2Svc - ok
10:07:11.0022 0x0e1c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:07:11.0022 0x0e1c  megasas - ok
10:07:11.0052 0x0e1c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:07:11.0062 0x0e1c  MegaSR - ok
10:07:11.0092 0x0e1c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
10:07:11.0092 0x0e1c  MEIx64 - ok
10:07:11.0102 0x0e1c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:07:11.0112 0x0e1c  MMCSS - ok
10:07:11.0122 0x0e1c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:07:11.0122 0x0e1c  Modem - ok
10:07:11.0142 0x0e1c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:07:11.0142 0x0e1c  monitor - ok
10:07:11.0182 0x0e1c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:07:11.0182 0x0e1c  mouclass - ok
10:07:11.0192 0x0e1c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:07:11.0192 0x0e1c  mouhid - ok
10:07:11.0222 0x0e1c  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:07:11.0222 0x0e1c  mountmgr - ok
10:07:11.0282 0x0e1c  [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:07:11.0282 0x0e1c  MozillaMaintenance - ok
10:07:11.0342 0x0e1c  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:07:11.0352 0x0e1c  MpFilter - ok
10:07:11.0372 0x0e1c  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
10:07:11.0372 0x0e1c  mpio - ok
10:07:11.0402 0x0e1c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:07:11.0412 0x0e1c  mpsdrv - ok
10:07:11.0452 0x0e1c  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:07:11.0482 0x0e1c  MpsSvc - ok
10:07:11.0502 0x0e1c  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:07:11.0502 0x0e1c  MRxDAV - ok
10:07:11.0522 0x0e1c  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:07:11.0522 0x0e1c  mrxsmb - ok
10:07:11.0542 0x0e1c  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:07:11.0552 0x0e1c  mrxsmb10 - ok
10:07:11.0562 0x0e1c  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:07:11.0562 0x0e1c  mrxsmb20 - ok
10:07:11.0572 0x0e1c  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
10:07:11.0572 0x0e1c  msahci - ok
10:07:11.0582 0x0e1c  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
10:07:11.0582 0x0e1c  msdsm - ok
10:07:11.0602 0x0e1c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:07:11.0602 0x0e1c  MSDTC - ok
10:07:11.0622 0x0e1c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:07:11.0622 0x0e1c  Msfs - ok
10:07:11.0632 0x0e1c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:07:11.0632 0x0e1c  mshidkmdf - ok
10:07:11.0632 0x0e1c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
10:07:11.0632 0x0e1c  msisadrv - ok
10:07:11.0662 0x0e1c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:07:11.0662 0x0e1c  MSiSCSI - ok
10:07:11.0662 0x0e1c  msiserver - ok
10:07:11.0682 0x0e1c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:07:11.0682 0x0e1c  MSKSSRV - ok
10:07:11.0742 0x0e1c  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:07:11.0742 0x0e1c  MsMpSvc - ok
10:07:11.0752 0x0e1c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:07:11.0752 0x0e1c  MSPCLOCK - ok
10:07:11.0762 0x0e1c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:07:11.0762 0x0e1c  MSPQM - ok
10:07:11.0792 0x0e1c  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:07:11.0802 0x0e1c  MsRPC - ok
10:07:11.0822 0x0e1c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:07:11.0822 0x0e1c  mssmbios - ok
10:07:11.0832 0x0e1c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:07:11.0832 0x0e1c  MSTEE - ok
10:07:11.0842 0x0e1c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:07:11.0842 0x0e1c  MTConfig - ok
10:07:11.0852 0x0e1c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:07:11.0862 0x0e1c  Mup - ok
10:07:11.0892 0x0e1c  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
10:07:11.0892 0x0e1c  napagent - ok
10:07:11.0922 0x0e1c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:07:11.0922 0x0e1c  NativeWifiP - ok
10:07:11.0982 0x0e1c  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:07:12.0002 0x0e1c  NDIS - ok
10:07:12.0012 0x0e1c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:07:12.0012 0x0e1c  NdisCap - ok
10:07:12.0032 0x0e1c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:07:12.0032 0x0e1c  NdisTapi - ok
10:07:12.0062 0x0e1c  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:07:12.0062 0x0e1c  Ndisuio - ok
10:07:12.0072 0x0e1c  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:07:12.0082 0x0e1c  NdisWan - ok
10:07:12.0092 0x0e1c  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:07:12.0092 0x0e1c  NDProxy - ok
10:07:12.0102 0x0e1c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:07:12.0102 0x0e1c  NetBIOS - ok
10:07:12.0112 0x0e1c  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:07:12.0112 0x0e1c  NetBT - ok
10:07:12.0132 0x0e1c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe
10:07:12.0132 0x0e1c  Netlogon - ok
10:07:12.0152 0x0e1c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:07:12.0162 0x0e1c  Netman - ok
10:07:12.0202 0x0e1c  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:07:12.0212 0x0e1c  NetMsmqActivator - ok
10:07:12.0222 0x0e1c  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:07:12.0222 0x0e1c  NetPipeActivator - ok
10:07:12.0242 0x0e1c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:07:12.0242 0x0e1c  netprofm - ok
10:07:12.0252 0x0e1c  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:07:12.0252 0x0e1c  NetTcpActivator - ok
10:07:12.0262 0x0e1c  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:07:12.0262 0x0e1c  NetTcpPortSharing - ok
10:07:12.0282 0x0e1c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:07:12.0282 0x0e1c  nfrd960 - ok
10:07:12.0332 0x0e1c  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:07:12.0332 0x0e1c  NisDrv - ok
10:07:12.0362 0x0e1c  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:07:12.0372 0x0e1c  NisSrv - ok
10:07:12.0392 0x0e1c  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:07:12.0402 0x0e1c  NlaSvc - ok
10:07:12.0402 0x0e1c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:07:12.0412 0x0e1c  Npfs - ok
10:07:12.0412 0x0e1c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:07:12.0422 0x0e1c  nsi - ok
10:07:12.0442 0x0e1c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:07:12.0442 0x0e1c  nsiproxy - ok
10:07:12.0512 0x0e1c  [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:07:12.0542 0x0e1c  Ntfs - ok
10:07:12.0552 0x0e1c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:07:12.0552 0x0e1c  Null - ok
10:07:12.0602 0x0e1c  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
10:07:12.0602 0x0e1c  NVHDA - ok
10:07:12.0942 0x0e1c  [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:07:13.0142 0x0e1c  nvlddmkm - ok
10:07:13.0262 0x0e1c  [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:07:13.0282 0x0e1c  NvNetworkService - ok
10:07:13.0312 0x0e1c  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:07:13.0312 0x0e1c  nvraid - ok
10:07:13.0332 0x0e1c  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:07:13.0332 0x0e1c  nvstor - ok
10:07:13.0812 0x0e1c  [ 4F0E2990DB12849D428DE7B0AC5D92B9, 77A058EFFE07E46F0DFF419DC1C204C245598E6A6F6EDFF545802D9C1573EAA0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
10:07:14.0072 0x0e1c  NvStreamSvc - ok
10:07:14.0172 0x0e1c  [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] NVSvc           C:\Windows\system32\nvvsvc.exe
10:07:14.0192 0x0e1c  NVSvc - ok
10:07:14.0212 0x0e1c  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
10:07:14.0212 0x0e1c  nvvad_WaveExtensible - ok
10:07:14.0222 0x0e1c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
10:07:14.0232 0x0e1c  nv_agp - ok
10:07:14.0242 0x0e1c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
10:07:14.0242 0x0e1c  ohci1394 - ok
10:07:14.0272 0x0e1c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:07:14.0272 0x0e1c  p2pimsvc - ok
10:07:14.0292 0x0e1c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:07:14.0302 0x0e1c  p2psvc - ok
10:07:14.0322 0x0e1c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:07:14.0322 0x0e1c  Parport - ok
10:07:14.0332 0x0e1c  [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:07:14.0332 0x0e1c  partmgr - ok
10:07:14.0342 0x0e1c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:07:14.0342 0x0e1c  PcaSvc - ok
10:07:14.0362 0x0e1c  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
10:07:14.0362 0x0e1c  pci - ok
10:07:14.0372 0x0e1c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
10:07:14.0382 0x0e1c  pciide - ok
10:07:14.0392 0x0e1c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:07:14.0392 0x0e1c  pcmcia - ok
10:07:14.0402 0x0e1c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:07:14.0402 0x0e1c  pcw - ok
10:07:14.0422 0x0e1c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:07:14.0432 0x0e1c  PEAUTH - ok
10:07:14.0502 0x0e1c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:07:14.0502 0x0e1c  PerfHost - ok
10:07:14.0562 0x0e1c  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
10:07:14.0592 0x0e1c  pla - ok
10:07:14.0622 0x0e1c  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:07:14.0632 0x0e1c  PlugPlay - ok
10:07:14.0672 0x0e1c  [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv          C:\Windows\system32\drivers\pmxdrv.sys
10:07:14.0672 0x0e1c  pmxdrv - ok
10:07:14.0692 0x0e1c  PnkBstrA - ok
10:07:14.0702 0x0e1c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:07:14.0702 0x0e1c  PNRPAutoReg - ok
10:07:14.0722 0x0e1c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:07:14.0732 0x0e1c  PNRPsvc - ok
10:07:14.0762 0x0e1c  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:07:14.0772 0x0e1c  PolicyAgent - ok
10:07:14.0792 0x0e1c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:07:14.0802 0x0e1c  Power - ok
10:07:14.0822 0x0e1c  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:07:14.0822 0x0e1c  PptpMiniport - ok
10:07:14.0832 0x0e1c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:07:14.0832 0x0e1c  Processor - ok
10:07:14.0852 0x0e1c  [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc         C:\Windows\system32\profsvc.dll
10:07:14.0862 0x0e1c  ProfSvc - ok
10:07:14.0872 0x0e1c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:07:14.0872 0x0e1c  ProtectedStorage - ok
10:07:14.0892 0x0e1c  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:07:14.0902 0x0e1c  Psched - ok
10:07:14.0962 0x0e1c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:07:14.0992 0x0e1c  ql2300 - ok
10:07:15.0002 0x0e1c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:07:15.0002 0x0e1c  ql40xx - ok
10:07:15.0032 0x0e1c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:07:15.0032 0x0e1c  QWAVE - ok
10:07:15.0042 0x0e1c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:07:15.0052 0x0e1c  QWAVEdrv - ok
10:07:15.0052 0x0e1c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:07:15.0052 0x0e1c  RasAcd - ok
10:07:15.0082 0x0e1c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:07:15.0082 0x0e1c  RasAgileVpn - ok
10:07:15.0102 0x0e1c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:07:15.0102 0x0e1c  RasAuto - ok
10:07:15.0112 0x0e1c  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:07:15.0112 0x0e1c  Rasl2tp - ok
10:07:15.0132 0x0e1c  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
10:07:15.0132 0x0e1c  RasMan - ok
10:07:15.0152 0x0e1c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:07:15.0152 0x0e1c  RasPppoe - ok
10:07:15.0172 0x0e1c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:07:15.0172 0x0e1c  RasSstp - ok
10:07:15.0192 0x0e1c  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:07:15.0202 0x0e1c  rdbss - ok
10:07:15.0212 0x0e1c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:07:15.0212 0x0e1c  rdpbus - ok
10:07:15.0222 0x0e1c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:07:15.0222 0x0e1c  RDPCDD - ok
10:07:15.0232 0x0e1c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:07:15.0232 0x0e1c  RDPENCDD - ok
10:07:15.0242 0x0e1c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:07:15.0242 0x0e1c  RDPREFMP - ok
10:07:15.0262 0x0e1c  [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:07:15.0272 0x0e1c  RDPWD - ok
10:07:15.0282 0x0e1c  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:07:15.0292 0x0e1c  rdyboost - ok
10:07:15.0302 0x0e1c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:07:15.0302 0x0e1c  RemoteAccess - ok
10:07:15.0312 0x0e1c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:07:15.0322 0x0e1c  RemoteRegistry - ok
10:07:15.0332 0x0e1c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:07:15.0332 0x0e1c  RpcEptMapper - ok
10:07:15.0332 0x0e1c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:07:15.0342 0x0e1c  RpcLocator - ok
10:07:15.0382 0x0e1c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
10:07:15.0382 0x0e1c  RpcSs - ok
10:07:15.0402 0x0e1c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:07:15.0402 0x0e1c  rspndr - ok
10:07:15.0412 0x0e1c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe
10:07:15.0412 0x0e1c  SamSs - ok
10:07:15.0422 0x0e1c  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
10:07:15.0432 0x0e1c  sbp2port - ok
10:07:15.0452 0x0e1c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:07:15.0452 0x0e1c  SCardSvr - ok
10:07:15.0462 0x0e1c  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:07:15.0462 0x0e1c  scfilter - ok
10:07:15.0502 0x0e1c  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll
10:07:15.0522 0x0e1c  Schedule - ok
10:07:15.0542 0x0e1c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:07:15.0542 0x0e1c  SCPolicySvc - ok
10:07:15.0562 0x0e1c  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:07:15.0572 0x0e1c  SDRSVC - ok
10:07:15.0592 0x0e1c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:07:15.0592 0x0e1c  secdrv - ok
10:07:15.0602 0x0e1c  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
10:07:15.0602 0x0e1c  seclogon - ok
10:07:15.0612 0x0e1c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
10:07:15.0622 0x0e1c  SENS - ok
10:07:15.0642 0x0e1c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:07:15.0642 0x0e1c  SensrSvc - ok
10:07:15.0652 0x0e1c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:07:15.0652 0x0e1c  Serenum - ok
10:07:15.0672 0x0e1c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:07:15.0672 0x0e1c  Serial - ok
10:07:15.0692 0x0e1c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:07:15.0702 0x0e1c  sermouse - ok
10:07:15.0712 0x0e1c  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:07:15.0712 0x0e1c  SessionEnv - ok
10:07:15.0752 0x0e1c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:07:15.0752 0x0e1c  sffdisk - ok
10:07:15.0762 0x0e1c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:07:15.0772 0x0e1c  sffp_mmc - ok
10:07:15.0782 0x0e1c  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:07:15.0782 0x0e1c  sffp_sd - ok
10:07:15.0792 0x0e1c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:07:15.0792 0x0e1c  sfloppy - ok
10:07:15.0832 0x0e1c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:07:15.0842 0x0e1c  SharedAccess - ok
10:07:15.0862 0x0e1c  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:07:15.0862 0x0e1c  ShellHWDetection - ok
10:07:15.0882 0x0e1c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:07:15.0882 0x0e1c  SiSRaid2 - ok
10:07:15.0892 0x0e1c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:07:15.0892 0x0e1c  SiSRaid4 - ok
10:07:15.0912 0x0e1c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:07:15.0922 0x0e1c  Smb - ok
10:07:15.0942 0x0e1c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:07:15.0942 0x0e1c  SNMPTRAP - ok
10:07:15.0952 0x0e1c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:07:15.0952 0x0e1c  spldr - ok
10:07:15.0992 0x0e1c  [ 567977DC43CC13C4C35ED7084C0B84D5, 93EEC3ABA66DA83157F49F056EF1CB3355122204F2BB0F8B618064AF47D59A61 ] Spooler         C:\Windows\System32\spoolsv.exe
10:07:16.0002 0x0e1c  Spooler - ok
10:07:16.0112 0x0e1c  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
10:07:16.0162 0x0e1c  sppsvc - ok
10:07:16.0202 0x0e1c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:07:16.0202 0x0e1c  sppuinotify - ok
10:07:16.0232 0x0e1c  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:07:16.0242 0x0e1c  srv - ok
10:07:16.0262 0x0e1c  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:07:16.0272 0x0e1c  srv2 - ok
10:07:16.0282 0x0e1c  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:07:16.0292 0x0e1c  srvnet - ok
10:07:16.0302 0x0e1c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:07:16.0312 0x0e1c  SSDPSRV - ok
10:07:16.0312 0x0e1c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:07:16.0312 0x0e1c  SstpSvc - ok
10:07:16.0402 0x0e1c  [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:07:16.0412 0x0e1c  Steam Client Service - ok
10:07:16.0482 0x0e1c  [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:07:16.0492 0x0e1c  Stereo Service - ok
10:07:16.0502 0x0e1c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:07:16.0502 0x0e1c  stexstor - ok
10:07:16.0552 0x0e1c  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
10:07:16.0562 0x0e1c  stisvc - ok
10:07:16.0562 0x0e1c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:07:16.0562 0x0e1c  swenum - ok
10:07:16.0592 0x0e1c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:07:16.0602 0x0e1c  swprv - ok
10:07:16.0652 0x0e1c  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
10:07:16.0682 0x0e1c  SysMain - ok
10:07:16.0702 0x0e1c  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:07:16.0702 0x0e1c  TabletInputService - ok
10:07:16.0722 0x0e1c  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:07:16.0732 0x0e1c  TapiSrv - ok
10:07:16.0732 0x0e1c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:07:16.0742 0x0e1c  TBS - ok
10:07:16.0792 0x0e1c  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:07:16.0822 0x0e1c  Tcpip - ok
10:07:16.0892 0x0e1c  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:07:16.0922 0x0e1c  TCPIP6 - ok
10:07:16.0932 0x0e1c  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:07:16.0932 0x0e1c  tcpipreg - ok
10:07:16.0942 0x0e1c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:07:16.0942 0x0e1c  TDPIPE - ok
10:07:16.0962 0x0e1c  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:07:16.0962 0x0e1c  TDTCP - ok
10:07:16.0972 0x0e1c  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:07:16.0972 0x0e1c  tdx - ok
10:07:16.0992 0x0e1c  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:07:17.0002 0x0e1c  TermDD - ok
10:07:17.0052 0x0e1c  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
10:07:17.0062 0x0e1c  TermService - ok
10:07:17.0072 0x0e1c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:07:17.0082 0x0e1c  Themes - ok
10:07:17.0102 0x0e1c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:07:17.0102 0x0e1c  THREADORDER - ok
10:07:17.0102 0x0e1c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:07:17.0112 0x0e1c  TrkWks - ok
10:07:17.0152 0x0e1c  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:07:17.0162 0x0e1c  TrustedInstaller - ok
10:07:17.0172 0x0e1c  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:07:17.0172 0x0e1c  tssecsrv - ok
10:07:17.0192 0x0e1c  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:07:17.0192 0x0e1c  tunnel - ok
10:07:17.0212 0x0e1c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:07:17.0222 0x0e1c  uagp35 - ok
10:07:17.0242 0x0e1c  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:07:17.0252 0x0e1c  udfs - ok
10:07:17.0262 0x0e1c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:07:17.0272 0x0e1c  UI0Detect - ok
10:07:17.0302 0x0e1c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
10:07:17.0302 0x0e1c  uliagpkx - ok
10:07:17.0322 0x0e1c  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:07:17.0332 0x0e1c  umbus - ok
10:07:17.0342 0x0e1c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:07:17.0342 0x0e1c  UmPass - ok
10:07:17.0492 0x0e1c  [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:07:17.0532 0x0e1c  UNS - ok
10:07:17.0572 0x0e1c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:07:17.0582 0x0e1c  upnphost - ok
10:07:17.0602 0x0e1c  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:07:17.0612 0x0e1c  usbccgp - ok
10:07:17.0622 0x0e1c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
10:07:17.0632 0x0e1c  usbcir - ok
10:07:17.0642 0x0e1c  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:07:17.0642 0x0e1c  usbehci - ok
10:07:17.0672 0x0e1c  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:07:17.0682 0x0e1c  usbhub - ok
10:07:17.0692 0x0e1c  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:07:17.0692 0x0e1c  usbohci - ok
10:07:17.0702 0x0e1c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:07:17.0702 0x0e1c  usbprint - ok
10:07:17.0732 0x0e1c  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:07:17.0732 0x0e1c  USBSTOR - ok
10:07:17.0742 0x0e1c  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:07:17.0742 0x0e1c  usbuhci - ok
10:07:17.0762 0x0e1c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:07:17.0762 0x0e1c  UxSms - ok
10:07:17.0762 0x0e1c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe
10:07:17.0762 0x0e1c  VaultSvc - ok
10:07:17.0792 0x0e1c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
10:07:17.0792 0x0e1c  vdrvroot - ok
10:07:17.0812 0x0e1c  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
10:07:17.0822 0x0e1c  vds - ok
10:07:17.0842 0x0e1c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:07:17.0842 0x0e1c  vga - ok
10:07:17.0852 0x0e1c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:07:17.0852 0x0e1c  VgaSave - ok
10:07:17.0872 0x0e1c  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
10:07:17.0872 0x0e1c  vhdmp - ok
10:07:17.0882 0x0e1c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
10:07:17.0882 0x0e1c  viaide - ok
10:07:17.0892 0x0e1c  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
10:07:17.0892 0x0e1c  volmgr - ok
10:07:17.0922 0x0e1c  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:07:17.0932 0x0e1c  volmgrx - ok
10:07:17.0952 0x0e1c  [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
10:07:17.0962 0x0e1c  volsnap - ok
10:07:17.0982 0x0e1c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:07:17.0982 0x0e1c  vsmraid - ok
10:07:18.0032 0x0e1c  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
10:07:18.0062 0x0e1c  VSS - ok
10:07:18.0072 0x0e1c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:07:18.0072 0x0e1c  vwifibus - ok
10:07:18.0092 0x0e1c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:07:18.0102 0x0e1c  W32Time - ok
10:07:18.0112 0x0e1c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:07:18.0112 0x0e1c  WacomPen - ok
10:07:18.0132 0x0e1c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:07:18.0132 0x0e1c  WANARP - ok
10:07:18.0142 0x0e1c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:07:18.0142 0x0e1c  Wanarpv6 - ok
10:07:18.0212 0x0e1c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:07:18.0242 0x0e1c  WatAdminSvc - ok
10:07:18.0282 0x0e1c  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
10:07:18.0312 0x0e1c  wbengine - ok
10:07:18.0322 0x0e1c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:07:18.0322 0x0e1c  WbioSrvc - ok
10:07:18.0342 0x0e1c  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:07:18.0352 0x0e1c  wcncsvc - ok
10:07:18.0352 0x0e1c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:07:18.0352 0x0e1c  WcsPlugInService - ok
10:07:18.0372 0x0e1c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:07:18.0382 0x0e1c  Wd - ok
10:07:18.0412 0x0e1c  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:07:18.0422 0x0e1c  Wdf01000 - ok
10:07:18.0442 0x0e1c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:07:18.0452 0x0e1c  WdiServiceHost - ok
10:07:18.0452 0x0e1c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:07:18.0452 0x0e1c  WdiSystemHost - ok
10:07:18.0472 0x0e1c  [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient       C:\Windows\System32\webclnt.dll
10:07:18.0482 0x0e1c  WebClient - ok
10:07:18.0492 0x0e1c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:07:18.0502 0x0e1c  Wecsvc - ok
10:07:18.0512 0x0e1c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:07:18.0522 0x0e1c  wercplsupport - ok
10:07:18.0532 0x0e1c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:07:18.0532 0x0e1c  WerSvc - ok
10:07:18.0562 0x0e1c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:07:18.0562 0x0e1c  WfpLwf - ok
10:07:18.0562 0x0e1c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:07:18.0562 0x0e1c  WIMMount - ok
10:07:18.0582 0x0e1c  WinDefend - ok
10:07:18.0582 0x0e1c  WinHttpAutoProxySvc - ok
10:07:18.0622 0x0e1c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:07:18.0622 0x0e1c  Winmgmt - ok
10:07:18.0692 0x0e1c  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:07:18.0722 0x0e1c  WinRM - ok
10:07:18.0762 0x0e1c  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:07:18.0762 0x0e1c  WinUsb - ok
10:07:18.0802 0x0e1c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:07:18.0812 0x0e1c  Wlansvc - ok
10:07:18.0832 0x0e1c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:07:18.0832 0x0e1c  WmiAcpi - ok
10:07:18.0862 0x0e1c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:07:18.0872 0x0e1c  wmiApSrv - ok
10:07:18.0902 0x0e1c  WMPNetworkSvc - ok
10:07:18.0912 0x0e1c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:07:18.0912 0x0e1c  WPCSvc - ok
10:07:18.0932 0x0e1c  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:07:18.0942 0x0e1c  WPDBusEnum - ok
10:07:18.0952 0x0e1c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:07:18.0952 0x0e1c  ws2ifsl - ok
10:07:18.0982 0x0e1c  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc          C:\Windows\system32\wscsvc.dll
10:07:18.0982 0x0e1c  wscsvc - ok
10:07:18.0982 0x0e1c  WSearch - ok
10:07:19.0082 0x0e1c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:07:19.0122 0x0e1c  wuauserv - ok
10:07:19.0142 0x0e1c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:07:19.0142 0x0e1c  WudfPf - ok
10:07:19.0162 0x0e1c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:07:19.0162 0x0e1c  WUDFRd - ok
10:07:19.0172 0x0e1c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:07:19.0172 0x0e1c  wudfsvc - ok
10:07:19.0202 0x0e1c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:07:19.0202 0x0e1c  WwanSvc - ok
10:07:19.0212 0x0e1c  ================ Scan global ===============================
10:07:19.0222 0x0e1c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:07:19.0262 0x0e1c  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
10:07:19.0272 0x0e1c  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
10:07:19.0292 0x0e1c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:07:19.0312 0x0e1c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:07:19.0312 0x0e1c  [ Global ] - ok
10:07:19.0322 0x0e1c  ================ Scan MBR ==================================
10:07:19.0332 0x0e1c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:07:19.0482 0x0e1c  \Device\Harddisk0\DR0 - ok
10:07:19.0492 0x0e1c  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR1
10:07:19.0492 0x0e1c  \Device\Harddisk1\DR1 - ok
10:07:19.0492 0x0e1c  ================ Scan VBR ==================================
10:07:19.0502 0x0e1c  [ 23BF8F23307E0EF5D489F518037CC8C6 ] \Device\Harddisk0\DR0\Partition1
10:07:19.0502 0x0e1c  \Device\Harddisk0\DR0\Partition1 - ok
10:07:19.0502 0x0e1c  [ 6D41A58D57EBEF11D137202F39285152 ] \Device\Harddisk0\DR0\Partition2
10:07:19.0502 0x0e1c  \Device\Harddisk0\DR0\Partition2 - ok
10:07:19.0512 0x0e1c  [ 8725E489DD78B8D85A62CBCA620439CC ] \Device\Harddisk1\DR1\Partition1
10:07:19.0512 0x0e1c  \Device\Harddisk1\DR1\Partition1 - ok
10:07:19.0512 0x0e1c  Waiting for KSN requests completion. In queue: 279
10:07:20.0512 0x0e1c  Waiting for KSN requests completion. In queue: 279
10:07:21.0512 0x0e1c  Waiting for KSN requests completion. In queue: 279
10:07:22.0522 0x0e1c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x60000 ( disabled : updated )
10:07:22.0522 0x0e1c  Win FW state via NFP2: enabled
10:07:25.0262 0x0e1c  ============================================================
10:07:25.0262 0x0e1c  Scan finished
10:07:25.0262 0x0e1c  ============================================================
10:07:25.0262 0x0e94  Detected object count: 0
10:07:25.0262 0x0e94  Actual detected object count: 0

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-05-17 10:09:18
-----------------------------
10:09:18.137    OS Version: Windows x64 6.1.7600
10:09:18.137    Number of processors: 4 586 0x2A07
10:09:18.137    ComputerName: DEVIN-PC  UserName: Devin
10:09:23.741    Initialize success
10:09:33.245    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:09:33.247    Disk 0 Vendor: ST3500413AS JC4B Size: 476940MB BusType: 11
10:09:33.344    Disk 0 MBR read successfully
10:09:33.347    Disk 0 MBR scan
10:09:33.349    Disk 0 Windows 7 default MBR code
10:09:33.352    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       462935 MB offset 64
10:09:33.377    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        14001 MB offset 948092040
10:09:33.407    Disk 0 scanning C:\Windows\system32\drivers
10:09:39.031    Service scanning
10:09:47.907    Modules scanning
10:09:47.914    Disk 0 trace - called modules:
10:09:47.936    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:09:47.941    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ad1060]
10:09:47.945    3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80077ff520]
10:09:47.951    5 ACPI.sys[fffff88000f71781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80074a5060]
10:09:47.956    Scan finished successfully
10:09:53.177    Disk 0 MBR has been saved successfully to "C:\Users\Devin\Desktop\MBR.dat"
10:09:53.180    The log file has been saved successfully to "C:\Users\Devin\Desktop\aswMBR.txt"

 

Attached Files

  • Attached File  MBR.zip   558bytes   0 downloads


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:22 AM

Posted 17 May 2014 - 10:22 AM



Click on "Customize and control Google Chrome":
 
p22003758.gif
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
====

The first part of your post I did not understand what I was supposed to be doing..


It's the first time I saw the preferences listed.

When you start Google Chrome how may tabs are listed and must you enter some password to continue?

The link I posted was referring to
Disabling “Sign In ” tab on startup

===

What other issues are you having with this computer?

#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:22 AM

Posted 22 May 2014 - 08:08 AM

Are you still with me?

#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:22 AM

Posted 28 May 2014 - 07:46 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users