Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM Random Warnings When Starting IE


  • This topic is locked This topic is locked
21 replies to this topic

#1 luddy

luddy

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 24 September 2014 - 05:37 PM

ON my Win8.1 x64 machine I recently got a few malicious site alerts which I denied while starting or using IE.  Most of the time for random browsing I use Sandboxie and Firefox but when I need to do banking I use IE w/o Sandboxie.  A few times now while launching IE I have gotten a warning from MBAM such as below.  My home page is MSN.com so it doesn't make sense and it isn't all the time.  I ran several scanner such as Trojan Remover from Simply Software, TDSSKiller from Kaspersky, MBAM full OS drive scan and system scan, and HerdProtect all not finding anything.

 

Here is the alert I've gotten starting IE:

"Malicious Website Protection" direction="Outbound" domain=www.nzblistings.com

 

I also got this one when navigating to Homedepot.com to check out their notice about the recent breach.

"Malicious Website Protection" direction="Outbound" domain=www.mainstream-guides.com

 

I want to make sure my system is clean and don't know where to turn.  I've used you guys once before in the past on a different machine and had great success.

 

TIA!

 

 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 AM

Posted 25 September 2014 - 09:44 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 luddy

luddy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 25 September 2014 - 04:35 PM

Note that GMER threw errors saying it did not have access to config.sys since the file was in use.

 

Attached are FRST and GMER outputs.  Next reply will be TDSKILLER log

Attached Files



#4 luddy

luddy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 25 September 2014 - 04:37 PM

TDSKILLER log:

17:30:38.0629 0x224c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
17:30:38.0629 0x224c  UEFI system
17:30:49.0145 0x224c  ============================================================
17:30:49.0145 0x224c  Current date / time: 2014/09/25 17:30:49.0145
17:30:49.0145 0x224c  SystemInfo:
17:30:49.0145 0x224c  
17:30:49.0145 0x224c  OS Version: 6.3.9600 ServicePack: 0.0
17:30:49.0145 0x224c  Product type: Workstation
17:30:49.0145 0x224c  ComputerName: I7-4770K
17:30:49.0145 0x224c  UserName: John
17:30:49.0145 0x224c  Windows directory: C:\WINDOWS
17:30:49.0145 0x224c  System windows directory: C:\WINDOWS
17:30:49.0145 0x224c  Running under WOW64
17:30:49.0145 0x224c  Processor architecture: Intel x64
17:30:49.0145 0x224c  Number of processors: 8
17:30:49.0145 0x224c  Page size: 0x1000
17:30:49.0145 0x224c  Boot type: Normal boot
17:30:49.0145 0x224c  ============================================================
17:30:49.0395 0x224c  KLMD registered as C:\WINDOWS\system32\drivers\82090457.sys
17:30:49.0551 0x224c  System UUID: {67C07BD6-75B3-8EAA-67BD-7C9CDCE23535}
17:30:49.0957 0x224c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:49.0973 0x224c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:49.0973 0x224c  Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:49.0973 0x224c  Drive \Device\Harddisk3\DR3 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:49.0989 0x224c  ============================================================
17:30:49.0989 0x224c  \Device\Harddisk0\DR0:
17:30:49.0989 0x224c  MBR partitions:
17:30:49.0989 0x224c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74706000
17:30:49.0989 0x224c  \Device\Harddisk1\DR1:
17:30:49.0989 0x224c  MBR partitions:
17:30:49.0989 0x224c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74706000
17:30:49.0989 0x224c  \Device\Harddisk2\DR2:
17:30:49.0989 0x224c  MBR partitions:
17:30:49.0989 0x224c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
17:30:49.0989 0x224c  \Device\Harddisk3\DR3:
17:30:49.0989 0x224c  GPT partitions:
17:30:49.0989 0x224c  \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {429C4DB1-107D-4497-B6AD-1797543D9853}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
17:30:49.0989 0x224c  \Device\Harddisk3\DR3\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B4EECA01-2F2F-4CB3-8DE6-847D48103077}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
17:30:49.0989 0x224c  \Device\Harddisk3\DR3\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {307E73EA-5084-4049-A465-981F7B2DB87C}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
17:30:49.0989 0x224c  \Device\Harddisk3\DR3\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F8DFD289-E54C-447D-A4AA-6B3A62DF28CE}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0x1CFDC000
17:30:49.0989 0x224c  \Device\Harddisk3\DR3\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F75F8FB9-BA68-4427-BE22-E2D0EFBAEE9D}, Name: , StartLBA 0x1D0E4800, BlocksNum 0xE1000
17:30:49.0989 0x224c  MBR partitions:
17:30:49.0989 0x224c  ============================================================
17:30:49.0989 0x224c  C: <-> \Device\Harddisk3\DR3\Partition4
17:30:50.0020 0x224c  D: <-> \Device\Harddisk2\DR2\Partition1
17:30:50.0035 0x224c  F: <-> \Device\Harddisk1\DR1\Partition1
17:30:50.0067 0x224c  G: <-> \Device\Harddisk0\DR0\Partition1
17:30:50.0067 0x224c  ============================================================
17:30:50.0067 0x224c  Initialize success
17:30:50.0067 0x224c  ============================================================
17:30:53.0176 0x13cc  ============================================================
17:30:53.0176 0x13cc  Scan started
17:30:53.0176 0x13cc  Mode: Manual; 
17:30:53.0176 0x13cc  ============================================================
17:30:53.0176 0x13cc  KSN ping started
17:30:55.0676 0x13cc  KSN ping finished: true
17:30:55.0989 0x13cc  ================ Scan system memory ========================
17:30:55.0989 0x13cc  System memory - ok
17:30:55.0989 0x13cc  ================ Scan services =============================
17:30:56.0020 0x13cc  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:30:56.0035 0x13cc  1394ohci - ok
17:30:56.0051 0x13cc  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:30:56.0051 0x13cc  3ware - ok
17:30:56.0067 0x13cc  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:30:56.0067 0x13cc  ACPI - ok
17:30:56.0067 0x13cc  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:30:56.0067 0x13cc  acpiex - ok
17:30:56.0082 0x13cc  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:30:56.0082 0x13cc  acpipagr - ok
17:30:56.0082 0x13cc  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:30:56.0082 0x13cc  AcpiPmi - ok
17:30:56.0082 0x13cc  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:30:56.0082 0x13cc  acpitime - ok
17:30:56.0082 0x13cc  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:56.0082 0x13cc  AdobeARMservice - ok
17:30:56.0098 0x13cc  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:30:56.0114 0x13cc  ADP80XX - ok
17:30:56.0114 0x13cc  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
17:30:56.0114 0x13cc  AeLookupSvc - ok
17:30:56.0129 0x13cc  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:30:56.0129 0x13cc  AFD - ok
17:30:56.0145 0x13cc  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:30:56.0145 0x13cc  agp440 - ok
17:30:56.0145 0x13cc  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:30:56.0145 0x13cc  ahcache - ok
17:30:56.0145 0x13cc  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
17:30:56.0145 0x13cc  ALG - ok
17:30:56.0160 0x13cc  [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
17:30:56.0160 0x13cc  AMD External Events Utility - ok
17:30:56.0160 0x13cc  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:30:56.0160 0x13cc  AmdK8 - ok
17:30:56.0160 0x13cc  [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
17:30:56.0160 0x13cc  amdkmafd - ok
17:30:56.0332 0x13cc  [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
17:30:56.0473 0x13cc  amdkmdag - ok
17:30:56.0504 0x13cc  [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
17:30:56.0504 0x13cc  amdkmdap - ok
17:30:56.0504 0x13cc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:30:56.0504 0x13cc  AmdPPM - ok
17:30:56.0520 0x13cc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:30:56.0520 0x13cc  amdsata - ok
17:30:56.0520 0x13cc  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:30:56.0520 0x13cc  amdsbs - ok
17:30:56.0520 0x13cc  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:30:56.0520 0x13cc  amdxata - ok
17:30:56.0535 0x13cc  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:30:56.0535 0x13cc  AppID - ok
17:30:56.0535 0x13cc  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:30:56.0535 0x13cc  AppIDSvc - ok
17:30:56.0535 0x13cc  [ 7667B9D81EA8FD6540E6CF72F92161A6, 98F3D0E376F715EBE083FE112CAA640BCE0F13DCE0F244D059D7FA019EA3D24C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:30:56.0535 0x13cc  Appinfo - ok
17:30:56.0551 0x13cc  [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:30:56.0551 0x13cc  AppMgmt - ok
17:30:56.0551 0x13cc  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:30:56.0567 0x13cc  AppReadiness - ok
17:30:56.0582 0x13cc  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:30:56.0598 0x13cc  AppXSvc - ok
17:30:56.0598 0x13cc  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:30:56.0598 0x13cc  arcsas - ok
17:30:56.0614 0x13cc  [ AA1A87CF0B150A765B55A671A32F992B, 5199FFCE84372B533AAA6841D5385F86415163AB8FB123DEFCCD915198895586 ] asahci64        C:\WINDOWS\system32\drivers\asahci64.sys
17:30:56.0614 0x13cc  asahci64 - ok
17:30:56.0629 0x13cc  [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
17:30:56.0629 0x13cc  asComSvc - ok
17:30:56.0645 0x13cc  [ 5F1091FA113607C9C9B2ECF4FBC76F37, F4406635C555A942242F40CACEC7EFD2FED47103C191CB3C2EDF21EE78C8122E ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
17:30:56.0660 0x13cc  asHmComSvc - ok
17:30:56.0676 0x13cc  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\WINDOWS\syswow64\drivers\AsIO.sys
17:30:56.0676 0x13cc  AsIO - ok
17:30:56.0676 0x13cc  [ B022CF2FF6E5A7774DC796F68AD665B6, 0672ADCAF6B9AD0E4DD9B317BC688AD1A26CC259F74A0124DCD2271E4703E413 ] ASMTFilter      C:\WINDOWS\system32\DRIVERS\asmtufdriver.sys
17:30:56.0676 0x13cc  ASMTFilter - ok
17:30:56.0692 0x13cc  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\WINDOWS\syswow64\drivers\AsUpIO.sys
17:30:56.0692 0x13cc  AsUpIO - ok
17:30:56.0692 0x13cc  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:30:56.0692 0x13cc  atapi - ok
17:30:56.0692 0x13cc  [ 65DD42A358451920A703EEEC1AB4995B, 7690EFB12E928ECF3D3D3155F7D1F7A8FEEE742212ABE5319166EA8DB5601884 ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
17:30:56.0692 0x13cc  AthBTPort - ok
17:30:56.0707 0x13cc  [ 8BCA409E11F511A527F373700F8B1765, BEA8FD936BE65B2064059E72099F9770CD80D59646BF82AC5ADC06DDAAD389D1 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
17:30:56.0707 0x13cc  AtherosSvc - ok
17:30:56.0754 0x13cc  [ 1BBC9DC016F64B5031A35BBD0C037761, BAFD26CC089FF51E98143E4D42A54740058CD102245C79D104EF9FFE3F9F1B61 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
17:30:56.0801 0x13cc  athr - ok
17:30:56.0817 0x13cc  [ 13A4B62FEE62843413724C45FD149D45, 1EAD9614EA18A3D97568CA28E11364416D2A0B21827CC557F6E04D056F0D2D50 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
17:30:56.0817 0x13cc  AtiHDAudioService - ok
17:30:56.0817 0x13cc  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:30:56.0817 0x13cc  AudioEndpointBuilder - ok
17:30:56.0832 0x13cc  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:30:56.0848 0x13cc  Audiosrv - ok
17:30:56.0848 0x13cc  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:30:56.0848 0x13cc  AxInstSV - ok
17:30:56.0864 0x13cc  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:30:56.0879 0x13cc  b06bdrv - ok
17:30:56.0879 0x13cc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:30:56.0879 0x13cc  BasicDisplay - ok
17:30:56.0879 0x13cc  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:30:56.0879 0x13cc  BasicRender - ok
17:30:56.0895 0x13cc  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:30:56.0895 0x13cc  bcmfn2 - ok
17:30:56.0895 0x13cc  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:30:56.0895 0x13cc  BDESVC - ok
17:30:56.0895 0x13cc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:30:56.0895 0x13cc  Beep - ok
17:30:56.0910 0x13cc  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
17:30:56.0926 0x13cc  BFE - ok
17:30:56.0957 0x13cc  [ B20C7345F7EAD6C5E3EFA52E044411B6, 63DC57908D77B77907A278AD219240AEDD502272D5D3D35D5339172CDE36DA86 ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140912.003\BHDrvx64.sys
17:30:56.0973 0x13cc  BHDrvx64 - ok
17:30:56.0989 0x13cc  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
17:30:57.0004 0x13cc  BITS - ok
17:30:57.0004 0x13cc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:30:57.0004 0x13cc  bowser - ok
17:30:57.0020 0x13cc  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:30:57.0020 0x13cc  BrokerInfrastructure - ok
17:30:57.0020 0x13cc  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
17:30:57.0020 0x13cc  Browser - ok
17:30:57.0035 0x13cc  [ BCDB654338FA6C4BEE20A8EA47092171, CE0408F126F23E8C51CE59F3A56B41C78AB8918512FB9866F055077E5428EA37 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
17:30:57.0035 0x13cc  BTATH_A2DP - ok
17:30:57.0051 0x13cc  [ A71E33AEF3289BE2BA6CAD032BF9BFBA, A390F0BAC83143489F7191E4595973D8E1EA6CDF0937B4A441848CF7345C8808 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
17:30:57.0051 0x13cc  btath_avdt - ok
17:30:57.0051 0x13cc  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
17:30:57.0051 0x13cc  BTATH_BUS - ok
17:30:57.0051 0x13cc  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
17:30:57.0051 0x13cc  BTATH_HCRP - ok
17:30:57.0067 0x13cc  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
17:30:57.0067 0x13cc  BTATH_LWFLT - ok
17:30:57.0067 0x13cc  [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
17:30:57.0067 0x13cc  BTATH_RCP - ok
17:30:57.0082 0x13cc  [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
17:30:57.0098 0x13cc  BtFilter - ok
17:30:57.0098 0x13cc  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:30:57.0098 0x13cc  BthAvrcpTg - ok
17:30:57.0098 0x13cc  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
17:30:57.0098 0x13cc  BthEnum - ok
17:30:57.0098 0x13cc  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:30:57.0114 0x13cc  BthHFEnum - ok
17:30:57.0114 0x13cc  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:30:57.0114 0x13cc  bthhfhid - ok
17:30:57.0114 0x13cc  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
17:30:57.0114 0x13cc  BthLEEnum - ok
17:30:57.0129 0x13cc  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:30:57.0129 0x13cc  BTHMODEM - ok
17:30:57.0129 0x13cc  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
17:30:57.0129 0x13cc  BthPan - ok
17:30:57.0160 0x13cc  [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
17:30:57.0176 0x13cc  BTHPORT - ok
17:30:57.0176 0x13cc  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:30:57.0176 0x13cc  bthserv - ok
17:30:57.0176 0x13cc  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:30:57.0176 0x13cc  BTHUSB - ok
17:30:57.0192 0x13cc  [ 0572F7D579759EE54B44A74B7E7F39B2, 829AC2296F879F738F004DF7224B2B9144A451A10505AF1F389904FBB80E7D0E ] busenum         C:\WINDOWS\System32\drivers\SteelBus64.sys
17:30:57.0192 0x13cc  busenum - ok
17:30:57.0192 0x13cc  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\WINDOWS\system32\drivers\NISx64\1506000.020\ccSetx64.sys
17:30:57.0192 0x13cc  ccSet_NIS - ok
17:30:57.0192 0x13cc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:30:57.0207 0x13cc  cdfs - ok
17:30:57.0207 0x13cc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:30:57.0207 0x13cc  cdrom - ok
17:30:57.0207 0x13cc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:30:57.0223 0x13cc  CertPropSvc - ok
17:30:57.0223 0x13cc  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:30:57.0223 0x13cc  circlass - ok
17:30:57.0223 0x13cc  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:30:57.0239 0x13cc  CLFS - ok
17:30:57.0239 0x13cc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:30:57.0239 0x13cc  CmBatt - ok
17:30:57.0254 0x13cc  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:30:57.0254 0x13cc  CNG - ok
17:30:57.0254 0x13cc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
17:30:57.0254 0x13cc  CompositeBus - ok
17:30:57.0254 0x13cc  COMSysApp - ok
17:30:57.0270 0x13cc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:30:57.0270 0x13cc  condrv - ok
17:30:57.0270 0x13cc  [ 210A878E33984D400E24A61CB71B9253, C017D8637B23E4FB9C365BA1F0BC00542E71563947E214DB506C31454766F06F ] cpextender      C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe
17:30:57.0270 0x13cc  cpextender - ok
17:30:57.0285 0x13cc  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:30:57.0285 0x13cc  CryptSvc - ok
17:30:57.0301 0x13cc  [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
17:30:57.0301 0x13cc  CSC - ok
17:30:57.0317 0x13cc  [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService      C:\WINDOWS\System32\cscsvc.dll
17:30:57.0317 0x13cc  CscService - ok
17:30:57.0332 0x13cc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:30:57.0332 0x13cc  dam - ok
17:30:57.0332 0x13cc  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:30:57.0348 0x13cc  DcomLaunch - ok
17:30:57.0364 0x13cc  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:30:57.0364 0x13cc  defragsvc - ok
17:30:57.0364 0x13cc  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:30:57.0379 0x13cc  DeviceAssociationService - ok
17:30:57.0379 0x13cc  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:30:57.0379 0x13cc  DeviceInstall - ok
17:30:57.0379 0x13cc  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:30:57.0395 0x13cc  Dfsc - ok
17:30:57.0395 0x13cc  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:30:57.0395 0x13cc  Dhcp - ok
17:30:57.0410 0x13cc  [ 8FBB1FFC6F13F9D5EE8480B36BAFFC52, 0BC3685B0B8ADC97931B5D31348DA235CD7581A67EDF6D79913E6A5709866135 ] DIRECTIO        C:\Program Files\PerformanceTest\DirectIo64.sys
17:30:57.0410 0x13cc  DIRECTIO - ok
17:30:57.0410 0x13cc  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:30:57.0410 0x13cc  disk - ok
17:30:57.0410 0x13cc  [ 5E79827A28351CF1A1CAF8481207FB4C, 98F4CDF4A527A5A370A00660EE9E71201AF06CC3CF02AF64B82B8C9C949C1A66 ] diskpt          C:\WINDOWS\system32\drivers\diskpt.sys
17:30:57.0426 0x13cc  diskpt - ok
17:30:57.0489 0x13cc  [ 579E6D1904188CC5EF81CF8B82E2A235, 5D1EC9D287BF3267ED0F85A01F2CB3AE514222E433B777560A06B818B1073A58 ] DisplayFusionService C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
17:30:57.0551 0x13cc  DisplayFusionService - ok
17:30:57.0551 0x13cc  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:30:57.0551 0x13cc  dmvsc - ok
17:30:57.0567 0x13cc  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:30:57.0567 0x13cc  Dnscache - ok
17:30:57.0567 0x13cc  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:30:57.0567 0x13cc  dot3svc - ok
17:30:57.0582 0x13cc  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
17:30:57.0582 0x13cc  DPS - ok
17:30:57.0582 0x13cc  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:30:57.0582 0x13cc  drmkaud - ok
17:30:57.0582 0x13cc  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:30:57.0598 0x13cc  DsmSvc - ok
17:30:57.0598 0x13cc  [ F2D97A85F4F6E0942BC17C4EECEEE6B7, 3583D00634C36B16880766F7635BFF48D04CECA4F2489E2720EBE33007CA0B9B ] dsNcAdpt        C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys
17:30:57.0598 0x13cc  dsNcAdpt - ok
17:30:57.0614 0x13cc  [ B3B6C72AD1464CE3DE31005DB7C0D2DF, D7D087D6417BDD62D9BB1C77F1FE817E237DB3C4AA562EA6E335CBF57FFD9004 ] dsNcService     C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
17:30:57.0614 0x13cc  dsNcService - ok
17:30:57.0614 0x13cc  [ EE8684BF88C1B74D47647802281ED085, 9CA7803E2544304D3EDC19D2706ED8AC066E97BBF700ACC532C787537CDA99A4 ] DTSAudioSvc     C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
17:30:57.0629 0x13cc  DTSAudioSvc - ok
17:30:57.0645 0x13cc  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:30:57.0660 0x13cc  DXGKrnl - ok
17:30:57.0676 0x13cc  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
17:30:57.0676 0x13cc  e1iexpress - ok
17:30:57.0692 0x13cc  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:30:57.0692 0x13cc  Eaphost - ok
17:30:57.0739 0x13cc  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:30:57.0770 0x13cc  ebdrv - ok
17:30:57.0785 0x13cc  [ 03E1B8BA59327D186C7C533A6998FEF9, 224937A697B55BD9CCD790771DBE9D135021AD1DC3E6D6AC7C431C56F0FFBBB5 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:30:57.0785 0x13cc  eeCtrl - ok
17:30:57.0785 0x13cc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
17:30:57.0785 0x13cc  EFS - ok
17:30:57.0801 0x13cc  [ 44C5F3F4B70D1C8D21C90E724E249796, 49B31B9E7E45A2E42BDA803D9CDC3837E0CB73A1E1E6DA00CF4282573D60526F ] ehRecvr         C:\WINDOWS\ehome\ehRecvr.exe
17:30:57.0801 0x13cc  ehRecvr - ok
17:30:57.0817 0x13cc  [ 8EFB35A528A48D682C5322A5A07D4352, 5886991ECA449C48A89A3BB2950468EA7CCBD0998774C4C77A1194866827D267 ] ehSched         C:\WINDOWS\ehome\ehsched.exe
17:30:57.0817 0x13cc  ehSched - ok
17:30:57.0817 0x13cc  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:30:57.0817 0x13cc  EhStorClass - ok
17:30:57.0817 0x13cc  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:30:57.0817 0x13cc  EhStorTcgDrv - ok
17:30:57.0832 0x13cc  [ 142EA7DF1851C563571F2DCFC7AFBB40, 14DE008B68D127F246A64290DFCBD7ECDE8FF7932B3BAE660EB131860E826EAD ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:30:57.0832 0x13cc  EraserUtilRebootDrv - ok
17:30:57.0832 0x13cc  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:30:57.0832 0x13cc  ErrDev - ok
17:30:57.0848 0x13cc  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
17:30:57.0848 0x13cc  EventSystem - ok
17:30:57.0848 0x13cc  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:30:57.0848 0x13cc  exfat - ok
17:30:57.0864 0x13cc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:30:57.0864 0x13cc  fastfat - ok
17:30:57.0879 0x13cc  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:30:57.0879 0x13cc  Fax - ok
17:30:57.0879 0x13cc  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:30:57.0879 0x13cc  fdc - ok
17:30:57.0895 0x13cc  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:30:57.0895 0x13cc  fdPHost - ok
17:30:57.0895 0x13cc  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:30:57.0895 0x13cc  FDResPub - ok
17:30:57.0895 0x13cc  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:30:57.0895 0x13cc  fhsvc - ok
17:30:57.0895 0x13cc  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:30:57.0895 0x13cc  FileInfo - ok
17:30:57.0910 0x13cc  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:30:57.0910 0x13cc  Filetrace - ok
17:30:57.0910 0x13cc  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:30:57.0910 0x13cc  flpydisk - ok
17:30:57.0910 0x13cc  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:30:57.0926 0x13cc  FltMgr - ok
17:30:57.0942 0x13cc  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:30:57.0957 0x13cc  FontCache - ok
17:30:57.0957 0x13cc  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:57.0957 0x13cc  FontCache3.0.0.0 - ok
17:30:57.0973 0x13cc  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:30:57.0973 0x13cc  FsDepends - ok
17:30:57.0973 0x13cc  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:30:57.0973 0x13cc  Fs_Rec - ok
17:30:57.0973 0x13cc  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:30:57.0989 0x13cc  fvevol - ok
17:30:57.0989 0x13cc  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
17:30:57.0989 0x13cc  FxPPM - ok
17:30:57.0989 0x13cc  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:30:57.0989 0x13cc  gagp30kx - ok
17:30:58.0004 0x13cc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:30:58.0004 0x13cc  GEARAspiWDM - ok
17:30:58.0004 0x13cc  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:30:58.0004 0x13cc  gencounter - ok
17:30:58.0004 0x13cc  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:30:58.0004 0x13cc  GPIOClx0101 - ok
17:30:58.0020 0x13cc  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:30:58.0035 0x13cc  gpsvc - ok
17:30:58.0051 0x13cc  [ BDDBCFF870442B3C24C158CD53079132, 62314C296ACF1EF9EB38FB70B66B57D1BB9917C8536B39892272D172BC58A5C3 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
17:30:58.0051 0x13cc  hcmon - ok
17:30:58.0051 0x13cc  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:30:58.0051 0x13cc  HDAudBus - ok
17:30:58.0051 0x13cc  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:30:58.0051 0x13cc  HidBatt - ok
17:30:58.0051 0x13cc  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:30:58.0051 0x13cc  HidBth - ok
17:30:58.0067 0x13cc  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:30:58.0067 0x13cc  hidi2c - ok
17:30:58.0067 0x13cc  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:30:58.0067 0x13cc  HidIr - ok
17:30:58.0067 0x13cc  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:30:58.0067 0x13cc  hidserv - ok
17:30:58.0067 0x13cc  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:30:58.0067 0x13cc  HidUsb - ok
17:30:58.0082 0x13cc  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
17:30:58.0082 0x13cc  hkmsvc - ok
17:30:58.0082 0x13cc  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:30:58.0082 0x13cc  HomeGroupListener - ok
17:30:58.0098 0x13cc  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:30:58.0098 0x13cc  HomeGroupProvider - ok
17:30:58.0114 0x13cc  [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:30:58.0114 0x13cc  hpqcxs08 - ok
17:30:58.0114 0x13cc  [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:30:58.0114 0x13cc  hpqddsvc - ok
17:30:58.0114 0x13cc  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:30:58.0129 0x13cc  HpSAMD - ok
17:30:58.0129 0x13cc  [ C995EA1C6915D897E06D41AF95B9312C, 65DE6599F1C735BBDCCE4728F7F98167BCA0BF1B8D4218BBF7546B025C9A38BD ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:30:58.0145 0x13cc  HPSLPSVC - ok
17:30:58.0160 0x13cc  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:30:58.0176 0x13cc  HTTP - ok
17:30:58.0176 0x13cc  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:30:58.0176 0x13cc  hwpolicy - ok
17:30:58.0176 0x13cc  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:30:58.0176 0x13cc  hyperkbd - ok
17:30:58.0192 0x13cc  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:30:58.0192 0x13cc  HyperVideo - ok
17:30:58.0192 0x13cc  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:30:58.0192 0x13cc  i8042prt - ok
17:30:58.0192 0x13cc  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:30:58.0192 0x13cc  iaLPSSi_GPIO - ok
17:30:58.0192 0x13cc  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:30:58.0207 0x13cc  iaLPSSi_I2C - ok
17:30:58.0207 0x13cc  [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:30:58.0223 0x13cc  iaStorA - ok
17:30:58.0223 0x13cc  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:30:58.0239 0x13cc  iaStorAV - ok
17:30:58.0239 0x13cc  [ 6241810294275CEA59EBA9733080E5EE, F9A1A505B9279CD660CAAF4F8D21BDC34AC75FD86E881632A378B9BF39A3738E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:30:58.0239 0x13cc  IAStorDataMgrSvc - ok
17:30:58.0254 0x13cc  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:30:58.0254 0x13cc  iaStorV - ok
17:30:58.0270 0x13cc  [ 77AC93E28B5F4DCE317EFA695E3F59E3, 57D510CEE1B777CFB52CECBAB43B0698A53B048B7E0C622473DEA9E03E2D9BEF ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140923.001\IDSvia64.sys
17:30:58.0270 0x13cc  IDSVia64 - ok
17:30:58.0270 0x13cc  IEEtwCollectorService - ok
17:30:58.0285 0x13cc  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:30:58.0301 0x13cc  IKEEXT - ok
17:30:58.0348 0x13cc  [ 2BEE14AC102CF1259AC99ABF53291A8B, 45FAF81302E7A575D378A67F4EF75C89FDDE3B16AC3155BB2803A54D3A7B0DD3 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:30:58.0395 0x13cc  IntcAzAudAddService - ok
17:30:58.0410 0x13cc  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:30:58.0410 0x13cc  Intel(R) Capability Licensing Service Interface - ok
17:30:58.0426 0x13cc  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:30:58.0442 0x13cc  Intel(R) Capability Licensing Service TCP IP Interface - ok
17:30:58.0442 0x13cc  [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
17:30:58.0442 0x13cc  Intel(R) PROSet Monitoring Service - ok
17:30:58.0442 0x13cc  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:30:58.0442 0x13cc  intelide - ok
17:30:58.0442 0x13cc  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:30:58.0442 0x13cc  intelpep - ok
17:30:58.0457 0x13cc  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:30:58.0457 0x13cc  intelppm - ok
17:30:58.0457 0x13cc  [ 0895CDD7F1542FFCC5BBB560EC78BC16, 383D9FFE7FB313EA201DE877F3D48B5116FFA261EDEF5D0D0FE79F14E9682D25 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
17:30:58.0457 0x13cc  IntuitUpdateServiceV4 - ok
17:30:58.0457 0x13cc  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:30:58.0457 0x13cc  IpFilterDriver - ok
17:30:58.0473 0x13cc  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:30:58.0489 0x13cc  iphlpsvc - ok
17:30:58.0489 0x13cc  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:30:58.0489 0x13cc  IPMIDRV - ok
17:30:58.0489 0x13cc  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:30:58.0504 0x13cc  IPNAT - ok
17:30:58.0504 0x13cc  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:30:58.0504 0x13cc  IRENUM - ok
17:30:58.0504 0x13cc  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:30:58.0504 0x13cc  isapnp - ok
17:30:58.0504 0x13cc  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:30:58.0520 0x13cc  iScsiPrt - ok
17:30:58.0520 0x13cc  [ E489D12FF435AEEF4A5474C47D329590, 66A01F63EE4F66C0CD5BB9BF20E1722D57CC8252AC126780800806B536F4CEA9 ] ISODrive        C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
17:30:58.0520 0x13cc  ISODrive - ok
17:30:58.0520 0x13cc  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:30:58.0520 0x13cc  kbdclass - ok
17:30:58.0520 0x13cc  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:30:58.0520 0x13cc  kbdhid - ok
17:30:58.0535 0x13cc  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\WINDOWS\system32\drivers\kbldfltr.sys
17:30:58.0535 0x13cc  kbldfltr - ok
17:30:58.0535 0x13cc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:30:58.0535 0x13cc  kdnic - ok
17:30:58.0535 0x13cc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:30:58.0535 0x13cc  KeyIso - ok
17:30:58.0535 0x13cc  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:30:58.0551 0x13cc  KSecDD - ok
17:30:58.0551 0x13cc  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:30:58.0551 0x13cc  KSecPkg - ok
17:30:58.0551 0x13cc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:30:58.0551 0x13cc  ksthunk - ok
17:30:58.0567 0x13cc  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:30:58.0567 0x13cc  KtmRm - ok
17:30:58.0567 0x13cc  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:30:58.0582 0x13cc  LanmanServer - ok
17:30:58.0582 0x13cc  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:30:58.0582 0x13cc  LanmanWorkstation - ok
17:30:58.0598 0x13cc  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
17:30:58.0598 0x13cc  lfsvc - ok
17:30:58.0614 0x13cc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:30:58.0614 0x13cc  lltdio - ok
17:30:58.0614 0x13cc  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:30:58.0614 0x13cc  lltdsvc - ok
17:30:58.0614 0x13cc  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:30:58.0629 0x13cc  lmhosts - ok
17:30:58.0629 0x13cc  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:30:58.0629 0x13cc  lmimirr - ok
17:30:58.0629 0x13cc  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
17:30:58.0629 0x13cc  LMIRfsDriver - ok
17:30:58.0645 0x13cc  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:30:58.0645 0x13cc  LMS - ok
17:30:58.0645 0x13cc  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:30:58.0645 0x13cc  LSI_SAS - ok
17:30:58.0660 0x13cc  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:30:58.0660 0x13cc  LSI_SAS2 - ok
17:30:58.0660 0x13cc  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:30:58.0660 0x13cc  LSI_SAS3 - ok
17:30:58.0660 0x13cc  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:30:58.0660 0x13cc  LSI_SSS - ok
17:30:58.0676 0x13cc  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
17:30:58.0692 0x13cc  LSM - ok
17:30:58.0692 0x13cc  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:30:58.0692 0x13cc  luafv - ok
17:30:58.0707 0x13cc  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64          C:\WINDOWS\system32\DRIVERS\lvrs64.sys
17:30:58.0707 0x13cc  LVRS64 - ok
17:30:58.0770 0x13cc  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
17:30:58.0817 0x13cc  LVUVC64 - ok
17:30:58.0817 0x13cc  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:30:58.0817 0x13cc  MBAMProtector - ok
17:30:58.0848 0x13cc  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
17:30:58.0864 0x13cc  MBAMScheduler - ok
17:30:58.0879 0x13cc  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
17:30:58.0895 0x13cc  MBAMService - ok
17:30:58.0895 0x13cc  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
17:30:58.0895 0x13cc  MBAMSwissArmy - ok
17:30:58.0910 0x13cc  [ 0664F6335F108F38FE08C3CA747311EE, 04C5F31C57573DC4ABFC609D3F7C589835CE5C528AF5EE07FB25E35F72DF98A4 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
17:30:58.0910 0x13cc  MBAMWebAccessControl - ok
17:30:58.0910 0x13cc  [ 9D2252224DF2213E1B44FA608E6A1D14, E2C644C5FDCCA7BD2547ADC110FDDB26EA91C734AB53CD4196266C746BFDFAA4 ] Mcx2Svc         C:\WINDOWS\system32\Mcx2Svc.dll
17:30:58.0910 0x13cc  Mcx2Svc - ok
17:30:58.0910 0x13cc  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:30:58.0910 0x13cc  megasas - ok
17:30:58.0926 0x13cc  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:30:58.0926 0x13cc  megasr - ok
17:30:58.0942 0x13cc  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:30:58.0942 0x13cc  MEIx64 - ok
17:30:58.0942 0x13cc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
17:30:58.0942 0x13cc  MMCSS - ok
17:30:58.0942 0x13cc  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:30:58.0942 0x13cc  Modem - ok
17:30:58.0942 0x13cc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:30:58.0942 0x13cc  monitor - ok
17:30:58.0957 0x13cc  [ 290750346F5937B02F62594B8EB03215, A676CF1C0F9B4B33B7D1AA8D9C97F144B644F841C9637F57308B436F1AFE5B95 ] MotoHelper      C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
17:30:58.0957 0x13cc  MotoHelper - ok
17:30:58.0957 0x13cc  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:30:58.0957 0x13cc  mouclass - ok
17:30:58.0957 0x13cc  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:30:58.0957 0x13cc  mouhid - ok
17:30:58.0973 0x13cc  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:30:58.0973 0x13cc  mountmgr - ok
17:30:58.0973 0x13cc  [ FD5E45969B82B83E33CB05B5C9B0E3F2, A6C21F7A0A97683DA50FC102131618CC1BE5CA0C3625D2FDAF5861B9B6523E45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:30:58.0973 0x13cc  MozillaMaintenance - ok
17:30:58.0973 0x13cc  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:30:58.0973 0x13cc  mpsdrv - ok
17:30:58.0989 0x13cc  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:30:59.0004 0x13cc  MpsSvc - ok
17:30:59.0004 0x13cc  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:30:59.0004 0x13cc  MRxDAV - ok
17:30:59.0020 0x13cc  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:30:59.0020 0x13cc  mrxsmb - ok
17:30:59.0035 0x13cc  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:30:59.0035 0x13cc  mrxsmb10 - ok
17:30:59.0035 0x13cc  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:30:59.0035 0x13cc  mrxsmb20 - ok
17:30:59.0051 0x13cc  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
17:30:59.0051 0x13cc  MsBridge - ok
17:30:59.0051 0x13cc  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:30:59.0051 0x13cc  MSDTC - ok
17:30:59.0051 0x13cc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:30:59.0051 0x13cc  Msfs - ok
17:30:59.0067 0x13cc  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:30:59.0067 0x13cc  msgpiowin32 - ok
17:30:59.0067 0x13cc  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:30:59.0067 0x13cc  mshidkmdf - ok
17:30:59.0067 0x13cc  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:30:59.0067 0x13cc  mshidumdf - ok
17:30:59.0067 0x13cc  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:30:59.0067 0x13cc  msisadrv - ok
17:30:59.0082 0x13cc  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:30:59.0082 0x13cc  MSiSCSI - ok
17:30:59.0082 0x13cc  msiserver - ok
17:30:59.0082 0x13cc  [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
17:30:59.0082 0x13cc  MsKeyboardFilter - ok
17:30:59.0082 0x13cc  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:30:59.0082 0x13cc  MSKSSRV - ok
17:30:59.0098 0x13cc  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:30:59.0098 0x13cc  MsLldp - ok
17:30:59.0098 0x13cc  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:30:59.0098 0x13cc  MSPCLOCK - ok
17:30:59.0098 0x13cc  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:30:59.0098 0x13cc  MSPQM - ok
17:30:59.0098 0x13cc  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:30:59.0114 0x13cc  MsRPC - ok
17:30:59.0114 0x13cc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:30:59.0114 0x13cc  mssmbios - ok
17:30:59.0114 0x13cc  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:30:59.0114 0x13cc  MSTEE - ok
17:30:59.0114 0x13cc  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:30:59.0114 0x13cc  MTConfig - ok
17:30:59.0129 0x13cc  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:30:59.0129 0x13cc  Mup - ok
17:30:59.0129 0x13cc  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:30:59.0129 0x13cc  mvumis - ok
17:30:59.0129 0x13cc  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
17:30:59.0145 0x13cc  napagent - ok
17:30:59.0145 0x13cc  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:30:59.0160 0x13cc  NativeWifiP - ok
17:30:59.0160 0x13cc  [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
17:30:59.0176 0x13cc  NAUpdate - ok
17:30:59.0176 0x13cc  [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140924.002\ENG64.SYS
17:30:59.0176 0x13cc  NAVENG - ok
17:30:59.0207 0x13cc  [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140924.002\EX64.SYS
17:30:59.0239 0x13cc  NAVEX15 - ok
17:30:59.0239 0x13cc  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:30:59.0239 0x13cc  NcaSvc - ok
17:30:59.0254 0x13cc  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:30:59.0254 0x13cc  NcbService - ok
17:30:59.0254 0x13cc  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:30:59.0254 0x13cc  NcdAutoSetup - ok
17:30:59.0270 0x13cc  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:30:59.0285 0x13cc  NDIS - ok
17:30:59.0285 0x13cc  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:30:59.0285 0x13cc  NdisCap - ok
17:30:59.0285 0x13cc  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:30:59.0301 0x13cc  NdisImPlatform - ok
17:30:59.0301 0x13cc  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:30:59.0301 0x13cc  NdisTapi - ok
17:30:59.0301 0x13cc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:30:59.0301 0x13cc  Ndisuio - ok
17:30:59.0301 0x13cc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:30:59.0301 0x13cc  NdisVirtualBus - ok
17:30:59.0317 0x13cc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:30:59.0317 0x13cc  NdisWan - ok
17:30:59.0317 0x13cc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:30:59.0317 0x13cc  NdisWanLegacy - ok
17:30:59.0317 0x13cc  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:30:59.0317 0x13cc  NDProxy - ok
17:30:59.0332 0x13cc  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:30:59.0332 0x13cc  Ndu - ok
17:30:59.0332 0x13cc  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
17:30:59.0332 0x13cc  Net Driver HPZ12 - ok
17:30:59.0332 0x13cc  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:30:59.0332 0x13cc  NetBIOS - ok
17:30:59.0348 0x13cc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:30:59.0348 0x13cc  NetBT - ok
17:30:59.0348 0x13cc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:30:59.0348 0x13cc  Netlogon - ok
17:30:59.0348 0x13cc  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
17:30:59.0364 0x13cc  Netman - ok
17:30:59.0364 0x13cc  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:30:59.0379 0x13cc  netprofm - ok
17:30:59.0379 0x13cc  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:30:59.0379 0x13cc  NetTcpPortSharing - ok
17:30:59.0395 0x13cc  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
17:30:59.0395 0x13cc  netvsc - ok
17:30:59.0395 0x13cc  [ 2393ACEBBCFF7BAFF04EB60C96914E17, DE97BEE4B8454D86B1CF8E2748CFFB3A1560CE962E1F3611E5B3542C1496A038 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
17:30:59.0395 0x13cc  NIS - ok
17:30:59.0410 0x13cc  [ A4157EC5B2A06A195823049ADC2A1B97, 40473EA5AA44A7C548AFE459C52997C9C5C6B70508633E71B75371CCBA4AB377 ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
17:30:59.0410 0x13cc  NitroDriverReadSpool9 - ok
17:30:59.0410 0x13cc  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:30:59.0426 0x13cc  NlaSvc - ok
17:30:59.0442 0x13cc  [ 3CE0123A96A41588627C8E870020FACD, 8C84C57A24D0419816312EF791B63597FCE407D4D728CFFE6C417EF4CE5526C4 ] nlsX86cc        C:\Windows\SysWOW64\NLSSRV32.EXE
17:30:59.0442 0x13cc  nlsX86cc - ok
17:30:59.0442 0x13cc  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess       C:\WINDOWS\SysWOW64\NMSAccessU.exe
17:30:59.0442 0x13cc  NMSAccess - ok
17:30:59.0442 0x13cc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:30:59.0442 0x13cc  Npfs - ok
17:30:59.0457 0x13cc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:30:59.0457 0x13cc  npsvctrig - ok
17:30:59.0457 0x13cc  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:30:59.0457 0x13cc  nsi - ok
17:30:59.0457 0x13cc  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:30:59.0457 0x13cc  nsiproxy - ok
17:30:59.0489 0x13cc  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:30:59.0520 0x13cc  Ntfs - ok
17:30:59.0520 0x13cc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:30:59.0520 0x13cc  Null - ok
17:30:59.0520 0x13cc  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:30:59.0520 0x13cc  nvraid - ok
17:30:59.0520 0x13cc  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:30:59.0535 0x13cc  nvstor - ok
17:30:59.0535 0x13cc  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:30:59.0535 0x13cc  nv_agp - ok
17:30:59.0535 0x13cc  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:30:59.0551 0x13cc  ose - ok
17:30:59.0551 0x13cc  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:30:59.0551 0x13cc  p2pimsvc - ok
17:30:59.0567 0x13cc  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:30:59.0567 0x13cc  p2psvc - ok
17:30:59.0582 0x13cc  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:30:59.0582 0x13cc  Parport - ok
17:30:59.0582 0x13cc  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:30:59.0582 0x13cc  partmgr - ok
17:30:59.0582 0x13cc  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:30:59.0598 0x13cc  PcaSvc - ok
17:30:59.0598 0x13cc  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:30:59.0614 0x13cc  pci - ok
17:30:59.0614 0x13cc  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:30:59.0614 0x13cc  pciide - ok
17:30:59.0614 0x13cc  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:30:59.0614 0x13cc  pcmcia - ok
17:30:59.0614 0x13cc  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:30:59.0614 0x13cc  pcw - ok
17:30:59.0629 0x13cc  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:30:59.0629 0x13cc  pdc - ok
17:30:59.0629 0x13cc  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:30:59.0645 0x13cc  PEAUTH - ok
17:30:59.0676 0x13cc  [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
17:30:59.0692 0x13cc  PeerDistSvc - ok
17:30:59.0707 0x13cc  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:30:59.0707 0x13cc  PerfHost - ok
17:30:59.0739 0x13cc  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
17:30:59.0754 0x13cc  pla - ok
17:30:59.0754 0x13cc  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:30:59.0754 0x13cc  PlugPlay - ok
17:30:59.0754 0x13cc  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
17:30:59.0754 0x13cc  Pml Driver HPZ12 - ok
17:30:59.0770 0x13cc  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
17:30:59.0770 0x13cc  PnkBstrA - ok
17:30:59.0770 0x13cc  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:30:59.0770 0x13cc  PNRPAutoReg - ok
17:30:59.0770 0x13cc  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:30:59.0785 0x13cc  PNRPsvc - ok
17:30:59.0785 0x13cc  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:30:59.0801 0x13cc  PolicyAgent - ok
17:30:59.0801 0x13cc  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
17:30:59.0801 0x13cc  Power - ok
17:30:59.0848 0x13cc  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:30:59.0879 0x13cc  PrintNotify - ok
17:30:59.0895 0x13cc  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:30:59.0895 0x13cc  Processor - ok
17:30:59.0895 0x13cc  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:30:59.0895 0x13cc  ProfSvc - ok
17:30:59.0910 0x13cc  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
17:30:59.0910 0x13cc  Psched - ok
17:30:59.0910 0x13cc  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:30:59.0910 0x13cc  QWAVE - ok
17:30:59.0926 0x13cc  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:30:59.0926 0x13cc  QWAVEdrv - ok
17:30:59.0942 0x13cc  [ AC26E6992C7931220B2FF74B4BD5D5E8, 8CCF0E6337260367945538D614093FB1C4BD69E030DC1D897EF98F82143D0363 ] RapportCerberus_80049 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80049.sys
17:30:59.0942 0x13cc  RapportCerberus_80049 - ok
17:30:59.0957 0x13cc  [ 1E0861908ED14977A69951713823711F, FB291C77E693FFAB591274717ABAC0D7060D56000872B5A79304B9ECE6D0034C ] RapportEI64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
17:30:59.0957 0x13cc  RapportEI64 - ok
17:30:59.0973 0x13cc  [ 41CE9B1D57EC9B82F6438D520496FD14, 9508BC34BA00F88E04C93E7F7FCB956B5BFABC2542B8D88B19AA6E97F5DE65B9 ] RapportHades64  C:\WINDOWS\system32\Drivers\RapportHades64.sys
17:30:59.0973 0x13cc  RapportHades64 - ok
17:30:59.0989 0x13cc  [ 0D7BA4369BE0DF5DA9E6E6FB16F94EEA, B7F3E13A67399A7034970A2E45432BE536EA6387C40451EED2A2807E3E7F5E42 ] RapportKE64     C:\WINDOWS\system32\Drivers\RapportKE64.sys
17:30:59.0989 0x13cc  RapportKE64 - ok
17:31:00.0020 0x13cc  [ 8F16E58957FAA405F4844AF8E912858C, 442364848315B641E9A3E0B64F9DA22DB6D5589F69B2539F5EB4B2B9F5C2680A ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
17:31:00.0035 0x13cc  RapportMgmtService - ok
17:31:00.0051 0x13cc  [ FB98487C25B3508446DC7AE47B4E1227, 262A6D042896DCB7F346AE1626A5AE431B4BEC2EBA3DB5F26463639D19483DB4 ] RapportPG64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
17:31:00.0051 0x13cc  RapportPG64 - ok
17:31:00.0051 0x13cc  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:31:00.0051 0x13cc  RasAcd - ok
17:31:00.0067 0x13cc  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:31:00.0067 0x13cc  RasAuto - ok
17:31:00.0067 0x13cc  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:31:00.0082 0x13cc  RasMan - ok
17:31:00.0082 0x13cc  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:31:00.0082 0x13cc  RasPppoe - ok
17:31:00.0098 0x13cc  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:31:00.0098 0x13cc  rdbss - ok
17:31:00.0098 0x13cc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:31:00.0098 0x13cc  rdpbus - ok
17:31:00.0098 0x13cc  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:31:00.0114 0x13cc  RDPDR - ok
17:31:00.0114 0x13cc  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:31:00.0114 0x13cc  RdpVideoMiniport - ok
17:31:00.0114 0x13cc  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:31:00.0129 0x13cc  rdyboost - ok
17:31:00.0176 0x13cc  [ F51E6123B1897B3F1641259F5E354887, AE0E4E04C64E3FA063D311EFF1476D844ACEF0A41CF70BA33C16F1E61EE00402 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
17:31:00.0207 0x13cc  ReflectService.exe - ok
17:31:00.0223 0x13cc  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
17:31:00.0239 0x13cc  ReFS - ok
17:31:00.0254 0x13cc  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:31:00.0254 0x13cc  RemoteAccess - ok
17:31:00.0254 0x13cc  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:31:00.0270 0x13cc  RemoteRegistry - ok
17:31:00.0270 0x13cc  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\WINDOWS\system32\DRIVERS\revoflt.sys
17:31:00.0270 0x13cc  Revoflt - ok
17:31:00.0270 0x13cc  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
17:31:00.0285 0x13cc  RFCOMM - ok
17:31:00.0285 0x13cc  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:31:00.0285 0x13cc  RpcEptMapper - ok
17:31:00.0285 0x13cc  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:31:00.0285 0x13cc  RpcLocator - ok
17:31:00.0301 0x13cc  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:31:00.0317 0x13cc  RpcSs - ok
17:31:00.0317 0x13cc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:31:00.0317 0x13cc  rspndr - ok
17:31:00.0317 0x13cc  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:31:00.0317 0x13cc  s3cap - ok
17:31:00.0332 0x13cc  [ 8F63E54CC039A645B1980CFB92FA93DC, B011E8E6E5D6FF76B6AC9914CBEAF1D41D8F0F87AC2ADCBE4F5CF1E8B61F5A90 ] SAlphamHid      C:\WINDOWS\System32\drivers\SAlpham64.sys
17:31:00.0332 0x13cc  SAlphamHid - ok
17:31:00.0332 0x13cc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:31:00.0332 0x13cc  SamSs - ok
17:31:00.0332 0x13cc  [ F22189298ABFC75F2A2D87BCCD3CA092, 8408FBC2C05A437F4382C3D9822E857E660C7656F2B10C4A5FC4802FE4721B2F ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
17:31:00.0348 0x13cc  SbieDrv - ok
17:31:00.0348 0x13cc  [ 53A64997DEC2AA75C611B376E5A9D03F, 1BE87A3F148EBCBB7311D5BFD4C616E000C4CD4335C8A69966161EDA47FBE1C6 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
17:31:00.0348 0x13cc  SbieSvc - ok
17:31:00.0348 0x13cc  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:31:00.0348 0x13cc  sbp2port - ok
17:31:00.0364 0x13cc  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:31:00.0364 0x13cc  SCardSvr - ok
17:31:00.0364 0x13cc  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:31:00.0364 0x13cc  ScDeviceEnum - ok
17:31:00.0379 0x13cc  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:31:00.0379 0x13cc  scfilter - ok
17:31:00.0395 0x13cc  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:31:00.0410 0x13cc  Schedule - ok
17:31:00.0410 0x13cc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:31:00.0410 0x13cc  SCPolicySvc - ok
17:31:00.0426 0x13cc  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:31:00.0426 0x13cc  sdbus - ok
17:31:00.0426 0x13cc  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:31:00.0426 0x13cc  sdstor - ok
17:31:00.0442 0x13cc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
17:31:00.0442 0x13cc  secdrv - ok
17:31:00.0442 0x13cc  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:31:00.0442 0x13cc  seclogon - ok
17:31:00.0442 0x13cc  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
17:31:00.0457 0x13cc  SENS - ok
17:31:00.0457 0x13cc  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:31:00.0457 0x13cc  SensrSvc - ok
17:31:00.0473 0x13cc  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:31:00.0473 0x13cc  SerCx - ok
17:31:00.0473 0x13cc  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:31:00.0473 0x13cc  SerCx2 - ok
17:31:00.0473 0x13cc  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:31:00.0473 0x13cc  Serenum - ok
17:31:00.0489 0x13cc  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:31:00.0489 0x13cc  Serial - ok
17:31:00.0489 0x13cc  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:31:00.0489 0x13cc  sermouse - ok
17:31:00.0504 0x13cc  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:31:00.0504 0x13cc  SessionEnv - ok
17:31:00.0504 0x13cc  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:31:00.0504 0x13cc  sfloppy - ok
17:31:00.0520 0x13cc  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:31:00.0520 0x13cc  SharedAccess - ok
17:31:00.0535 0x13cc  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:31:00.0551 0x13cc  ShellHWDetection - ok
17:31:00.0551 0x13cc  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:31:00.0551 0x13cc  SiSRaid2 - ok
17:31:00.0551 0x13cc  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:31:00.0551 0x13cc  SiSRaid4 - ok
17:31:00.0567 0x13cc  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:31:00.0567 0x13cc  SkypeUpdate - ok
17:31:00.0567 0x13cc  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
17:31:00.0567 0x13cc  smphost - ok
17:31:00.0567 0x13cc  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:31:00.0567 0x13cc  SNMPTRAP - ok
17:31:00.0582 0x13cc  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:31:00.0582 0x13cc  spaceport - ok
17:31:00.0598 0x13cc  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:31:00.0598 0x13cc  SpbCx - ok
17:31:00.0614 0x13cc  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:31:00.0614 0x13cc  Spooler - ok
17:31:00.0707 0x13cc  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:31:00.0785 0x13cc  sppsvc - ok
17:31:00.0801 0x13cc  [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP           C:\WINDOWS\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS
17:31:00.0801 0x13cc  SRTSP - ok
17:31:00.0817 0x13cc  [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX          C:\WINDOWS\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS
17:31:00.0817 0x13cc  SRTSPX - ok
17:31:00.0817 0x13cc  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:31:00.0832 0x13cc  srv - ok
17:31:00.0832 0x13cc  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:31:00.0848 0x13cc  srv2 - ok
17:31:00.0848 0x13cc  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:31:00.0864 0x13cc  srvnet - ok
17:31:00.0864 0x13cc  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:31:00.0864 0x13cc  SSDPSRV - ok
17:31:00.0864 0x13cc  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:31:00.0879 0x13cc  SstpSvc - ok
17:31:00.0879 0x13cc  [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:31:00.0895 0x13cc  Steam Client Service - ok
17:31:00.0895 0x13cc  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:31:00.0895 0x13cc  stexstor - ok
17:31:00.0895 0x13cc  [ 2A997C64F9B2584D81FA6749FE36A887, D26F5BC591ED46B96B2ACFDF555C2BF42F4915A22B12E4139ACEF7DE7AC303A7 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
17:31:00.0895 0x13cc  StillCam - ok
17:31:00.0910 0x13cc  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:31:00.0926 0x13cc  stisvc - ok
17:31:00.0926 0x13cc  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:31:00.0926 0x13cc  storahci - ok
17:31:00.0926 0x13cc  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:31:00.0926 0x13cc  storflt - ok
17:31:00.0942 0x13cc  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:31:00.0942 0x13cc  stornvme - ok
17:31:00.0942 0x13cc  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:31:00.0942 0x13cc  StorSvc - ok
17:31:00.0942 0x13cc  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:31:00.0942 0x13cc  storvsc - ok
17:31:00.0942 0x13cc  [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp         C:\WINDOWS\System32\drivers\storvsp.sys
17:31:00.0942 0x13cc  storvsp - ok
17:31:00.0957 0x13cc  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:31:00.0957 0x13cc  svsvc - ok
17:31:00.0957 0x13cc  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:31:00.0957 0x13cc  swenum - ok
17:31:00.0973 0x13cc  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
17:31:00.0973 0x13cc  swprv - ok
17:31:00.0989 0x13cc  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\WINDOWS\system32\drivers\NISx64\1506000.020\SYMDS64.SYS
17:31:00.0989 0x13cc  SymDS - ok
17:31:01.0020 0x13cc  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\WINDOWS\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS
17:31:01.0020 0x13cc  SymEFA - ok
17:31:01.0035 0x13cc  [ 20F758E6339A16F97DD83389D582E09A, 837016154B7952B645B5545AEB8E2A8878EFA8674E6B96471C3DB5E458B06960 ] SymELAM         C:\WINDOWS\system32\drivers\NISx64\1506000.020\SymELAM.sys
17:31:01.0035 0x13cc  SymELAM - ok
17:31:01.0035 0x13cc  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:31:01.0035 0x13cc  SymEvent - ok
17:31:01.0051 0x13cc  [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON         C:\WINDOWS\system32\drivers\NISx64\1506000.020\Ironx64.SYS
17:31:01.0051 0x13cc  SymIRON - ok
17:31:01.0067 0x13cc  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\WINDOWS\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS
17:31:01.0067 0x13cc  SymNetS - ok
17:31:01.0098 0x13cc  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:31:01.0114 0x13cc  SysMain - ok
17:31:01.0114 0x13cc  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:31:01.0114 0x13cc  SystemEventsBroker - ok
17:31:01.0129 0x13cc  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:31:01.0129 0x13cc  TabletInputService - ok
17:31:01.0129 0x13cc  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:31:01.0145 0x13cc  TapiSrv - ok
17:31:01.0176 0x13cc  [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:31:01.0207 0x13cc  Tcpip - ok
17:31:01.0239 0x13cc  [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:31:01.0270 0x13cc  TCPIP6 - ok
17:31:01.0270 0x13cc  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:31:01.0270 0x13cc  tcpipreg - ok
17:31:01.0285 0x13cc  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:31:01.0285 0x13cc  tdx - ok
17:31:01.0364 0x13cc  [ DF4A7E1E2BA788E28747F1EF49692ED6, 3417C0C713AB086E31CA20D6DCE923FF224093CFF2BAA6F29DCCBD2BEE5EEED6 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
17:31:01.0410 0x13cc  TeamViewer9 - ok
17:31:01.0426 0x13cc  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:31:01.0426 0x13cc  terminpt - ok
17:31:01.0442 0x13cc  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:31:01.0473 0x13cc  TermService - ok
17:31:01.0473 0x13cc  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
17:31:01.0473 0x13cc  Themes - ok
17:31:01.0473 0x13cc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
17:31:01.0473 0x13cc  THREADORDER - ok
17:31:01.0489 0x13cc  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:31:01.0489 0x13cc  TimeBroker - ok
17:31:01.0489 0x13cc  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:31:01.0504 0x13cc  TPM - ok
17:31:01.0504 0x13cc  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:31:01.0504 0x13cc  TrkWks - ok
17:31:01.0504 0x13cc  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\WINDOWS\system32\drivers\truecrypt.sys
17:31:01.0504 0x13cc  truecrypt - ok
17:31:01.0520 0x13cc  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:31:01.0520 0x13cc  TrustedInstaller - ok
17:31:01.0520 0x13cc  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:31:01.0520 0x13cc  TsUsbFlt - ok
17:31:01.0520 0x13cc  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:31:01.0520 0x13cc  TsUsbGD - ok
17:31:01.0535 0x13cc  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:31:01.0535 0x13cc  tunnel - ok
17:31:01.0535 0x13cc  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:31:01.0535 0x13cc  uagp35 - ok
17:31:01.0551 0x13cc  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:31:01.0551 0x13cc  UASPStor - ok
17:31:01.0551 0x13cc  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
17:31:01.0551 0x13cc  UCX01000 - ok
17:31:01.0567 0x13cc  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:31:01.0567 0x13cc  udfs - ok
17:31:01.0567 0x13cc  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:31:01.0567 0x13cc  UEFI - ok
17:31:01.0582 0x13cc  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:31:01.0582 0x13cc  UI0Detect - ok
17:31:01.0582 0x13cc  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:31:01.0582 0x13cc  uliagpkx - ok
17:31:01.0582 0x13cc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:31:01.0582 0x13cc  umbus - ok
17:31:01.0598 0x13cc  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:31:01.0598 0x13cc  UmPass - ok
17:31:01.0598 0x13cc  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:31:01.0614 0x13cc  UmRdpService - ok
17:31:01.0614 0x13cc  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:31:01.0614 0x13cc  upnphost - ok
17:31:01.0629 0x13cc  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:31:01.0629 0x13cc  usbccgp - ok
17:31:01.0629 0x13cc  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:31:01.0629 0x13cc  usbcir - ok
17:31:01.0645 0x13cc  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:31:01.0645 0x13cc  usbehci - ok
17:31:01.0660 0x13cc  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:31:01.0660 0x13cc  usbhub - ok
17:31:01.0676 0x13cc  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:31:01.0676 0x13cc  USBHUB3 - ok
17:31:01.0676 0x13cc  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:31:01.0676 0x13cc  usbohci - ok
17:31:01.0676 0x13cc  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:31:01.0676 0x13cc  usbprint - ok
17:31:01.0692 0x13cc  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:31:01.0692 0x13cc  USBSTOR - ok
17:31:01.0692 0x13cc  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:31:01.0692 0x13cc  usbuhci - ok
17:31:01.0707 0x13cc  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:31:01.0707 0x13cc  USBXHCI - ok
17:31:01.0707 0x13cc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:31:01.0707 0x13cc  VaultSvc - ok
17:31:01.0707 0x13cc  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:31:01.0723 0x13cc  vdrvroot - ok
17:31:01.0739 0x13cc  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
17:31:01.0754 0x13cc  vds - ok
17:31:01.0754 0x13cc  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:31:01.0770 0x13cc  VerifierExt - ok
17:31:01.0785 0x13cc  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:31:01.0785 0x13cc  vhdmp - ok
17:31:01.0785 0x13cc  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
17:31:01.0801 0x13cc  viaide - ok
17:31:01.0801 0x13cc  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\WINDOWS\System32\drivers\Vid.sys
17:31:01.0801 0x13cc  Vid - ok
17:31:01.0801 0x13cc  [ 2562943B90AFA9829097FB4274276D1D, EE003EF7A3EC49CFEF2EED841482721D7A89368967BFC44CE8DD9D3BDAF0572F ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
17:31:01.0817 0x13cc  VMAuthdService - ok
17:31:01.0817 0x13cc  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:31:01.0817 0x13cc  vmbus - ok
17:31:01.0817 0x13cc  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:31:01.0817 0x13cc  VMBusHID - ok
17:31:01.0817 0x13cc  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
17:31:01.0832 0x13cc  vmbusr - ok
17:31:01.0832 0x13cc  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\WINDOWS\system32\drivers\vmci.sys
17:31:01.0832 0x13cc  vmci - ok
17:31:01.0832 0x13cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:31:01.0848 0x13cc  vmicguestinterface - ok
17:31:01.0848 0x13cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:31:01.0864 0x13cc  vmicheartbeat - ok
17:31:01.0864 0x13cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:31:01.0879 0x13cc  vmickvpexchange - ok
17:31:01.0879 0x13cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:31:01.0895 0x13cc  vmicrdv - ok
17:31:01.0895 0x13cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:31:01.0910 0x13cc  vmicshutdown - ok
17:31:01.0910 0x13cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:31:01.0926 0x13cc  vmictimesync - ok
17:31:01.0926 0x13cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:31:01.0942 0x13cc  vmicvss - ok
17:31:01.0942 0x13cc  [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter    C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
17:31:01.0942 0x13cc  VMnetAdapter - ok
17:31:01.0942 0x13cc  [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge     C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
17:31:01.0942 0x13cc  VMnetBridge - ok
17:31:01.0957 0x13cc  [ F550680013FEA869820CB8320FAA2352, AA98DB7E71737DD8574ADB2DD9531C1DD46BABE99F89ED87D681D6C21BFA0D1C ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
17:31:01.0957 0x13cc  VMnetuserif - ok
17:31:01.0973 0x13cc  [ 41FAE6618768DC93D98DDAF3F8282D3E, 95995542026CC111B8FFAA01AC9E55B2F942A9108F5F00502A35339C13BBF20D ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
17:31:01.0973 0x13cc  VMUSBArbService - ok
17:31:02.0176 0x13cc  [ 5591F0BB3713AB911D4021124D1FDB54, 21AB28EABBAFC41E7FF4F318D03785274EB842DCD8BDED814155FB29413769D7 ] VMwareHostd     C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
17:31:02.0317 0x13cc  VMwareHostd - ok
17:31:02.0332 0x13cc  [ 227E4EA654B4D52C2AAA8B1DCD5C45DE, 7D9A675A6481D288846D7F22AE15EC62DF31C9385C83D875586EE371CC9C3410 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
17:31:02.0332 0x13cc  vmx86 - ok
17:31:02.0332 0x13cc  [ A96AFA32F73C065B9AE9D1554CDD00FC, 3EF9A03D1BD34D1991D35CD938050202F61EC7A0F2BD826671AA86B7EB452D45 ] VNA             C:\WINDOWS\system32\DRIVERS\vna.sys
17:31:02.0332 0x13cc  VNA - ok
17:31:02.0348 0x13cc  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:31:02.0348 0x13cc  volmgr - ok
17:31:02.0348 0x13cc  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:31:02.0364 0x13cc  volmgrx - ok
17:31:02.0364 0x13cc  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:31:02.0379 0x13cc  volsnap - ok
17:31:02.0379 0x13cc  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:31:02.0379 0x13cc  vpci - ok
17:31:02.0379 0x13cc  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\WINDOWS\System32\drivers\vpcivsp.sys
17:31:02.0379 0x13cc  vpcivsp - ok
17:31:02.0379 0x13cc  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:31:02.0395 0x13cc  vsmraid - ok
17:31:02.0395 0x13cc  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock           C:\WINDOWS\system32\drivers\vsock.sys
17:31:02.0395 0x13cc  vsock - ok
17:31:02.0410 0x13cc  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
17:31:02.0426 0x13cc  VSS - ok
17:31:02.0442 0x13cc  [ E7CE8988B98202A5CF429CA358D26CC5, 773E38E263D2EB179E8767809ED4B98CDECEA4BD970AAE0BB31FD6D219E5E079 ] vstor2-mntapi20-shared C:\WINDOWS\syswow64\drivers\vstor2-mntapi20-shared.sys
17:31:02.0442 0x13cc  vstor2-mntapi20-shared - ok
17:31:02.0457 0x13cc  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:31:02.0457 0x13cc  VSTXRAID - ok
17:31:02.0457 0x13cc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:31:02.0457 0x13cc  vwifibus - ok
17:31:02.0473 0x13cc  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:31:02.0473 0x13cc  vwififlt - ok
17:31:02.0473 0x13cc  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:31:02.0473 0x13cc  vwifimp - ok
17:31:02.0489 0x13cc  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
17:31:02.0489 0x13cc  W32Time - ok
17:31:02.0489 0x13cc  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:31:02.0489 0x13cc  WacomPen - ok
17:31:02.0520 0x13cc  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:31:02.0535 0x13cc  wbengine - ok
17:31:02.0535 0x13cc  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:31:02.0551 0x13cc  WbioSrvc - ok
17:31:02.0551 0x13cc  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:31:02.0567 0x13cc  Wcmsvc - ok
17:31:02.0567 0x13cc  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:31:02.0582 0x13cc  wcncsvc - ok
17:31:02.0582 0x13cc  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:31:02.0582 0x13cc  WcsPlugInService - ok
17:31:02.0582 0x13cc  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:31:02.0582 0x13cc  WdBoot - ok
17:31:02.0598 0x13cc  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:31:02.0614 0x13cc  Wdf01000 - ok
17:31:02.0614 0x13cc  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:31:02.0614 0x13cc  WdFilter - ok
17:31:02.0614 0x13cc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:31:02.0629 0x13cc  WdiServiceHost - ok
17:31:02.0629 0x13cc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:31:02.0629 0x13cc  WdiSystemHost - ok
17:31:02.0629 0x13cc  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:31:02.0629 0x13cc  WdNisDrv - ok
17:31:02.0629 0x13cc  WdNisSvc - ok
17:31:02.0645 0x13cc  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:31:02.0645 0x13cc  WebClient - ok
17:31:02.0645 0x13cc  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:31:02.0660 0x13cc  Wecsvc - ok
17:31:02.0660 0x13cc  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:31:02.0660 0x13cc  WEPHOSTSVC - ok
17:31:02.0660 0x13cc  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:31:02.0660 0x13cc  wercplsupport - ok
17:31:02.0660 0x13cc  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:31:02.0676 0x13cc  WerSvc - ok
17:31:02.0676 0x13cc  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:31:02.0676 0x13cc  WFPLWFS - ok
17:31:02.0676 0x13cc  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:31:02.0676 0x13cc  WiaRpc - ok
17:31:02.0692 0x13cc  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:31:02.0692 0x13cc  WIMMount - ok
17:31:02.0692 0x13cc  WinDefend - ok
17:31:02.0707 0x13cc  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:31:02.0707 0x13cc  WinHttpAutoProxySvc - ok
17:31:02.0723 0x13cc  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:31:02.0723 0x13cc  Winmgmt - ok
17:31:02.0754 0x13cc  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:31:02.0785 0x13cc  WinRM - ok
17:31:02.0801 0x13cc  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
17:31:02.0801 0x13cc  WinUsb - ok
17:31:02.0817 0x13cc  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:31:02.0832 0x13cc  WlanSvc - ok
17:31:02.0864 0x13cc  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:31:02.0879 0x13cc  wlidsvc - ok
17:31:02.0879 0x13cc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:31:02.0879 0x13cc  WmiAcpi - ok
17:31:02.0895 0x13cc  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:31:02.0895 0x13cc  wmiApSrv - ok
17:31:02.0895 0x13cc  WMPNetworkSvc - ok
17:31:02.0895 0x13cc  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:31:02.0910 0x13cc  Wof - ok
17:31:02.0926 0x13cc  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:31:02.0942 0x13cc  workfolderssvc - ok
17:31:02.0942 0x13cc  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:31:02.0957 0x13cc  wpcfltr - ok
17:31:02.0957 0x13cc  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
17:31:02.0957 0x13cc  WPCSvc - ok
17:31:02.0957 0x13cc  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:31:02.0957 0x13cc  WPDBusEnum - ok
17:31:02.0957 0x13cc  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:31:02.0957 0x13cc  WpdUpFltr - ok
17:31:02.0973 0x13cc  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:31:02.0973 0x13cc  ws2ifsl - ok
17:31:02.0973 0x13cc  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:31:02.0973 0x13cc  wscsvc - ok
17:31:02.0973 0x13cc  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
17:31:02.0973 0x13cc  WSDPrintDevice - ok
17:31:02.0989 0x13cc  WSearch - ok
17:31:03.0035 0x13cc  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
17:31:03.0067 0x13cc  WSService - ok
17:31:03.0114 0x13cc  [ D24002EB2F4A8A04897703067E81CC5D, 03806198D26DD7BA3E27EFE0911B49E5B48CAD8A05EC4F56AF45CF1E3FAD6916 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:31:03.0160 0x13cc  wuauserv - ok
17:31:03.0160 0x13cc  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:31:03.0160 0x13cc  WudfPf - ok
17:31:03.0176 0x13cc  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:31:03.0176 0x13cc  WUDFRd - ok
17:31:03.0176 0x13cc  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:31:03.0176 0x13cc  wudfsvc - ok
17:31:03.0192 0x13cc  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:31:03.0192 0x13cc  WUDFWpdFs - ok
17:31:03.0192 0x13cc  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:31:03.0207 0x13cc  WwanSvc - ok
17:31:03.0207 0x13cc  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
17:31:03.0223 0x13cc  ZAtheros Bt and Wlan Coex Agent - ok
17:31:03.0223 0x13cc  ================ Scan global ===============================
17:31:03.0239 0x13cc  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
17:31:03.0239 0x13cc  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
17:31:03.0239 0x13cc  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
17:31:03.0254 0x13cc  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
17:31:03.0254 0x13cc  [ Global ] - ok
17:31:03.0254 0x13cc  ================ Scan MBR ==================================
17:31:03.0254 0x13cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:31:03.0254 0x13cc  \Device\Harddisk0\DR0 - ok
17:31:03.0270 0x13cc  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
17:31:03.0520 0x13cc  \Device\Harddisk1\DR1 - ok
17:31:03.0520 0x13cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:31:03.0535 0x13cc  \Device\Harddisk2\DR2 - ok
17:31:03.0535 0x13cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
17:31:03.0535 0x13cc  \Device\Harddisk3\DR3 - ok
17:31:03.0535 0x13cc  ================ Scan VBR ==================================
17:31:03.0535 0x13cc  [ 995BD5709825FCC782018ACDB7C687AB ] \Device\Harddisk0\DR0\Partition1
17:31:03.0582 0x13cc  \Device\Harddisk0\DR0\Partition1 - ok
17:31:03.0582 0x13cc  [ FA2B0410B111942D3C9180320FBD4470 ] \Device\Harddisk1\DR1\Partition1
17:31:03.0645 0x13cc  \Device\Harddisk1\DR1\Partition1 - ok
17:31:03.0645 0x13cc  [ 6B2DBEFC28C055C86B7A52B0F0AC4404 ] \Device\Harddisk2\DR2\Partition1
17:31:03.0645 0x13cc  \Device\Harddisk2\DR2\Partition1 - ok
17:31:03.0660 0x13cc  [ 30E533D27011C641EC1BF778A02BBD50 ] \Device\Harddisk3\DR3\Partition1
17:31:03.0660 0x13cc  \Device\Harddisk3\DR3\Partition1 - ok
17:31:03.0660 0x13cc  [ 2ED5C494897C055394DB79CC02DB79D5 ] \Device\Harddisk3\DR3\Partition2
17:31:03.0660 0x13cc  \Device\Harddisk3\DR3\Partition2 - ok
17:31:03.0676 0x13cc  [ 2C92AD2B5050C4FB1B72B12E59A1C0C0 ] \Device\Harddisk3\DR3\Partition3
17:31:03.0676 0x13cc  \Device\Harddisk3\DR3\Partition3 - ok
17:31:03.0676 0x13cc  [ C86AA256227C0F1C901FDF443A85B7A0 ] \Device\Harddisk3\DR3\Partition4
17:31:03.0676 0x13cc  \Device\Harddisk3\DR3\Partition4 - ok
17:31:03.0676 0x13cc  [ C5D32A380C1BDDBF1E2681E4CF8D5567 ] \Device\Harddisk3\DR3\Partition5
17:31:03.0676 0x13cc  \Device\Harddisk3\DR3\Partition5 - ok
17:31:03.0676 0x13cc  ================ Scan generic autorun ======================
17:31:03.0770 0x13cc  [ 5BAD798CBAB39F3A56A9CD495320F67E, 668FB3F30DD99CBF9EBDDF4C079636DFD2C7693B3506AC8A6DD1B3CA4B5BAF11 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:31:03.0848 0x13cc  RTHDVCPL - ok
17:31:03.0864 0x13cc  [ 59F8DA04498B80D58FD8638370C5C84F, 522F347F1F1B3991FDC60FF3CE8F8ABB2EDFE65C569D18EF5ACB690FD1BADC82 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
17:31:03.0879 0x13cc  RtHDVBg_DTS - ok
17:31:03.0895 0x13cc  [ E6A3062BDB2E18EBDEB69CF7F7A3A070, 48AB0CCA0230DCBB47CCC765659E390A4A42AC7303A27B835B9FBB1168AC7BF1 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:31:03.0895 0x13cc  IAStorIcon - ok
17:31:03.0895 0x13cc  [ 6C0237CB20B360156A4BFF94BA9C324B, 30724E3F6CCEF99A8478A47E1B40CA8E6BE0483C235D0B5D49A21AC744C85719 ] C:\Program Files\Shadow Defender\DefenderDaemon.exe
17:31:03.0895 0x13cc  Shadow Defender Daemon - ok
17:31:03.0910 0x13cc  [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:31:03.0926 0x13cc  StartCCC - ok
17:31:03.0942 0x13cc  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:31:03.0942 0x13cc  Adobe ARM - ok
17:31:03.0957 0x13cc  [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
17:31:03.0957 0x13cc  LWS - ok
17:31:03.0957 0x13cc  PowerDVD13Agent - ok
17:31:03.0957 0x13cc  [ E8820EB17049CE19641015FADBBAB4B8, 9078DEC8F0777BCBE78A3BCFF7C68FE5AC9B8D71B26E017F8175853B63FADAE3 ] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
17:31:03.0957 0x13cc  vmware-tray.exe - ok
17:31:03.0973 0x13cc  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:31:03.0973 0x13cc  SunJavaUpdateSched - ok
17:31:03.0973 0x13cc  [ D658AB1B55127D18DCFBCAC8CAAEA522, 9FB818F3899542CB7F1B979644423A66842D98D1762B1C38AE04AEE23320DA8E ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
17:31:03.0973 0x13cc  HP Software Update - ok
17:31:03.0989 0x13cc  [ 8BDBB441D80EDCF1B361BF8D1C8B5B2D, 74C54B03C94646A8E7283EBBD194946FF83F7E5016E5759D6BB3AAC1295D79EF ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
17:31:03.0989 0x13cc  HydraVisionDesktopManager - ok
17:31:04.0098 0x13cc  [ DD10768742B870B0797F08A4482381BB, A5DCE9DFC0A04F8CB826F0F411E7CF242A3C50302F3D3A84D72F02E1A1943A68 ] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
17:31:04.0192 0x13cc  DisplayFusion - ok
17:31:04.0207 0x13cc  [ 55F751FD10B5CE32FD44BD658438A0AE, 26FAE4ADA494D28872EA4323B53FCC590C7126C5348B893665FEA4714894CBF2 ] C:\Program Files\Sandboxie\SbieCtrl.exe
17:31:04.0207 0x13cc  SandboxieControl - ok
17:31:04.0223 0x13cc  [ C1A1D6BD5F42D331A4EF3312B43E23B7, 5F032E4702C2F786CE53464CAC213D7729A518A0F1D5A5F7228D5654DBC7749D ] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
17:31:04.0223 0x13cc  SteelSeries Engine - ok
17:31:04.0223 0x13cc  Waiting for KSN requests completion. In queue: 327
17:31:05.0239 0x13cc  Waiting for KSN requests completion. In queue: 327
17:31:06.0254 0x13cc  Waiting for KSN requests completion. In queue: 17
17:31:07.0317 0x13cc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
17:31:07.0317 0x13cc  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x51000 ( enabled : updated )
17:31:07.0317 0x13cc  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x51010 ( enabled )
17:31:09.0817 0x13cc  ============================================================
17:31:09.0817 0x13cc  Scan finished
17:31:09.0817 0x13cc  ============================================================
17:31:09.0832 0x1818  Detected object count: 0
17:31:09.0832 0x1818  Actual detected object count: 0
17:32:00.0520 0x1aac  Deinitialize success



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 AM

Posted 26 September 2014 - 06:05 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 luddy

luddy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 26 September 2014 - 04:41 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-09-2014 01
Ran by John at 2014-09-26 17:29:25 Run:1
Running from C:\Users\John\Desktop
Loaded Profile: John (Available profiles: John)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AlternateDataStreams: C:\ProgramData\TEMP:0E07D4CA
AlternateDataStreams: C:\ProgramData\TEMP:1677AB3F
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

Hosts:
EmptyTemp:
*****************

C:\ProgramData\TEMP => ":0E07D4CA" ADS removed successfully.
C:\ProgramData\TEMP => ":1677AB3F" ADS removed successfully.
C:\ProgramData\TEMP => ":CB0AACC9" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 513.1 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/26/2014
Scan Time: 5:35:42 PM
Logfile: 
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.26.10
Rootkit Database: v2014.09.19.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: John

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 369585
Time Elapsed: 4 min, 59 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 AM

Posted 29 September 2014 - 04:33 AM

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 luddy

luddy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 29 September 2014 - 08:05 AM

ESET online scanner found the following on my OS drive.

 

C:\Users\John\AppData\Local\Microsoft\Windows\INetCache\IE\HB3A5MFL\YJ9OOCHH.htm HTML/ScrInject.B.Gen virus

 

 

NOTE THAT DELETING ENTIRE CACHE and COOKIES ETC in IE removed the file above.  Note sure where this would have come from since I just did this the other day and the date and time on the file was from this morning when I opened IE to look at this case.

 

 

 

I did notice that "AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9" is back again.

 

Is it possible for threats that may reside in compressed files on other drives to affect/infect the OS if they aren't being opened or used?

 


Edited by luddy, 29 September 2014 - 08:09 AM.


#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 AM

Posted 30 September 2014 - 05:50 AM

Do you have attached drives that have not been scanned by ESET?

If so, attach all of them and run a new scan with ESET.

Mark all of them for scanning and run the scan.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 luddy

luddy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 30 September 2014 - 03:35 PM

The only "drive" I have, which is not mapped, is my attached NAS on the network where I perform backups to.

 

Is it possible for threats that may reside in compressed files on other drives to affect/infect the OS if they aren't being opened or used?  I wouldn't see how.

 

Alternate Stream View v1.45 shows the ADS still present (C:\ProgramData\TEMP:CB0AACC9) :CB0AACC9:$DATA but when I go to C:\ProgramData\TEMP I see 2 folders each with the same "PostBuild.exe" in them and a single file in the root of called RAIDTest.  I don't see the CB0AACC9 folder unless I do a DIR /R from command prompt.

 

Folders each have a file named PostBuild.exe from 3/24/2010 at 5:12pm FROM CyberLink WITH VALID CERTIFICATE:

{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}

{E9143952-3AE9-46FA-BB02-8AFC525D7841}

 

Single file in the TEMP folder called RAIDTest dated 1/9/2014 5:35pm that when opened with Notepad++ shows funky characters (ASCII)

 

The 2 above files PostBuild.exe and RAIDtest passed all tests using VirusTotal website scanner.

 

What is C:\ProgramData\TEMP:CB0AACC9 and how does it get created and what does it do?

 

 

UPDATE:  I ran Alternate Stream  View in Administrative mode and removed the  :CB0AACC9:$DATA entry, rebooted, cleared cache in IE and tried a bunch of stuff and have not seen it come back...at least not yet.  I think last time I tried to use the tool I didn't run in admin mode so it never deleted the stream.  Not sure why that one came back when there were originally 3 prior to running FRST cleanup.


Edited by luddy, 30 September 2014 - 05:54 PM.


#11 luddy

luddy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 03 October 2014 - 04:02 PM

See above...why no response?  I am hoping you are still here :)

 

Also, I notice sometimes when I launch IE for outlook.com that NoScript blocks an XSS attempt via https://ads1.msads.net.  This doesn't seem to happen in Firefox.   Not sure if this is related to above issue.



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 AM

Posted 04 October 2014 - 08:07 AM

I apologize - it was my birthday and I was not able to get online... O:-)

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK Mirror (if the link is down)

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread (Note: Do NOT post this one into a code box!


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 luddy

luddy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 05 October 2014 - 03:40 PM

Happy Belated Birthday!  AdwCleaner log...rest will follow

# AdwCleaner v3.311 - Report created 05/10/2014 at 16:36:50
# Updated 30/09/2014 by Xplode
# Operating System : Windows 8.1 Pro with Media Center  (64 bits)
# Username : John - I7-4770K
# Running from : C:\Users\John\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\John\Favorites\Search
File Deleted : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\xh9ii585.John\searchplugins\safesearch.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\9yzi65ty.Default User\prefs.js ]


[ File : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\xh9ii585.John\prefs.js ]


*************************

AdwCleaner[R0].txt - [3528 octets] - [05/10/2014 16:31:42]
AdwCleaner[S0].txt - [3471 octets] - [05/10/2014 16:36:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3531 octets] ##########



#14 luddy

luddy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 05 October 2014 - 03:47 PM

JRT Log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.0 (10.05.2014:1)
OS: Windows 8.1 Pro with Media Center x64
Ran by John on Sun 10/05/2014 at 16:42:17.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\John\AppData\Roaming\mozilla\firefox\profiles\xh9ii585.John\prefs.js

user_pref("extensions.febe.lastbackupresultspageurl", "F:\\Firefox Profile Backup\\FEBE 2014 03-13 12.41.21\\Results - FEBE 2014 03-13 12.41.23.html");
user_pref("symantec.browser.sessionstore.resume_from_crash.toggle", false);
Emptied folder: C:\Users\John\AppData\Roaming\mozilla\firefox\profiles\xh9ii585.John\minidumps [77 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 10/05/2014 at 16:45:07.61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#15 luddy

luddy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 05 October 2014 - 03:52 PM

SecurityCheck log:

 

 Results of screen317's Security Check version 0.99.88 
   x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
 Windows Firewall Enabled! 
Windows Defender          
Norton Internet Security  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Trojan Remover 6.9.1.2931  
 Java 7 Update 67 
 Adobe Flash Player  15.0.0.152 
 Adobe Reader XI 
 Mozilla Firefox (32.0.3)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamscheduler.exe  
 Shadow Defender DefenderDaemon.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users