Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit with unknown MBR


  • Please log in to reply
25 replies to this topic

#1 chopped_liver_mm

chopped_liver_mm

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 22 October 2014 - 01:18 PM

So I have a friend's computer that appears to have a rootkit.  The MBR is unrecognized by several tools including GMER.  Removing the drive to scan it on another computer is a bust as the partition table is unrecognized in other machines.

 

What I know so far:

 

Windows 8.1 (assumed)

Running GMER causes a hard reboot - no questions asked, log is gone on reboot.

MBR is non-stock and partition table appears to be encrypted.

Lots of PUPs and they keep returning (Snipsmart.A, BrowseFox.A, Sanbreel.A, RocketTab.A, Groovorio.A, Superfish.A, ConduitSearchProduct.A via Malwarebytes)

PC Cleaner Pro removed (or so it claimed)

iYogi Support Dock removed but certainly not gone

RKill comes up with a ton of zoomify* and wzoomify* to kill  (Zoomify is not installed according to windows)

 

EDIT: More info

There are either BHOs or proxy hijacking that are inserting ads into all browsers. I'm assuming they are javascript as they insert to the top of search results moments after the results display.  It also claims this site has "cool pop-over ads" from "site: Bleepingcomputer.com".  Funny, the entire Internet started using these ads except for search engines.

 

What would be the most helpful thing to run first?

 

Thanks in advance for your help,

 

Mike


Edited by chopped_liver_mm, 22 October 2014 - 01:35 PM.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:20 AM

Posted 22 October 2014 - 04:04 PM

Windows 8.1 (assumed)

Why are you or your friend with the computer unable to know what system is operating on it ??

 

Operating system is important to know how to treat it,

 

:step1:  Download Screen317 Security Check from Here or Here and save it to your Desktop.
 * Double-click SecurityCheck.exe
 * Follow the onscreen instructions inside of the black box.
 * A Notepad document should open automatically called checkup.txt
 * Please Copy/Paste the contents of that document.
NOTE 1:: If any security program requests permission to access the Internet, allow it access.
NOTE 2. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! (or similar) message, restart computer and Security Check should run

 

If none of these links or methods work, move to program 2 ...........

 

:step2:  Please download MiniToolBox  to desktop to run it.
 Checkmark the following boxes:

  • List content of Hosts
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 Click Go and Copy / Paste the result. (result.txt)

 

 

 

:step3:  Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
*If using Vista or Windows 7 right-click on it and choose Run As Administrator.*
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
* * *If the tool does not run from any of the links provided, please let me know.* * *


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. 1. RKill.txt log will also be present on your desktop.
NOTE. 2 . Do NOT wrap your logs in "quote" or "code" brackets. (Untick Wordwrap in Notepad)
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply.

 

Do not reboot your computer until you complete the next step.

 

:step4:  NOW :

  • Download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
     * Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button (only once)
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button only once for accuracy.
  • A report (AdwCleaner[R0].txt) will open in Notepad for your review.
  • Check the listed removals and see if you are OK with them.
  • If you have questions, post the Report log back here.

 Next

  • Click on the Clean button only once for accuracy
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
    Copy and Paste the contents of that log in your next reply.

Note: With most Adware / Junkware / PUPs it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In many cases, using the uninstaller of the adware not only removes the adware more effectively, but it also restores any changed configuration. After uninstallation, then you can run specialized tools like AdwCleaner and JRT to fix any remaining entries they may find.

 

 

 

:step5:  Scan with Malwarebytes Anti-Malware.

Note - If a current version is not installed, please follow these directions -
Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe) to install, then follow These instructions for doing a THREAT SCAN in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A.4. Issues.

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily Disable or remove such programs or permit them to allow the changes.

  • After the scan, make sure that everything is checked and then click the Remove Selected button to remove all the listed malware.
  • After rebooting the computer, copy and past the mbam.log in your next reply.

If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

 

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)

  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.

-- Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd

 

 

:step6:  Download TDSSKiller and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt.
    Please copy and paste the contents of that file here.

 

 

Please post these logs in 1 hit, or after you run each scan -

Security Check

MiniToolBox

RKill

Malwarebytes Anti-Malware

(This must be posted in its own log page) TDSS

 

Include any ideas if the computer has improved in performance, or other details or questions ............

 

Thank You -



#3 chopped_liver_mm

chopped_liver_mm
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 22 October 2014 - 04:52 PM

noknojon,

 

Thank you for your help.  We agree the OS version is critical.  Sadly my friend is clueless when it comes to OS versions and thinks it might have been updated by the guy he had working on it before.  Windows is reporting 8.1, but I'm not 100% sure it's telling the truth as the look as feel just don't look right so I'm trying to report it as cleanly as possible.

 

On to the logs...

 

Security check's result looks a bit light to me so I tried a reboot.  Same result:
=================================================================
 Results of screen317's Security Check version 0.99.89  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
McAfee Anti-Virus and Anti-Spyware   
Windows Defender                     
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Google Chrome 38.0.2125.101  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
=============================================================
 
And MiniToolBox's results:
 
=============================================================
 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Joshua (administrator) on 22-10-2014 at 17:42:16
Running from "C:\Users\Joshua\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
 
========================= Event log errors: ===============================
 
Application errors:
==================
 
System errors:
=============
Error: (10/22/2014 04:37:10 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\Joshua\AppData\Local\Temp\mbr.sys
 
Error: (10/22/2014 04:37:10 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\Joshua\AppData\Local\Temp\mbr.sys
 
Error: (10/22/2014 04:35:29 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\Joshua\AppData\Local\Temp\mbr.sys
 
Error: (10/22/2014 04:18:22 PM) (Source: DCOM) (User: LENOVO-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (10/22/2014 04:18:12 PM) (Source: DCOM) (User: LENOVO-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (10/22/2014 04:18:01 PM) (Source: DCOM) (User: LENOVO-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (10/22/2014 04:17:58 PM) (Source: DCOM) (User: LENOVO-PC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/22/2014 04:17:58 PM) (Source: DCOM) (User: LENOVO-PC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/22/2014 04:17:58 PM) (Source: DCOM) (User: LENOVO-PC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/22/2014 04:17:58 PM) (Source: DCOM) (User: LENOVO-PC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-10-22 16:37:10.210
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Joshua\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-22 16:37:10.154
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Joshua\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-22 16:35:29.284
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Joshua\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
 
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.249 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink MediaStory (x32 Version: 1.0.1314 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4107 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.2.1000 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.12.1.2 - ClientConnect LTD)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.5 - Stoneware, Inc.)
Lenovo Solution Center (HKLM\...\{13BD494D-9ACD-420B-A291-E145DED92EF6}) (Version: 2.6.001.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Web Start (HKCU\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.3.5000 - Maxthon International Limited)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.3 - Sophos Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 35%
Total physical RAM: 4008.27 MB
Available physical RAM: 2579.41 MB
Total Pagefile: 8104.27 MB
Available Pagefile: 6531.18 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.98 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows8_OS) (Fixed) (Total:424.27 GB) (Free:376.94 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.9 GB) NTFS
4 Drive f: (MOOZIC) (Fixed) (Total:7.44 GB) (Free:7.28 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\LENOVO-PC
 
Administrator            Guest                    Joshua                   
 
 
**** End of log ****
 
=============================================================

 

I'll report back shortly with the next set of results.

 

Thanks again!



#4 chopped_liver_mm

chopped_liver_mm
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 22 October 2014 - 05:16 PM

Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 10/22/2014 05:55:38 PM in x64 mode.
Windows Version: Windows 8.1 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\PROGRA~3\zoomify2\110~1.25\wzoomifyd.exe (PID: 1840) [SAUP-HEUR]
 * C:\PROGRA~3\zoomify2\110~1.25\zoomify.exe (PID: 1888) [SAUP-HEUR]
 * C:\PROGRA~3\zoomify2\110~1.25\zoomifyL32.exe (PID: 3488) [SAUP-HEUR]
 * C:\PROGRA~3\zoomify2\110~1.25\zoomifyL64.exe (PID: 3788) [SAUP-HEUR]
 * C:\PROGRA~3\zoomify2\110~1.25\zoomifyD32.exe (PID: 4044) [SAUP-HEUR]
 
5 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * MsKeyboardFilter [Missing Service]
 * CSC [Missing Service]
 * E1G60 [Missing Service]
 * kbldfltr [Missing Service]
 * storvsp [Missing Service]
 * Vid [Missing Service]
 * vmbusr [Missing Service]
 * vpcivsp [Missing Service]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 10/22/2014 05:56:16 PM
Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)

# AdwCleaner v4.001 - Report created 22/10/2014 at 18:04:38
# DB v2014-10-21.1
# Updated 20/10/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Joshua - LENOVO-PC
# Running from : C:\Users\Joshua\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : zoomify
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\zoomify2
Folder Deleted : C:\zoomify
Folder Deleted : C:\Users\Joshua\AppData\LocalLow\zoomify
Folder Deleted : C:\Users\Joshua\AppData\Local\Temp\snipsmart
File Deleted : C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\zoomify
Key Deleted : HKLM\SOFTWARE\zoomify
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17278
 
 
-\\ Google Chrome v38.0.2125.101
 
 
*************************
 
AdwCleaner[R0].txt - [1522 octets] - [22/10/2014 18:00:36]
AdwCleaner[S0].txt - [1454 octets] - [22/10/2014 18:04:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1514 octets] ##########


#5 chopped_liver_mm

chopped_liver_mm
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 22 October 2014 - 05:18 PM

ADW Cleaner required a reboot as expected.  Do I need to run RKILL before MBAW?

 

I am noticing that the browser still has some ads inserted, but many are now gone (at least until it reinstalls them).

 

Thank you!



#6 chopped_liver_mm

chopped_liver_mm
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 22 October 2014 - 05:56 PM

Okay I proceeded without the RKILL.  Here's MBAM's log.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10/22/2014
Scan Time: 6:15:23 PM
Logfile: mbam 10-122-14 6-41p.txt
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.10.22.10
Rootkit Database: v2014.10.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Joshua
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 311919
Time Elapsed: 11 min, 5 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.Zoomify.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wzoomifyd, Quarantined, [b30f5dba4d2f7cba3c368f90f60d8f71], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 3
PUP.Optional.OutBrowse, C:\Users\Joshua\Downloads\iTunes_Setup.exe, Quarantined, [b40ee82f6814ce68df0a17b006fbd42c], 
PUP.Optional.Zoomify.A, C:\Users\Joshua\AppData\Local\tmp7975\dag29900.exe, Quarantined, [14aedd3af4881e18c82e30a4936ee719], 
PUP.Optional.Zoomify.A, C:\Users\Joshua\AppData\Local\tmp7975\dag29900tmp.exe, Quarantined, [08ba4bccc0bc1c1af501874d768bf709], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

18:45:57.0168 0x09d8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:45:57.0168 0x09d8  UEFI system
18:46:00.0552 0x09d8  ============================================================
18:46:00.0552 0x09d8  Current date / time: 2014/10/22 18:46:00.0552
18:46:00.0552 0x09d8  SystemInfo:
18:46:00.0552 0x09d8  
18:46:00.0552 0x09d8  OS Version: 6.3.9600 ServicePack: 0.0
18:46:00.0552 0x09d8  Product type: Workstation
18:46:00.0552 0x09d8  ComputerName: LENOVO-PC
18:46:00.0552 0x09d8  UserName: Joshua
18:46:00.0552 0x09d8  Windows directory: C:\windows
18:46:00.0552 0x09d8  System windows directory: C:\windows
18:46:00.0552 0x09d8  Running under WOW64
18:46:00.0552 0x09d8  Processor architecture: Intel x64
18:46:00.0552 0x09d8  Number of processors: 4
18:46:00.0552 0x09d8  Page size: 0x1000
18:46:00.0552 0x09d8  Boot type: Normal boot
18:46:00.0552 0x09d8  ============================================================
18:46:01.0052 0x09d8  KLMD registered as C:\windows\system32\drivers\51472503.sys
18:46:01.0594 0x09d8  System UUID: {536A5EA6-C234-5A69-824D-7B9942A77125}
18:46:02.0194 0x09d8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:46:02.0200 0x09d8  ============================================================
18:46:02.0200 0x09d8  \Device\Harddisk0\DR0:
18:46:02.0200 0x09d8  GPT partitions:
18:46:02.0201 0x09d8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BB756F85-40B6-4FB4-8A48-95559D126BEF}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
18:46:02.0201 0x09d8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4BA14221-B28A-40E6-9046-57D03EF6B16C}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
18:46:02.0201 0x09d8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {6F9DC8F8-59FE-43A9-BDA8-58E3F95410B0}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
18:46:02.0202 0x09d8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9212D7EF-3943-449B-B078-5687A887D82E}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
18:46:02.0202 0x09d8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3641CA43-324F-44FE-9BB7-5AFBFF6FBE8E}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x35088800
18:46:02.0202 0x09d8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {15168254-AC63-486C-9986-16B9ED43923E}, Name: Basic data partition, StartLBA 0x35533000, BlocksNum 0x3200000
18:46:02.0202 0x09d8  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C3FF2120-9D06-4816-821E-360AF1446B59}, Name: Basic data partition, StartLBA 0x38733000, BlocksNum 0x1C53000
18:46:02.0202 0x09d8  MBR partitions:
18:46:02.0202 0x09d8  ============================================================
18:46:02.0242 0x09d8  C: <-> \Device\Harddisk0\DR0\Partition5
18:46:02.0344 0x09d8  D: <-> \Device\Harddisk0\DR0\Partition6
18:46:02.0345 0x09d8  ============================================================
18:46:02.0345 0x09d8  Initialize success
18:46:02.0345 0x09d8  ============================================================
18:46:20.0979 0x13a4  ============================================================
18:46:20.0979 0x13a4  Scan started
18:46:20.0979 0x13a4  Mode: Manual; 
18:46:20.0979 0x13a4  ============================================================
18:46:20.0979 0x13a4  KSN ping started
18:46:23.0368 0x13a4  KSN ping finished: true
18:46:24.0244 0x13a4  ================ Scan system memory ========================
18:46:24.0244 0x13a4  System memory - ok
18:46:24.0245 0x13a4  ================ Scan services =============================
18:46:24.0395 0x13a4  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
18:46:24.0408 0x13a4  1394ohci - ok
18:46:24.0426 0x13a4  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\windows\system32\drivers\3ware.sys
18:46:24.0429 0x13a4  3ware - ok
18:46:24.0463 0x13a4  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\windows\system32\drivers\ACPI.sys
18:46:24.0475 0x13a4  ACPI - ok
18:46:24.0493 0x13a4  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\windows\system32\Drivers\acpiex.sys
18:46:24.0495 0x13a4  acpiex - ok
18:46:24.0499 0x13a4  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
18:46:24.0500 0x13a4  acpipagr - ok
18:46:24.0503 0x13a4  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
18:46:24.0504 0x13a4  AcpiPmi - ok
18:46:24.0508 0x13a4  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\windows\System32\drivers\acpitime.sys
18:46:24.0509 0x13a4  acpitime - ok
18:46:24.0527 0x13a4  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\windows\System32\drivers\AcpiVpc.sys
18:46:24.0528 0x13a4  ACPIVPC - ok
18:46:24.0577 0x13a4  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\windows\system32\drivers\ADP80XX.SYS
18:46:24.0592 0x13a4  ADP80XX - ok
18:46:24.0626 0x13a4  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
18:46:24.0630 0x13a4  AeLookupSvc - ok
18:46:24.0771 0x13a4  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\windows\system32\drivers\afd.sys
18:46:24.0787 0x13a4  AFD - ok
18:46:24.0811 0x13a4  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\windows\system32\drivers\agp440.sys
18:46:24.0813 0x13a4  agp440 - ok
18:46:24.0834 0x13a4  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\windows\system32\DRIVERS\ahcache.sys
18:46:24.0836 0x13a4  ahcache - ok
18:46:24.0874 0x13a4  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\windows\System32\alg.exe
18:46:24.0879 0x13a4  ALG - ok
18:46:24.0903 0x13a4  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\windows\System32\drivers\amdk8.sys
18:46:24.0909 0x13a4  AmdK8 - ok
18:46:24.0937 0x13a4  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
18:46:24.0943 0x13a4  AmdPPM - ok
18:46:24.0955 0x13a4  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\windows\system32\drivers\amdsata.sys
18:46:24.0959 0x13a4  amdsata - ok
18:46:24.0979 0x13a4  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
18:46:24.0986 0x13a4  amdsbs - ok
18:46:24.0991 0x13a4  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\windows\system32\drivers\amdxata.sys
18:46:24.0993 0x13a4  amdxata - ok
18:46:24.0999 0x13a4  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\windows\system32\drivers\appid.sys
18:46:25.0002 0x13a4  AppID - ok
18:46:25.0025 0x13a4  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\windows\System32\appidsvc.dll
18:46:25.0027 0x13a4  AppIDSvc - ok
18:46:25.0048 0x13a4  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\windows\System32\appinfo.dll
18:46:25.0052 0x13a4  Appinfo - ok
18:46:25.0110 0x13a4  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:46:25.0113 0x13a4  Apple Mobile Device - ok
18:46:25.0167 0x13a4  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\windows\system32\AppReadiness.dll
18:46:25.0181 0x13a4  AppReadiness - ok
18:46:25.0260 0x13a4  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\windows\system32\appxdeploymentserver.dll
18:46:25.0290 0x13a4  AppXSvc - ok
18:46:25.0315 0x13a4  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\windows\system32\drivers\arcsas.sys
18:46:25.0318 0x13a4  arcsas - ok
18:46:25.0322 0x13a4  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\windows\system32\drivers\atapi.sys
18:46:25.0323 0x13a4  atapi - ok
18:46:25.0343 0x13a4  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\windows\system32\DRIVERS\btath_flt.sys
18:46:25.0346 0x13a4  AthBTPort - ok
18:46:25.0403 0x13a4  [ B68BC92DC0F6484E5862BA1B09EE720C, E15BF19CBF83EC33A3DF9371CCEA9EA9765B17C41B13D4B28635111171D43835 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
18:46:25.0409 0x13a4  AtherosSvc - ok
18:46:25.0581 0x13a4  [ 37B33DDE5490A2DF56DFB46580356E3F, 40FE378C9010B06FD7ADE30F76F916D5BDBB26525CF3D11D5780E2247B6099D8 ] athr            C:\windows\system32\DRIVERS\athwbx.sys
18:46:25.0646 0x13a4  athr - ok
18:46:25.0675 0x13a4  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
18:46:25.0680 0x13a4  AudioEndpointBuilder - ok
18:46:25.0724 0x13a4  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\windows\System32\Audiosrv.dll
18:46:25.0745 0x13a4  Audiosrv - ok
18:46:25.0772 0x13a4  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\windows\System32\AxInstSV.dll
18:46:25.0775 0x13a4  AxInstSV - ok
18:46:25.0810 0x13a4  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
18:46:25.0821 0x13a4  b06bdrv - ok
18:46:25.0836 0x13a4  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
18:46:25.0837 0x13a4  BasicDisplay - ok
18:46:25.0848 0x13a4  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
18:46:25.0849 0x13a4  BasicRender - ok
18:46:25.0867 0x13a4  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\windows\System32\drivers\bcmfn2.sys
18:46:25.0868 0x13a4  bcmfn2 - ok
18:46:25.0908 0x13a4  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\windows\System32\bdesvc.dll
18:46:25.0915 0x13a4  BDESVC - ok
18:46:25.0930 0x13a4  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\windows\system32\drivers\Beep.sys
18:46:25.0930 0x13a4  Beep - ok
18:46:25.0967 0x13a4  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\windows\System32\bfe.dll
18:46:25.0982 0x13a4  BFE - ok
18:46:26.0046 0x13a4  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\windows\System32\qmgr.dll
18:46:26.0064 0x13a4  BITS - ok
18:46:26.0137 0x13a4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:46:26.0159 0x13a4  Bonjour Service - ok
18:46:26.0174 0x13a4  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\windows\system32\DRIVERS\bowser.sys
18:46:26.0176 0x13a4  bowser - ok
18:46:26.0204 0x13a4  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\windows\System32\bisrv.dll
18:46:26.0210 0x13a4  BrokerInfrastructure - ok
18:46:26.0238 0x13a4  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\windows\System32\browser.dll
18:46:26.0241 0x13a4  Browser - ok
18:46:26.0275 0x13a4  [ 3B178B27E4514638497273C97B08B2A4, 7D7391DE399A414B6EDCD4E992D8B9C6D52FFF0ED7404F4D88E490315A3BDFD6 ] BTATH_A2DP      C:\windows\system32\drivers\btath_a2dp.sys
18:46:26.0281 0x13a4  BTATH_A2DP - ok
18:46:26.0287 0x13a4  [ FB5EEA3DB72E30D645DC40D0951B1A1B, B4F1FA323D8F259A22193FD67B07E512EBE70C3C483BD15F087EA08C53021F7A ] btath_avdt      C:\windows\system32\drivers\btath_avdt.sys
18:46:26.0289 0x13a4  btath_avdt - ok
18:46:26.0303 0x13a4  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\windows\System32\drivers\btath_bus.sys
18:46:26.0304 0x13a4  BTATH_BUS - ok
18:46:26.0316 0x13a4  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\windows\System32\drivers\btath_hcrp.sys
18:46:26.0320 0x13a4  BTATH_HCRP - ok
18:46:26.0341 0x13a4  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\windows\system32\DRIVERS\btath_lwflt.sys
18:46:26.0343 0x13a4  BTATH_LWFLT - ok
18:46:26.0349 0x13a4  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\windows\System32\drivers\btath_rcp.sys
18:46:26.0352 0x13a4  BTATH_RCP - ok
18:46:26.0393 0x13a4  [ BBD08A4303DF9F48329836CC7D001B55, B0B5AF781B5B6F8BF7DEF0742A0A47E7E2BAC19CA608461FA503C788D47529AB ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
18:46:26.0404 0x13a4  BtFilter - ok
18:46:26.0447 0x13a4  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
18:46:26.0448 0x13a4  BthAvrcpTg - ok
18:46:26.0490 0x13a4  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
18:46:26.0491 0x13a4  BthEnum - ok
18:46:26.0497 0x13a4  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
18:46:26.0498 0x13a4  BthHFEnum - ok
18:46:26.0503 0x13a4  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
18:46:26.0505 0x13a4  bthhfhid - ok
18:46:26.0525 0x13a4  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\windows\System32\drivers\BthLEEnum.sys
18:46:26.0529 0x13a4  BthLEEnum - ok
18:46:26.0535 0x13a4  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
18:46:26.0537 0x13a4  BTHMODEM - ok
18:46:26.0565 0x13a4  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\windows\System32\drivers\bthpan.sys
18:46:26.0568 0x13a4  BthPan - ok
18:46:26.0658 0x13a4  [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
18:46:26.0684 0x13a4  BTHPORT - ok
18:46:26.0723 0x13a4  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\windows\system32\bthserv.dll
18:46:26.0725 0x13a4  bthserv - ok
18:46:26.0764 0x13a4  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
18:46:26.0765 0x13a4  BTHUSB - ok
18:46:26.0785 0x13a4  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
18:46:26.0787 0x13a4  cdfs - ok
18:46:26.0803 0x13a4  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\windows\System32\drivers\cdrom.sys
18:46:26.0806 0x13a4  cdrom - ok
18:46:26.0821 0x13a4  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\windows\System32\certprop.dll
18:46:26.0825 0x13a4  CertPropSvc - ok
18:46:26.0840 0x13a4  [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids          C:\windows\system32\drivers\cfwids.sys
18:46:26.0842 0x13a4  cfwids - ok
18:46:26.0860 0x13a4  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\windows\System32\drivers\circlass.sys
18:46:26.0861 0x13a4  circlass - ok
18:46:26.0901 0x13a4  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\windows\system32\drivers\CLFS.sys
18:46:26.0913 0x13a4  CLFS - ok
18:46:26.0946 0x13a4  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
18:46:26.0947 0x13a4  CmBatt - ok
18:46:26.0981 0x13a4  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\windows\system32\Drivers\cng.sys
18:46:26.0996 0x13a4  CNG - ok
18:46:27.0076 0x13a4  [ 3C0FF49CC525A561A25D2BA3AA6A83E7, FA8E661E8E57BEA11A23B6AC59B3FDB21A61C20AA1E134810D62C2A5A32F6259 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
18:46:27.0102 0x13a4  CnxtHdAudService - ok
18:46:27.0118 0x13a4  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
18:46:27.0119 0x13a4  CompositeBus - ok
18:46:27.0122 0x13a4  COMSysApp - ok
18:46:27.0133 0x13a4  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\windows\system32\drivers\condrv.sys
18:46:27.0134 0x13a4  condrv - ok
18:46:27.0211 0x13a4  [ 13F58B5E986E6495D268593FD2CCCB5C, CE008423386B298CFFD1C8DD61AAE5DB78656D49A15CC99BA47BC273D08C9D74 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
18:46:27.0249 0x13a4  cphs - ok
18:46:27.0284 0x13a4  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\windows\system32\cryptsvc.dll
18:46:27.0288 0x13a4  CryptSvc - ok
18:46:27.0315 0x13a4  [ 4E6337DE03F36BCE168110E6B59F6A5B, 2DB940EBBA971B3801E273B80D8CBD975040A8B87908E7E0733E4DBB0EFC2611 ] CxAudMsg        C:\windows\system32\CxAudMsg64.exe
18:46:27.0322 0x13a4  CxAudMsg - ok
18:46:27.0347 0x13a4  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\windows\system32\drivers\dam.sys
18:46:27.0349 0x13a4  dam - ok
18:46:27.0406 0x13a4  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\windows\system32\rpcss.dll
18:46:27.0428 0x13a4  DcomLaunch - ok
18:46:27.0470 0x13a4  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\windows\System32\defragsvc.dll
18:46:27.0484 0x13a4  defragsvc - ok
18:46:27.0528 0x13a4  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\windows\system32\das.dll
18:46:27.0543 0x13a4  DeviceAssociationService - ok
18:46:27.0572 0x13a4  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
18:46:27.0577 0x13a4  DeviceInstall - ok
18:46:27.0602 0x13a4  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
18:46:27.0605 0x13a4  Dfsc - ok
18:46:27.0649 0x13a4  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\windows\system32\dhcpcore.dll
18:46:27.0657 0x13a4  Dhcp - ok
18:46:27.0677 0x13a4  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\windows\system32\drivers\disk.sys
18:46:27.0679 0x13a4  disk - ok
18:46:27.0688 0x13a4  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
18:46:27.0689 0x13a4  dmvsc - ok
18:46:27.0708 0x13a4  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\windows\System32\dnsrslvr.dll
18:46:27.0713 0x13a4  Dnscache - ok
18:46:27.0747 0x13a4  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\windows\System32\dot3svc.dll
18:46:27.0753 0x13a4  dot3svc - ok
18:46:27.0772 0x13a4  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\windows\system32\dps.dll
18:46:27.0776 0x13a4  DPS - ok
18:46:27.0787 0x13a4  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
18:46:27.0788 0x13a4  drmkaud - ok
18:46:27.0810 0x13a4  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
18:46:27.0815 0x13a4  DsmSvc - ok
18:46:27.0910 0x13a4  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
18:46:27.0939 0x13a4  DXGKrnl - ok
18:46:27.0984 0x13a4  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\windows\system32\DRIVERS\e1i63x64.sys
18:46:28.0002 0x13a4  e1iexpress - ok
18:46:28.0033 0x13a4  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\windows\System32\eapsvc.dll
18:46:28.0037 0x13a4  Eaphost - ok
18:46:28.0158 0x13a4  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\windows\system32\drivers\evbda.sys
18:46:28.0220 0x13a4  ebdrv - ok
18:46:28.0244 0x13a4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\windows\System32\lsass.exe
18:46:28.0246 0x13a4  EFS - ok
18:46:28.0267 0x13a4  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
18:46:28.0269 0x13a4  EhStorClass - ok
18:46:28.0290 0x13a4  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
18:46:28.0293 0x13a4  EhStorTcgDrv - ok
18:46:28.0297 0x13a4  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\windows\System32\drivers\errdev.sys
18:46:28.0298 0x13a4  ErrDev - ok
18:46:28.0327 0x13a4  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\windows\system32\es.dll
18:46:28.0335 0x13a4  EventSystem - ok
18:46:28.0357 0x13a4  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\windows\system32\drivers\exfat.sys
18:46:28.0362 0x13a4  exfat - ok
18:46:28.0382 0x13a4  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\windows\system32\drivers\fastfat.sys
18:46:28.0386 0x13a4  fastfat - ok
18:46:28.0436 0x13a4  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\windows\system32\fxssvc.exe
18:46:28.0450 0x13a4  Fax - ok
18:46:28.0454 0x13a4  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\windows\System32\drivers\fdc.sys
18:46:28.0455 0x13a4  fdc - ok
18:46:28.0467 0x13a4  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\windows\system32\fdPHost.dll
18:46:28.0468 0x13a4  fdPHost - ok
18:46:28.0472 0x13a4  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\windows\system32\fdrespub.dll
18:46:28.0473 0x13a4  FDResPub - ok
18:46:28.0492 0x13a4  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\windows\system32\fhsvc.dll
18:46:28.0495 0x13a4  fhsvc - ok
18:46:28.0521 0x13a4  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
18:46:28.0524 0x13a4  FileInfo - ok
18:46:28.0540 0x13a4  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\windows\system32\drivers\filetrace.sys
18:46:28.0542 0x13a4  Filetrace - ok
18:46:28.0559 0x13a4  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
18:46:28.0560 0x13a4  flpydisk - ok
18:46:28.0597 0x13a4  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
18:46:28.0604 0x13a4  FltMgr - ok
18:46:28.0692 0x13a4  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\windows\system32\FntCache.dll
18:46:28.0718 0x13a4  FontCache - ok
18:46:28.0807 0x13a4  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:46:28.0808 0x13a4  FontCache3.0.0.0 - ok
18:46:28.0826 0x13a4  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
18:46:28.0828 0x13a4  FsDepends - ok
18:46:28.0843 0x13a4  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
18:46:28.0844 0x13a4  Fs_Rec - ok
18:46:28.0895 0x13a4  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
18:46:28.0970 0x13a4  fvevol - ok
18:46:29.0007 0x13a4  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
18:46:29.0008 0x13a4  FxPPM - ok
18:46:29.0017 0x13a4  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
18:46:29.0019 0x13a4  gagp30kx - ok
18:46:29.0052 0x13a4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:46:29.0053 0x13a4  GEARAspiWDM - ok
18:46:29.0078 0x13a4  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
18:46:29.0079 0x13a4  gencounter - ok
18:46:29.0113 0x13a4  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
18:46:29.0117 0x13a4  GPIOClx0101 - ok
18:46:29.0200 0x13a4  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\windows\System32\gpsvc.dll
18:46:29.0224 0x13a4  gpsvc - ok
18:46:29.0334 0x13a4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:46:29.0341 0x13a4  gupdate - ok
18:46:29.0352 0x13a4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:46:29.0359 0x13a4  gupdatem - ok
18:46:29.0406 0x13a4  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:46:29.0418 0x13a4  HdAudAddService - ok
18:46:29.0452 0x13a4  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
18:46:29.0454 0x13a4  HDAudBus - ok
18:46:29.0458 0x13a4  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
18:46:29.0459 0x13a4  HidBatt - ok
18:46:29.0465 0x13a4  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\windows\System32\drivers\hidbth.sys
18:46:29.0467 0x13a4  HidBth - ok
18:46:29.0471 0x13a4  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
18:46:29.0473 0x13a4  hidi2c - ok
18:46:29.0477 0x13a4  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\windows\System32\drivers\hidir.sys
18:46:29.0479 0x13a4  HidIr - ok
18:46:29.0498 0x13a4  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\windows\system32\hidserv.dll
18:46:29.0500 0x13a4  hidserv - ok
18:46:29.0524 0x13a4  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
18:46:29.0525 0x13a4  HidUsb - ok
18:46:29.0558 0x13a4  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\windows\system32\drivers\HipShieldK.sys
18:46:29.0562 0x13a4  HipShieldK - ok
18:46:29.0593 0x13a4  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\windows\system32\kmsvc.dll
18:46:29.0596 0x13a4  hkmsvc - ok
18:46:29.0611 0x13a4  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:46:29.0617 0x13a4  HomeGroupListener - ok
18:46:29.0654 0x13a4  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:46:29.0663 0x13a4  HomeGroupProvider - ok
18:46:29.0768 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:46:29.0785 0x13a4  HomeNetSvc - ok
18:46:29.0814 0x13a4  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
18:46:29.0816 0x13a4  HpSAMD - ok
18:46:29.0865 0x13a4  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\windows\system32\drivers\HTTP.sys
18:46:29.0884 0x13a4  HTTP - ok
18:46:29.0903 0x13a4  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
18:46:29.0904 0x13a4  hwpolicy - ok
18:46:29.0913 0x13a4  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
18:46:29.0914 0x13a4  hyperkbd - ok
18:46:29.0917 0x13a4  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
18:46:29.0918 0x13a4  HyperVideo - ok
18:46:29.0936 0x13a4  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
18:46:29.0939 0x13a4  i8042prt - ok
18:46:29.0944 0x13a4  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\windows\System32\drivers\iaLPSSi_GPIO.sys
18:46:29.0945 0x13a4  iaLPSSi_GPIO - ok
18:46:29.0950 0x13a4  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\windows\System32\drivers\iaLPSSi_I2C.sys
18:46:29.0953 0x13a4  iaLPSSi_I2C - ok
18:46:29.0969 0x13a4  [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
18:46:29.0980 0x13a4  iaStorA - ok
18:46:30.0007 0x13a4  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\windows\system32\drivers\iaStorAV.sys
18:46:30.0020 0x13a4  iaStorAV - ok
18:46:30.0064 0x13a4  [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:46:30.0067 0x13a4  IAStorDataMgrSvc - ok
18:46:30.0114 0x13a4  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
18:46:30.0126 0x13a4  iaStorV - ok
18:46:30.0130 0x13a4  IEEtwCollectorService - ok
18:46:30.0294 0x13a4  [ A874EC416801B152BD64916E1B5C107E, 6D41CAB617E06F3D9534DB44DFEB9C86F2AD55AFBF3E1B1B41BA2576C0C19407 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
18:46:30.0363 0x13a4  igfx - ok
18:46:30.0416 0x13a4  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\windows\System32\ikeext.dll
18:46:30.0435 0x13a4  IKEEXT - ok
18:46:30.0459 0x13a4  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
18:46:30.0460 0x13a4  intaud_WaveExtensible - ok
18:46:30.0485 0x13a4  [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
18:46:30.0493 0x13a4  IntcDAud - ok
18:46:30.0554 0x13a4  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:46:30.0584 0x13a4  Intel® Capability Licensing Service Interface - ok
18:46:30.0632 0x13a4  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:46:30.0648 0x13a4  Intel® Capability Licensing Service TCP IP Interface - ok
18:46:30.0681 0x13a4  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\windows\system32\drivers\intelide.sys
18:46:30.0682 0x13a4  intelide - ok
18:46:30.0724 0x13a4  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\windows\system32\drivers\intelpep.sys
18:46:30.0727 0x13a4  intelpep - ok
18:46:30.0753 0x13a4  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\windows\System32\drivers\intelppm.sys
18:46:30.0759 0x13a4  intelppm - ok
18:46:30.0779 0x13a4  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
18:46:30.0783 0x13a4  IpFilterDriver - ok
18:46:30.0845 0x13a4  [ 1670A274ED1A815311BA33CD27B0D0E8, 28378D3908DCFA2C0E8FCF83E5AFEF643C89BBB285FA0F1692FE576AEA2F4E45 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
18:46:30.0863 0x13a4  iphlpsvc - ok
18:46:30.0890 0x13a4  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
18:46:30.0892 0x13a4  IPMIDRV - ok
18:46:30.0910 0x13a4  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
18:46:30.0919 0x13a4  IPNAT - ok
18:46:30.0968 0x13a4  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:46:30.0986 0x13a4  iPod Service - ok
18:46:30.0996 0x13a4  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\windows\system32\drivers\irenum.sys
18:46:30.0997 0x13a4  IRENUM - ok
18:46:31.0018 0x13a4  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\windows\system32\drivers\isapnp.sys
18:46:31.0019 0x13a4  isapnp - ok
18:46:31.0060 0x13a4  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
18:46:31.0066 0x13a4  iScsiPrt - ok
18:46:31.0081 0x13a4  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\windows\System32\drivers\iwdbus.sys
18:46:31.0082 0x13a4  iwdbus - ok
18:46:31.0156 0x13a4  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
18:46:31.0165 0x13a4  jhi_service - ok
18:46:31.0195 0x13a4  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
18:46:31.0197 0x13a4  kbdclass - ok
18:46:31.0217 0x13a4  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
18:46:31.0219 0x13a4  kbdhid - ok
18:46:31.0241 0x13a4  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
18:46:31.0243 0x13a4  kdnic - ok
18:46:31.0257 0x13a4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\windows\system32\lsass.exe
18:46:31.0260 0x13a4  KeyIso - ok
18:46:31.0277 0x13a4  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
18:46:31.0281 0x13a4  KSecDD - ok
18:46:31.0311 0x13a4  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
18:46:31.0315 0x13a4  KSecPkg - ok
18:46:31.0329 0x13a4  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
18:46:31.0330 0x13a4  ksthunk - ok
18:46:31.0371 0x13a4  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\windows\system32\msdtckrm.dll
18:46:31.0380 0x13a4  KtmRm - ok
18:46:31.0409 0x13a4  [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C             C:\windows\system32\DRIVERS\L1C63x64.sys
18:46:31.0412 0x13a4  L1C - ok
18:46:31.0458 0x13a4  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\windows\system32\srvsvc.dll
18:46:31.0466 0x13a4  LanmanServer - ok
18:46:31.0506 0x13a4  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:46:31.0513 0x13a4  LanmanWorkstation - ok
18:46:31.0545 0x13a4  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\windows\System32\GeofenceMonitorService.dll
18:46:31.0557 0x13a4  lfsvc - ok
18:46:31.0570 0x13a4  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
18:46:31.0572 0x13a4  lltdio - ok
18:46:31.0604 0x13a4  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\windows\System32\lltdsvc.dll
18:46:31.0610 0x13a4  lltdsvc - ok
18:46:31.0629 0x13a4  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\windows\System32\lmhsvc.dll
18:46:31.0630 0x13a4  lmhosts - ok
18:46:31.0706 0x13a4  [ 073BD65B67B001A722469BF7C7D4EEC4, 72102FDF2CD3182C20298418A0115ADB3E14093BF96B6297990F96CEEBEF8CAA ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
18:46:31.0716 0x13a4  LSCWinService - ok
18:46:31.0737 0x13a4  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
18:46:31.0742 0x13a4  LSI_SAS - ok
18:46:31.0761 0x13a4  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
18:46:31.0765 0x13a4  LSI_SAS2 - ok
18:46:31.0773 0x13a4  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\windows\system32\drivers\lsi_sas3.sys
18:46:31.0777 0x13a4  LSI_SAS3 - ok
18:46:31.0785 0x13a4  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
18:46:31.0789 0x13a4  LSI_SSS - ok
18:46:31.0825 0x13a4  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\windows\System32\lsm.dll
18:46:31.0839 0x13a4  LSM - ok
18:46:31.0859 0x13a4  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\windows\system32\drivers\luafv.sys
18:46:31.0862 0x13a4  luafv - ok
18:46:31.0978 0x13a4  [ BF7F7C792E22F00290B37515554BA167, 46A1C53DF12262EDB00538B1C1E5921E063C4942FADE05B6F98214A3941FCB66 ] MaxthonUpdateSvc C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
18:46:32.0009 0x13a4  MaxthonUpdateSvc - ok
18:46:32.0057 0x13a4  [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
18:46:32.0061 0x13a4  McAPExe - ok
18:46:32.0114 0x13a4  [ 16EF8A0930296943D124F06EA4E21544, 61248EAD26E1296E1445C17EC44693A3ECF1C64738213EF3AA2ADCBD4E9CB89A ] McAWFwk         c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
18:46:32.0128 0x13a4  McAWFwk - ok
18:46:32.0155 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:46:32.0161 0x13a4  McMPFSvc - ok
18:46:32.0170 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
18:46:32.0175 0x13a4  McNaiAnn - ok
18:46:32.0224 0x13a4  [ 7F8446D8AD9161B34DC7C209FB148A5A, 26B07EB138992586FC410849172A63ACC26D99ED59B568EFF9C93ED2EB129453 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
18:46:32.0251 0x13a4  McODS - ok
18:46:32.0262 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McOobeSv2       C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
18:46:32.0269 0x13a4  McOobeSv2 - ok
18:46:32.0279 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
18:46:32.0284 0x13a4  mcpltsvc - ok
18:46:32.0295 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy         C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
18:46:32.0301 0x13a4  McProxy - ok
18:46:32.0312 0x13a4  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\windows\system32\drivers\megasas.sys
18:46:32.0314 0x13a4  megasas - ok
18:46:32.0356 0x13a4  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\windows\system32\drivers\megasr.sys
18:46:32.0367 0x13a4  megasr - ok
18:46:32.0389 0x13a4  [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64          C:\windows\system32\DRIVERS\TeeDriverx64.sys
18:46:32.0391 0x13a4  MEIx64 - ok
18:46:32.0412 0x13a4  [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys
18:46:32.0415 0x13a4  mfeapfk - ok
18:46:32.0439 0x13a4  [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys
18:46:32.0444 0x13a4  mfeavfk - ok
18:46:32.0550 0x13a4  [ 28E4FB2E9918C2E680BE9FD8E130471C, DFD1738F2CC0743F2CD9754CAFFFFC4D38590AF8AD2E1159F8FEAC9E9922E4B8 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
18:46:32.0579 0x13a4  mfecore - ok
18:46:32.0601 0x13a4  [ DD19F44DE0F742B2E89FB6489A2F7197, B6BF5236181492B9996471469E18C3A11ECD6224BE740BA312771E1A7D4AD6BD ] mfeelamk        C:\windows\system32\drivers\mfeelamk.sys
18:46:32.0603 0x13a4  mfeelamk - ok
18:46:32.0629 0x13a4  [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:46:32.0640 0x13a4  mfefire - ok
18:46:32.0689 0x13a4  [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek        C:\windows\system32\drivers\mfefirek.sys
18:46:32.0705 0x13a4  mfefirek - ok
18:46:32.0747 0x13a4  [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk         C:\windows\system32\drivers\mfehidk.sys
18:46:32.0765 0x13a4  mfehidk - ok
18:46:32.0795 0x13a4  [ 6CD9133BC4B5DF25FB8BCBC382C8466F, F3C938D1EDD61EE1B227112CB027804E0AAD16CBCDD67EEE1D8EAABDFC996BA1 ] mfencbdc        C:\windows\system32\DRIVERS\mfencbdc.sys
18:46:32.0803 0x13a4  mfencbdc - ok
18:46:32.0846 0x13a4  [ 408DC249009CDB3C9B299716C861C64B, 3EFBFA8EE857CBF4C6A29E0D1DA38EB21B57D5BA1F6CC544503CA8253E9BFF12 ] mfencrk         C:\windows\system32\DRIVERS\mfencrk.sys
18:46:32.0848 0x13a4  mfencrk - ok
18:46:32.0878 0x13a4  [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp          C:\windows\system32\mfevtps.exe
18:46:32.0882 0x13a4  mfevtp - ok
18:46:32.0909 0x13a4  [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys
18:46:32.0917 0x13a4  mfewfpk - ok
18:46:32.0950 0x13a4  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\windows\system32\mmcss.dll
18:46:32.0952 0x13a4  MMCSS - ok
18:46:32.0987 0x13a4  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\windows\system32\drivers\modem.sys
18:46:32.0988 0x13a4  Modem - ok
18:46:33.0007 0x13a4  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\windows\System32\drivers\monitor.sys
18:46:33.0008 0x13a4  monitor - ok
18:46:33.0021 0x13a4  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\windows\System32\drivers\mouclass.sys
18:46:33.0022 0x13a4  mouclass - ok
18:46:33.0026 0x13a4  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\windows\System32\drivers\mouhid.sys
18:46:33.0027 0x13a4  mouhid - ok
18:46:33.0046 0x13a4  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
18:46:33.0049 0x13a4  mountmgr - ok
18:46:33.0059 0x13a4  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
18:46:33.0061 0x13a4  mpsdrv - ok
18:46:33.0156 0x13a4  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\windows\system32\mpssvc.dll
18:46:33.0179 0x13a4  MpsSvc - ok
18:46:33.0215 0x13a4  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
18:46:33.0218 0x13a4  MRxDAV - ok
18:46:33.0255 0x13a4  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
18:46:33.0262 0x13a4  mrxsmb - ok
18:46:33.0282 0x13a4  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
18:46:33.0287 0x13a4  mrxsmb10 - ok
18:46:33.0309 0x13a4  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
18:46:33.0313 0x13a4  mrxsmb20 - ok
18:46:33.0339 0x13a4  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
18:46:33.0342 0x13a4  MsBridge - ok
18:46:33.0361 0x13a4  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\windows\System32\msdtc.exe
18:46:33.0365 0x13a4  MSDTC - ok
18:46:33.0390 0x13a4  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\windows\system32\drivers\Msfs.sys
18:46:33.0391 0x13a4  Msfs - ok
18:46:33.0405 0x13a4  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
18:46:33.0406 0x13a4  msgpiowin32 - ok
18:46:33.0421 0x13a4  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
18:46:33.0422 0x13a4  mshidkmdf - ok
18:46:33.0435 0x13a4  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
18:46:33.0436 0x13a4  mshidumdf - ok
18:46:33.0466 0x13a4  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
18:46:33.0467 0x13a4  msisadrv - ok
18:46:33.0499 0x13a4  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
18:46:33.0503 0x13a4  MSiSCSI - ok
18:46:33.0507 0x13a4  msiserver - ok
18:46:33.0533 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:46:33.0539 0x13a4  MSK80Service - ok
18:46:33.0543 0x13a4  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
18:46:33.0544 0x13a4  MSKSSRV - ok
18:46:33.0569 0x13a4  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
18:46:33.0570 0x13a4  MsLldp - ok
18:46:33.0583 0x13a4  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
18:46:33.0584 0x13a4  MSPCLOCK - ok
18:46:33.0587 0x13a4  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
18:46:33.0588 0x13a4  MSPQM - ok
18:46:33.0613 0x13a4  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
18:46:33.0621 0x13a4  MsRPC - ok
18:46:33.0633 0x13a4  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
18:46:33.0634 0x13a4  mssmbios - ok
18:46:33.0637 0x13a4  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
18:46:33.0638 0x13a4  MSTEE - ok
18:46:33.0641 0x13a4  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
18:46:33.0642 0x13a4  MTConfig - ok
18:46:33.0656 0x13a4  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\windows\system32\Drivers\mup.sys
18:46:33.0659 0x13a4  Mup - ok
18:46:33.0664 0x13a4  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\windows\system32\drivers\mvumis.sys
18:46:33.0666 0x13a4  mvumis - ok
18:46:33.0698 0x13a4  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\windows\system32\qagentRT.dll
18:46:33.0707 0x13a4  napagent - ok
18:46:33.0739 0x13a4  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
18:46:33.0747 0x13a4  NativeWifiP - ok
18:46:33.0769 0x13a4  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\windows\System32\ncasvc.dll
18:46:33.0774 0x13a4  NcaSvc - ok
18:46:33.0792 0x13a4  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\windows\System32\ncbservice.dll
18:46:33.0797 0x13a4  NcbService - ok
18:46:33.0820 0x13a4  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
18:46:33.0823 0x13a4  NcdAutoSetup - ok
18:46:33.0904 0x13a4  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\windows\system32\drivers\ndis.sys
18:46:33.0926 0x13a4  NDIS - ok
18:46:33.0950 0x13a4  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
18:46:33.0951 0x13a4  NdisCap - ok
18:46:33.0963 0x13a4  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
18:46:33.0966 0x13a4  NdisImPlatform - ok
18:46:33.0983 0x13a4  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
18:46:33.0984 0x13a4  NdisTapi - ok
18:46:34.0006 0x13a4  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
18:46:34.0007 0x13a4  Ndisuio - ok
18:46:34.0026 0x13a4  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\windows\System32\drivers\NdisVirtualBus.sys
18:46:34.0026 0x13a4  NdisVirtualBus - ok
18:46:34.0034 0x13a4  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
18:46:34.0039 0x13a4  NdisWan - ok
18:46:34.0046 0x13a4  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\windows\system32\DRIVERS\ndiswan.sys
18:46:34.0050 0x13a4  NdisWanLegacy - ok
18:46:34.0055 0x13a4  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
18:46:34.0057 0x13a4  NDProxy - ok
18:46:34.0066 0x13a4  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\windows\system32\drivers\Ndu.sys
18:46:34.0068 0x13a4  Ndu - ok
18:46:34.0072 0x13a4  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
18:46:34.0074 0x13a4  NetBIOS - ok
18:46:34.0083 0x13a4  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
18:46:34.0088 0x13a4  NetBT - ok
18:46:34.0101 0x13a4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\windows\system32\lsass.exe
18:46:34.0102 0x13a4  Netlogon - ok
18:46:34.0132 0x13a4  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\windows\System32\netman.dll
18:46:34.0138 0x13a4  Netman - ok
18:46:34.0151 0x13a4  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\windows\System32\netprofmsvc.dll
18:46:34.0162 0x13a4  netprofm - ok
18:46:34.0198 0x13a4  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:46:34.0201 0x13a4  NetTcpPortSharing - ok
18:46:34.0228 0x13a4  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\windows\system32\DRIVERS\netvsc63.sys
18:46:34.0230 0x13a4  netvsc - ok
18:46:34.0321 0x13a4  [ 3483D44E1B24F17E622870801403AD13, EF9C5290777A4E277D47C87A174FF9441BE23CAD2F456D35B808463041F4675C ] NETwNe64        C:\windows\system32\DRIVERS\NETwew00.sys
18:46:34.0385 0x13a4  NETwNe64 - ok
18:46:34.0456 0x13a4  [ 02E736F9861F1A6134736CF7473C513F, 7C574A50980885B213EFC0C394AFE613879B669246A4EA5EA6B5F791F7F6F32E ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
18:46:34.0468 0x13a4  NitroDriverReadSpool9 - ok
18:46:34.0498 0x13a4  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\windows\System32\nlasvc.dll
18:46:34.0512 0x13a4  NlaSvc - ok
18:46:34.0568 0x13a4  [ CD2C0C25ECFCF816306126D3C208614B, C0C8B59BDDB349A593DFF5107841EB76618631C867D7C8F234C9ECBD76713CB0 ] nlsX86cc        C:\windows\SysWOW64\NLSSRV32.EXE
18:46:34.0571 0x13a4  nlsX86cc - ok
18:46:34.0587 0x13a4  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\windows\system32\drivers\Npfs.sys
18:46:34.0588 0x13a4  Npfs - ok
18:46:34.0595 0x13a4  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
18:46:34.0596 0x13a4  npsvctrig - ok
18:46:34.0607 0x13a4  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\windows\system32\nsisvc.dll
18:46:34.0609 0x13a4  nsi - ok
18:46:34.0622 0x13a4  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
18:46:34.0623 0x13a4  nsiproxy - ok
18:46:34.0727 0x13a4  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
18:46:34.0766 0x13a4  Ntfs - ok
18:46:34.0781 0x13a4  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\windows\system32\drivers\Null.sys
18:46:34.0782 0x13a4  Null - ok
18:46:34.0808 0x13a4  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\windows\system32\drivers\nvraid.sys
18:46:34.0811 0x13a4  nvraid - ok
18:46:34.0818 0x13a4  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\windows\system32\drivers\nvstor.sys
18:46:34.0822 0x13a4  nvstor - ok
18:46:34.0829 0x13a4  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
18:46:34.0831 0x13a4  nv_agp - ok
18:46:34.0868 0x13a4  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
18:46:34.0876 0x13a4  p2pimsvc - ok
18:46:34.0903 0x13a4  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\windows\system32\p2psvc.dll
18:46:34.0913 0x13a4  p2psvc - ok
18:46:34.0944 0x13a4  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\windows\System32\drivers\parport.sys
18:46:34.0947 0x13a4  Parport - ok
18:46:34.0957 0x13a4  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
18:46:34.0960 0x13a4  partmgr - ok
18:46:34.0997 0x13a4  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\windows\System32\pcasvc.dll
18:46:35.0007 0x13a4  PcaSvc - ok
18:46:35.0035 0x13a4  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\windows\system32\drivers\pci.sys
18:46:35.0041 0x13a4  pci - ok
18:46:35.0045 0x13a4  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\windows\system32\drivers\pciide.sys
18:46:35.0046 0x13a4  pciide - ok
18:46:35.0052 0x13a4  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
18:46:35.0054 0x13a4  pcmcia - ok
18:46:35.0063 0x13a4  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\windows\system32\drivers\pcw.sys
18:46:35.0065 0x13a4  pcw - ok
18:46:35.0087 0x13a4  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\windows\system32\drivers\pdc.sys
18:46:35.0089 0x13a4  pdc - ok
18:46:35.0118 0x13a4  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
18:46:35.0129 0x13a4  PEAUTH - ok
18:46:35.0151 0x13a4  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\windows\SysWow64\perfhost.exe
18:46:35.0152 0x13a4  PerfHost - ok
18:46:35.0230 0x13a4  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\windows\system32\pla.dll
18:46:35.0259 0x13a4  pla - ok
18:46:35.0283 0x13a4  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
18:46:35.0286 0x13a4  PlugPlay - ok
18:46:35.0301 0x13a4  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
18:46:35.0303 0x13a4  PNRPAutoReg - ok
18:46:35.0323 0x13a4  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
18:46:35.0330 0x13a4  PNRPsvc - ok
18:46:35.0356 0x13a4  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
18:46:35.0363 0x13a4  PolicyAgent - ok
18:46:35.0388 0x13a4  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\windows\system32\umpo.dll
18:46:35.0391 0x13a4  Power - ok
18:46:35.0522 0x13a4  [ C0B3AD50136FE57C2548BD75CAC49DA2, B5661CE7631C5D1B1C50F36EE66AF6DF2E9E69DA1D9BA7C852E74D206F72D8DB ] PrintNotify     C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll
18:46:35.0578 0x13a4  PrintNotify - ok
18:46:35.0602 0x13a4  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\windows\System32\drivers\processr.sys
18:46:35.0605 0x13a4  Processor - ok
18:46:35.0632 0x13a4  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\windows\system32\profsvc.dll
18:46:35.0638 0x13a4  ProfSvc - ok
18:46:35.0652 0x13a4  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\windows\system32\DRIVERS\pacer.sys
18:46:35.0655 0x13a4  Psched - ok
18:46:35.0679 0x13a4  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\windows\system32\qwave.dll
18:46:35.0687 0x13a4  QWAVE - ok
18:46:35.0700 0x13a4  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
18:46:35.0702 0x13a4  QWAVEdrv - ok
18:46:35.0712 0x13a4  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
18:46:35.0714 0x13a4  RasAcd - ok
18:46:35.0733 0x13a4  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\windows\System32\rasauto.dll
18:46:35.0736 0x13a4  RasAuto - ok
18:46:35.0769 0x13a4  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\windows\System32\rasmans.dll
18:46:35.0781 0x13a4  RasMan - ok
18:46:35.0799 0x13a4  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
18:46:35.0802 0x13a4  RasPppoe - ok
18:46:35.0831 0x13a4  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
18:46:35.0838 0x13a4  rdbss - ok
18:46:35.0866 0x13a4  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
18:46:35.0867 0x13a4  rdpbus - ok
18:46:35.0891 0x13a4  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
18:46:35.0895 0x13a4  RDPDR - ok
18:46:35.0917 0x13a4  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
18:46:35.0918 0x13a4  RdpVideoMiniport - ok
18:46:35.0926 0x13a4  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
18:46:35.0932 0x13a4  rdyboost - ok
18:46:36.0004 0x13a4  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\windows\system32\drivers\ReFS.sys
18:46:36.0024 0x13a4  ReFS - ok
18:46:36.0052 0x13a4  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\windows\System32\mprdim.dll
18:46:36.0058 0x13a4  RemoteAccess - ok
18:46:36.0076 0x13a4  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\windows\system32\regsvc.dll
18:46:36.0081 0x13a4  RemoteRegistry - ok
18:46:36.0098 0x13a4  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
18:46:36.0101 0x13a4  RFCOMM - ok
18:46:36.0199 0x13a4  [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
18:46:36.0213 0x13a4  RichVideo64 - ok
18:46:36.0236 0x13a4  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
18:46:36.0240 0x13a4  RpcEptMapper - ok
18:46:36.0262 0x13a4  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\windows\system32\locator.exe
18:46:36.0264 0x13a4  RpcLocator - ok
18:46:36.0314 0x13a4  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\windows\system32\rpcss.dll
18:46:36.0338 0x13a4  RpcSs - ok
18:46:36.0363 0x13a4  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
18:46:36.0365 0x13a4  rspndr - ok
18:46:36.0390 0x13a4  [ 4EC89C0725CE4B98994B88F19B30C288, 4FA73C24A2E18D04CE27EEF17C9AE847D0251B711F60D116139F6166F90CD08F ] RSUSBVSTOR      C:\windows\System32\Drivers\RtsUVStor.sys
18:46:36.0406 0x13a4  RSUSBVSTOR - ok
18:46:36.0671 0x13a4  [ 993E6A15FD3EAFC280B8EBB396FA31B2, F268BEE5FFA81A42314DEA4E209FA9D737E50EBE49F76C64B23554F90499A334 ] rtsuvc          C:\windows\system32\DRIVERS\rtsuvc.sys
18:46:36.0809 0x13a4  rtsuvc - ok
18:46:36.0834 0x13a4  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
18:46:36.0835 0x13a4  s3cap - ok
18:46:36.0856 0x13a4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\windows\system32\lsass.exe
18:46:36.0858 0x13a4  SamSs - ok
18:46:36.0862 0x13a4  SAService - ok
18:46:36.0883 0x13a4  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
18:46:36.0886 0x13a4  sbp2port - ok
18:46:36.0910 0x13a4  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\windows\System32\SCardSvr.dll
18:46:36.0915 0x13a4  SCardSvr - ok
18:46:36.0928 0x13a4  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\windows\System32\ScDeviceEnum.dll
18:46:36.0932 0x13a4  ScDeviceEnum - ok
18:46:36.0946 0x13a4  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
18:46:36.0948 0x13a4  scfilter - ok
18:46:37.0010 0x13a4  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\windows\system32\schedsvc.dll
18:46:37.0035 0x13a4  Schedule - ok
18:46:37.0066 0x13a4  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\windows\System32\certprop.dll
18:46:37.0069 0x13a4  SCPolicySvc - ok
18:46:37.0099 0x13a4  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\windows\System32\drivers\sdbus.sys
18:46:37.0110 0x13a4  sdbus - ok
18:46:37.0139 0x13a4  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\windows\System32\drivers\sdstor.sys
18:46:37.0141 0x13a4  sdstor - ok
18:46:37.0154 0x13a4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
18:46:37.0155 0x13a4  secdrv - ok
18:46:37.0190 0x13a4  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\windows\system32\seclogon.dll
18:46:37.0193 0x13a4  seclogon - ok
18:46:37.0215 0x13a4  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\windows\System32\sens.dll
18:46:37.0219 0x13a4  SENS - ok
18:46:37.0242 0x13a4  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\windows\system32\sensrsvc.dll
18:46:37.0252 0x13a4  SensrSvc - ok
18:46:37.0288 0x13a4  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\windows\system32\drivers\SerCx.sys
18:46:37.0290 0x13a4  SerCx - ok
18:46:37.0306 0x13a4  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\windows\system32\drivers\SerCx2.sys
18:46:37.0310 0x13a4  SerCx2 - ok
18:46:37.0314 0x13a4  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\windows\System32\drivers\serenum.sys
18:46:37.0316 0x13a4  Serenum - ok
18:46:37.0321 0x13a4  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\windows\System32\drivers\serial.sys
18:46:37.0323 0x13a4  Serial - ok
18:46:37.0328 0x13a4  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\windows\System32\drivers\sermouse.sys
18:46:37.0330 0x13a4  sermouse - ok
18:46:37.0389 0x13a4  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\windows\system32\sessenv.dll
18:46:37.0397 0x13a4  SessionEnv - ok
18:46:37.0401 0x13a4  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
18:46:37.0402 0x13a4  sfloppy - ok
18:46:37.0448 0x13a4  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\windows\System32\ipnathlp.dll
18:46:37.0474 0x13a4  SharedAccess - ok
18:46:37.0558 0x13a4  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:46:37.0573 0x13a4  ShellHWDetection - ok
18:46:37.0592 0x13a4  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
18:46:37.0594 0x13a4  SiSRaid2 - ok
18:46:37.0605 0x13a4  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
18:46:37.0607 0x13a4  SiSRaid4 - ok
18:46:37.0624 0x13a4  [ D116D01C316D007149B4B529137AC19B, 7EF40B2385790E7924827F7376E74028B2DEAF6A94674E060E20BCDCE07AD293 ] SmbDrvI         C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
18:46:37.0625 0x13a4  SmbDrvI - ok
18:46:37.0634 0x13a4  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\windows\System32\smphost.dll
18:46:37.0636 0x13a4  smphost - ok
18:46:37.0654 0x13a4  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
18:46:37.0656 0x13a4  SNMPTRAP - ok
18:46:37.0690 0x13a4  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\windows\system32\drivers\spaceport.sys
18:46:37.0698 0x13a4  spaceport - ok
18:46:37.0703 0x13a4  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
18:46:37.0705 0x13a4  SpbCx - ok
18:46:37.0741 0x13a4  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\windows\System32\spoolsv.exe
18:46:37.0755 0x13a4  Spooler - ok
18:46:37.0951 0x13a4  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\windows\system32\sppsvc.exe
18:46:38.0070 0x13a4  sppsvc - ok
18:46:38.0118 0x13a4  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\windows\system32\DRIVERS\srv.sys
18:46:38.0125 0x13a4  srv - ok
18:46:38.0152 0x13a4  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
18:46:38.0163 0x13a4  srv2 - ok
18:46:38.0199 0x13a4  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
18:46:38.0204 0x13a4  srvnet - ok
18:46:38.0238 0x13a4  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
18:46:38.0250 0x13a4  SSDPSRV - ok
18:46:38.0258 0x13a4  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\windows\system32\sstpsvc.dll
18:46:38.0264 0x13a4  SstpSvc - ok
18:46:38.0292 0x13a4  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\windows\system32\drivers\stexstor.sys
18:46:38.0294 0x13a4  stexstor - ok
18:46:38.0341 0x13a4  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\windows\System32\wiaservc.dll
18:46:38.0354 0x13a4  stisvc - ok
18:46:38.0361 0x13a4  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\windows\system32\drivers\storahci.sys
18:46:38.0363 0x13a4  storahci - ok
18:46:38.0381 0x13a4  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
18:46:38.0383 0x13a4  storflt - ok
18:46:38.0397 0x13a4  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\windows\system32\drivers\stornvme.sys
18:46:38.0399 0x13a4  stornvme - ok
18:46:38.0420 0x13a4  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\windows\system32\storsvc.dll
18:46:38.0422 0x13a4  StorSvc - ok
18:46:38.0438 0x13a4  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\windows\system32\drivers\storvsc.sys
18:46:38.0440 0x13a4  storvsc - ok
18:46:38.0449 0x13a4  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\windows\system32\svsvc.dll
18:46:38.0451 0x13a4  svsvc - ok
18:46:38.0465 0x13a4  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\windows\System32\drivers\swenum.sys
18:46:38.0466 0x13a4  swenum - ok
18:46:38.0508 0x13a4  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\windows\System32\swprv.dll
18:46:38.0524 0x13a4  swprv - ok
18:46:38.0561 0x13a4  [ 1BF4A65B841F946F2ECE806F3CCC4958, C31B791BD552F1E09D00209A1FB2F96959AB80E5C713EDE5C5615FF8AC2D8BEB ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
18:46:38.0570 0x13a4  SynTP - ok
18:46:38.0673 0x13a4  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\windows\system32\sysmain.dll
18:46:38.0698 0x13a4  SysMain - ok
18:46:38.0720 0x13a4  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
18:46:38.0727 0x13a4  SystemEventsBroker - ok
18:46:38.0748 0x13a4  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\windows\System32\TabSvc.dll
18:46:38.0753 0x13a4  TabletInputService - ok
18:46:38.0777 0x13a4  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\windows\System32\tapisrv.dll
18:46:38.0784 0x13a4  TapiSrv - ok
18:46:38.0899 0x13a4  [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] Tcpip           C:\windows\system32\drivers\tcpip.sys
18:46:38.0946 0x13a4  Tcpip - ok
18:46:39.0002 0x13a4  [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
18:46:39.0045 0x13a4  TCPIP6 - ok
18:46:39.0079 0x13a4  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
18:46:39.0081 0x13a4  tcpipreg - ok
18:46:39.0103 0x13a4  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\windows\system32\DRIVERS\tdx.sys
18:46:39.0105 0x13a4  tdx - ok
18:46:39.0122 0x13a4  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\windows\System32\drivers\terminpt.sys
18:46:39.0124 0x13a4  terminpt - ok
18:46:39.0173 0x13a4  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\windows\System32\termsrv.dll
18:46:39.0194 0x13a4  TermService - ok
18:46:39.0220 0x13a4  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\windows\system32\themeservice.dll
18:46:39.0223 0x13a4  Themes - ok
18:46:39.0249 0x13a4  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\windows\system32\mmcss.dll
18:46:39.0252 0x13a4  THREADORDER - ok
18:46:39.0264 0x13a4  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
18:46:39.0271 0x13a4  TimeBroker - ok
18:46:39.0294 0x13a4  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\windows\system32\drivers\tpm.sys
18:46:39.0298 0x13a4  TPM - ok
18:46:39.0312 0x13a4  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\windows\System32\trkwks.dll
18:46:39.0316 0x13a4  TrkWks - ok
18:46:39.0357 0x13a4  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:46:39.0361 0x13a4  TrustedInstaller - ok
18:46:39.0374 0x13a4  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
18:46:39.0378 0x13a4  TsUsbFlt - ok
18:46:39.0386 0x13a4  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
18:46:39.0387 0x13a4  TsUsbGD - ok
18:46:39.0411 0x13a4  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
18:46:39.0415 0x13a4  tunnel - ok
18:46:39.0419 0x13a4  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\windows\system32\drivers\uagp35.sys
18:46:39.0422 0x13a4  uagp35 - ok
18:46:39.0436 0x13a4  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
18:46:39.0438 0x13a4  UASPStor - ok
18:46:39.0446 0x13a4  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
18:46:39.0451 0x13a4  UCX01000 - ok
18:46:39.0474 0x13a4  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\windows\system32\DRIVERS\udfs.sys
18:46:39.0482 0x13a4  udfs - ok
18:46:39.0487 0x13a4  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\windows\System32\drivers\UEFI.sys
18:46:39.0488 0x13a4  UEFI - ok
18:46:39.0528 0x13a4  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\windows\system32\UI0Detect.exe
18:46:39.0530 0x13a4  UI0Detect - ok
18:46:39.0535 0x13a4  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
18:46:39.0537 0x13a4  uliagpkx - ok
18:46:39.0554 0x13a4  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\windows\System32\drivers\umbus.sys
18:46:39.0555 0x13a4  umbus - ok
18:46:39.0573 0x13a4  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\windows\System32\drivers\umpass.sys
18:46:39.0574 0x13a4  UmPass - ok
18:46:39.0593 0x13a4  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\windows\System32\umrdp.dll
18:46:39.0601 0x13a4  UmRdpService - ok
18:46:39.0632 0x13a4  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\windows\System32\upnphost.dll
18:46:39.0643 0x13a4  upnphost - ok
18:46:39.0670 0x13a4  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\windows\System32\Drivers\usbaapl64.sys
18:46:39.0672 0x13a4  USBAAPL64 - ok
18:46:39.0704 0x13a4  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
18:46:39.0708 0x13a4  usbccgp - ok
18:46:39.0727 0x13a4  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\windows\System32\drivers\usbcir.sys
18:46:39.0730 0x13a4  usbcir - ok
18:46:39.0764 0x13a4  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\windows\System32\drivers\usbehci.sys
18:46:39.0766 0x13a4  usbehci - ok
18:46:39.0787 0x13a4  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\windows\System32\drivers\usbhub.sys
18:46:39.0796 0x13a4  usbhub - ok
18:46:39.0836 0x13a4  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
18:46:39.0845 0x13a4  USBHUB3 - ok
18:46:39.0884 0x13a4  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\windows\System32\drivers\usbohci.sys
18:46:39.0886 0x13a4  usbohci - ok
18:46:39.0899 0x13a4  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\windows\System32\drivers\usbprint.sys
18:46:39.0901 0x13a4  usbprint - ok
18:46:39.0917 0x13a4  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
18:46:39.0921 0x13a4  USBSTOR - ok
18:46:39.0955 0x13a4  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
18:46:39.0956 0x13a4  usbuhci - ok
18:46:39.0964 0x13a4  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
18:46:39.0968 0x13a4  usbvideo - ok
18:46:39.0986 0x13a4  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
18:46:39.0992 0x13a4  USBXHCI - ok
18:46:40.0001 0x13a4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\windows\system32\lsass.exe
18:46:40.0003 0x13a4  VaultSvc - ok
18:46:40.0015 0x13a4  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
18:46:40.0016 0x13a4  vdrvroot - ok
18:46:40.0069 0x13a4  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\windows\System32\vds.exe
18:46:40.0094 0x13a4  vds - ok
18:46:40.0158 0x13a4  [ F7579733F4E8FF9B534C3F7D38F25C2C, 449FED49F2178D2A8000549B180606D050751762F53E600C13CFBEC91601DE87 ] VeriFaceSrv     C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
18:46:40.0162 0x13a4  VeriFaceSrv - ok
18:46:40.0186 0x13a4  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
18:46:40.0197 0x13a4  VerifierExt - ok
18:46:40.0233 0x13a4  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
18:46:40.0247 0x13a4  vhdmp - ok
18:46:40.0263 0x13a4  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\windows\system32\drivers\viaide.sys
18:46:40.0264 0x13a4  viaide - ok
18:46:40.0271 0x13a4  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\windows\system32\drivers\vmbus.sys
18:46:40.0274 0x13a4  vmbus - ok
18:46:40.0294 0x13a4  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
18:46:40.0296 0x13a4  VMBusHID - ok
18:46:40.0326 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\windows\System32\ICSvc.dll
18:46:40.0341 0x13a4  vmicguestinterface - ok
18:46:40.0357 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
18:46:40.0369 0x13a4  vmicheartbeat - ok
18:46:40.0384 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\windows\System32\ICSvc.dll
18:46:40.0394 0x13a4  vmickvpexchange - ok
18:46:40.0410 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\windows\System32\ICSvc.dll
18:46:40.0421 0x13a4  vmicrdv - ok
18:46:40.0435 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\windows\System32\ICSvc.dll
18:46:40.0445 0x13a4  vmicshutdown - ok
18:46:40.0458 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\windows\System32\ICSvc.dll
18:46:40.0472 0x13a4  vmictimesync - ok
18:46:40.0490 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\windows\System32\ICSvc.dll
18:46:40.0500 0x13a4  vmicvss - ok
18:46:40.0515 0x13a4  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\windows\system32\drivers\volmgr.sys
18:46:40.0518 0x13a4  volmgr - ok
18:46:40.0537 0x13a4  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
18:46:40.0545 0x13a4  volmgrx - ok
18:46:40.0574 0x13a4  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\windows\system32\drivers\volsnap.sys
18:46:40.0581 0x13a4  volsnap - ok
18:46:40.0604 0x13a4  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\windows\System32\drivers\vpci.sys
18:46:40.0606 0x13a4  vpci - ok
18:46:40.0615 0x13a4  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
18:46:40.0620 0x13a4  vsmraid - ok
18:46:40.0702 0x13a4  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\windows\system32\vssvc.exe
18:46:40.0731 0x13a4  VSS - ok
18:46:40.0744 0x13a4  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
18:46:40.0753 0x13a4  VSTXRAID - ok
18:46:40.0770 0x13a4  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
18:46:40.0772 0x13a4  vwifibus - ok
18:46:40.0793 0x13a4  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
18:46:40.0795 0x13a4  vwififlt - ok
18:46:40.0803 0x13a4  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
18:46:40.0805 0x13a4  vwifimp - ok
18:46:40.0838 0x13a4  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\windows\system32\w32time.dll
18:46:40.0849 0x13a4  W32Time - ok
18:46:40.0867 0x13a4  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\windows\System32\drivers\wacompen.sys
18:46:40.0868 0x13a4  WacomPen - ok
18:46:40.0928 0x13a4  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\windows\system32\wbengine.exe
18:46:40.0968 0x13a4  wbengine - ok
18:46:40.0995 0x13a4  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
18:46:41.0005 0x13a4  WbioSrvc - ok
18:46:41.0022 0x13a4  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
18:46:41.0031 0x13a4  Wcmsvc - ok
18:46:41.0056 0x13a4  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\windows\System32\wcncsvc.dll
18:46:41.0067 0x13a4  wcncsvc - ok
18:46:41.0090 0x13a4  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:46:41.0099 0x13a4  WcsPlugInService - ok
18:46:41.0148 0x13a4  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
18:46:41.0150 0x13a4  WdBoot - ok
18:46:41.0240 0x13a4  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
18:46:41.0265 0x13a4  Wdf01000 - ok
18:46:41.0289 0x13a4  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
18:46:41.0295 0x13a4  WdFilter - ok
18:46:41.0329 0x13a4  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\windows\system32\wdi.dll
18:46:41.0333 0x13a4  WdiServiceHost - ok
18:46:41.0338 0x13a4  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\windows\system32\wdi.dll
18:46:41.0343 0x13a4  WdiSystemHost - ok
18:46:41.0366 0x13a4  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\windows\system32\Drivers\WdNisDrv.sys
18:46:41.0369 0x13a4  WdNisDrv - ok
18:46:41.0388 0x13a4  WdNisSvc - ok
18:46:41.0420 0x13a4  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\windows\System32\webclnt.dll
18:46:41.0426 0x13a4  WebClient - ok
18:46:41.0448 0x13a4  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\windows\system32\wecsvc.dll
18:46:41.0454 0x13a4  Wecsvc - ok
18:46:41.0473 0x13a4  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\windows\system32\wephostsvc.dll
18:46:41.0476 0x13a4  WEPHOSTSVC - ok
18:46:41.0507 0x13a4  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
18:46:41.0510 0x13a4  wercplsupport - ok
18:46:41.0529 0x13a4  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\windows\System32\WerSvc.dll
18:46:41.0533 0x13a4  WerSvc - ok
18:46:41.0565 0x13a4  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
18:46:41.0568 0x13a4  WFPLWFS - ok
18:46:41.0593 0x13a4  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\windows\System32\wiarpc.dll
18:46:41.0596 0x13a4  WiaRpc - ok
18:46:41.0627 0x13a4  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
18:46:41.0629 0x13a4  WIMMount - ok
18:46:41.0632 0x13a4  WinDefend - ok
18:46:41.0682 0x13a4  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
18:46:41.0697 0x13a4  WinHttpAutoProxySvc - ok
18:46:41.0753 0x13a4  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
18:46:41.0759 0x13a4  Winmgmt - ok
18:46:41.0931 0x13a4  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\windows\system32\WsmSvc.dll
18:46:41.0981 0x13a4  WinRM - ok
18:46:42.0009 0x13a4  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
18:46:42.0011 0x13a4  WinUsb - ok
18:46:42.0080 0x13a4  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\windows\System32\wlansvc.dll
18:46:42.0109 0x13a4  WlanSvc - ok
18:46:42.0202 0x13a4  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\windows\system32\wlidsvc.dll
18:46:42.0234 0x13a4  wlidsvc - ok
18:46:42.0249 0x13a4  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
18:46:42.0250 0x13a4  WmiAcpi - ok
18:46:42.0285 0x13a4  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
18:46:42.0289 0x13a4  wmiApSrv - ok
18:46:42.0332 0x13a4  WMPNetworkSvc - ok
18:46:42.0383 0x13a4  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\windows\system32\drivers\Wof.sys
18:46:42.0392 0x13a4  Wof - ok
18:46:42.0506 0x13a4  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\windows\system32\workfolderssvc.dll
18:46:42.0539 0x13a4  workfolderssvc - ok
18:46:42.0577 0x13a4  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
18:46:42.0578 0x13a4  wpcfltr - ok
18:46:42.0603 0x13a4  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
18:46:42.0610 0x13a4  WPCSvc - ok
18:46:42.0640 0x13a4  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
18:46:42.0644 0x13a4  WPDBusEnum - ok
18:46:42.0674 0x13a4  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
18:46:42.0675 0x13a4  WpdUpFltr - ok
18:46:42.0693 0x13a4  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
18:46:42.0694 0x13a4  ws2ifsl - ok
18:46:42.0734 0x13a4  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\windows\System32\wscsvc.dll
18:46:42.0738 0x13a4  wscsvc - ok
18:46:42.0766 0x13a4  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\windows\System32\drivers\WSDPrint.sys
18:46:42.0767 0x13a4  WSDPrintDevice - ok
18:46:42.0797 0x13a4  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\windows\System32\drivers\WSDScan.sys
18:46:42.0798 0x13a4  WSDScan - ok
18:46:42.0801 0x13a4  WSearch - ok
18:46:42.0938 0x13a4  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\windows\System32\WSService.dll
18:46:43.0002 0x13a4  WSService - ok
18:46:43.0038 0x13a4  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
18:46:43.0041 0x13a4  wsvd - ok
18:46:43.0164 0x13a4  [ D24002EB2F4A8A04897703067E81CC5D, 03806198D26DD7BA3E27EFE0911B49E5B48CAD8A05EC4F56AF45CF1E3FAD6916 ] wuauserv        C:\windows\system32\wuaueng.dll
18:46:43.0230 0x13a4  wuauserv - ok
18:46:43.0263 0x13a4  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
18:46:43.0266 0x13a4  WudfPf - ok
18:46:43.0287 0x13a4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
18:46:43.0291 0x13a4  WUDFRd - ok
18:46:43.0299 0x13a4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
18:46:43.0303 0x13a4  WUDFSensorLP - ok
18:46:43.0315 0x13a4  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
18:46:43.0318 0x13a4  wudfsvc - ok
18:46:43.0326 0x13a4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
18:46:43.0331 0x13a4  WUDFWpdFs - ok
18:46:43.0337 0x13a4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
18:46:43.0341 0x13a4  WUDFWpdMtp - ok
18:46:43.0381 0x13a4  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\windows\System32\wwansvc.dll
18:46:43.0392 0x13a4  WwanSvc - ok
18:46:43.0458 0x13a4  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
18:46:43.0468 0x13a4  ZAtheros Bt and Wlan Coex Agent - ok
18:46:43.0482 0x13a4  ================ Scan global ===============================
18:46:43.0528 0x13a4  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\windows\system32\basesrv.dll
18:46:43.0559 0x13a4  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\windows\system32\winsrv.dll
18:46:43.0594 0x13a4  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\windows\system32\sxssrv.dll
18:46:43.0656 0x13a4  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\windows\system32\services.exe
18:46:43.0678 0x13a4  [ Global ] - ok
18:46:43.0679 0x13a4  ================ Scan MBR ==================================
18:46:43.0697 0x13a4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:46:43.0702 0x13a4  \Device\Harddisk0\DR0 - ok
18:46:43.0702 0x13a4  ================ Scan VBR ==================================
18:46:43.0706 0x13a4  [ A35BD2FE0C8F1B1B44552C0005B07AB1 ] \Device\Harddisk0\DR0\Partition1
18:46:43.0713 0x13a4  \Device\Harddisk0\DR0\Partition1 - ok
18:46:43.0724 0x13a4  [ DF3449D0311BB6E39FEF0F36134F1AA2 ] \Device\Harddisk0\DR0\Partition2
18:46:43.0732 0x13a4  \Device\Harddisk0\DR0\Partition2 - ok
18:46:43.0750 0x13a4  [ 6C7394C115F8CF325CBB1EE5605213FA ] \Device\Harddisk0\DR0\Partition3
18:46:43.0765 0x13a4  \Device\Harddisk0\DR0\Partition3 - ok
18:46:43.0787 0x13a4  [ 7BBEBBA59A50CCFF5E2580CE7CAB5755 ] \Device\Harddisk0\DR0\Partition4
18:46:43.0788 0x13a4  \Device\Harddisk0\DR0\Partition4 - ok
18:46:43.0802 0x13a4  [ BBABDFFC343416B45E3F41018D00718D ] \Device\Harddisk0\DR0\Partition5
18:46:43.0820 0x13a4  \Device\Harddisk0\DR0\Partition5 - ok
18:46:43.0846 0x13a4  [ 2E3B543307DE31FDD66D1D6A1BFF68A3 ] \Device\Harddisk0\DR0\Partition6
18:46:43.0865 0x13a4  \Device\Harddisk0\DR0\Partition6 - ok
18:46:43.0884 0x13a4  [ 4ECDA745F275C498509DB79B34FBD03C ] \Device\Harddisk0\DR0\Partition7
18:46:43.0904 0x13a4  \Device\Harddisk0\DR0\Partition7 - ok
18:46:43.0905 0x13a4  ================ Scan generic autorun ======================
18:46:43.0967 0x13a4  [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
18:46:43.0970 0x13a4  IAStorIcon - ok
18:46:44.0016 0x13a4  [ BCA130800847C31A4E11A08116897C12, 497CE051C599CABD3D659D6622BDDD335B9C16537628EF86963212E01496A354 ] C:\windows\system32\igfxtray.exe
18:46:44.0037 0x13a4  IgfxTray - ok
18:46:44.0073 0x13a4  [ 53621F723CF91434F1278AEDB7BF35EE, 3864D025BFBB462A8A7E2A7E2F2060A34ABF5AB685290B8D7A8748A3412DFBB6 ] C:\windows\system32\hkcmd.exe
18:46:44.0088 0x13a4  HotKeysCmds - ok
18:46:44.0125 0x13a4  [ 0394C29A20DFD3692B7C7254F1CCC026, D3AB34B59571BE983730676ED2741B056D7E8169C4857550644BF089D34B0F81 ] C:\windows\system32\igfxpers.exe
18:46:44.0158 0x13a4  Persistence - ok
18:46:44.0364 0x13a4  [ 6546BB9B4B32BE17C66479EBCF6F34BF, 79FF9DD229C8218499FE10ECE258CCAFF3FF258790840769948E4D05B017E9B8 ] C:\windows\RTFTrack.exe
18:46:44.0465 0x13a4  RtsFT - ok
18:46:44.0551 0x13a4  [ 18A8ED924A58263AB9E80CE164612CCB, 347BB04D76DFF6AAA57039D3386A1942F9227B170C605F369A3382CC747F1A7D ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
18:46:44.0569 0x13a4  cAudioFilterAgent - ok
18:46:44.0639 0x13a4  [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
18:46:44.0669 0x13a4  SmartAudio - ok
18:46:45.0147 0x13a4  [ E0AD9F72153A7F55702C3170FDA7876C, 839A8D0B72C3A0530ACC447532CA4CACC19E3C91CEA6B9CBB9498D36DD2DFBE6 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
18:46:45.0603 0x13a4  Energy Manager - ok
18:46:45.0635 0x13a4  [ F0627CE818DA58BAE771DCD4669FA343, 070CE17C9DAC01CC5AE465DFA3FDD8A44ABF97AC8101ED238C96668027B6F10B ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
18:46:45.0636 0x13a4  Lenovo Utility - ok
18:46:45.0680 0x13a4  [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
18:46:45.0689 0x13a4  mcpltui_exe - ok
18:46:45.0728 0x13a4  [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
18:46:45.0732 0x13a4  UpdateP2GShortCut - ok
18:46:45.0777 0x13a4  [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:46:45.0784 0x13a4  iTunesHelper - ok
18:46:45.0867 0x13a4  [ 4AA39B9A4A8534450AA4F55F5C907090, 1620803211935FCC8C57F15CF34255BBDD92CE5FFBB28CCD37C29EB50B4C6D48 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:46:45.0881 0x13a4  GoogleChromeAutoLaunch_7AF03CD55FBE5121416D410588C61404 - ok
18:46:45.0883 0x13a4  Waiting for KSN requests completion. In queue: 104
18:46:46.0884 0x13a4  Waiting for KSN requests completion. In queue: 104
18:46:47.0884 0x13a4  Waiting for KSN requests completion. In queue: 104
18:46:48.0915 0x13a4  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )
18:46:48.0964 0x13a4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
18:46:48.0967 0x13a4  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )
18:46:51.0437 0x13a4  ============================================================
18:46:51.0437 0x13a4  Scan finished
18:46:51.0437 0x13a4  ============================================================
18:46:51.0456 0x13b0  Detected object count: 0
18:46:51.0456 0x13b0  Actual detected object count: 0
18:48:26.0549 0x08f4  Deinitialize success


#7 chopped_liver_mm

chopped_liver_mm
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 22 October 2014 - 05:58 PM

18:45:57.0168 0x09d8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:45:57.0168 0x09d8  UEFI system
18:46:00.0552 0x09d8  ============================================================
18:46:00.0552 0x09d8  Current date / time: 2014/10/22 18:46:00.0552
18:46:00.0552 0x09d8  SystemInfo:
18:46:00.0552 0x09d8  
18:46:00.0552 0x09d8  OS Version: 6.3.9600 ServicePack: 0.0
18:46:00.0552 0x09d8  Product type: Workstation
18:46:00.0552 0x09d8  ComputerName: LENOVO-PC
18:46:00.0552 0x09d8  UserName: Joshua
18:46:00.0552 0x09d8  Windows directory: C:\windows
18:46:00.0552 0x09d8  System windows directory: C:\windows
18:46:00.0552 0x09d8  Running under WOW64
18:46:00.0552 0x09d8  Processor architecture: Intel x64
18:46:00.0552 0x09d8  Number of processors: 4
18:46:00.0552 0x09d8  Page size: 0x1000
18:46:00.0552 0x09d8  Boot type: Normal boot
18:46:00.0552 0x09d8  ============================================================
18:46:01.0052 0x09d8  KLMD registered as C:\windows\system32\drivers\51472503.sys
18:46:01.0594 0x09d8  System UUID: {536A5EA6-C234-5A69-824D-7B9942A77125}
18:46:02.0194 0x09d8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:46:02.0200 0x09d8  ============================================================
18:46:02.0200 0x09d8  \Device\Harddisk0\DR0:
18:46:02.0200 0x09d8  GPT partitions:
18:46:02.0201 0x09d8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BB756F85-40B6-4FB4-8A48-95559D126BEF}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
18:46:02.0201 0x09d8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4BA14221-B28A-40E6-9046-57D03EF6B16C}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
18:46:02.0201 0x09d8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {6F9DC8F8-59FE-43A9-BDA8-58E3F95410B0}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
18:46:02.0202 0x09d8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9212D7EF-3943-449B-B078-5687A887D82E}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
18:46:02.0202 0x09d8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3641CA43-324F-44FE-9BB7-5AFBFF6FBE8E}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x35088800
18:46:02.0202 0x09d8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {15168254-AC63-486C-9986-16B9ED43923E}, Name: Basic data partition, StartLBA 0x35533000, BlocksNum 0x3200000
18:46:02.0202 0x09d8  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C3FF2120-9D06-4816-821E-360AF1446B59}, Name: Basic data partition, StartLBA 0x38733000, BlocksNum 0x1C53000
18:46:02.0202 0x09d8  MBR partitions:
18:46:02.0202 0x09d8  ============================================================
18:46:02.0242 0x09d8  C: <-> \Device\Harddisk0\DR0\Partition5
18:46:02.0344 0x09d8  D: <-> \Device\Harddisk0\DR0\Partition6
18:46:02.0345 0x09d8  ============================================================
18:46:02.0345 0x09d8  Initialize success
18:46:02.0345 0x09d8  ============================================================
18:46:20.0979 0x13a4  ============================================================
18:46:20.0979 0x13a4  Scan started
18:46:20.0979 0x13a4  Mode: Manual; 
18:46:20.0979 0x13a4  ============================================================
18:46:20.0979 0x13a4  KSN ping started
18:46:23.0368 0x13a4  KSN ping finished: true
18:46:24.0244 0x13a4  ================ Scan system memory ========================
18:46:24.0244 0x13a4  System memory - ok
18:46:24.0245 0x13a4  ================ Scan services =============================
18:46:24.0395 0x13a4  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
18:46:24.0408 0x13a4  1394ohci - ok
18:46:24.0426 0x13a4  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\windows\system32\drivers\3ware.sys
18:46:24.0429 0x13a4  3ware - ok
18:46:24.0463 0x13a4  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\windows\system32\drivers\ACPI.sys
18:46:24.0475 0x13a4  ACPI - ok
18:46:24.0493 0x13a4  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\windows\system32\Drivers\acpiex.sys
18:46:24.0495 0x13a4  acpiex - ok
18:46:24.0499 0x13a4  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
18:46:24.0500 0x13a4  acpipagr - ok
18:46:24.0503 0x13a4  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
18:46:24.0504 0x13a4  AcpiPmi - ok
18:46:24.0508 0x13a4  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\windows\System32\drivers\acpitime.sys
18:46:24.0509 0x13a4  acpitime - ok
18:46:24.0527 0x13a4  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\windows\System32\drivers\AcpiVpc.sys
18:46:24.0528 0x13a4  ACPIVPC - ok
18:46:24.0577 0x13a4  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\windows\system32\drivers\ADP80XX.SYS
18:46:24.0592 0x13a4  ADP80XX - ok
18:46:24.0626 0x13a4  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
18:46:24.0630 0x13a4  AeLookupSvc - ok
18:46:24.0771 0x13a4  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\windows\system32\drivers\afd.sys
18:46:24.0787 0x13a4  AFD - ok
18:46:24.0811 0x13a4  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\windows\system32\drivers\agp440.sys
18:46:24.0813 0x13a4  agp440 - ok
18:46:24.0834 0x13a4  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\windows\system32\DRIVERS\ahcache.sys
18:46:24.0836 0x13a4  ahcache - ok
18:46:24.0874 0x13a4  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\windows\System32\alg.exe
18:46:24.0879 0x13a4  ALG - ok
18:46:24.0903 0x13a4  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\windows\System32\drivers\amdk8.sys
18:46:24.0909 0x13a4  AmdK8 - ok
18:46:24.0937 0x13a4  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
18:46:24.0943 0x13a4  AmdPPM - ok
18:46:24.0955 0x13a4  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\windows\system32\drivers\amdsata.sys
18:46:24.0959 0x13a4  amdsata - ok
18:46:24.0979 0x13a4  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
18:46:24.0986 0x13a4  amdsbs - ok
18:46:24.0991 0x13a4  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\windows\system32\drivers\amdxata.sys
18:46:24.0993 0x13a4  amdxata - ok
18:46:24.0999 0x13a4  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\windows\system32\drivers\appid.sys
18:46:25.0002 0x13a4  AppID - ok
18:46:25.0025 0x13a4  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\windows\System32\appidsvc.dll
18:46:25.0027 0x13a4  AppIDSvc - ok
18:46:25.0048 0x13a4  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\windows\System32\appinfo.dll
18:46:25.0052 0x13a4  Appinfo - ok
18:46:25.0110 0x13a4  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:46:25.0113 0x13a4  Apple Mobile Device - ok
18:46:25.0167 0x13a4  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\windows\system32\AppReadiness.dll
18:46:25.0181 0x13a4  AppReadiness - ok
18:46:25.0260 0x13a4  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\windows\system32\appxdeploymentserver.dll
18:46:25.0290 0x13a4  AppXSvc - ok
18:46:25.0315 0x13a4  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\windows\system32\drivers\arcsas.sys
18:46:25.0318 0x13a4  arcsas - ok
18:46:25.0322 0x13a4  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\windows\system32\drivers\atapi.sys
18:46:25.0323 0x13a4  atapi - ok
18:46:25.0343 0x13a4  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\windows\system32\DRIVERS\btath_flt.sys
18:46:25.0346 0x13a4  AthBTPort - ok
18:46:25.0403 0x13a4  [ B68BC92DC0F6484E5862BA1B09EE720C, E15BF19CBF83EC33A3DF9371CCEA9EA9765B17C41B13D4B28635111171D43835 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
18:46:25.0409 0x13a4  AtherosSvc - ok
18:46:25.0581 0x13a4  [ 37B33DDE5490A2DF56DFB46580356E3F, 40FE378C9010B06FD7ADE30F76F916D5BDBB26525CF3D11D5780E2247B6099D8 ] athr            C:\windows\system32\DRIVERS\athwbx.sys
18:46:25.0646 0x13a4  athr - ok
18:46:25.0675 0x13a4  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
18:46:25.0680 0x13a4  AudioEndpointBuilder - ok
18:46:25.0724 0x13a4  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\windows\System32\Audiosrv.dll
18:46:25.0745 0x13a4  Audiosrv - ok
18:46:25.0772 0x13a4  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\windows\System32\AxInstSV.dll
18:46:25.0775 0x13a4  AxInstSV - ok
18:46:25.0810 0x13a4  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
18:46:25.0821 0x13a4  b06bdrv - ok
18:46:25.0836 0x13a4  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
18:46:25.0837 0x13a4  BasicDisplay - ok
18:46:25.0848 0x13a4  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
18:46:25.0849 0x13a4  BasicRender - ok
18:46:25.0867 0x13a4  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\windows\System32\drivers\bcmfn2.sys
18:46:25.0868 0x13a4  bcmfn2 - ok
18:46:25.0908 0x13a4  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\windows\System32\bdesvc.dll
18:46:25.0915 0x13a4  BDESVC - ok
18:46:25.0930 0x13a4  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\windows\system32\drivers\Beep.sys
18:46:25.0930 0x13a4  Beep - ok
18:46:25.0967 0x13a4  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\windows\System32\bfe.dll
18:46:25.0982 0x13a4  BFE - ok
18:46:26.0046 0x13a4  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\windows\System32\qmgr.dll
18:46:26.0064 0x13a4  BITS - ok
18:46:26.0137 0x13a4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:46:26.0159 0x13a4  Bonjour Service - ok
18:46:26.0174 0x13a4  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\windows\system32\DRIVERS\bowser.sys
18:46:26.0176 0x13a4  bowser - ok
18:46:26.0204 0x13a4  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\windows\System32\bisrv.dll
18:46:26.0210 0x13a4  BrokerInfrastructure - ok
18:46:26.0238 0x13a4  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\windows\System32\browser.dll
18:46:26.0241 0x13a4  Browser - ok
18:46:26.0275 0x13a4  [ 3B178B27E4514638497273C97B08B2A4, 7D7391DE399A414B6EDCD4E992D8B9C6D52FFF0ED7404F4D88E490315A3BDFD6 ] BTATH_A2DP      C:\windows\system32\drivers\btath_a2dp.sys
18:46:26.0281 0x13a4  BTATH_A2DP - ok
18:46:26.0287 0x13a4  [ FB5EEA3DB72E30D645DC40D0951B1A1B, B4F1FA323D8F259A22193FD67B07E512EBE70C3C483BD15F087EA08C53021F7A ] btath_avdt      C:\windows\system32\drivers\btath_avdt.sys
18:46:26.0289 0x13a4  btath_avdt - ok
18:46:26.0303 0x13a4  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\windows\System32\drivers\btath_bus.sys
18:46:26.0304 0x13a4  BTATH_BUS - ok
18:46:26.0316 0x13a4  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\windows\System32\drivers\btath_hcrp.sys
18:46:26.0320 0x13a4  BTATH_HCRP - ok
18:46:26.0341 0x13a4  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\windows\system32\DRIVERS\btath_lwflt.sys
18:46:26.0343 0x13a4  BTATH_LWFLT - ok
18:46:26.0349 0x13a4  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\windows\System32\drivers\btath_rcp.sys
18:46:26.0352 0x13a4  BTATH_RCP - ok
18:46:26.0393 0x13a4  [ BBD08A4303DF9F48329836CC7D001B55, B0B5AF781B5B6F8BF7DEF0742A0A47E7E2BAC19CA608461FA503C788D47529AB ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
18:46:26.0404 0x13a4  BtFilter - ok
18:46:26.0447 0x13a4  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
18:46:26.0448 0x13a4  BthAvrcpTg - ok
18:46:26.0490 0x13a4  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
18:46:26.0491 0x13a4  BthEnum - ok
18:46:26.0497 0x13a4  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
18:46:26.0498 0x13a4  BthHFEnum - ok
18:46:26.0503 0x13a4  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
18:46:26.0505 0x13a4  bthhfhid - ok
18:46:26.0525 0x13a4  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\windows\System32\drivers\BthLEEnum.sys
18:46:26.0529 0x13a4  BthLEEnum - ok
18:46:26.0535 0x13a4  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
18:46:26.0537 0x13a4  BTHMODEM - ok
18:46:26.0565 0x13a4  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\windows\System32\drivers\bthpan.sys
18:46:26.0568 0x13a4  BthPan - ok
18:46:26.0658 0x13a4  [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
18:46:26.0684 0x13a4  BTHPORT - ok
18:46:26.0723 0x13a4  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\windows\system32\bthserv.dll
18:46:26.0725 0x13a4  bthserv - ok
18:46:26.0764 0x13a4  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
18:46:26.0765 0x13a4  BTHUSB - ok
18:46:26.0785 0x13a4  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
18:46:26.0787 0x13a4  cdfs - ok
18:46:26.0803 0x13a4  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\windows\System32\drivers\cdrom.sys
18:46:26.0806 0x13a4  cdrom - ok
18:46:26.0821 0x13a4  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\windows\System32\certprop.dll
18:46:26.0825 0x13a4  CertPropSvc - ok
18:46:26.0840 0x13a4  [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids          C:\windows\system32\drivers\cfwids.sys
18:46:26.0842 0x13a4  cfwids - ok
18:46:26.0860 0x13a4  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\windows\System32\drivers\circlass.sys
18:46:26.0861 0x13a4  circlass - ok
18:46:26.0901 0x13a4  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\windows\system32\drivers\CLFS.sys
18:46:26.0913 0x13a4  CLFS - ok
18:46:26.0946 0x13a4  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
18:46:26.0947 0x13a4  CmBatt - ok
18:46:26.0981 0x13a4  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\windows\system32\Drivers\cng.sys
18:46:26.0996 0x13a4  CNG - ok
18:46:27.0076 0x13a4  [ 3C0FF49CC525A561A25D2BA3AA6A83E7, FA8E661E8E57BEA11A23B6AC59B3FDB21A61C20AA1E134810D62C2A5A32F6259 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
18:46:27.0102 0x13a4  CnxtHdAudService - ok
18:46:27.0118 0x13a4  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
18:46:27.0119 0x13a4  CompositeBus - ok
18:46:27.0122 0x13a4  COMSysApp - ok
18:46:27.0133 0x13a4  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\windows\system32\drivers\condrv.sys
18:46:27.0134 0x13a4  condrv - ok
18:46:27.0211 0x13a4  [ 13F58B5E986E6495D268593FD2CCCB5C, CE008423386B298CFFD1C8DD61AAE5DB78656D49A15CC99BA47BC273D08C9D74 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
18:46:27.0249 0x13a4  cphs - ok
18:46:27.0284 0x13a4  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\windows\system32\cryptsvc.dll
18:46:27.0288 0x13a4  CryptSvc - ok
18:46:27.0315 0x13a4  [ 4E6337DE03F36BCE168110E6B59F6A5B, 2DB940EBBA971B3801E273B80D8CBD975040A8B87908E7E0733E4DBB0EFC2611 ] CxAudMsg        C:\windows\system32\CxAudMsg64.exe
18:46:27.0322 0x13a4  CxAudMsg - ok
18:46:27.0347 0x13a4  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\windows\system32\drivers\dam.sys
18:46:27.0349 0x13a4  dam - ok
18:46:27.0406 0x13a4  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\windows\system32\rpcss.dll
18:46:27.0428 0x13a4  DcomLaunch - ok
18:46:27.0470 0x13a4  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\windows\System32\defragsvc.dll
18:46:27.0484 0x13a4  defragsvc - ok
18:46:27.0528 0x13a4  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\windows\system32\das.dll
18:46:27.0543 0x13a4  DeviceAssociationService - ok
18:46:27.0572 0x13a4  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
18:46:27.0577 0x13a4  DeviceInstall - ok
18:46:27.0602 0x13a4  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
18:46:27.0605 0x13a4  Dfsc - ok
18:46:27.0649 0x13a4  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\windows\system32\dhcpcore.dll
18:46:27.0657 0x13a4  Dhcp - ok
18:46:27.0677 0x13a4  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\windows\system32\drivers\disk.sys
18:46:27.0679 0x13a4  disk - ok
18:46:27.0688 0x13a4  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
18:46:27.0689 0x13a4  dmvsc - ok
18:46:27.0708 0x13a4  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\windows\System32\dnsrslvr.dll
18:46:27.0713 0x13a4  Dnscache - ok
18:46:27.0747 0x13a4  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\windows\System32\dot3svc.dll
18:46:27.0753 0x13a4  dot3svc - ok
18:46:27.0772 0x13a4  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\windows\system32\dps.dll
18:46:27.0776 0x13a4  DPS - ok
18:46:27.0787 0x13a4  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
18:46:27.0788 0x13a4  drmkaud - ok
18:46:27.0810 0x13a4  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
18:46:27.0815 0x13a4  DsmSvc - ok
18:46:27.0910 0x13a4  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
18:46:27.0939 0x13a4  DXGKrnl - ok
18:46:27.0984 0x13a4  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\windows\system32\DRIVERS\e1i63x64.sys
18:46:28.0002 0x13a4  e1iexpress - ok
18:46:28.0033 0x13a4  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\windows\System32\eapsvc.dll
18:46:28.0037 0x13a4  Eaphost - ok
18:46:28.0158 0x13a4  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\windows\system32\drivers\evbda.sys
18:46:28.0220 0x13a4  ebdrv - ok
18:46:28.0244 0x13a4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\windows\System32\lsass.exe
18:46:28.0246 0x13a4  EFS - ok
18:46:28.0267 0x13a4  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
18:46:28.0269 0x13a4  EhStorClass - ok
18:46:28.0290 0x13a4  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
18:46:28.0293 0x13a4  EhStorTcgDrv - ok
18:46:28.0297 0x13a4  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\windows\System32\drivers\errdev.sys
18:46:28.0298 0x13a4  ErrDev - ok
18:46:28.0327 0x13a4  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\windows\system32\es.dll
18:46:28.0335 0x13a4  EventSystem - ok
18:46:28.0357 0x13a4  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\windows\system32\drivers\exfat.sys
18:46:28.0362 0x13a4  exfat - ok
18:46:28.0382 0x13a4  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\windows\system32\drivers\fastfat.sys
18:46:28.0386 0x13a4  fastfat - ok
18:46:28.0436 0x13a4  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\windows\system32\fxssvc.exe
18:46:28.0450 0x13a4  Fax - ok
18:46:28.0454 0x13a4  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\windows\System32\drivers\fdc.sys
18:46:28.0455 0x13a4  fdc - ok
18:46:28.0467 0x13a4  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\windows\system32\fdPHost.dll
18:46:28.0468 0x13a4  fdPHost - ok
18:46:28.0472 0x13a4  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\windows\system32\fdrespub.dll
18:46:28.0473 0x13a4  FDResPub - ok
18:46:28.0492 0x13a4  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\windows\system32\fhsvc.dll
18:46:28.0495 0x13a4  fhsvc - ok
18:46:28.0521 0x13a4  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
18:46:28.0524 0x13a4  FileInfo - ok
18:46:28.0540 0x13a4  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\windows\system32\drivers\filetrace.sys
18:46:28.0542 0x13a4  Filetrace - ok
18:46:28.0559 0x13a4  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
18:46:28.0560 0x13a4  flpydisk - ok
18:46:28.0597 0x13a4  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
18:46:28.0604 0x13a4  FltMgr - ok
18:46:28.0692 0x13a4  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\windows\system32\FntCache.dll
18:46:28.0718 0x13a4  FontCache - ok
18:46:28.0807 0x13a4  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:46:28.0808 0x13a4  FontCache3.0.0.0 - ok
18:46:28.0826 0x13a4  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
18:46:28.0828 0x13a4  FsDepends - ok
18:46:28.0843 0x13a4  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
18:46:28.0844 0x13a4  Fs_Rec - ok
18:46:28.0895 0x13a4  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
18:46:28.0970 0x13a4  fvevol - ok
18:46:29.0007 0x13a4  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
18:46:29.0008 0x13a4  FxPPM - ok
18:46:29.0017 0x13a4  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
18:46:29.0019 0x13a4  gagp30kx - ok
18:46:29.0052 0x13a4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:46:29.0053 0x13a4  GEARAspiWDM - ok
18:46:29.0078 0x13a4  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
18:46:29.0079 0x13a4  gencounter - ok
18:46:29.0113 0x13a4  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
18:46:29.0117 0x13a4  GPIOClx0101 - ok
18:46:29.0200 0x13a4  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\windows\System32\gpsvc.dll
18:46:29.0224 0x13a4  gpsvc - ok
18:46:29.0334 0x13a4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:46:29.0341 0x13a4  gupdate - ok
18:46:29.0352 0x13a4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:46:29.0359 0x13a4  gupdatem - ok
18:46:29.0406 0x13a4  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:46:29.0418 0x13a4  HdAudAddService - ok
18:46:29.0452 0x13a4  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
18:46:29.0454 0x13a4  HDAudBus - ok
18:46:29.0458 0x13a4  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
18:46:29.0459 0x13a4  HidBatt - ok
18:46:29.0465 0x13a4  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\windows\System32\drivers\hidbth.sys
18:46:29.0467 0x13a4  HidBth - ok
18:46:29.0471 0x13a4  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
18:46:29.0473 0x13a4  hidi2c - ok
18:46:29.0477 0x13a4  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\windows\System32\drivers\hidir.sys
18:46:29.0479 0x13a4  HidIr - ok
18:46:29.0498 0x13a4  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\windows\system32\hidserv.dll
18:46:29.0500 0x13a4  hidserv - ok
18:46:29.0524 0x13a4  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
18:46:29.0525 0x13a4  HidUsb - ok
18:46:29.0558 0x13a4  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\windows\system32\drivers\HipShieldK.sys
18:46:29.0562 0x13a4  HipShieldK - ok
18:46:29.0593 0x13a4  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\windows\system32\kmsvc.dll
18:46:29.0596 0x13a4  hkmsvc - ok
18:46:29.0611 0x13a4  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:46:29.0617 0x13a4  HomeGroupListener - ok
18:46:29.0654 0x13a4  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:46:29.0663 0x13a4  HomeGroupProvider - ok
18:46:29.0768 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:46:29.0785 0x13a4  HomeNetSvc - ok
18:46:29.0814 0x13a4  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
18:46:29.0816 0x13a4  HpSAMD - ok
18:46:29.0865 0x13a4  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\windows\system32\drivers\HTTP.sys
18:46:29.0884 0x13a4  HTTP - ok
18:46:29.0903 0x13a4  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
18:46:29.0904 0x13a4  hwpolicy - ok
18:46:29.0913 0x13a4  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
18:46:29.0914 0x13a4  hyperkbd - ok
18:46:29.0917 0x13a4  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
18:46:29.0918 0x13a4  HyperVideo - ok
18:46:29.0936 0x13a4  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
18:46:29.0939 0x13a4  i8042prt - ok
18:46:29.0944 0x13a4  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\windows\System32\drivers\iaLPSSi_GPIO.sys
18:46:29.0945 0x13a4  iaLPSSi_GPIO - ok
18:46:29.0950 0x13a4  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\windows\System32\drivers\iaLPSSi_I2C.sys
18:46:29.0953 0x13a4  iaLPSSi_I2C - ok
18:46:29.0969 0x13a4  [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
18:46:29.0980 0x13a4  iaStorA - ok
18:46:30.0007 0x13a4  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\windows\system32\drivers\iaStorAV.sys
18:46:30.0020 0x13a4  iaStorAV - ok
18:46:30.0064 0x13a4  [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:46:30.0067 0x13a4  IAStorDataMgrSvc - ok
18:46:30.0114 0x13a4  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
18:46:30.0126 0x13a4  iaStorV - ok
18:46:30.0130 0x13a4  IEEtwCollectorService - ok
18:46:30.0294 0x13a4  [ A874EC416801B152BD64916E1B5C107E, 6D41CAB617E06F3D9534DB44DFEB9C86F2AD55AFBF3E1B1B41BA2576C0C19407 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
18:46:30.0363 0x13a4  igfx - ok
18:46:30.0416 0x13a4  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\windows\System32\ikeext.dll
18:46:30.0435 0x13a4  IKEEXT - ok
18:46:30.0459 0x13a4  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
18:46:30.0460 0x13a4  intaud_WaveExtensible - ok
18:46:30.0485 0x13a4  [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
18:46:30.0493 0x13a4  IntcDAud - ok
18:46:30.0554 0x13a4  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:46:30.0584 0x13a4  Intel® Capability Licensing Service Interface - ok
18:46:30.0632 0x13a4  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:46:30.0648 0x13a4  Intel® Capability Licensing Service TCP IP Interface - ok
18:46:30.0681 0x13a4  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\windows\system32\drivers\intelide.sys
18:46:30.0682 0x13a4  intelide - ok
18:46:30.0724 0x13a4  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\windows\system32\drivers\intelpep.sys
18:46:30.0727 0x13a4  intelpep - ok
18:46:30.0753 0x13a4  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\windows\System32\drivers\intelppm.sys
18:46:30.0759 0x13a4  intelppm - ok
18:46:30.0779 0x13a4  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
18:46:30.0783 0x13a4  IpFilterDriver - ok
18:46:30.0845 0x13a4  [ 1670A274ED1A815311BA33CD27B0D0E8, 28378D3908DCFA2C0E8FCF83E5AFEF643C89BBB285FA0F1692FE576AEA2F4E45 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
18:46:30.0863 0x13a4  iphlpsvc - ok
18:46:30.0890 0x13a4  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
18:46:30.0892 0x13a4  IPMIDRV - ok
18:46:30.0910 0x13a4  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
18:46:30.0919 0x13a4  IPNAT - ok
18:46:30.0968 0x13a4  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:46:30.0986 0x13a4  iPod Service - ok
18:46:30.0996 0x13a4  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\windows\system32\drivers\irenum.sys
18:46:30.0997 0x13a4  IRENUM - ok
18:46:31.0018 0x13a4  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\windows\system32\drivers\isapnp.sys
18:46:31.0019 0x13a4  isapnp - ok
18:46:31.0060 0x13a4  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
18:46:31.0066 0x13a4  iScsiPrt - ok
18:46:31.0081 0x13a4  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\windows\System32\drivers\iwdbus.sys
18:46:31.0082 0x13a4  iwdbus - ok
18:46:31.0156 0x13a4  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
18:46:31.0165 0x13a4  jhi_service - ok
18:46:31.0195 0x13a4  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
18:46:31.0197 0x13a4  kbdclass - ok
18:46:31.0217 0x13a4  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
18:46:31.0219 0x13a4  kbdhid - ok
18:46:31.0241 0x13a4  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
18:46:31.0243 0x13a4  kdnic - ok
18:46:31.0257 0x13a4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\windows\system32\lsass.exe
18:46:31.0260 0x13a4  KeyIso - ok
18:46:31.0277 0x13a4  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
18:46:31.0281 0x13a4  KSecDD - ok
18:46:31.0311 0x13a4  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
18:46:31.0315 0x13a4  KSecPkg - ok
18:46:31.0329 0x13a4  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
18:46:31.0330 0x13a4  ksthunk - ok
18:46:31.0371 0x13a4  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\windows\system32\msdtckrm.dll
18:46:31.0380 0x13a4  KtmRm - ok
18:46:31.0409 0x13a4  [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C             C:\windows\system32\DRIVERS\L1C63x64.sys
18:46:31.0412 0x13a4  L1C - ok
18:46:31.0458 0x13a4  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\windows\system32\srvsvc.dll
18:46:31.0466 0x13a4  LanmanServer - ok
18:46:31.0506 0x13a4  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:46:31.0513 0x13a4  LanmanWorkstation - ok
18:46:31.0545 0x13a4  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\windows\System32\GeofenceMonitorService.dll
18:46:31.0557 0x13a4  lfsvc - ok
18:46:31.0570 0x13a4  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
18:46:31.0572 0x13a4  lltdio - ok
18:46:31.0604 0x13a4  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\windows\System32\lltdsvc.dll
18:46:31.0610 0x13a4  lltdsvc - ok
18:46:31.0629 0x13a4  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\windows\System32\lmhsvc.dll
18:46:31.0630 0x13a4  lmhosts - ok
18:46:31.0706 0x13a4  [ 073BD65B67B001A722469BF7C7D4EEC4, 72102FDF2CD3182C20298418A0115ADB3E14093BF96B6297990F96CEEBEF8CAA ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
18:46:31.0716 0x13a4  LSCWinService - ok
18:46:31.0737 0x13a4  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
18:46:31.0742 0x13a4  LSI_SAS - ok
18:46:31.0761 0x13a4  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
18:46:31.0765 0x13a4  LSI_SAS2 - ok
18:46:31.0773 0x13a4  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\windows\system32\drivers\lsi_sas3.sys
18:46:31.0777 0x13a4  LSI_SAS3 - ok
18:46:31.0785 0x13a4  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
18:46:31.0789 0x13a4  LSI_SSS - ok
18:46:31.0825 0x13a4  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\windows\System32\lsm.dll
18:46:31.0839 0x13a4  LSM - ok
18:46:31.0859 0x13a4  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\windows\system32\drivers\luafv.sys
18:46:31.0862 0x13a4  luafv - ok
18:46:31.0978 0x13a4  [ BF7F7C792E22F00290B37515554BA167, 46A1C53DF12262EDB00538B1C1E5921E063C4942FADE05B6F98214A3941FCB66 ] MaxthonUpdateSvc C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
18:46:32.0009 0x13a4  MaxthonUpdateSvc - ok
18:46:32.0057 0x13a4  [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
18:46:32.0061 0x13a4  McAPExe - ok
18:46:32.0114 0x13a4  [ 16EF8A0930296943D124F06EA4E21544, 61248EAD26E1296E1445C17EC44693A3ECF1C64738213EF3AA2ADCBD4E9CB89A ] McAWFwk         c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
18:46:32.0128 0x13a4  McAWFwk - ok
18:46:32.0155 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:46:32.0161 0x13a4  McMPFSvc - ok
18:46:32.0170 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
18:46:32.0175 0x13a4  McNaiAnn - ok
18:46:32.0224 0x13a4  [ 7F8446D8AD9161B34DC7C209FB148A5A, 26B07EB138992586FC410849172A63ACC26D99ED59B568EFF9C93ED2EB129453 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
18:46:32.0251 0x13a4  McODS - ok
18:46:32.0262 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McOobeSv2       C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
18:46:32.0269 0x13a4  McOobeSv2 - ok
18:46:32.0279 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
18:46:32.0284 0x13a4  mcpltsvc - ok
18:46:32.0295 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy         C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
18:46:32.0301 0x13a4  McProxy - ok
18:46:32.0312 0x13a4  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\windows\system32\drivers\megasas.sys
18:46:32.0314 0x13a4  megasas - ok
18:46:32.0356 0x13a4  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\windows\system32\drivers\megasr.sys
18:46:32.0367 0x13a4  megasr - ok
18:46:32.0389 0x13a4  [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64          C:\windows\system32\DRIVERS\TeeDriverx64.sys
18:46:32.0391 0x13a4  MEIx64 - ok
18:46:32.0412 0x13a4  [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys
18:46:32.0415 0x13a4  mfeapfk - ok
18:46:32.0439 0x13a4  [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys
18:46:32.0444 0x13a4  mfeavfk - ok
18:46:32.0550 0x13a4  [ 28E4FB2E9918C2E680BE9FD8E130471C, DFD1738F2CC0743F2CD9754CAFFFFC4D38590AF8AD2E1159F8FEAC9E9922E4B8 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
18:46:32.0579 0x13a4  mfecore - ok
18:46:32.0601 0x13a4  [ DD19F44DE0F742B2E89FB6489A2F7197, B6BF5236181492B9996471469E18C3A11ECD6224BE740BA312771E1A7D4AD6BD ] mfeelamk        C:\windows\system32\drivers\mfeelamk.sys
18:46:32.0603 0x13a4  mfeelamk - ok
18:46:32.0629 0x13a4  [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:46:32.0640 0x13a4  mfefire - ok
18:46:32.0689 0x13a4  [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek        C:\windows\system32\drivers\mfefirek.sys
18:46:32.0705 0x13a4  mfefirek - ok
18:46:32.0747 0x13a4  [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk         C:\windows\system32\drivers\mfehidk.sys
18:46:32.0765 0x13a4  mfehidk - ok
18:46:32.0795 0x13a4  [ 6CD9133BC4B5DF25FB8BCBC382C8466F, F3C938D1EDD61EE1B227112CB027804E0AAD16CBCDD67EEE1D8EAABDFC996BA1 ] mfencbdc        C:\windows\system32\DRIVERS\mfencbdc.sys
18:46:32.0803 0x13a4  mfencbdc - ok
18:46:32.0846 0x13a4  [ 408DC249009CDB3C9B299716C861C64B, 3EFBFA8EE857CBF4C6A29E0D1DA38EB21B57D5BA1F6CC544503CA8253E9BFF12 ] mfencrk         C:\windows\system32\DRIVERS\mfencrk.sys
18:46:32.0848 0x13a4  mfencrk - ok
18:46:32.0878 0x13a4  [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp          C:\windows\system32\mfevtps.exe
18:46:32.0882 0x13a4  mfevtp - ok
18:46:32.0909 0x13a4  [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys
18:46:32.0917 0x13a4  mfewfpk - ok
18:46:32.0950 0x13a4  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\windows\system32\mmcss.dll
18:46:32.0952 0x13a4  MMCSS - ok
18:46:32.0987 0x13a4  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\windows\system32\drivers\modem.sys
18:46:32.0988 0x13a4  Modem - ok
18:46:33.0007 0x13a4  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\windows\System32\drivers\monitor.sys
18:46:33.0008 0x13a4  monitor - ok
18:46:33.0021 0x13a4  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\windows\System32\drivers\mouclass.sys
18:46:33.0022 0x13a4  mouclass - ok
18:46:33.0026 0x13a4  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\windows\System32\drivers\mouhid.sys
18:46:33.0027 0x13a4  mouhid - ok
18:46:33.0046 0x13a4  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
18:46:33.0049 0x13a4  mountmgr - ok
18:46:33.0059 0x13a4  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
18:46:33.0061 0x13a4  mpsdrv - ok
18:46:33.0156 0x13a4  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\windows\system32\mpssvc.dll
18:46:33.0179 0x13a4  MpsSvc - ok
18:46:33.0215 0x13a4  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
18:46:33.0218 0x13a4  MRxDAV - ok
18:46:33.0255 0x13a4  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
18:46:33.0262 0x13a4  mrxsmb - ok
18:46:33.0282 0x13a4  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
18:46:33.0287 0x13a4  mrxsmb10 - ok
18:46:33.0309 0x13a4  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
18:46:33.0313 0x13a4  mrxsmb20 - ok
18:46:33.0339 0x13a4  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
18:46:33.0342 0x13a4  MsBridge - ok
18:46:33.0361 0x13a4  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\windows\System32\msdtc.exe
18:46:33.0365 0x13a4  MSDTC - ok
18:46:33.0390 0x13a4  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\windows\system32\drivers\Msfs.sys
18:46:33.0391 0x13a4  Msfs - ok
18:46:33.0405 0x13a4  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
18:46:33.0406 0x13a4  msgpiowin32 - ok
18:46:33.0421 0x13a4  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
18:46:33.0422 0x13a4  mshidkmdf - ok
18:46:33.0435 0x13a4  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
18:46:33.0436 0x13a4  mshidumdf - ok
18:46:33.0466 0x13a4  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
18:46:33.0467 0x13a4  msisadrv - ok
18:46:33.0499 0x13a4  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
18:46:33.0503 0x13a4  MSiSCSI - ok
18:46:33.0507 0x13a4  msiserver - ok
18:46:33.0533 0x13a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:46:33.0539 0x13a4  MSK80Service - ok
18:46:33.0543 0x13a4  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
18:46:33.0544 0x13a4  MSKSSRV - ok
18:46:33.0569 0x13a4  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
18:46:33.0570 0x13a4  MsLldp - ok
18:46:33.0583 0x13a4  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
18:46:33.0584 0x13a4  MSPCLOCK - ok
18:46:33.0587 0x13a4  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
18:46:33.0588 0x13a4  MSPQM - ok
18:46:33.0613 0x13a4  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
18:46:33.0621 0x13a4  MsRPC - ok
18:46:33.0633 0x13a4  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
18:46:33.0634 0x13a4  mssmbios - ok
18:46:33.0637 0x13a4  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
18:46:33.0638 0x13a4  MSTEE - ok
18:46:33.0641 0x13a4  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
18:46:33.0642 0x13a4  MTConfig - ok
18:46:33.0656 0x13a4  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\windows\system32\Drivers\mup.sys
18:46:33.0659 0x13a4  Mup - ok
18:46:33.0664 0x13a4  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\windows\system32\drivers\mvumis.sys
18:46:33.0666 0x13a4  mvumis - ok
18:46:33.0698 0x13a4  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\windows\system32\qagentRT.dll
18:46:33.0707 0x13a4  napagent - ok
18:46:33.0739 0x13a4  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
18:46:33.0747 0x13a4  NativeWifiP - ok
18:46:33.0769 0x13a4  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\windows\System32\ncasvc.dll
18:46:33.0774 0x13a4  NcaSvc - ok
18:46:33.0792 0x13a4  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\windows\System32\ncbservice.dll
18:46:33.0797 0x13a4  NcbService - ok
18:46:33.0820 0x13a4  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
18:46:33.0823 0x13a4  NcdAutoSetup - ok
18:46:33.0904 0x13a4  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\windows\system32\drivers\ndis.sys
18:46:33.0926 0x13a4  NDIS - ok
18:46:33.0950 0x13a4  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
18:46:33.0951 0x13a4  NdisCap - ok
18:46:33.0963 0x13a4  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
18:46:33.0966 0x13a4  NdisImPlatform - ok
18:46:33.0983 0x13a4  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
18:46:33.0984 0x13a4  NdisTapi - ok
18:46:34.0006 0x13a4  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
18:46:34.0007 0x13a4  Ndisuio - ok
18:46:34.0026 0x13a4  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\windows\System32\drivers\NdisVirtualBus.sys
18:46:34.0026 0x13a4  NdisVirtualBus - ok
18:46:34.0034 0x13a4  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
18:46:34.0039 0x13a4  NdisWan - ok
18:46:34.0046 0x13a4  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\windows\system32\DRIVERS\ndiswan.sys
18:46:34.0050 0x13a4  NdisWanLegacy - ok
18:46:34.0055 0x13a4  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
18:46:34.0057 0x13a4  NDProxy - ok
18:46:34.0066 0x13a4  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\windows\system32\drivers\Ndu.sys
18:46:34.0068 0x13a4  Ndu - ok
18:46:34.0072 0x13a4  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
18:46:34.0074 0x13a4  NetBIOS - ok
18:46:34.0083 0x13a4  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
18:46:34.0088 0x13a4  NetBT - ok
18:46:34.0101 0x13a4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\windows\system32\lsass.exe
18:46:34.0102 0x13a4  Netlogon - ok
18:46:34.0132 0x13a4  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\windows\System32\netman.dll
18:46:34.0138 0x13a4  Netman - ok
18:46:34.0151 0x13a4  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\windows\System32\netprofmsvc.dll
18:46:34.0162 0x13a4  netprofm - ok
18:46:34.0198 0x13a4  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:46:34.0201 0x13a4  NetTcpPortSharing - ok
18:46:34.0228 0x13a4  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\windows\system32\DRIVERS\netvsc63.sys
18:46:34.0230 0x13a4  netvsc - ok
18:46:34.0321 0x13a4  [ 3483D44E1B24F17E622870801403AD13, EF9C5290777A4E277D47C87A174FF9441BE23CAD2F456D35B808463041F4675C ] NETwNe64        C:\windows\system32\DRIVERS\NETwew00.sys
18:46:34.0385 0x13a4  NETwNe64 - ok
18:46:34.0456 0x13a4  [ 02E736F9861F1A6134736CF7473C513F, 7C574A50980885B213EFC0C394AFE613879B669246A4EA5EA6B5F791F7F6F32E ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
18:46:34.0468 0x13a4  NitroDriverReadSpool9 - ok
18:46:34.0498 0x13a4  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\windows\System32\nlasvc.dll
18:46:34.0512 0x13a4  NlaSvc - ok
18:46:34.0568 0x13a4  [ CD2C0C25ECFCF816306126D3C208614B, C0C8B59BDDB349A593DFF5107841EB76618631C867D7C8F234C9ECBD76713CB0 ] nlsX86cc        C:\windows\SysWOW64\NLSSRV32.EXE
18:46:34.0571 0x13a4  nlsX86cc - ok
18:46:34.0587 0x13a4  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\windows\system32\drivers\Npfs.sys
18:46:34.0588 0x13a4  Npfs - ok
18:46:34.0595 0x13a4  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
18:46:34.0596 0x13a4  npsvctrig - ok
18:46:34.0607 0x13a4  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\windows\system32\nsisvc.dll
18:46:34.0609 0x13a4  nsi - ok
18:46:34.0622 0x13a4  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
18:46:34.0623 0x13a4  nsiproxy - ok
18:46:34.0727 0x13a4  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
18:46:34.0766 0x13a4  Ntfs - ok
18:46:34.0781 0x13a4  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\windows\system32\drivers\Null.sys
18:46:34.0782 0x13a4  Null - ok
18:46:34.0808 0x13a4  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\windows\system32\drivers\nvraid.sys
18:46:34.0811 0x13a4  nvraid - ok
18:46:34.0818 0x13a4  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\windows\system32\drivers\nvstor.sys
18:46:34.0822 0x13a4  nvstor - ok
18:46:34.0829 0x13a4  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
18:46:34.0831 0x13a4  nv_agp - ok
18:46:34.0868 0x13a4  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
18:46:34.0876 0x13a4  p2pimsvc - ok
18:46:34.0903 0x13a4  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\windows\system32\p2psvc.dll
18:46:34.0913 0x13a4  p2psvc - ok
18:46:34.0944 0x13a4  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\windows\System32\drivers\parport.sys
18:46:34.0947 0x13a4  Parport - ok
18:46:34.0957 0x13a4  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
18:46:34.0960 0x13a4  partmgr - ok
18:46:34.0997 0x13a4  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\windows\System32\pcasvc.dll
18:46:35.0007 0x13a4  PcaSvc - ok
18:46:35.0035 0x13a4  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\windows\system32\drivers\pci.sys
18:46:35.0041 0x13a4  pci - ok
18:46:35.0045 0x13a4  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\windows\system32\drivers\pciide.sys
18:46:35.0046 0x13a4  pciide - ok
18:46:35.0052 0x13a4  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
18:46:35.0054 0x13a4  pcmcia - ok
18:46:35.0063 0x13a4  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\windows\system32\drivers\pcw.sys
18:46:35.0065 0x13a4  pcw - ok
18:46:35.0087 0x13a4  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\windows\system32\drivers\pdc.sys
18:46:35.0089 0x13a4  pdc - ok
18:46:35.0118 0x13a4  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
18:46:35.0129 0x13a4  PEAUTH - ok
18:46:35.0151 0x13a4  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\windows\SysWow64\perfhost.exe
18:46:35.0152 0x13a4  PerfHost - ok
18:46:35.0230 0x13a4  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\windows\system32\pla.dll
18:46:35.0259 0x13a4  pla - ok
18:46:35.0283 0x13a4  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
18:46:35.0286 0x13a4  PlugPlay - ok
18:46:35.0301 0x13a4  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
18:46:35.0303 0x13a4  PNRPAutoReg - ok
18:46:35.0323 0x13a4  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
18:46:35.0330 0x13a4  PNRPsvc - ok
18:46:35.0356 0x13a4  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
18:46:35.0363 0x13a4  PolicyAgent - ok
18:46:35.0388 0x13a4  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\windows\system32\umpo.dll
18:46:35.0391 0x13a4  Power - ok
18:46:35.0522 0x13a4  [ C0B3AD50136FE57C2548BD75CAC49DA2, B5661CE7631C5D1B1C50F36EE66AF6DF2E9E69DA1D9BA7C852E74D206F72D8DB ] PrintNotify     C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll
18:46:35.0578 0x13a4  PrintNotify - ok
18:46:35.0602 0x13a4  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\windows\System32\drivers\processr.sys
18:46:35.0605 0x13a4  Processor - ok
18:46:35.0632 0x13a4  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\windows\system32\profsvc.dll
18:46:35.0638 0x13a4  ProfSvc - ok
18:46:35.0652 0x13a4  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\windows\system32\DRIVERS\pacer.sys
18:46:35.0655 0x13a4  Psched - ok
18:46:35.0679 0x13a4  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\windows\system32\qwave.dll
18:46:35.0687 0x13a4  QWAVE - ok
18:46:35.0700 0x13a4  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
18:46:35.0702 0x13a4  QWAVEdrv - ok
18:46:35.0712 0x13a4  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
18:46:35.0714 0x13a4  RasAcd - ok
18:46:35.0733 0x13a4  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\windows\System32\rasauto.dll
18:46:35.0736 0x13a4  RasAuto - ok
18:46:35.0769 0x13a4  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\windows\System32\rasmans.dll
18:46:35.0781 0x13a4  RasMan - ok
18:46:35.0799 0x13a4  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
18:46:35.0802 0x13a4  RasPppoe - ok
18:46:35.0831 0x13a4  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
18:46:35.0838 0x13a4  rdbss - ok
18:46:35.0866 0x13a4  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
18:46:35.0867 0x13a4  rdpbus - ok
18:46:35.0891 0x13a4  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
18:46:35.0895 0x13a4  RDPDR - ok
18:46:35.0917 0x13a4  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
18:46:35.0918 0x13a4  RdpVideoMiniport - ok
18:46:35.0926 0x13a4  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
18:46:35.0932 0x13a4  rdyboost - ok
18:46:36.0004 0x13a4  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\windows\system32\drivers\ReFS.sys
18:46:36.0024 0x13a4  ReFS - ok
18:46:36.0052 0x13a4  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\windows\System32\mprdim.dll
18:46:36.0058 0x13a4  RemoteAccess - ok
18:46:36.0076 0x13a4  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\windows\system32\regsvc.dll
18:46:36.0081 0x13a4  RemoteRegistry - ok
18:46:36.0098 0x13a4  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
18:46:36.0101 0x13a4  RFCOMM - ok
18:46:36.0199 0x13a4  [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
18:46:36.0213 0x13a4  RichVideo64 - ok
18:46:36.0236 0x13a4  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
18:46:36.0240 0x13a4  RpcEptMapper - ok
18:46:36.0262 0x13a4  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\windows\system32\locator.exe
18:46:36.0264 0x13a4  RpcLocator - ok
18:46:36.0314 0x13a4  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\windows\system32\rpcss.dll
18:46:36.0338 0x13a4  RpcSs - ok
18:46:36.0363 0x13a4  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
18:46:36.0365 0x13a4  rspndr - ok
18:46:36.0390 0x13a4  [ 4EC89C0725CE4B98994B88F19B30C288, 4FA73C24A2E18D04CE27EEF17C9AE847D0251B711F60D116139F6166F90CD08F ] RSUSBVSTOR      C:\windows\System32\Drivers\RtsUVStor.sys
18:46:36.0406 0x13a4  RSUSBVSTOR - ok
18:46:36.0671 0x13a4  [ 993E6A15FD3EAFC280B8EBB396FA31B2, F268BEE5FFA81A42314DEA4E209FA9D737E50EBE49F76C64B23554F90499A334 ] rtsuvc          C:\windows\system32\DRIVERS\rtsuvc.sys
18:46:36.0809 0x13a4  rtsuvc - ok
18:46:36.0834 0x13a4  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
18:46:36.0835 0x13a4  s3cap - ok
18:46:36.0856 0x13a4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\windows\system32\lsass.exe
18:46:36.0858 0x13a4  SamSs - ok
18:46:36.0862 0x13a4  SAService - ok
18:46:36.0883 0x13a4  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
18:46:36.0886 0x13a4  sbp2port - ok
18:46:36.0910 0x13a4  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\windows\System32\SCardSvr.dll
18:46:36.0915 0x13a4  SCardSvr - ok
18:46:36.0928 0x13a4  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\windows\System32\ScDeviceEnum.dll
18:46:36.0932 0x13a4  ScDeviceEnum - ok
18:46:36.0946 0x13a4  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
18:46:36.0948 0x13a4  scfilter - ok
18:46:37.0010 0x13a4  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\windows\system32\schedsvc.dll
18:46:37.0035 0x13a4  Schedule - ok
18:46:37.0066 0x13a4  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\windows\System32\certprop.dll
18:46:37.0069 0x13a4  SCPolicySvc - ok
18:46:37.0099 0x13a4  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\windows\System32\drivers\sdbus.sys
18:46:37.0110 0x13a4  sdbus - ok
18:46:37.0139 0x13a4  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\windows\System32\drivers\sdstor.sys
18:46:37.0141 0x13a4  sdstor - ok
18:46:37.0154 0x13a4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
18:46:37.0155 0x13a4  secdrv - ok
18:46:37.0190 0x13a4  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\windows\system32\seclogon.dll
18:46:37.0193 0x13a4  seclogon - ok
18:46:37.0215 0x13a4  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\windows\System32\sens.dll
18:46:37.0219 0x13a4  SENS - ok
18:46:37.0242 0x13a4  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\windows\system32\sensrsvc.dll
18:46:37.0252 0x13a4  SensrSvc - ok
18:46:37.0288 0x13a4  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\windows\system32\drivers\SerCx.sys
18:46:37.0290 0x13a4  SerCx - ok
18:46:37.0306 0x13a4  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\windows\system32\drivers\SerCx2.sys
18:46:37.0310 0x13a4  SerCx2 - ok
18:46:37.0314 0x13a4  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\windows\System32\drivers\serenum.sys
18:46:37.0316 0x13a4  Serenum - ok
18:46:37.0321 0x13a4  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\windows\System32\drivers\serial.sys
18:46:37.0323 0x13a4  Serial - ok
18:46:37.0328 0x13a4  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\windows\System32\drivers\sermouse.sys
18:46:37.0330 0x13a4  sermouse - ok
18:46:37.0389 0x13a4  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\windows\system32\sessenv.dll
18:46:37.0397 0x13a4  SessionEnv - ok
18:46:37.0401 0x13a4  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
18:46:37.0402 0x13a4  sfloppy - ok
18:46:37.0448 0x13a4  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\windows\System32\ipnathlp.dll
18:46:37.0474 0x13a4  SharedAccess - ok
18:46:37.0558 0x13a4  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:46:37.0573 0x13a4  ShellHWDetection - ok
18:46:37.0592 0x13a4  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
18:46:37.0594 0x13a4  SiSRaid2 - ok
18:46:37.0605 0x13a4  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
18:46:37.0607 0x13a4  SiSRaid4 - ok
18:46:37.0624 0x13a4  [ D116D01C316D007149B4B529137AC19B, 7EF40B2385790E7924827F7376E74028B2DEAF6A94674E060E20BCDCE07AD293 ] SmbDrvI         C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
18:46:37.0625 0x13a4  SmbDrvI - ok
18:46:37.0634 0x13a4  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\windows\System32\smphost.dll
18:46:37.0636 0x13a4  smphost - ok
18:46:37.0654 0x13a4  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
18:46:37.0656 0x13a4  SNMPTRAP - ok
18:46:37.0690 0x13a4  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\windows\system32\drivers\spaceport.sys
18:46:37.0698 0x13a4  spaceport - ok
18:46:37.0703 0x13a4  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
18:46:37.0705 0x13a4  SpbCx - ok
18:46:37.0741 0x13a4  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\windows\System32\spoolsv.exe
18:46:37.0755 0x13a4  Spooler - ok
18:46:37.0951 0x13a4  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\windows\system32\sppsvc.exe
18:46:38.0070 0x13a4  sppsvc - ok
18:46:38.0118 0x13a4  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\windows\system32\DRIVERS\srv.sys
18:46:38.0125 0x13a4  srv - ok
18:46:38.0152 0x13a4  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
18:46:38.0163 0x13a4  srv2 - ok
18:46:38.0199 0x13a4  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
18:46:38.0204 0x13a4  srvnet - ok
18:46:38.0238 0x13a4  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
18:46:38.0250 0x13a4  SSDPSRV - ok
18:46:38.0258 0x13a4  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\windows\system32\sstpsvc.dll
18:46:38.0264 0x13a4  SstpSvc - ok
18:46:38.0292 0x13a4  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\windows\system32\drivers\stexstor.sys
18:46:38.0294 0x13a4  stexstor - ok
18:46:38.0341 0x13a4  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\windows\System32\wiaservc.dll
18:46:38.0354 0x13a4  stisvc - ok
18:46:38.0361 0x13a4  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\windows\system32\drivers\storahci.sys
18:46:38.0363 0x13a4  storahci - ok
18:46:38.0381 0x13a4  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
18:46:38.0383 0x13a4  storflt - ok
18:46:38.0397 0x13a4  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\windows\system32\drivers\stornvme.sys
18:46:38.0399 0x13a4  stornvme - ok
18:46:38.0420 0x13a4  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\windows\system32\storsvc.dll
18:46:38.0422 0x13a4  StorSvc - ok
18:46:38.0438 0x13a4  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\windows\system32\drivers\storvsc.sys
18:46:38.0440 0x13a4  storvsc - ok
18:46:38.0449 0x13a4  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\windows\system32\svsvc.dll
18:46:38.0451 0x13a4  svsvc - ok
18:46:38.0465 0x13a4  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\windows\System32\drivers\swenum.sys
18:46:38.0466 0x13a4  swenum - ok
18:46:38.0508 0x13a4  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\windows\System32\swprv.dll
18:46:38.0524 0x13a4  swprv - ok
18:46:38.0561 0x13a4  [ 1BF4A65B841F946F2ECE806F3CCC4958, C31B791BD552F1E09D00209A1FB2F96959AB80E5C713EDE5C5615FF8AC2D8BEB ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
18:46:38.0570 0x13a4  SynTP - ok
18:46:38.0673 0x13a4  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\windows\system32\sysmain.dll
18:46:38.0698 0x13a4  SysMain - ok
18:46:38.0720 0x13a4  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
18:46:38.0727 0x13a4  SystemEventsBroker - ok
18:46:38.0748 0x13a4  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\windows\System32\TabSvc.dll
18:46:38.0753 0x13a4  TabletInputService - ok
18:46:38.0777 0x13a4  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\windows\System32\tapisrv.dll
18:46:38.0784 0x13a4  TapiSrv - ok
18:46:38.0899 0x13a4  [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] Tcpip           C:\windows\system32\drivers\tcpip.sys
18:46:38.0946 0x13a4  Tcpip - ok
18:46:39.0002 0x13a4  [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
18:46:39.0045 0x13a4  TCPIP6 - ok
18:46:39.0079 0x13a4  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
18:46:39.0081 0x13a4  tcpipreg - ok
18:46:39.0103 0x13a4  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\windows\system32\DRIVERS\tdx.sys
18:46:39.0105 0x13a4  tdx - ok
18:46:39.0122 0x13a4  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\windows\System32\drivers\terminpt.sys
18:46:39.0124 0x13a4  terminpt - ok
18:46:39.0173 0x13a4  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\windows\System32\termsrv.dll
18:46:39.0194 0x13a4  TermService - ok
18:46:39.0220 0x13a4  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\windows\system32\themeservice.dll
18:46:39.0223 0x13a4  Themes - ok
18:46:39.0249 0x13a4  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\windows\system32\mmcss.dll
18:46:39.0252 0x13a4  THREADORDER - ok
18:46:39.0264 0x13a4  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
18:46:39.0271 0x13a4  TimeBroker - ok
18:46:39.0294 0x13a4  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\windows\system32\drivers\tpm.sys
18:46:39.0298 0x13a4  TPM - ok
18:46:39.0312 0x13a4  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\windows\System32\trkwks.dll
18:46:39.0316 0x13a4  TrkWks - ok
18:46:39.0357 0x13a4  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:46:39.0361 0x13a4  TrustedInstaller - ok
18:46:39.0374 0x13a4  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
18:46:39.0378 0x13a4  TsUsbFlt - ok
18:46:39.0386 0x13a4  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
18:46:39.0387 0x13a4  TsUsbGD - ok
18:46:39.0411 0x13a4  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
18:46:39.0415 0x13a4  tunnel - ok
18:46:39.0419 0x13a4  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\windows\system32\drivers\uagp35.sys
18:46:39.0422 0x13a4  uagp35 - ok
18:46:39.0436 0x13a4  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
18:46:39.0438 0x13a4  UASPStor - ok
18:46:39.0446 0x13a4  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
18:46:39.0451 0x13a4  UCX01000 - ok
18:46:39.0474 0x13a4  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\windows\system32\DRIVERS\udfs.sys
18:46:39.0482 0x13a4  udfs - ok
18:46:39.0487 0x13a4  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\windows\System32\drivers\UEFI.sys
18:46:39.0488 0x13a4  UEFI - ok
18:46:39.0528 0x13a4  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\windows\system32\UI0Detect.exe
18:46:39.0530 0x13a4  UI0Detect - ok
18:46:39.0535 0x13a4  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
18:46:39.0537 0x13a4  uliagpkx - ok
18:46:39.0554 0x13a4  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\windows\System32\drivers\umbus.sys
18:46:39.0555 0x13a4  umbus - ok
18:46:39.0573 0x13a4  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\windows\System32\drivers\umpass.sys
18:46:39.0574 0x13a4  UmPass - ok
18:46:39.0593 0x13a4  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\windows\System32\umrdp.dll
18:46:39.0601 0x13a4  UmRdpService - ok
18:46:39.0632 0x13a4  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\windows\System32\upnphost.dll
18:46:39.0643 0x13a4  upnphost - ok
18:46:39.0670 0x13a4  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\windows\System32\Drivers\usbaapl64.sys
18:46:39.0672 0x13a4  USBAAPL64 - ok
18:46:39.0704 0x13a4  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
18:46:39.0708 0x13a4  usbccgp - ok
18:46:39.0727 0x13a4  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\windows\System32\drivers\usbcir.sys
18:46:39.0730 0x13a4  usbcir - ok
18:46:39.0764 0x13a4  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\windows\System32\drivers\usbehci.sys
18:46:39.0766 0x13a4  usbehci - ok
18:46:39.0787 0x13a4  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\windows\System32\drivers\usbhub.sys
18:46:39.0796 0x13a4  usbhub - ok
18:46:39.0836 0x13a4  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
18:46:39.0845 0x13a4  USBHUB3 - ok
18:46:39.0884 0x13a4  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\windows\System32\drivers\usbohci.sys
18:46:39.0886 0x13a4  usbohci - ok
18:46:39.0899 0x13a4  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\windows\System32\drivers\usbprint.sys
18:46:39.0901 0x13a4  usbprint - ok
18:46:39.0917 0x13a4  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
18:46:39.0921 0x13a4  USBSTOR - ok
18:46:39.0955 0x13a4  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
18:46:39.0956 0x13a4  usbuhci - ok
18:46:39.0964 0x13a4  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
18:46:39.0968 0x13a4  usbvideo - ok
18:46:39.0986 0x13a4  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
18:46:39.0992 0x13a4  USBXHCI - ok
18:46:40.0001 0x13a4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\windows\system32\lsass.exe
18:46:40.0003 0x13a4  VaultSvc - ok
18:46:40.0015 0x13a4  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
18:46:40.0016 0x13a4  vdrvroot - ok
18:46:40.0069 0x13a4  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\windows\System32\vds.exe
18:46:40.0094 0x13a4  vds - ok
18:46:40.0158 0x13a4  [ F7579733F4E8FF9B534C3F7D38F25C2C, 449FED49F2178D2A8000549B180606D050751762F53E600C13CFBEC91601DE87 ] VeriFaceSrv     C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
18:46:40.0162 0x13a4  VeriFaceSrv - ok
18:46:40.0186 0x13a4  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
18:46:40.0197 0x13a4  VerifierExt - ok
18:46:40.0233 0x13a4  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
18:46:40.0247 0x13a4  vhdmp - ok
18:46:40.0263 0x13a4  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\windows\system32\drivers\viaide.sys
18:46:40.0264 0x13a4  viaide - ok
18:46:40.0271 0x13a4  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\windows\system32\drivers\vmbus.sys
18:46:40.0274 0x13a4  vmbus - ok
18:46:40.0294 0x13a4  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
18:46:40.0296 0x13a4  VMBusHID - ok
18:46:40.0326 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\windows\System32\ICSvc.dll
18:46:40.0341 0x13a4  vmicguestinterface - ok
18:46:40.0357 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
18:46:40.0369 0x13a4  vmicheartbeat - ok
18:46:40.0384 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\windows\System32\ICSvc.dll
18:46:40.0394 0x13a4  vmickvpexchange - ok
18:46:40.0410 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\windows\System32\ICSvc.dll
18:46:40.0421 0x13a4  vmicrdv - ok
18:46:40.0435 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\windows\System32\ICSvc.dll
18:46:40.0445 0x13a4  vmicshutdown - ok
18:46:40.0458 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\windows\System32\ICSvc.dll
18:46:40.0472 0x13a4  vmictimesync - ok
18:46:40.0490 0x13a4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\windows\System32\ICSvc.dll
18:46:40.0500 0x13a4  vmicvss - ok
18:46:40.0515 0x13a4  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\windows\system32\drivers\volmgr.sys
18:46:40.0518 0x13a4  volmgr - ok
18:46:40.0537 0x13a4  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
18:46:40.0545 0x13a4  volmgrx - ok
18:46:40.0574 0x13a4  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\windows\system32\drivers\volsnap.sys
18:46:40.0581 0x13a4  volsnap - ok
18:46:40.0604 0x13a4  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\windows\System32\drivers\vpci.sys
18:46:40.0606 0x13a4  vpci - ok
18:46:40.0615 0x13a4  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
18:46:40.0620 0x13a4  vsmraid - ok
18:46:40.0702 0x13a4  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\windows\system32\vssvc.exe
18:46:40.0731 0x13a4  VSS - ok
18:46:40.0744 0x13a4  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
18:46:40.0753 0x13a4  VSTXRAID - ok
18:46:40.0770 0x13a4  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
18:46:40.0772 0x13a4  vwifibus - ok
18:46:40.0793 0x13a4  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
18:46:40.0795 0x13a4  vwififlt - ok
18:46:40.0803 0x13a4  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
18:46:40.0805 0x13a4  vwifimp - ok
18:46:40.0838 0x13a4  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\windows\system32\w32time.dll
18:46:40.0849 0x13a4  W32Time - ok
18:46:40.0867 0x13a4  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\windows\System32\drivers\wacompen.sys
18:46:40.0868 0x13a4  WacomPen - ok
18:46:40.0928 0x13a4  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\windows\system32\wbengine.exe
18:46:40.0968 0x13a4  wbengine - ok
18:46:40.0995 0x13a4  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
18:46:41.0005 0x13a4  WbioSrvc - ok
18:46:41.0022 0x13a4  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
18:46:41.0031 0x13a4  Wcmsvc - ok
18:46:41.0056 0x13a4  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\windows\System32\wcncsvc.dll
18:46:41.0067 0x13a4  wcncsvc - ok
18:46:41.0090 0x13a4  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:46:41.0099 0x13a4  WcsPlugInService - ok
18:46:41.0148 0x13a4  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
18:46:41.0150 0x13a4  WdBoot - ok
18:46:41.0240 0x13a4  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
18:46:41.0265 0x13a4  Wdf01000 - ok
18:46:41.0289 0x13a4  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
18:46:41.0295 0x13a4  WdFilter - ok
18:46:41.0329 0x13a4  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\windows\system32\wdi.dll
18:46:41.0333 0x13a4  WdiServiceHost - ok
18:46:41.0338 0x13a4  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\windows\system32\wdi.dll
18:46:41.0343 0x13a4  WdiSystemHost - ok
18:46:41.0366 0x13a4  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\windows\system32\Drivers\WdNisDrv.sys
18:46:41.0369 0x13a4  WdNisDrv - ok
18:46:41.0388 0x13a4  WdNisSvc - ok
18:46:41.0420 0x13a4  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\windows\System32\webclnt.dll
18:46:41.0426 0x13a4  WebClient - ok
18:46:41.0448 0x13a4  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\windows\system32\wecsvc.dll
18:46:41.0454 0x13a4  Wecsvc - ok
18:46:41.0473 0x13a4  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\windows\system32\wephostsvc.dll
18:46:41.0476 0x13a4  WEPHOSTSVC - ok
18:46:41.0507 0x13a4  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
18:46:41.0510 0x13a4  wercplsupport - ok
18:46:41.0529 0x13a4  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\windows\System32\WerSvc.dll
18:46:41.0533 0x13a4  WerSvc - ok
18:46:41.0565 0x13a4  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
18:46:41.0568 0x13a4  WFPLWFS - ok
18:46:41.0593 0x13a4  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\windows\System32\wiarpc.dll
18:46:41.0596 0x13a4  WiaRpc - ok
18:46:41.0627 0x13a4  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
18:46:41.0629 0x13a4  WIMMount - ok
18:46:41.0632 0x13a4  WinDefend - ok
18:46:41.0682 0x13a4  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
18:46:41.0697 0x13a4  WinHttpAutoProxySvc - ok
18:46:41.0753 0x13a4  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
18:46:41.0759 0x13a4  Winmgmt - ok
18:46:41.0931 0x13a4  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\windows\system32\WsmSvc.dll
18:46:41.0981 0x13a4  WinRM - ok
18:46:42.0009 0x13a4  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
18:46:42.0011 0x13a4  WinUsb - ok
18:46:42.0080 0x13a4  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\windows\System32\wlansvc.dll
18:46:42.0109 0x13a4  WlanSvc - ok
18:46:42.0202 0x13a4  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\windows\system32\wlidsvc.dll
18:46:42.0234 0x13a4  wlidsvc - ok
18:46:42.0249 0x13a4  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
18:46:42.0250 0x13a4  WmiAcpi - ok
18:46:42.0285 0x13a4  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
18:46:42.0289 0x13a4  wmiApSrv - ok
18:46:42.0332 0x13a4  WMPNetworkSvc - ok
18:46:42.0383 0x13a4  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\windows\system32\drivers\Wof.sys
18:46:42.0392 0x13a4  Wof - ok
18:46:42.0506 0x13a4  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\windows\system32\workfolderssvc.dll
18:46:42.0539 0x13a4  workfolderssvc - ok
18:46:42.0577 0x13a4  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
18:46:42.0578 0x13a4  wpcfltr - ok
18:46:42.0603 0x13a4  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
18:46:42.0610 0x13a4  WPCSvc - ok
18:46:42.0640 0x13a4  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
18:46:42.0644 0x13a4  WPDBusEnum - ok
18:46:42.0674 0x13a4  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
18:46:42.0675 0x13a4  WpdUpFltr - ok
18:46:42.0693 0x13a4  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
18:46:42.0694 0x13a4  ws2ifsl - ok
18:46:42.0734 0x13a4  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\windows\System32\wscsvc.dll
18:46:42.0738 0x13a4  wscsvc - ok
18:46:42.0766 0x13a4  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\windows\System32\drivers\WSDPrint.sys
18:46:42.0767 0x13a4  WSDPrintDevice - ok
18:46:42.0797 0x13a4  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\windows\System32\drivers\WSDScan.sys
18:46:42.0798 0x13a4  WSDScan - ok
18:46:42.0801 0x13a4  WSearch - ok
18:46:42.0938 0x13a4  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\windows\System32\WSService.dll
18:46:43.0002 0x13a4  WSService - ok
18:46:43.0038 0x13a4  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
18:46:43.0041 0x13a4  wsvd - ok
18:46:43.0164 0x13a4  [ D24002EB2F4A8A04897703067E81CC5D, 03806198D26DD7BA3E27EFE0911B49E5B48CAD8A05EC4F56AF45CF1E3FAD6916 ] wuauserv        C:\windows\system32\wuaueng.dll
18:46:43.0230 0x13a4  wuauserv - ok
18:46:43.0263 0x13a4  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
18:46:43.0266 0x13a4  WudfPf - ok
18:46:43.0287 0x13a4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
18:46:43.0291 0x13a4  WUDFRd - ok
18:46:43.0299 0x13a4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
18:46:43.0303 0x13a4  WUDFSensorLP - ok
18:46:43.0315 0x13a4  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
18:46:43.0318 0x13a4  wudfsvc - ok
18:46:43.0326 0x13a4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
18:46:43.0331 0x13a4  WUDFWpdFs - ok
18:46:43.0337 0x13a4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
18:46:43.0341 0x13a4  WUDFWpdMtp - ok
18:46:43.0381 0x13a4  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\windows\System32\wwansvc.dll
18:46:43.0392 0x13a4  WwanSvc - ok
18:46:43.0458 0x13a4  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
18:46:43.0468 0x13a4  ZAtheros Bt and Wlan Coex Agent - ok
18:46:43.0482 0x13a4  ================ Scan global ===============================
18:46:43.0528 0x13a4  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\windows\system32\basesrv.dll
18:46:43.0559 0x13a4  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\windows\system32\winsrv.dll
18:46:43.0594 0x13a4  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\windows\system32\sxssrv.dll
18:46:43.0656 0x13a4  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\windows\system32\services.exe
18:46:43.0678 0x13a4  [ Global ] - ok
18:46:43.0679 0x13a4  ================ Scan MBR ==================================
18:46:43.0697 0x13a4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:46:43.0702 0x13a4  \Device\Harddisk0\DR0 - ok
18:46:43.0702 0x13a4  ================ Scan VBR ==================================
18:46:43.0706 0x13a4  [ A35BD2FE0C8F1B1B44552C0005B07AB1 ] \Device\Harddisk0\DR0\Partition1
18:46:43.0713 0x13a4  \Device\Harddisk0\DR0\Partition1 - ok
18:46:43.0724 0x13a4  [ DF3449D0311BB6E39FEF0F36134F1AA2 ] \Device\Harddisk0\DR0\Partition2
18:46:43.0732 0x13a4  \Device\Harddisk0\DR0\Partition2 - ok
18:46:43.0750 0x13a4  [ 6C7394C115F8CF325CBB1EE5605213FA ] \Device\Harddisk0\DR0\Partition3
18:46:43.0765 0x13a4  \Device\Harddisk0\DR0\Partition3 - ok
18:46:43.0787 0x13a4  [ 7BBEBBA59A50CCFF5E2580CE7CAB5755 ] \Device\Harddisk0\DR0\Partition4
18:46:43.0788 0x13a4  \Device\Harddisk0\DR0\Partition4 - ok
18:46:43.0802 0x13a4  [ BBABDFFC343416B45E3F41018D00718D ] \Device\Harddisk0\DR0\Partition5
18:46:43.0820 0x13a4  \Device\Harddisk0\DR0\Partition5 - ok
18:46:43.0846 0x13a4  [ 2E3B543307DE31FDD66D1D6A1BFF68A3 ] \Device\Harddisk0\DR0\Partition6
18:46:43.0865 0x13a4  \Device\Harddisk0\DR0\Partition6 - ok
18:46:43.0884 0x13a4  [ 4ECDA745F275C498509DB79B34FBD03C ] \Device\Harddisk0\DR0\Partition7
18:46:43.0904 0x13a4  \Device\Harddisk0\DR0\Partition7 - ok
18:46:43.0905 0x13a4  ================ Scan generic autorun ======================
18:46:43.0967 0x13a4  [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
18:46:43.0970 0x13a4  IAStorIcon - ok
18:46:44.0016 0x13a4  [ BCA130800847C31A4E11A08116897C12, 497CE051C599CABD3D659D6622BDDD335B9C16537628EF86963212E01496A354 ] C:\windows\system32\igfxtray.exe
18:46:44.0037 0x13a4  IgfxTray - ok
18:46:44.0073 0x13a4  [ 53621F723CF91434F1278AEDB7BF35EE, 3864D025BFBB462A8A7E2A7E2F2060A34ABF5AB685290B8D7A8748A3412DFBB6 ] C:\windows\system32\hkcmd.exe
18:46:44.0088 0x13a4  HotKeysCmds - ok
18:46:44.0125 0x13a4  [ 0394C29A20DFD3692B7C7254F1CCC026, D3AB34B59571BE983730676ED2741B056D7E8169C4857550644BF089D34B0F81 ] C:\windows\system32\igfxpers.exe
18:46:44.0158 0x13a4  Persistence - ok
18:46:44.0364 0x13a4  [ 6546BB9B4B32BE17C66479EBCF6F34BF, 79FF9DD229C8218499FE10ECE258CCAFF3FF258790840769948E4D05B017E9B8 ] C:\windows\RTFTrack.exe
18:46:44.0465 0x13a4  RtsFT - ok
18:46:44.0551 0x13a4  [ 18A8ED924A58263AB9E80CE164612CCB, 347BB04D76DFF6AAA57039D3386A1942F9227B170C605F369A3382CC747F1A7D ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
18:46:44.0569 0x13a4  cAudioFilterAgent - ok
18:46:44.0639 0x13a4  [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
18:46:44.0669 0x13a4  SmartAudio - ok
18:46:45.0147 0x13a4  [ E0AD9F72153A7F55702C3170FDA7876C, 839A8D0B72C3A0530ACC447532CA4CACC19E3C91CEA6B9CBB9498D36DD2DFBE6 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
18:46:45.0603 0x13a4  Energy Manager - ok
18:46:45.0635 0x13a4  [ F0627CE818DA58BAE771DCD4669FA343, 070CE17C9DAC01CC5AE465DFA3FDD8A44ABF97AC8101ED238C96668027B6F10B ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
18:46:45.0636 0x13a4  Lenovo Utility - ok
18:46:45.0680 0x13a4  [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
18:46:45.0689 0x13a4  mcpltui_exe - ok
18:46:45.0728 0x13a4  [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
18:46:45.0732 0x13a4  UpdateP2GShortCut - ok
18:46:45.0777 0x13a4  [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:46:45.0784 0x13a4  iTunesHelper - ok
18:46:45.0867 0x13a4  [ 4AA39B9A4A8534450AA4F55F5C907090, 1620803211935FCC8C57F15CF34255BBDD92CE5FFBB28CCD37C29EB50B4C6D48 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:46:45.0881 0x13a4  GoogleChromeAutoLaunch_7AF03CD55FBE5121416D410588C61404 - ok
18:46:45.0883 0x13a4  Waiting for KSN requests completion. In queue: 104
18:46:46.0884 0x13a4  Waiting for KSN requests completion. In queue: 104
18:46:47.0884 0x13a4  Waiting for KSN requests completion. In queue: 104
18:46:48.0915 0x13a4  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )
18:46:48.0964 0x13a4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
18:46:48.0967 0x13a4  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )
18:46:51.0437 0x13a4  ============================================================
18:46:51.0437 0x13a4  Scan finished
18:46:51.0437 0x13a4  ============================================================
18:46:51.0456 0x13b0  Detected object count: 0
18:46:51.0456 0x13b0  Actual detected object count: 0
18:48:26.0549 0x08f4  Deinitialize success


#8 chopped_liver_mm

chopped_liver_mm
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 22 October 2014 - 06:10 PM

TDSS kit claimed to find nothing.  

 

All in all, it is acting much better, but still has signs of infection.

 

Chrome: When I visit this post that doesn't exist when visiting with a clean computer.  The as appears to be hooked to the right side of the browser and starts as 5 small colored dots on a blue background.  It shows Ads "Based on what you're reading" which so far appear to be for Microsoft Office only.  If I click on the dots, it expands the ad so it is visible and if I click on the ">" arrow, it politely hides.  Behaved or not, it would be best for it to leave.

 

IE: When I visit this post has a "pop-over" ad ""Advertisement brought to you by BLEEPINGCOMPUTER.COM" with an "X" that pops a new window with additional ads.  It also has the "Based on what you're reading" as described above.

 

Again, thank you for your help thus far.  Any pointers on what might be causing the browser ads would be great.



#9 JohnC_21

JohnC_21

  • Members
  • 24,619 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:05:20 PM

Posted 22 October 2014 - 06:24 PM

Just for your info, you need to run Rkill with no reboot before MBAM .



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,895 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:20 PM

Posted 22 October 2014 - 07:06 PM

Unknown boot code = MBR boot code is modified. <- Not always BAD...corresponds to either an active bootkit infection, or a custom boot manager installed (such as GRUB).
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:20 AM

Posted 22 October 2014 - 07:52 PM

For the future, it runs Windows 8.1  (X64), also called a 64bit system, but not to worry about that for now.

Just for your info, you need to run Rkill with no reboot before MBAM .

I asked them to run that earlier, and the results would depend on a re-run or not.

 

RKill is not always needed to run "each time" a security program is used. It can be used as a "stand alone" program, or combined with others if required.

 

Please try to follow the directions in these 3 items after to remove extensions and add-ons installed in Chrome

* How to Disable Extensions in Google Chrome - How to Uninstall Extensions in Google Chrome
* How To Disable Individual Plug-ins in Google Chrome

 

It seems that quietman7 has also read these logs, and I will look for minor items that are left .........

 

 

Run ESET Online Scanner.

  • For Internet Explorer users only, hold down Control  (Ctrl) and click on This Link to open ESET OnlineScan in a new window.
  • Click the ESET Online button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives and Remove Threats"
  • Click Advanced settings and select the following:
     Scan potentially unwanted applications
     Scan for potentially unsafe applications
     Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • Please be patient as this will take some time (Note : 2 hours is not unusual for a first scan, so please be patient.).
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 

 

After that, we can give it a qick clean-up

Please download Temp File Cleaner by Old Timer
General Usage Instructions

:1.Download TFC from the download link above and save the file on your desktop.
2.Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
3.Double-click on the TFC icon.
4.When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
5.When done, press OK > Exit, and reboot your computer to finish the cleanup

 

Thanks -



#12 chopped_liver_mm

chopped_liver_mm
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 22 October 2014 - 11:05 PM

quietman7,

 

Indeed modded MBR code can be a good thing.  I've modded a bit myself in the dark ages and patched some buggy old Disk Manager code.  What concerns me with this MBR code is that the disk is in a stock Lenovo laptop on a stock HDD.  Doing anything that would modify it is beyond the technical know how of the end user and tech that had it before me.  When I remove the drive and place it on a USB adapter, I can't read the partition table with Windows 7, Windows 8, Ubuntu, or disk recovery tools.  If I boot off the MBR, then the partition table is readable.  That could be encryption or a non-standard partition table.  To me, lacking good indication of motive and know how to mod the MBR, I have to agree it red flags bootkit as a good possibility.  So far I've had no luck isolating a copy of the MBR so next time I pull the drive I'll mount it where I can control rights.  IIRC, nothing in any version of Windows prevents userland code from r/w to the MBR.  Page and Hiber files were fixed in Win 7 in response to major infection vectors but as far as I'm aware Win 8 hasn't locked up the MBR.  So what's blocking access to the MBR?

 

This might be a job for Google. ;)

 

Thanks,

 

Mike



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:20 AM

Posted 23 October 2014 - 12:10 AM

Please post a snapshot with Speccy for more system details -
How to Publish a snapshot with Speccy <<-- Full Directions Here (only Copy / Paste the link)

 

There may be a link to why the HDD is giving odd readings............



#14 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:20 PM

Posted 23 October 2014 - 10:07 AM

Hello, 
 

What concerns me with this MBR code is that the disk is in a stock Lenovo laptop on a stock HDD.

An OEM (Original Equipment Manufacturer) MBR is not uncommon, and would explain why GMER flags the MBR as "unknown". 
For example, most HP machines will have an OEM MBR. 
 
I suggest getting a dump of the MBR, and uploading to VirusTotal for analysis.


Posted Image

#15 chopped_liver_mm

chopped_liver_mm
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 23 October 2014 - 12:40 PM

Good morning,

 

I've done some testing this morning to avoid chasing ghosts and learned that the machine may be acting "normal".  I imagine this might change our direction so...

 

The target has two browsers installed, Chrome and IE.  Visiting Bleepingcomputer.com landed different results from each other and a clean machine.  I decided to eliminate some of the likely suspects when I opened a third computer and was immediately presented with the "bad" behavior.

 

So these are images of the "bad" results:

 

 

[hanging ad tag] Shows on all browsers on infected computer but not on the clean computer until I used "incognito" mode.

0hTo9OC.png

 

 

[expanded ad] Shows on all browsers on infected computer but not on the clean computer until I used "incognito" mode.

DyEmc4o.png

 

[pop over ad] Shows ONLY on IE until I use Incognito mode 

2gIlGqe.png

 

In my mind that eliminates a false infection flag.  Apparently cookies tweak the ads to varying levels depending on what your interaction with bleeping computer has been.  I think the worst of it is the [hanging ad] uploads the entire web page to the server so it can decide what you're going to see.  That looks pretty suspect when it only happens on the infected computer.  ;)  Using Incognito mode on clean computers results in the same upload so there goes that theory.

 

So based on that, I think I'm going to roll through Noknojon's steps just because and send the MBR to virus total as LiquidTension suggests.

 

Noknojon, Chrome and IE are both back to the basics.  All BHO's are verified by hash to be clean and current.  It appears to be a cookie issue that threw me off course.

 

As for the MBR, nothing can get at it on the machine.  I've tried aswmbr, MBRCheck and MBR.exe.  

 

Two report the MBR is inaccessible:

 

Stealth MBR .... 0.4.2 by Gmer...

Windows 6.2.9200 (yep 8.1 x64)

 

device : opened successfully

user: error reading MBR

error: Read  The handle is invalid

kernel: error reading MBR

 

The other gets an MBR that only contains a vanilla protective GPT wrapper.  The 1st partition table has data and the 55aa signature is on the end of the MBR.  All other areas are zeros.

 

Aside from pulling the disk, any thoughts on how to get at the MBR.  I'm running as administrator for all the utilities.

 

Thanks everyone.  At least I know something has a good hold on the MBR.  ;)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users