Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan:WIN32/Kovter.C!reg


  • Please log in to reply
14 replies to this topic

#1 jegohio

jegohio

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 25 July 2015 - 03:59 PM

HI...I need help on removing this malware from my laptop.  Windows Defender finds it, removes it, then it is right back within a minute.  I tried using Windows Defender Offline ( I downloaded it to a CD from a clean computer) and it will not open from a new start.  I even tried opening it by going directly to the file with my wi-fi turned off.  Micro-Trend didn't even find it on a scan.  Any suggestions?  My next step is just to do a Recovery to the laptop.  I placed an online order yesterday and that particular credit card was compromised today.  So it is a serious malware.



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:14 PM

Posted 25 July 2015 - 05:27 PM

Hello jegohio
This infection is dropped by other malware, Downloaded from the Internet, so there is probably still a host on the machine.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
>>>

51a46ae42d560-malwarebytes_anti_malware.Malwarebytes Anti-Malware
  • Download MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jegohio

jegohio
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 25 July 2015 - 10:50 PM

PART ONE....

 

HAD TO RERUN THE FIRST FOUR PROGRAMS...LOST MINITOOLBOX LOG FILE WHEN JUNKWARE REMOVAL PROGRAM CLOSED IE.

 

 

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by JANINE (administrator) on 25-07-2015 at 23:32:22
Running from "C:\Users\JANINE\AppData\Local\Microsoft\Windows\INetCache\IE\41AUIP11"
Microsoft Windows 8.1  (X64)
Model: Satellite P875 Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 

 

23:36:28.0820 0x1158  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
23:36:28.0820 0x1158  UEFI system
23:36:32.0555 0x1158  ============================================================
23:36:32.0555 0x1158  Current date / time: 2015/07/25 23:36:32.0555
23:36:32.0555 0x1158  SystemInfo:
23:36:32.0555 0x1158 
23:36:32.0555 0x1158  OS Version: 6.3.9600 ServicePack: 0.0
23:36:32.0555 0x1158  Product type: Workstation
23:36:32.0555 0x1158  ComputerName: TOSHIBA_LAPTOP
23:36:32.0555 0x1158  UserName: JANINE
23:36:32.0555 0x1158  Windows directory: C:\WINDOWS
23:36:32.0555 0x1158  System windows directory: C:\WINDOWS
23:36:32.0555 0x1158  Running under WOW64
23:36:32.0555 0x1158  Processor architecture: Intel x64
23:36:32.0555 0x1158  Number of processors: 8
23:36:32.0555 0x1158  Page size: 0x1000
23:36:32.0555 0x1158  Boot type: Normal boot
23:36:32.0555 0x1158  ============================================================
23:36:33.0180 0x1158  KLMD registered as C:\WINDOWS\system32\drivers\85336029.sys
23:36:35.0509 0x1158  System UUID: {E1746740-D0DA-C42E-B1C4-4C5FBF11B083}
23:36:36.0743 0x1158  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:36:36.0774 0x1158  ============================================================
23:36:36.0774 0x1158  \Device\Harddisk0\DR0:
23:36:36.0774 0x1158  GPT partitions:
23:36:36.0774 0x1158  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {EBD3C676-3BD7-11E2-8ADD-D687B36CEBC5}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
23:36:36.0774 0x1158  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {EBD3C67E-3BD7-11E2-8ADD-D687B36CEBC5}, Name: Basic data partition, StartLBA 0xE1800, BlocksNum 0x82000
23:36:36.0774 0x1158  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {EBD3C680-3BD7-11E2-8ADD-D687B36CEBC5}, Name: Basic data partition, StartLBA 0x163800, BlocksNum 0x40000
23:36:36.0774 0x1158  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EBD3C688-3BD7-11E2-8ADD-D687B36CEBC5}, Name: Basic data partition, StartLBA 0x1A3800, BlocksNum 0x55EF1800
23:36:36.0774 0x1158  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {EE18703C-3B3E-4E58-81E2-56B38D9A04E6}, Name: , StartLBA 0x56095000, BlocksNum 0xE1000
23:36:36.0774 0x1158  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A5C29F5E-594B-4450-8985-258F6F269DED}, Name: , StartLBA 0x56176000, BlocksNum 0xAF000
23:36:36.0774 0x1158  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {EBD3C690-3BD7-11E2-8ADD-D687B36CEBC5}, Name: Basic data partition, StartLBA 0x56225000, BlocksNum 0x1320800
23:36:36.0774 0x1158  MBR partitions:
23:36:36.0774 0x1158  ============================================================
23:36:36.0790 0x1158  C: <-> \Device\Harddisk0\DR0\Partition4
23:36:36.0790 0x1158  ============================================================
23:36:36.0790 0x1158  Initialize success
23:36:36.0790 0x1158  ============================================================
23:36:44.0198 0x1b6c  ============================================================
23:36:44.0198 0x1b6c  Scan started
23:36:44.0198 0x1b6c  Mode: Manual;
23:36:44.0198 0x1b6c  ============================================================
23:36:44.0198 0x1b6c  KSN ping started
23:36:46.0760 0x1b6c  KSN ping finished: true
23:36:53.0465 0x1b6c  ================ Scan system memory ========================
23:36:53.0465 0x1b6c  System memory - ok
23:36:53.0465 0x1b6c  ================ Scan services =============================
23:36:53.0683 0x1b6c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
23:36:53.0683 0x1b6c  1394ohci - ok
23:36:53.0715 0x1b6c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
23:36:53.0730 0x1b6c  3ware - ok
23:36:53.0887 0x1b6c  [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
23:36:53.0918 0x1b6c  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
23:36:53.0996 0x1b6c  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
23:36:54.0012 0x1b6c  ACPI - ok
23:36:54.0027 0x1b6c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
23:36:54.0043 0x1b6c  acpiex - ok
23:36:54.0090 0x1b6c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
23:36:54.0090 0x1b6c  acpipagr - ok
23:36:54.0137 0x1b6c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
23:36:54.0137 0x1b6c  AcpiPmi - ok
23:36:54.0152 0x1b6c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
23:36:54.0152 0x1b6c  acpitime - ok
23:36:54.0199 0x1b6c  [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs            C:\WINDOWS\system32\drivers\adfs.sys
23:36:54.0199 0x1b6c  adfs - ok
23:36:54.0324 0x1b6c  [ BF3818B441955E4D438EC72F06F1FE61, 091A80D6A8887B4B5AFF8D12CB5A96AF4A04B125C13BED815B3A776778CD3190 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
23:36:54.0324 0x1b6c  AdobeActiveFileMonitor11.0 - ok
23:36:54.0402 0x1b6c  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:36:54.0465 0x1b6c  AdobeARMservice - ok
23:36:54.0590 0x1b6c  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:36:54.0605 0x1b6c  AdobeFlashPlayerUpdateSvc - ok
23:36:54.0684 0x1b6c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:36:54.0715 0x1b6c  ADP80XX - ok
23:36:54.0777 0x1b6c  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
23:36:54.0793 0x1b6c  AeLookupSvc - ok
23:36:54.0824 0x1b6c  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
23:36:54.0840 0x1b6c  AFD - ok
23:36:54.0871 0x1b6c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
23:36:54.0871 0x1b6c  agp440 - ok
23:36:54.0918 0x1b6c  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:36:54.0918 0x1b6c  ahcache - ok
23:36:54.0965 0x1b6c  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
23:36:54.0965 0x1b6c  ALG - ok
23:36:54.0996 0x1b6c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
23:36:54.0996 0x1b6c  AmdK8 - ok
23:36:55.0027 0x1b6c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
23:36:55.0027 0x1b6c  AmdPPM - ok
23:36:55.0074 0x1b6c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
23:36:55.0090 0x1b6c  amdsata - ok
23:36:55.0121 0x1b6c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
23:36:55.0121 0x1b6c  amdsbs - ok
23:36:55.0152 0x1b6c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
23:36:55.0152 0x1b6c  amdxata - ok
23:36:55.0246 0x1b6c  [ E1D8F96772F6BBE990B435580CA9C33B, 13EAF541BAB26EAB758521EAE7FC70D591B2BD2F6CB33E78D7F58FB169DDDF0C ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
23:36:55.0246 0x1b6c  Amsp - ok
23:36:55.0293 0x1b6c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
23:36:55.0309 0x1b6c  AppID - ok
23:36:55.0356 0x1b6c  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
23:36:55.0356 0x1b6c  AppIDSvc - ok
23:36:55.0403 0x1b6c  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
23:36:55.0403 0x1b6c  Appinfo - ok
23:36:55.0481 0x1b6c  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:36:55.0496 0x1b6c  Apple Mobile Device Service - ok
23:36:55.0559 0x1b6c  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
23:36:55.0574 0x1b6c  AppReadiness - ok
23:36:55.0762 0x1b6c  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
23:36:55.0809 0x1b6c  AppXSvc - ok
23:36:55.0856 0x1b6c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
23:36:55.0871 0x1b6c  arcsas - ok
23:36:55.0918 0x1b6c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
23:36:55.0918 0x1b6c  atapi - ok
23:36:55.0981 0x1b6c  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:36:55.0996 0x1b6c  AudioEndpointBuilder - ok
23:36:56.0059 0x1b6c  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
23:36:56.0090 0x1b6c  Audiosrv - ok
23:36:56.0137 0x1b6c  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
23:36:56.0153 0x1b6c  AxInstSV - ok
23:36:56.0215 0x1b6c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
23:36:56.0231 0x1b6c  b06bdrv - ok
23:36:56.0278 0x1b6c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:36:56.0278 0x1b6c  BasicDisplay - ok
23:36:56.0309 0x1b6c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
23:36:56.0309 0x1b6c  BasicRender - ok
23:36:56.0324 0x1b6c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
23:36:56.0324 0x1b6c  bcmfn2 - ok
23:36:56.0387 0x1b6c  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
23:36:56.0403 0x1b6c  BDESVC - ok
23:36:56.0434 0x1b6c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:36:56.0434 0x1b6c  Beep - ok
23:36:56.0528 0x1b6c  [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE             C:\WINDOWS\System32\bfe.dll
23:36:56.0559 0x1b6c  BFE - ok
23:36:56.0653 0x1b6c  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
23:36:56.0684 0x1b6c  BITS - ok
23:36:56.0746 0x1b6c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:36:56.0762 0x1b6c  Bonjour Service - ok
23:36:56.0778 0x1b6c  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
23:36:56.0793 0x1b6c  bowser - ok
23:36:56.0840 0x1b6c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:36:56.0856 0x1b6c  BrokerInfrastructure - ok
23:36:56.0903 0x1b6c  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
23:36:56.0918 0x1b6c  Browser - ok
23:36:56.0950 0x1b6c  [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb         C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
23:36:56.0981 0x1b6c  BrSerIb - ok
23:36:57.0012 0x1b6c  [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
23:36:57.0028 0x1b6c  BrUsbSIb - ok
23:36:57.0121 0x1b6c  [ 18C6186E04F25515C1F7DA31B08B5B2D, A46B16942C0CD8204AF760974980A6664C10A38B9FAEDE1FF6A66F6DDF3B4243 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
23:36:57.0340 0x1b6c  BrYNSvc - ok
23:36:57.0372 0x1b6c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:36:57.0387 0x1b6c  BthAvrcpTg - ok
23:36:57.0434 0x1b6c  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
23:36:57.0434 0x1b6c  BthHFEnum - ok
23:36:57.0450 0x1b6c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
23:36:57.0450 0x1b6c  bthhfhid - ok
23:36:57.0512 0x1b6c  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
23:36:57.0528 0x1b6c  BthHFSrv - ok
23:36:57.0544 0x1b6c  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
23:36:57.0544 0x1b6c  BTHMODEM - ok
23:36:57.0606 0x1b6c  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
23:36:57.0606 0x1b6c  bthserv - ok
23:36:57.0637 0x1b6c  [ 849FD07960BC259F9C04AE9087258BA0, D79F3A4D47D9D143D0BFF536DFE0ECE27AB0D0991036C09D33CA56133D48E9F0 ] busbcrw         C:\WINDOWS\System32\Drivers\bucrw64.sys
23:36:57.0637 0x1b6c  busbcrw - ok
23:36:57.0653 0x1b6c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:36:57.0669 0x1b6c  cdfs - ok
23:36:57.0715 0x1b6c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
23:36:57.0731 0x1b6c  cdrom - ok
23:36:57.0778 0x1b6c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
23:36:57.0778 0x1b6c  CertPropSvc - ok
23:36:57.0840 0x1b6c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
23:36:57.0840 0x1b6c  circlass - ok
23:36:57.0919 0x1b6c  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
23:36:57.0934 0x1b6c  CLFS - ok
23:36:57.0981 0x1b6c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
23:36:57.0981 0x1b6c  CmBatt - ok
23:36:58.0059 0x1b6c  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
23:36:58.0075 0x1b6c  CNG - ok
23:36:58.0106 0x1b6c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
23:36:58.0106 0x1b6c  CompositeBus - ok
23:36:58.0122 0x1b6c  COMSysApp - ok
23:36:58.0137 0x1b6c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
23:36:58.0137 0x1b6c  condrv - ok
23:36:58.0262 0x1b6c  [ 10CA7F8EF882104CFBA8D0871DB06AF3, A0C1A7F7C3DCF0BD0F6979F2AE632007FEC767ACF1065C371C9075E54D14FCE4 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
23:36:58.0434 0x1b6c  cphs - ok
23:36:58.0497 0x1b6c  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
23:36:58.0497 0x1b6c  CryptSvc - ok
23:36:58.0559 0x1b6c  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
23:36:58.0559 0x1b6c  dam - ok
23:36:58.0653 0x1b6c  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:36:58.0684 0x1b6c  DcomLaunch - ok
23:36:58.0747 0x1b6c  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
23:36:58.0762 0x1b6c  defragsvc - ok
23:36:58.0841 0x1b6c  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:36:58.0856 0x1b6c  DeviceAssociationService - ok
23:36:58.0903 0x1b6c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
23:36:58.0919 0x1b6c  DeviceInstall - ok
23:36:58.0981 0x1b6c  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
23:36:58.0997 0x1b6c  Dfsc - ok
23:36:59.0044 0x1b6c  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
23:36:59.0059 0x1b6c  Dhcp - ok
23:36:59.0169 0x1b6c  [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
23:36:59.0216 0x1b6c  DiagTrack - ok
23:36:59.0231 0x1b6c  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
23:36:59.0231 0x1b6c  disk - ok
23:36:59.0403 0x1b6c  [ DA67669F8B83B5517A80CD691998D39A, 1FE69937ED6EB6D06B8FE69E20C2D32698519142E1D52292C130760DDAE9D1BC ] DiskDoctorService C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe
23:36:59.0497 0x1b6c  DiskDoctorService - ok
23:36:59.0544 0x1b6c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
23:36:59.0544 0x1b6c  dmvsc - ok
23:36:59.0606 0x1b6c  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:36:59.0622 0x1b6c  Dnscache - ok
23:36:59.0669 0x1b6c  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:36:59.0684 0x1b6c  dot3svc - ok
23:36:59.0731 0x1b6c  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
23:36:59.0731 0x1b6c  DPS - ok
23:36:59.0794 0x1b6c  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:36:59.0794 0x1b6c  drmkaud - ok
23:36:59.0872 0x1b6c  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
23:36:59.0888 0x1b6c  DsmSvc - ok
23:37:00.0028 0x1b6c  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:37:00.0075 0x1b6c  DXGKrnl - ok
23:37:00.0106 0x1b6c  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
23:37:00.0122 0x1b6c  Eaphost - ok
23:37:00.0310 0x1b6c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
23:37:00.0419 0x1b6c  ebdrv - ok
23:37:00.0481 0x1b6c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
23:37:00.0481 0x1b6c  EFS - ok
23:37:00.0497 0x1b6c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
23:37:00.0497 0x1b6c  EhStorClass - ok
23:37:00.0513 0x1b6c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:37:00.0528 0x1b6c  EhStorTcgDrv - ok
23:37:00.0669 0x1b6c  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
23:37:00.0700 0x1b6c  EpsonBidirectionalService - ok
23:37:00.0731 0x1b6c  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
23:37:00.0731 0x1b6c  EpsonScanSvc - ok
23:37:00.0825 0x1b6c  [ 194E8100D57FC13BEF88129BAAD07E46, 745D24ADD99ED182FCCA30C6B85167484B74D3EFD631AF92AA57AAD73F474631 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
23:37:00.0825 0x1b6c  EPSON_PM_RPCV4_04 - ok
23:37:00.0841 0x1b6c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
23:37:00.0841 0x1b6c  ErrDev - ok
23:37:00.0919 0x1b6c  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
23:37:00.0950 0x1b6c  EventSystem - ok
23:37:01.0075 0x1b6c  [ C8559336BB21FF701CBEF14527D7660F, AE8CD6514C0B121B260D9101D76E6225599B832504EB5719FD110E348C9E6682 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:37:01.0216 0x1b6c  EvtEng - ok
23:37:01.0232 0x1b6c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
23:37:01.0247 0x1b6c  exfat - ok
23:37:01.0325 0x1b6c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
23:37:01.0325 0x1b6c  fastfat - ok
23:37:01.0482 0x1b6c  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:37:01.0497 0x1b6c  Fax - ok
23:37:01.0528 0x1b6c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
23:37:01.0528 0x1b6c  fdc - ok
23:37:01.0575 0x1b6c  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
23:37:01.0591 0x1b6c  fdPHost - ok
23:37:01.0638 0x1b6c  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
23:37:01.0638 0x1b6c  FDResPub - ok
23:37:01.0669 0x1b6c  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
23:37:01.0669 0x1b6c  fhsvc - ok
23:37:01.0716 0x1b6c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
23:37:01.0716 0x1b6c  FileInfo - ok
23:37:01.0747 0x1b6c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
23:37:01.0747 0x1b6c  Filetrace - ok
23:37:01.0825 0x1b6c  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:37:01.0841 0x1b6c  FLEXnet Licensing Service - ok
23:37:01.0919 0x1b6c  [ 1C3FB052A0BB72EDAED90785C34D6EED, 5300A82D1A79EBA1768F545E73974E3B8CE189AB39CDF905BF42AFA2E497186B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
23:37:01.0951 0x1b6c  FLEXnet Licensing Service 64 - ok
23:37:01.0982 0x1b6c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
23:37:01.0982 0x1b6c  flpydisk - ok
23:37:02.0029 0x1b6c  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:37:02.0044 0x1b6c  FltMgr - ok
23:37:02.0154 0x1b6c  [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll
23:37:02.0201 0x1b6c  FontCache - ok
23:37:02.0357 0x1b6c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:37:02.0372 0x1b6c  FontCache3.0.0.0 - ok
23:37:02.0451 0x1b6c  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
23:37:02.0451 0x1b6c  FsDepends - ok
23:37:02.0497 0x1b6c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:37:02.0513 0x1b6c  Fs_Rec - ok
23:37:02.0576 0x1b6c  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:37:02.0591 0x1b6c  fvevol - ok
23:37:02.0654 0x1b6c  [ 40A5690A50D003429E6AF655D765AAF4, FAE92750AC7F3E8507D9AAA492253E386F807F254E03F412F035CC46412C0FA5 ] FwLnk           C:\WINDOWS\System32\drivers\FwLnk.sys
23:37:02.0654 0x1b6c  FwLnk - ok
23:37:02.0669 0x1b6c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
23:37:02.0669 0x1b6c  FxPPM - ok
23:37:02.0685 0x1b6c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
23:37:02.0685 0x1b6c  gagp30kx - ok
23:37:02.0747 0x1b6c  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
23:37:02.0747 0x1b6c  GamesAppService - ok
23:37:02.0810 0x1b6c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:37:02.0810 0x1b6c  GEARAspiWDM - ok
23:37:02.0841 0x1b6c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
23:37:02.0841 0x1b6c  gencounter - ok
23:37:02.0873 0x1b6c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:37:02.0873 0x1b6c  GPIOClx0101 - ok
23:37:02.0982 0x1b6c  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
23:37:03.0029 0x1b6c  gpsvc - ok
23:37:03.0076 0x1b6c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
23:37:03.0076 0x1b6c  HDAudBus - ok
23:37:03.0091 0x1b6c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
23:37:03.0091 0x1b6c  HidBatt - ok
23:37:03.0138 0x1b6c  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
23:37:03.0154 0x1b6c  HidBth - ok
23:37:03.0169 0x1b6c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
23:37:03.0169 0x1b6c  hidi2c - ok
23:37:03.0216 0x1b6c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
23:37:03.0216 0x1b6c  HidIr - ok
23:37:03.0263 0x1b6c  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
23:37:03.0263 0x1b6c  hidserv - ok
23:37:03.0310 0x1b6c  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
23:37:03.0310 0x1b6c  HidUsb - ok
23:37:03.0357 0x1b6c  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
23:37:03.0373 0x1b6c  hkmsvc - ok
23:37:03.0420 0x1b6c  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:37:03.0435 0x1b6c  HomeGroupListener - ok
23:37:03.0498 0x1b6c  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:37:03.0513 0x1b6c  HomeGroupProvider - ok
23:37:03.0560 0x1b6c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
23:37:03.0560 0x1b6c  HpSAMD - ok
23:37:03.0654 0x1b6c  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
23:37:03.0685 0x1b6c  HTTP - ok
23:37:03.0732 0x1b6c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
23:37:03.0748 0x1b6c  hwpolicy - ok
23:37:03.0763 0x1b6c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
23:37:03.0779 0x1b6c  hyperkbd - ok
23:37:03.0810 0x1b6c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:37:03.0826 0x1b6c  HyperVideo - ok
23:37:03.0920 0x1b6c  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
23:37:03.0920 0x1b6c  i8042prt - ok
23:37:03.0966 0x1b6c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:37:03.0966 0x1b6c  iaLPSSi_GPIO - ok
23:37:04.0013 0x1b6c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:37:04.0013 0x1b6c  iaLPSSi_I2C - ok
23:37:04.0123 0x1b6c  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
23:37:04.0154 0x1b6c  iaStorA - ok
23:37:04.0201 0x1b6c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
23:37:04.0232 0x1b6c  iaStorAV - ok
23:37:04.0295 0x1b6c  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
23:37:04.0326 0x1b6c  IAStorDataMgrSvc - ok
23:37:04.0357 0x1b6c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
23:37:04.0373 0x1b6c  iaStorV - ok
23:37:04.0435 0x1b6c  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
23:37:04.0498 0x1b6c  IDriverT - ok
23:37:04.0498 0x1b6c  IEEtwCollectorService - ok
23:37:04.0732 0x1b6c  [ 4EB6ABBF5D78E65A418BA71EF3ACE251, 261586815680E666F61FCE3CCB5D485A1D200C42FF52D451AE31D80740EA5BDB ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
23:37:04.0873 0x1b6c  igfx - ok
23:37:04.0998 0x1b6c  [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
23:37:05.0029 0x1b6c  IKEEXT - ok
23:37:05.0060 0x1b6c  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
23:37:05.0076 0x1b6c  intaud_WaveExtensible - ok
23:37:05.0310 0x1b6c  [ 9FEAC097F98F883D0A389C1C36C5DFBD, D27FFCA99D527EFA1280E48B2D76ED614A5F1738D5995C007ECAA6A36B3E2E69 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:37:05.0420 0x1b6c  IntcAzAudAddService - ok
23:37:05.0529 0x1b6c  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
23:37:05.0545 0x1b6c  IntcDAud - ok
23:37:05.0607 0x1b6c  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:37:06.0998 0x1b6c  Intel® Capability Licensing Service Interface - ok
23:37:07.0107 0x1b6c  [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
23:37:07.0107 0x1b6c  Intel® ME Service - ok
23:37:07.0123 0x1b6c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
23:37:07.0123 0x1b6c  intelide - ok
23:37:07.0170 0x1b6c  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
23:37:07.0170 0x1b6c  intelpep - ok
23:37:07.0186 0x1b6c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
23:37:07.0201 0x1b6c  intelppm - ok
23:37:07.0233 0x1b6c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:37:07.0248 0x1b6c  IpFilterDriver - ok
23:37:07.0342 0x1b6c  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
23:37:07.0373 0x1b6c  iphlpsvc - ok
23:37:07.0404 0x1b6c  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:37:07.0404 0x1b6c  IPMIDRV - ok
23:37:07.0436 0x1b6c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
23:37:07.0436 0x1b6c  IPNAT - ok
23:37:07.0483 0x1b6c  [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:37:07.0514 0x1b6c  iPod Service - ok
23:37:07.0545 0x1b6c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
23:37:07.0545 0x1b6c  IRENUM - ok
23:37:07.0592 0x1b6c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
23:37:07.0592 0x1b6c  isapnp - ok
23:37:07.0639 0x1b6c  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
23:37:07.0639 0x1b6c  iScsiPrt - ok
23:37:07.0733 0x1b6c  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
23:37:07.0779 0x1b6c  iumsvc - ok
23:37:07.0826 0x1b6c  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
23:37:07.0842 0x1b6c  iwdbus - ok
23:37:07.0873 0x1b6c  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
23:37:07.0889 0x1b6c  jhi_service - ok
23:37:07.0936 0x1b6c  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
23:37:07.0936 0x1b6c  kbdclass - ok
23:37:07.0998 0x1b6c  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
23:37:08.0014 0x1b6c  kbdhid - ok
23:37:08.0029 0x1b6c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
23:37:08.0029 0x1b6c  kdnic - ok
23:37:08.0045 0x1b6c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
23:37:08.0045 0x1b6c  KeyIso - ok
23:37:08.0170 0x1b6c  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
23:37:08.0170 0x1b6c  KSecDD - ok
23:37:08.0217 0x1b6c  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:37:08.0217 0x1b6c  KSecPkg - ok
23:37:08.0280 0x1b6c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
23:37:08.0280 0x1b6c  ksthunk - ok
23:37:08.0311 0x1b6c  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
23:37:08.0326 0x1b6c  KtmRm - ok
23:37:08.0373 0x1b6c  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
23:37:08.0405 0x1b6c  L1C - ok
23:37:08.0467 0x1b6c  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
23:37:08.0483 0x1b6c  LanmanServer - ok
23:37:08.0530 0x1b6c  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:37:08.0545 0x1b6c  LanmanWorkstation - ok
23:37:08.0623 0x1b6c  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
23:37:08.0639 0x1b6c  lfsvc - ok
23:37:08.0670 0x1b6c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
23:37:08.0670 0x1b6c  lltdio - ok
23:37:08.0717 0x1b6c  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
23:37:08.0733 0x1b6c  lltdsvc - ok
23:37:08.0780 0x1b6c  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
23:37:08.0780 0x1b6c  lmhosts - ok
23:37:08.0826 0x1b6c  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:37:08.0842 0x1b6c  LMS - ok
23:37:08.0889 0x1b6c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
23:37:08.0905 0x1b6c  LSI_SAS - ok
23:37:08.0920 0x1b6c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
23:37:08.0920 0x1b6c  LSI_SAS2 - ok
23:37:08.0967 0x1b6c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
23:37:08.0983 0x1b6c  LSI_SAS3 - ok
23:37:08.0998 0x1b6c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
23:37:08.0998 0x1b6c  LSI_SSS - ok
23:37:09.0077 0x1b6c  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
23:37:09.0108 0x1b6c  LSM - ok
23:37:09.0170 0x1b6c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
23:37:09.0170 0x1b6c  luafv - ok
23:37:09.0217 0x1b6c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
23:37:09.0217 0x1b6c  megasas - ok
23:37:09.0280 0x1b6c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
23:37:09.0311 0x1b6c  megasr - ok
23:37:09.0342 0x1b6c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
23:37:09.0358 0x1b6c  MEIx64 - ok
23:37:09.0405 0x1b6c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
23:37:09.0405 0x1b6c  MMCSS - ok
23:37:09.0483 0x1b6c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
23:37:09.0483 0x1b6c  Modem - ok
23:37:09.0498 0x1b6c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
23:37:09.0498 0x1b6c  monitor - ok
23:37:09.0530 0x1b6c  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
23:37:09.0530 0x1b6c  mouclass - ok
23:37:09.0577 0x1b6c  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
23:37:09.0577 0x1b6c  mouhid - ok
23:37:09.0639 0x1b6c  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
23:37:09.0639 0x1b6c  mountmgr - ok
23:37:09.0686 0x1b6c  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
23:37:09.0686 0x1b6c  mpsdrv - ok
23:37:09.0764 0x1b6c  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
23:37:09.0795 0x1b6c  MpsSvc - ok
23:37:09.0842 0x1b6c  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
23:37:09.0858 0x1b6c  MRxDAV - ok
23:37:09.0905 0x1b6c  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:37:09.0920 0x1b6c  mrxsmb - ok
23:37:09.0952 0x1b6c  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:37:09.0967 0x1b6c  mrxsmb10 - ok
23:37:09.0983 0x1b6c  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:37:09.0983 0x1b6c  mrxsmb20 - ok
23:37:10.0030 0x1b6c  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
23:37:10.0045 0x1b6c  MsBridge - ok
23:37:10.0092 0x1b6c  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
23:37:10.0092 0x1b6c  MSDTC - ok
23:37:10.0139 0x1b6c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:37:10.0139 0x1b6c  Msfs - ok
23:37:10.0186 0x1b6c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:37:10.0186 0x1b6c  msgpiowin32 - ok
23:37:10.0202 0x1b6c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:37:10.0202 0x1b6c  mshidkmdf - ok
23:37:10.0217 0x1b6c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
23:37:10.0233 0x1b6c  mshidumdf - ok
23:37:10.0233 0x1b6c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
23:37:10.0233 0x1b6c  msisadrv - ok
23:37:10.0296 0x1b6c  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
23:37:10.0311 0x1b6c  MSiSCSI - ok
23:37:10.0311 0x1b6c  msiserver - ok
23:37:10.0327 0x1b6c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:37:10.0327 0x1b6c  MSKSSRV - ok
23:37:10.0389 0x1b6c  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
23:37:10.0389 0x1b6c  MsLldp - ok
23:37:10.0421 0x1b6c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:37:10.0436 0x1b6c  MSPCLOCK - ok
23:37:10.0452 0x1b6c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:37:10.0452 0x1b6c  MSPQM - ok
23:37:10.0467 0x1b6c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
23:37:10.0483 0x1b6c  MsRPC - ok
23:37:10.0514 0x1b6c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
23:37:10.0514 0x1b6c  mssmbios - ok
23:37:10.0530 0x1b6c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
23:37:10.0530 0x1b6c  MSTEE - ok
23:37:10.0546 0x1b6c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
23:37:10.0546 0x1b6c  MTConfig - ok
23:37:10.0592 0x1b6c  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
23:37:10.0592 0x1b6c  Mup - ok
23:37:10.0655 0x1b6c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
23:37:10.0655 0x1b6c  mvumis - ok
23:37:10.0780 0x1b6c  [ 50E1967C1C2A2BBF4E361DE1A6DD9A5E, 914650EE73313FF15F778F9002D8A1F43D9850D3D1086282B408CD71AC3874D0 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
23:37:10.0827 0x1b6c  MyWiFiDHCPDNS - ok
23:37:10.0905 0x1b6c  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
23:37:10.0921 0x1b6c  napagent - ok
23:37:10.0999 0x1b6c  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:37:11.0014 0x1b6c  NativeWifiP - ok
23:37:11.0061 0x1b6c  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
23:37:11.0061 0x1b6c  NcaSvc - ok
23:37:11.0108 0x1b6c  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
23:37:11.0124 0x1b6c  NcbService - ok
23:37:11.0171 0x1b6c  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
23:37:11.0171 0x1b6c  NcdAutoSetup - ok
23:37:11.0264 0x1b6c  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
23:37:11.0311 0x1b6c  NDIS - ok
23:37:11.0358 0x1b6c  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
23:37:11.0358 0x1b6c  NdisCap - ok
23:37:11.0421 0x1b6c  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
23:37:11.0436 0x1b6c  NdisImPlatform - ok
23:37:11.0483 0x1b6c  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:37:11.0483 0x1b6c  NdisTapi - ok
23:37:11.0530 0x1b6c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:37:11.0530 0x1b6c  Ndisuio - ok
23:37:11.0546 0x1b6c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:37:11.0546 0x1b6c  NdisVirtualBus - ok
23:37:11.0577 0x1b6c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:37:11.0593 0x1b6c  NdisWan - ok
23:37:11.0608 0x1b6c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:37:11.0608 0x1b6c  NdisWanLegacy - ok
23:37:11.0655 0x1b6c  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:37:11.0655 0x1b6c  NDProxy - ok
23:37:11.0702 0x1b6c  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
23:37:11.0702 0x1b6c  Ndu - ok
23:37:11.0749 0x1b6c  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
23:37:11.0765 0x1b6c  Net Driver HPZ12 - ok
23:37:11.0796 0x1b6c  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:37:11.0811 0x1b6c  NetBIOS - ok
23:37:11.0858 0x1b6c  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:37:11.0874 0x1b6c  NetBT - ok
23:37:11.0890 0x1b6c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:37:11.0890 0x1b6c  Netlogon - ok
23:37:11.0968 0x1b6c  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
23:37:11.0983 0x1b6c  Netman - ok
23:37:12.0140 0x1b6c  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
23:37:12.0155 0x1b6c  netprofm - ok
23:37:12.0249 0x1b6c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:37:12.0249 0x1b6c  NetTcpPortSharing - ok
23:37:12.0296 0x1b6c  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
23:37:12.0311 0x1b6c  netvsc - ok
23:37:12.0577 0x1b6c  [ 4E28478C4CE7A0258BAE7127F8CE1AD6, 985C566978478F6A8DF79F58892119E75E60A0C0BFBA6E15707FE58D136E9EFC ] NETwNe64        C:\WINDOWS\system32\DRIVERS\Netwew00.sys
23:37:12.0718 0x1b6c  NETwNe64 - ok
23:37:12.0780 0x1b6c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
23:37:12.0796 0x1b6c  NlaSvc - ok
23:37:12.0890 0x1b6c  [ D6691A65D2414AE04200D5FCE7542E90, 91394B20B59D3DB0E54315B9B4B288D80D60E48B34111AF683A0BCD99045C6DE ] nlsX86cc        C:\WINDOWS\SysWOW64\nlssrv32.exe
23:37:12.0936 0x1b6c  nlsX86cc - ok
23:37:12.0999 0x1b6c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:37:12.0999 0x1b6c  Npfs - ok
23:37:13.0046 0x1b6c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
23:37:13.0046 0x1b6c  npsvctrig - ok
23:37:13.0093 0x1b6c  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
23:37:13.0093 0x1b6c  nsi - ok
23:37:13.0140 0x1b6c  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
23:37:13.0140 0x1b6c  nsiproxy - ok
23:37:13.0280 0x1b6c  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:37:13.0343 0x1b6c  Ntfs - ok
23:37:13.0624 0x1b6c  [ 7814796348C485920FA44C5CE9C77843, A8C9EC7D4AF30A479B3404077286CCFA96C994419A66319EC6E72C493E1C2523 ] NU16StartManagerSvc C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
23:37:13.0780 0x1b6c  NU16StartManagerSvc - ok
23:37:13.0874 0x1b6c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:37:13.0874 0x1b6c  Null - ok
23:37:13.0905 0x1b6c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
23:37:13.0905 0x1b6c  nvraid - ok
23:37:13.0921 0x1b6c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
23:37:13.0937 0x1b6c  nvstor - ok
23:37:13.0952 0x1b6c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
23:37:13.0952 0x1b6c  nv_agp - ok
23:37:14.0046 0x1b6c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:37:14.0062 0x1b6c  ose - ok
23:37:14.0374 0x1b6c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:37:14.0546 0x1b6c  osppsvc - ok
23:37:14.0624 0x1b6c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
23:37:14.0640 0x1b6c  p2pimsvc - ok
23:37:14.0702 0x1b6c  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
23:37:14.0718 0x1b6c  p2psvc - ok
23:37:14.0749 0x1b6c  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
23:37:14.0749 0x1b6c  Parport - ok
23:37:14.0812 0x1b6c  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
23:37:14.0812 0x1b6c  partmgr - ok
23:37:14.0890 0x1b6c  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
23:37:14.0906 0x1b6c  PcaSvc - ok
23:37:14.0968 0x1b6c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
23:37:14.0968 0x1b6c  pci - ok
23:37:15.0015 0x1b6c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
23:37:15.0015 0x1b6c  pciide - ok
23:37:15.0031 0x1b6c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
23:37:15.0046 0x1b6c  pcmcia - ok
23:37:15.0062 0x1b6c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
23:37:15.0062 0x1b6c  pcw - ok
23:37:15.0109 0x1b6c  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
23:37:15.0109 0x1b6c  pdc - ok
23:37:15.0187 0x1b6c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
23:37:15.0203 0x1b6c  PEAUTH - ok
23:37:15.0328 0x1b6c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
23:37:15.0328 0x1b6c  PerfHost - ok
23:37:15.0453 0x1b6c  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
23:37:15.0515 0x1b6c  pla - ok
23:37:15.0562 0x1b6c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
23:37:15.0562 0x1b6c  PlugPlay - ok
23:37:15.0609 0x1b6c  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
23:37:15.0609 0x1b6c  Pml Driver HPZ12 - ok
23:37:15.0656 0x1b6c  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
23:37:15.0656 0x1b6c  PNRPAutoReg - ok
23:37:15.0687 0x1b6c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
23:37:15.0703 0x1b6c  PNRPsvc - ok
23:37:15.0765 0x1b6c  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
23:37:15.0781 0x1b6c  PolicyAgent - ok
23:37:15.0859 0x1b6c  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
23:37:15.0859 0x1b6c  Power - ok
23:37:16.0265 0x1b6c  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:37:16.0468 0x1b6c  PrintNotify - ok
23:37:16.0593 0x1b6c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
23:37:16.0609 0x1b6c  Processor - ok
23:37:16.0656 0x1b6c  [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
23:37:16.0672 0x1b6c  ProfSvc - ok
23:37:16.0703 0x1b6c  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
23:37:16.0718 0x1b6c  Psched - ok
23:37:16.0765 0x1b6c  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\WINDOWS\system32\Drivers\PxHlpa64.sys
23:37:16.0765 0x1b6c  PxHlpa64 - ok
23:37:16.0828 0x1b6c  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
23:37:16.0843 0x1b6c  QWAVE - ok
23:37:16.0890 0x1b6c  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
23:37:16.0890 0x1b6c  QWAVEdrv - ok
23:37:16.0906 0x1b6c  RapportKE64 - ok
23:37:16.0922 0x1b6c  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:37:16.0922 0x1b6c  RasAcd - ok
23:37:16.0984 0x1b6c  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:37:16.0984 0x1b6c  RasAuto - ok
23:37:17.0062 0x1b6c  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:37:17.0093 0x1b6c  RasMan - ok
23:37:17.0125 0x1b6c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:37:17.0140 0x1b6c  RasPppoe - ok
23:37:17.0172 0x1b6c  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:37:17.0172 0x1b6c  rdbss - ok
23:37:17.0234 0x1b6c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
23:37:17.0234 0x1b6c  rdpbus - ok
23:37:17.0265 0x1b6c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
23:37:17.0265 0x1b6c  RDPDR - ok
23:37:17.0312 0x1b6c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:37:17.0312 0x1b6c  RdpVideoMiniport - ok
23:37:17.0344 0x1b6c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
23:37:17.0344 0x1b6c  rdyboost - ok
23:37:17.0515 0x1b6c  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
23:37:17.0547 0x1b6c  ReFS - ok
23:37:17.0687 0x1b6c  [ 7256A19A9397E71FADC46E23E11B1609, AF403728F751C3ECFBA68D05C1E9672CB7B52CB078DE85CB16EAEC5230BBD5BC ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:37:17.0734 0x1b6c  RegSrvc - ok
23:37:17.0797 0x1b6c  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:37:17.0812 0x1b6c  RemoteAccess - ok
23:37:17.0859 0x1b6c  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:37:17.0875 0x1b6c  RemoteRegistry - ok
23:37:17.0922 0x1b6c  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
23:37:17.0922 0x1b6c  RpcEptMapper - ok
23:37:17.0984 0x1b6c  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:37:17.0984 0x1b6c  RpcLocator - ok
23:37:18.0078 0x1b6c  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:37:18.0109 0x1b6c  RpcSs - ok
23:37:18.0156 0x1b6c  [ D38250F459BF60D6F4B69B79DCD948CC, E68C864C1A4C9352EA939062F28789ADE9F0672E8CB3F3909D2891786C76F06F ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
23:37:18.0172 0x1b6c  RSP2STOR - ok
23:37:18.0219 0x1b6c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
23:37:18.0219 0x1b6c  rspndr - ok
23:37:18.0297 0x1b6c  [ 6831D30B0DB45E25E6C3207247C6EC36, DE9F0331E7BA5AF30E1B4D848AB44BAAD94356776A60E750BB55AD54AB667AAA ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
23:37:18.0312 0x1b6c  RtkAudioService - ok
23:37:18.0328 0x1b6c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
23:37:18.0328 0x1b6c  s3cap - ok
23:37:18.0375 0x1b6c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
23:37:18.0375 0x1b6c  SamSs - ok
23:37:18.0453 0x1b6c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
23:37:18.0453 0x1b6c  sbp2port - ok
23:37:18.0500 0x1b6c  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
23:37:18.0516 0x1b6c  SCardSvr - ok
23:37:18.0578 0x1b6c  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
23:37:18.0578 0x1b6c  ScDeviceEnum - ok
23:37:18.0625 0x1b6c  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:37:18.0625 0x1b6c  scfilter - ok
23:37:18.0719 0x1b6c  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:37:18.0766 0x1b6c  Schedule - ok
23:37:18.0797 0x1b6c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
23:37:18.0813 0x1b6c  SCPolicySvc - ok
23:37:18.0891 0x1b6c  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
23:37:18.0906 0x1b6c  sdbus - ok
23:37:18.0969 0x1b6c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
23:37:18.0984 0x1b6c  sdstor - ok
23:37:19.0031 0x1b6c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
23:37:19.0031 0x1b6c  secdrv - ok
23:37:19.0078 0x1b6c  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
23:37:19.0078 0x1b6c  seclogon - ok
23:37:19.0203 0x1b6c  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
23:37:19.0203 0x1b6c  SENS - ok
23:37:19.0266 0x1b6c  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
23:37:19.0281 0x1b6c  SensrSvc - ok
23:37:19.0297 0x1b6c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
23:37:19.0297 0x1b6c  SerCx - ok
23:37:19.0313 0x1b6c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
23:37:19.0328 0x1b6c  SerCx2 - ok
23:37:19.0344 0x1b6c  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
23:37:19.0344 0x1b6c  Serenum - ok
23:37:19.0391 0x1b6c  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
23:37:19.0391 0x1b6c  Serial - ok
23:37:19.0438 0x1b6c  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
23:37:19.0453 0x1b6c  sermouse - ok
23:37:19.0516 0x1b6c  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
23:37:19.0531 0x1b6c  SessionEnv - ok
23:37:19.0563 0x1b6c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
23:37:19.0563 0x1b6c  sfloppy - ok
23:37:19.0625 0x1b6c  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:37:19.0641 0x1b6c  SharedAccess - ok
23:37:19.0734 0x1b6c  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:37:19.0766 0x1b6c  ShellHWDetection - ok
23:37:19.0813 0x1b6c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:37:19.0828 0x1b6c  SiSRaid2 - ok
23:37:19.0844 0x1b6c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
23:37:19.0844 0x1b6c  SiSRaid4 - ok
23:37:19.0891 0x1b6c  [ 4A2972573225A2DE4DEC0AD68529DF0F, CA0F7AF29019B18C37AE2C31361C765AB4156F9E7C3E65237C7D68345D22C634 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
23:37:19.0953 0x1b6c  SmbDrvI - ok
23:37:20.0000 0x1b6c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
23:37:20.0016 0x1b6c  smphost - ok
23:37:20.0047 0x1b6c  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:37:20.0063 0x1b6c  SNMPTRAP - ok
23:37:20.0141 0x1b6c  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
23:37:20.0156 0x1b6c  spaceport - ok
23:37:20.0219 0x1b6c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
23:37:20.0219 0x1b6c  SpbCx - ok
23:37:20.0547 0x1b6c  [ 2D5AE5F3B1F9EEE8D914056FC3C2521B, E99C21DA8C0159A50B61457712D29C8E04CDDB544C4300119AB0C46D0DC84CFC ] SpeedDiskService C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe
23:37:20.0657 0x1b6c  SpeedDiskService - ok
23:37:20.0735 0x1b6c  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
23:37:20.0766 0x1b6c  Spooler - ok
23:37:21.0094 0x1b6c  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
23:37:21.0313 0x1b6c  sppsvc - ok
23:37:21.0375 0x1b6c  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:37:21.0375 0x1b6c  srv - ok
23:37:21.0453 0x1b6c  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
23:37:21.0469 0x1b6c  srv2 - ok
23:37:21.0532 0x1b6c  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:37:21.0532 0x1b6c  srvnet - ok
23:37:21.0625 0x1b6c  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:37:21.0641 0x1b6c  SSDPSRV - ok
23:37:21.0719 0x1b6c  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
23:37:21.0735 0x1b6c  SstpSvc - ok
23:37:21.0766 0x1b6c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
23:37:21.0766 0x1b6c  stexstor - ok
23:37:21.0875 0x1b6c  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
23:37:21.0907 0x1b6c  stisvc - ok
23:37:21.0938 0x1b6c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
23:37:21.0953 0x1b6c  storahci - ok
23:37:21.0985 0x1b6c  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
23:37:21.0985 0x1b6c  storflt - ok
23:37:22.0000 0x1b6c  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
23:37:22.0000 0x1b6c  stornvme - ok
23:37:22.0047 0x1b6c  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
23:37:22.0047 0x1b6c  StorSvc - ok
23:37:22.0094 0x1b6c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
23:37:22.0094 0x1b6c  storvsc - ok
23:37:22.0125 0x1b6c  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
23:37:22.0141 0x1b6c  svsvc - ok
23:37:22.0188 0x1b6c  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
23:37:22.0188 0x1b6c  swenum - ok
23:37:22.0251 0x1b6c  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
23:37:22.0282 0x1b6c  swprv - ok
23:37:22.0344 0x1b6c  [ 157DFCD1E83E964A5074742AE2DFA0C1, D6F4567F42402938F54A1E482BAE3B02E1BD5AF3788835A63829A3652E5DDA67 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:37:22.0391 0x1b6c  SynTP - ok
23:37:22.0485 0x1b6c  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\WINDOWS\system32\sysmain.dll
23:37:22.0516 0x1b6c  SysMain - ok
23:37:22.0579 0x1b6c  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:37:22.0594 0x1b6c  SystemEventsBroker - ok
23:37:22.0641 0x1b6c  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:37:22.0657 0x1b6c  TabletInputService - ok
23:37:22.0719 0x1b6c  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:37:22.0735 0x1b6c  TapiSrv - ok
23:37:22.0891 0x1b6c  [ 3C2DF97A21A9BBE6355B0A51F288EFFF, 47BBE47CFE2379B072AEEC360C4F207059BED9AD18C55FDF2AC0DA9CAD837BFB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
23:37:22.0969 0x1b6c  Tcpip - ok
23:37:23.0235 0x1b6c  [ 3C2DF97A21A9BBE6355B0A51F288EFFF, 47BBE47CFE2379B072AEEC360C4F207059BED9AD18C55FDF2AC0DA9CAD837BFB ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:37:23.0313 0x1b6c  TCPIP6 - ok
23:37:23.0360 0x1b6c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
23:37:23.0360 0x1b6c  tcpipreg - ok
23:37:23.0391 0x1b6c  [ 58480A57ACF2671C343FD1D4BA990E34, 24AD9C808D06FABFE8E81242CAC8B5A91829F7D951B245865EF77B79BB795E3D ] TDCMDPST        C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys
23:37:23.0391 0x1b6c  TDCMDPST - ok
23:37:23.0454 0x1b6c  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
23:37:23.0454 0x1b6c  tdx - ok
23:37:23.0469 0x1b6c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
23:37:23.0469 0x1b6c  terminpt - ok
23:37:23.0547 0x1b6c  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
23:37:23.0594 0x1b6c  TermService - ok
23:37:23.0657 0x1b6c  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
23:37:23.0657 0x1b6c  Themes - ok
23:37:23.0672 0x1b6c  [ 77CF0ECC1C2B5E616B650AB5D4931114, FFB54C264EE10AABA076B591196A98DA5F57E975A4A143AFB5424DFF726AF66F ] Thotkey         C:\WINDOWS\System32\drivers\Thotkey.sys
23:37:23.0672 0x1b6c  Thotkey - ok
23:37:23.0704 0x1b6c  [ C543A60A5629BE336A5BF844A802F725, D29FE96B636A9C8AE06AC0F10CCDE57062BDA35C4FB707D4945B46662217C519 ] Thpdrv          C:\WINDOWS\system32\DRIVERS\thpdrv.sys
23:37:23.0704 0x1b6c  Thpdrv - ok
23:37:23.0751 0x1b6c  [ 981FF023805AF650B8900DAA9C78B929, C78E8CFD20E5C90755DA0E29B222902EC9C2A061006FE1015FC3F64A2DC81CF4 ] Thpevm          C:\WINDOWS\system32\drivers\Thpevm.SYS
23:37:23.0766 0x1b6c  Thpevm - ok
23:37:23.0798 0x1b6c  [ D35234AC71FDB240F9BC586E55F797F1, 23CC13D13D9D51B3850D12DE01C85DCC3FDBAD45ED72475A176D4E132712DB2A ] Thpsrv          C:\windows\system32\ThpSrv.exe
23:37:23.0829 0x1b6c  Thpsrv - ok
23:37:23.0860 0x1b6c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
23:37:23.0876 0x1b6c  THREADORDER - ok
23:37:23.0923 0x1b6c  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
23:37:23.0938 0x1b6c  TimeBroker - ok
23:37:23.0985 0x1b6c  [ 6C4F5CD42074DB52AE88FC4BAB2C54F7, B4E3B6A23C99A11186F4EE875871D459A7A03EF4565CA114B41FB3C982841A45 ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
23:37:23.0985 0x1b6c  TMachInfo - ok
23:37:24.0016 0x1b6c  [ 20903580F4BCFD08E8A59310D747190C, A7F2A8F271C4CB6846A4BB008EF5BAD1606E6868B84B7DBF57966614D416BFC9 ] tmactmon        C:\WINDOWS\system32\DRIVERS\tmactmon.sys
23:37:24.0016 0x1b6c  tmactmon - ok
23:37:24.0048 0x1b6c  [ B6ECBBBCEE9F1B88BA101F4C0BB58977, BF308B4E6382D6EF88D3A864462A70042F654BE2235F3353C02902D44F63EA9F ] tmcomm          C:\WINDOWS\system32\DRIVERS\tmcomm.sys
23:37:24.0048 0x1b6c  tmcomm - ok
23:37:24.0063 0x1b6c  [ 4068D01A407C5F3B9AD3DF523E6BCEF6, DB3999EC8886610A14C8961356D88363BD5E3F006DA372F02CAEAC2468132565 ] TMEBC           C:\WINDOWS\system32\DRIVERS\TMEBC64.sys
23:37:24.0079 0x1b6c  TMEBC - ok
23:37:24.0094 0x1b6c  [ 3A10F5BDF66013B13AAB032B549E934D, E3F141471295D351777AA025A1CAF4F17C4E1589FB3A5FB0BB377C6FEA3C3477 ] tmeevw          C:\WINDOWS\system32\DRIVERS\tmeevw.sys
23:37:24.0094 0x1b6c  tmeevw - ok
23:37:24.0141 0x1b6c  [ 99591D7E6D321C01EFA5A8BD89015377, 996EF8CB895086B18EF5B3A03C690D15CF10B6313B6CC4DCB87194F28739B381 ] tmel            C:\WINDOWS\system32\DRIVERS\tmel.sys
23:37:24.0141 0x1b6c  tmel - ok
23:37:24.0157 0x1b6c  [ 565EEA0DEF37E5AA66D492F4C1EFDCB7, 8E943EE08A96308906EC8117EE033DCC2DC10A5082C3B142278EE94E278F7969 ] tmevtmgr        C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
23:37:24.0173 0x1b6c  tmevtmgr - ok
23:37:24.0220 0x1b6c  [ C91EB6CEC1A7FE02BB54760ABF79FBA6, 1E3E1ADB59D4F8ED12B9611D21717D38D9135892E506609193A1A32E7113124C ] tmnciesc        C:\WINDOWS\system32\DRIVERS\tmnciesc.sys
23:37:24.0235 0x1b6c  tmnciesc - ok
23:37:24.0251 0x1b6c  [ 04F5630CF5C604B51D75AF6695BB8C12, 3F72140D99BA6DECD429BE6CACB25FF1FF53A82DAC99A156D79DB636ED2ACE2E ] tmusa           C:\WINDOWS\system32\DRIVERS\tmusa.sys
23:37:24.0251 0x1b6c  tmusa - ok
23:37:24.0298 0x1b6c  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
23:37:24.0298 0x1b6c  TODDSrv - ok
23:37:24.0548 0x1b6c  [ 380192EE4C9FA50A083C14522E6240C8, 539EF29B97E552F655F73EFB54AE300587F3C6FCE9AF89C81B838997E9E0CD43 ] TOSHIBA eco Utility Service C:\Program Files\Toshiba\Teco\TecoService.exe
23:37:24.0563 0x1b6c  TOSHIBA eco Utility Service - ok
23:37:24.0673 0x1b6c  [ 36391C3953D191A2AF4556D5D706C641, 5191A35C86B6C98F2CBDDC23B5311ED62310345CEDE084A54BBF70CCF0F84C50 ] tos_sps64       C:\WINDOWS\system32\drivers\tos_sps64.sys
23:37:24.0688 0x1b6c  tos_sps64 - ok
23:37:24.0813 0x1b6c  [ 67F2A8FCD91A06E445C374C9E6BB0DD3, 3087D762421A265A0E4BB41496284B092F7F71476CC7BEC5334E3FB6414B4F41 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
23:37:24.0829 0x1b6c  TPCHSrv - ok
23:37:24.0860 0x1b6c  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
23:37:24.0860 0x1b6c  TPM - ok
23:37:24.0907 0x1b6c  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
23:37:24.0923 0x1b6c  TrkWks - ok
23:37:25.0016 0x1b6c  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:37:25.0016 0x1b6c  TrustedInstaller - ok
23:37:25.0032 0x1b6c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
23:37:25.0048 0x1b6c  TsUsbFlt - ok
23:37:25.0079 0x1b6c  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:37:25.0095 0x1b6c  TsUsbGD - ok
23:37:25.0110 0x1b6c  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
23:37:25.0126 0x1b6c  tunnel - ok
23:37:25.0173 0x1b6c  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\WINDOWS\system32\drivers\TVALZ_O.SYS
23:37:25.0173 0x1b6c  TVALZ - ok
23:37:25.0204 0x1b6c  [ 55A9A23DD64EB7781FCAB565B028CD0E, 44CE0C8244F9AE6CCCDB49C29F6D35FE4CE8C92DE5B5D44D22DBD088DE83AA10 ] TVALZFL         C:\WINDOWS\system32\Drivers\TVALZFL.sys
23:37:25.0204 0x1b6c  TVALZFL - ok
23:37:25.0235 0x1b6c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
23:37:25.0235 0x1b6c  uagp35 - ok
23:37:25.0266 0x1b6c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
23:37:25.0266 0x1b6c  UASPStor - ok
23:37:25.0313 0x1b6c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
23:37:25.0329 0x1b6c  UCX01000 - ok
23:37:25.0391 0x1b6c  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
23:37:25.0407 0x1b6c  udfs - ok
23:37:25.0407 0x1b6c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
23:37:25.0423 0x1b6c  UEFI - ok
23:37:25.0470 0x1b6c  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
23:37:25.0485 0x1b6c  UI0Detect - ok
23:37:25.0485 0x1b6c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
23:37:25.0501 0x1b6c  uliagpkx - ok
23:37:25.0516 0x1b6c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
23:37:25.0516 0x1b6c  umbus - ok
23:37:25.0548 0x1b6c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
23:37:25.0563 0x1b6c  UmPass - ok
23:37:25.0626 0x1b6c  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
23:37:25.0641 0x1b6c  UmRdpService - ok
23:37:25.0845 0x1b6c  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:37:25.0860 0x1b6c  UNS - ok
23:37:26.0001 0x1b6c  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:37:26.0016 0x1b6c  upnphost - ok
23:37:26.0079 0x1b6c  [ 8047D8AFA070A4C3B9FCBDBF77A84C45, D8B47716EE57391E3B9CBE3B35FF1F933F08E40B1C8C12EB5BE2438D9E409FF0 ] usb3Hub         C:\WINDOWS\System32\drivers\usb3Hub.sys
23:37:26.0110 0x1b6c  usb3Hub - ok
23:37:26.0173 0x1b6c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
23:37:26.0235 0x1b6c  USBAAPL64 - ok
23:37:26.0267 0x1b6c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
23:37:26.0282 0x1b6c  usbccgp - ok
23:37:26.0314 0x1b6c  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
23:37:26.0329 0x1b6c  usbcir - ok
23:37:26.0360 0x1b6c  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
23:37:26.0376 0x1b6c  usbehci - ok
23:37:26.0392 0x1b6c  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
23:37:26.0407 0x1b6c  usbhub - ok
23:37:26.0501 0x1b6c  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
23:37:26.0517 0x1b6c  USBHUB3 - ok
23:37:26.0548 0x1b6c  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
23:37:26.0548 0x1b6c  usbohci - ok
23:37:26.0595 0x1b6c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
23:37:26.0595 0x1b6c  usbprint - ok
23:37:26.0610 0x1b6c  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:37:26.0626 0x1b6c  usbscan - ok
23:37:26.0689 0x1b6c  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:37:26.0704 0x1b6c  USBSTOR - ok
23:37:26.0735 0x1b6c  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
23:37:26.0735 0x1b6c  usbuhci - ok
23:37:26.0814 0x1b6c  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
23:37:26.0814 0x1b6c  usbvideo - ok
23:37:26.0876 0x1b6c  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:37:26.0892 0x1b6c  USBXHCI - ok
23:37:26.0907 0x1b6c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
23:37:26.0923 0x1b6c  VaultSvc - ok
23:37:26.0970 0x1b6c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
23:37:26.0970 0x1b6c  vdrvroot - ok
23:37:27.0064 0x1b6c  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
23:37:27.0126 0x1b6c  vds - ok
23:37:27.0157 0x1b6c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
23:37:27.0157 0x1b6c  VerifierExt - ok
23:37:27.0236 0x1b6c  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
23:37:27.0251 0x1b6c  vhdmp - ok
23:37:27.0267 0x1b6c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
23:37:27.0267 0x1b6c  viaide - ok
23:37:27.0314 0x1b6c  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
23:37:27.0314 0x1b6c  vmbus - ok
23:37:27.0329 0x1b6c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
23:37:27.0329 0x1b6c  VMBusHID - ok
23:37:27.0392 0x1b6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:37:27.0407 0x1b6c  vmicguestinterface - ok
23:37:27.0454 0x1b6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
23:37:27.0470 0x1b6c  vmicheartbeat - ok
23:37:27.0501 0x1b6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:37:27.0517 0x1b6c  vmickvpexchange - ok
23:37:27.0564 0x1b6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
23:37:27.0579 0x1b6c  vmicrdv - ok
23:37:27.0611 0x1b6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
23:37:27.0626 0x1b6c  vmicshutdown - ok
23:37:27.0673 0x1b6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
23:37:27.0689 0x1b6c  vmictimesync - ok
23:37:27.0720 0x1b6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
23:37:27.0751 0x1b6c  vmicvss - ok
23:37:27.0783 0x1b6c  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
23:37:27.0798 0x1b6c  volmgr - ok
23:37:27.0829 0x1b6c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
23:37:27.0829 0x1b6c  volmgrx - ok
23:37:27.0876 0x1b6c  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
23:37:27.0876 0x1b6c  volsnap - ok
23:37:27.0908 0x1b6c  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
23:37:27.0908 0x1b6c  vpci - ok
23:37:27.0939 0x1b6c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
23:37:27.0939 0x1b6c  vsmraid - ok
23:37:28.0064 0x1b6c  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\WINDOWS\system32\vssvc.exe
23:37:28.0111 0x1b6c  VSS - ok
23:37:28.0173 0x1b6c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
23:37:28.0189 0x1b6c  VSTXRAID - ok
23:37:28.0251 0x1b6c  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
23:37:28.0251 0x1b6c  vwifibus - ok
23:37:28.0283 0x1b6c  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
23:37:28.0283 0x1b6c  vwififlt - ok
23:37:28.0298 0x1b6c  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
23:37:28.0298 0x1b6c  vwifimp - ok
23:37:28.0408 0x1b6c  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
23:37:28.0423 0x1b6c  W32Time - ok
23:37:28.0455 0x1b6c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
23:37:28.0455 0x1b6c  WacomPen - ok
23:37:28.0564 0x1b6c  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
23:37:28.0626 0x1b6c  wbengine - ok
23:37:28.0673 0x1b6c  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
23:37:28.0705 0x1b6c  WbioSrvc - ok
23:37:28.0767 0x1b6c  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
23:37:28.0783 0x1b6c  Wcmsvc - ok
23:37:28.0861 0x1b6c  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
23:37:28.0876 0x1b6c  wcncsvc - ok
23:37:28.0923 0x1b6c  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:37:28.0939 0x1b6c  WcsPlugInService - ok
23:37:28.0986 0x1b6c  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
23:37:28.0986 0x1b6c  WdBoot - ok
23:37:29.0064 0x1b6c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
23:37:29.0095 0x1b6c  Wdf01000 - ok
23:37:29.0126 0x1b6c  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
23:37:29.0142 0x1b6c  WdFilter - ok
23:37:29.0189 0x1b6c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
23:37:29.0205 0x1b6c  WdiServiceHost - ok
23:37:29.0205 0x1b6c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
23:37:29.0205 0x1b6c  WdiSystemHost - ok
23:37:29.0236 0x1b6c  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:37:29.0236 0x1b6c  WdNisDrv - ok
23:37:29.0299 0x1b6c  WdNisSvc - ok
23:37:29.0361 0x1b6c  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:37:29.0377 0x1b6c  WebClient - ok
23:37:29.0424 0x1b6c  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
23:37:29.0439 0x1b6c  Wecsvc - ok
23:37:29.0486 0x1b6c  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
23:37:29.0486 0x1b6c  WEPHOSTSVC - ok
23:37:29.0533 0x1b6c  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
23:37:29.0533 0x1b6c  wercplsupport - ok
23:37:29.0580 0x1b6c  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
23:37:29.0595 0x1b6c  WerSvc - ok
23:37:29.0627 0x1b6c  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
23:37:29.0642 0x1b6c  WFPLWFS - ok
23:37:29.0689 0x1b6c  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
23:37:29.0705 0x1b6c  WiaRpc - ok
23:37:29.0736 0x1b6c  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
23:37:29.0752 0x1b6c  WIMMount - ok
23:37:29.0752 0x1b6c  WinDefend - ok
23:37:29.0877 0x1b6c  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:37:29.0908 0x1b6c  WinHttpAutoProxySvc - ok
23:37:30.0002 0x1b6c  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:37:30.0017 0x1b6c  Winmgmt - ok
23:37:30.0189 0x1b6c  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
23:37:30.0283 0x1b6c  WinRM - ok
23:37:30.0361 0x1b6c  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
23:37:30.0361 0x1b6c  WinUsb - ok
23:37:30.0470 0x1b6c  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
23:37:30.0517 0x1b6c  WlanSvc - ok
23:37:30.0595 0x1b6c  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
23:37:30.0658 0x1b6c  wlidsvc - ok
23:37:30.0705 0x1b6c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
23:37:30.0705 0x1b6c  WmiAcpi - ok
23:37:30.0767 0x1b6c  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:37:30.0767 0x1b6c  wmiApSrv - ok
23:37:30.0814 0x1b6c  WMPNetworkSvc - ok
23:37:30.0845 0x1b6c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
23:37:30.0845 0x1b6c  Wof - ok
23:37:30.0986 0x1b6c  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
23:37:31.0033 0x1b6c  workfolderssvc - ok
23:37:31.0095 0x1b6c  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:37:31.0095 0x1b6c  wpcfltr - ok
23:37:31.0158 0x1b6c  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
23:37:31.0158 0x1b6c  WPCSvc - ok
23:37:31.0205 0x1b6c  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
23:37:31.0220 0x1b6c  WPDBusEnum - ok
23:37:31.0236 0x1b6c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:37:31.0252 0x1b6c  WpdUpFltr - ok
23:37:31.0299 0x1b6c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:37:31.0299 0x1b6c  ws2ifsl - ok
23:37:31.0346 0x1b6c  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
23:37:31.0361 0x1b6c  wscsvc - ok
23:37:31.0392 0x1b6c  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
23:37:31.0392 0x1b6c  WSDPrintDevice - ok
23:37:31.0408 0x1b6c  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\WINDOWS\System32\drivers\WSDScan.sys
23:37:31.0408 0x1b6c  WSDScan - ok
23:37:31.0424 0x1b6c  WSearch - ok
23:37:31.0611 0x1b6c  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
23:37:31.0721 0x1b6c  WSService - ok
23:37:31.0971 0x1b6c  [ 50CEC061C6D6FD2B9C89BECD08991CCB, 31EB1601426223E712C4E4AA29410EDFC81E020996A402BD3E850A2EAF127286 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
23:37:32.0096 0x1b6c  wuauserv - ok
23:37:32.0174 0x1b6c  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
23:37:32.0190 0x1b6c  WudfPf - ok
23:37:32.0236 0x1b6c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
23:37:32.0252 0x1b6c  WUDFRd - ok
23:37:32.0299 0x1b6c  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
23:37:32.0299 0x1b6c  wudfsvc - ok
23:37:32.0315 0x1b6c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
23:37:32.0330 0x1b6c  WUDFWpdFs - ok
23:37:32.0424 0x1b6c  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
23:37:32.0440 0x1b6c  WwanSvc - ok
23:37:32.0486 0x1b6c  [ 24E57041608ED6A9D7FDAD0D9EC214E2, 895A16072F5EFFF57A7DCA21917540726BF816A2746EC47A066AAD363F69E5D7 ] XHCIPort        C:\WINDOWS\System32\drivers\XHCIPort.sys
23:37:32.0518 0x1b6c  XHCIPort - ok
23:37:32.0815 0x1b6c  [ 19137CA32DA7AA6F4936514721AA53BA, E9E5E6F05A1D529D19339F0C71AA5F9D412F6D3AE4BF84CF340C8569BA367D51 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
23:37:33.0002 0x1b6c  ZeroConfigService - ok
23:37:33.0033 0x1b6c  ================ Scan global ===============================
23:37:33.0096 0x1b6c  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
23:37:33.0143 0x1b6c  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
23:37:33.0205 0x1b6c  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
23:37:33.0268 0x1b6c  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
23:37:33.0284 0x1b6c  [ Global ] - ok
23:37:33.0284 0x1b6c  ================ Scan MBR ==================================
23:37:33.0299 0x1b6c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:37:33.0315 0x1b6c  \Device\Harddisk0\DR0 - ok
23:37:33.0315 0x1b6c  ================ Scan VBR ==================================
23:37:33.0330 0x1b6c  [ A36D6B5CAFBCC86FF65899CDCC800118 ] \Device\Harddisk0\DR0\Partition1
23:37:33.0346 0x1b6c  \Device\Harddisk0\DR0\Partition1 - ok
23:37:33.0362 0x1b6c  [ FDF86D6273C16C0E888758E2AC98EBBC ] \Device\Harddisk0\DR0\Partition2
23:37:33.0362 0x1b6c  \Device\Harddisk0\DR0\Partition2 - ok
23:37:33.0377 0x1b6c  [ BAFE842B8FF46A3F5F75A88CA6EEE5A4 ] \Device\Harddisk0\DR0\Partition3
23:37:33.0393 0x1b6c  \Device\Harddisk0\DR0\Partition3 - ok
23:37:33.0409 0x1b6c  [ 8A648E3A2078E36ACCFD0ACFB04363BE ] \Device\Harddisk0\DR0\Partition4
23:37:33.0424 0x1b6c  \Device\Harddisk0\DR0\Partition4 - ok
23:37:33.0455 0x1b6c  [ E41DA519FC60F9CB523DE35C74264B16 ] \Device\Harddisk0\DR0\Partition5
23:37:33.0455 0x1b6c  \Device\Harddisk0\DR0\Partition5 - ok
23:37:33.0471 0x1b6c  [ 2402C91475928211481EB1569F99B2EE ] \Device\Harddisk0\DR0\Partition6
23:37:33.0471 0x1b6c  \Device\Harddisk0\DR0\Partition6 - ok
23:37:33.0487 0x1b6c  [ 3A8C6513BDE7EE9B8CDFC3649FCDC728 ] \Device\Harddisk0\DR0\Partition7
23:37:33.0487 0x1b6c  \Device\Harddisk0\DR0\Partition7 - ok
23:37:33.0487 0x1b6c  ================ Scan generic autorun ======================
23:37:33.0549 0x1b6c  [ 4017995BBB49ACF43BFE2A0DC8BE0D99, 059CC5D2352A07458C08B6740E87867250B2D4B1BE130D865F0CA6D8E0DC6523 ] C:\WINDOWS\system32\igfxtray.exe
23:37:33.0674 0x1b6c  IgfxTray - ok
23:37:33.0721 0x1b6c  [ 9E4093CFDC3001359F206E44B82B868C, 765D94DACFBF11A303E15BF96396546F76B04F673B6BB987A5C45104459E82CD ] C:\WINDOWS\system32\hkcmd.exe
23:37:33.0862 0x1b6c  HotKeysCmds - ok
23:37:33.0924 0x1b6c  [ EA7BAEFEA0D198E92F9BE74D8BFD4546, 080C3671DB119101302D1F119C2E629EC86E8CD99F1BFD05792DE11E67C4BB33 ] C:\WINDOWS\system32\igfxpers.exe
23:37:34.0065 0x1b6c  Persistence - ok
23:37:34.0690 0x1b6c  [ F072EF002CE7B945DC7DBBA6F9664FCF, DA298765E774C6F8EC8A54947FF48DC56D56537C7AC270667EACFE77AE5B5DCD ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:37:35.0127 0x1b6c  RtHDVCpl - ok
23:37:35.0346 0x1b6c  [ 4DF11CDE53A5AF536178AEC3D4A053B1, 63CE411CB93F7058B6126FB80D20978AEBD13B0B36CDE7DD5194BC0DACB88CE8 ] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
23:37:35.0503 0x1b6c  SRS Premium Sound 3D - ok
23:37:35.0550 0x1b6c  [ 788D0DE4CF3FEAE0782437CC2CF6E23A, 5C48F11B5C25FB6A79F5A18156C8F45E21305E12EA7C5AC9E6EEC7D96A83C605 ] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
23:37:35.0550 0x1b6c  TecoResident - ok
23:37:35.0659 0x1b6c  [ CF74C5BE20CD4DE1299F6C92A738A2DF, A74FBB2E50F9AEB9CA11347EE464D34F234DD837FCDD6A43CFDA4664CB2BF9FB ] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
23:37:35.0706 0x1b6c  TSleepSrv - ok
23:37:35.0721 0x1b6c  [ 6EF487A46FB615DF717F85D7458BD2CD, 07FBA249818A2542138C0477A86884D7C2DA1A43C17EF4A68B4A4CF97489E71C ] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
23:37:35.0737 0x1b6c  TODDMain - ok
23:37:35.0737 0x1b6c  ThpSrv - ok
23:37:35.0784 0x1b6c  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
23:37:35.0815 0x1b6c  IAStorIcon - ok
23:37:36.0034 0x1b6c  [ 919C80271F41A85B28D218CED3E26A16, 3F482E0E53DFA4C1672BEE94C1141A157E317F439875C8DE02EEE48421FDB30D ] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
23:37:36.0112 0x1b6c  TCrdMain - ok
23:37:36.0378 0x1b6c  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
23:37:36.0737 0x1b6c  AdobeAAMUpdater-1.0 - ok
23:37:36.0815 0x1b6c  [ 7D29051E51113FDA64377BACB26C9D9B, B9EAAC771F58B8908C92AE27A1FBCADA9F08F26B65ED495AADAA033EFC6F363C ] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
23:37:36.0831 0x1b6c  Trend Micro Client Framework - ok
23:37:36.0831 0x1b6c  SynTPEnh - ok
23:37:36.0831 0x1b6c  TosWaitSrv - ok
23:37:36.0878 0x1b6c  [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
23:37:36.0893 0x1b6c  iTunesHelper - ok
23:37:36.0971 0x1b6c  [ E43A851F7B12DE589424D6C656155CFC, FD42172921C18D1BBDFC0C5CFFFD6D0534764D770E210CA3E1DF61A66A99BE62 ] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
23:37:37.0003 0x1b6c  AdobeCS4ServiceManager - ok
23:37:37.0268 0x1b6c  [ 401790806AFE1E9217BDB6E32BEB4005, A1D9C4E72E6E3945FB715DAA17E8F79C827BBBA29FE6E0ED0C0DA798B3239C8E ] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe
23:37:37.0690 0x1b6c  Acrobat Assistant 8.0 - ok
23:37:37.0815 0x1b6c  [ C039D1E17B08CC50AA919452A6DFF7BD, AC6596E62FEF9A6C42CD68FD63775079E59979F6121CE9FBA970AF8915B0D7A5 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
23:37:37.0847 0x1b6c  FUFAXSTM - ok
23:37:37.0909 0x1b6c  [ 494AB1A80F7BBF60D79116E4EEB86C71, 8130DFDB14558D484DC9B13D8951FBB6CCBC6ECFA9FE012F4F1C1DE0696DC41C ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
23:37:37.0940 0x1b6c  FUFAXRCV - ok
23:37:38.0034 0x1b6c  [ 944E77A49DBAF8F6BB473118C116E59E, 0DA67736F1841A270AB24C13BA8FF4021A8950EB58B4985774F4B224B832B0DA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
23:37:38.0050 0x1b6c  ApplePhotoStreams - ok
23:37:38.0112 0x1b6c  [ 55D48D13128F12E1328EDB0D49A00B44, 0C4F6611292BDCCE9506A978DCAE42F91C8471668BDCDB7D78882AD28C4A7C8D ] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe
23:37:38.0331 0x1b6c  Adobe Acrobat Synchronizer - ok
23:37:38.0378 0x1b6c  [ F341DD6145F779CE5B732BC6BC6A3370, 67CE7E6DD5969C8DE34473E01D60D52FABC740B056287C2E261A36F97993ED0D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
23:37:38.0378 0x1b6c  iCloudServices - ok
23:37:38.0394 0x1b6c   - ok
23:37:38.0394 0x1b6c  Waiting for KSN requests completion. In queue: 149
23:37:39.0409 0x1b6c  Waiting for KSN requests completion. In queue: 149
23:37:40.0410 0x1b6c  Waiting for KSN requests completion. In queue: 149
23:37:41.0425 0x1b6c  AV detected via SS2: Trend Micro Titanium Maximum Security, C:\Program Files\Trend Micro\Titanium\wschandler.exe ( 7.0.0.1151 ), 0x40000 ( disabled : updated )
23:37:41.0425 0x1b6c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x61100 ( enabled : updated )
23:37:41.0425 0x1b6c  Win FW state via NFP2: enabled ( trusted )
23:37:43.0894 0x1b6c  ============================================================
23:37:43.0894 0x1b6c  Scan finished
23:37:43.0894 0x1b6c  ============================================================
23:37:43.0910 0x13b4  Detected object count: 0
23:37:43.0910 0x13b4  Actual detected object count: 0

 

 

# AdwCleaner v4.208 - Logfile created 25/07/2015 at 23:43:37
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : JANINE - TOSHIBA_LAPTOP
# Running from : C:\Users\JANINE\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : CouponPrinterService

***** [ Files / Folders ] *****

File Found : C:\WINDOWS\Reimage.ini
Folder Found : C:\Program Files (x86)\Coupons
Folder Found : C:\Program Files (x86)\Coupons
Folder Found : C:\Users\JANINE\AppData\Roaming\catalina – print savings
Folder Found : C:\Users\JANINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\catalina – print savings

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : HKCU\Software\Reimage
Key Found : [x64] HKCU\Software\Reimage
Key Found : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Found : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.10
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : [x64] HKLM\SOFTWARE\Reimage

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840

-\\ Mozilla Firefox v

*************************

AdwCleaner[R0].txt - [3298 bytes] - [25/07/2015 22:20:11]
AdwCleaner[R1].txt - [2711 bytes] - [25/07/2015 23:43:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2770 bytes] ##########

 

 



#4 BlackHawk1

BlackHawk1

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 26 July 2015 - 12:20 AM

I was told you have to follow these steps FIRST (http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/) or the topic will be locked. So why are many threads like this started and allowed and mine wasn't? Mine was no different than this one!



#5 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:14 AM

Posted 26 July 2015 - 01:56 AM

Hi BlackHawk1,

The Preparation Guide is only for seeking assistance in the Virus, Trojan, Spyware, and Malware Removal Logs. Those logs are not allowed here in Am I Infected, or anywhere else other than the aforementioned forum.

If you need assistance with cleaning your computer, please follow the guide and then start a new topic in the Malware Removal Logs area, not here.

#6 BlackHawk1

BlackHawk1

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 26 July 2015 - 02:49 AM

Hi BlackHawk1,

The Preparation Guide is only for seeking assistance in the Virus, Trojan, Spyware, and Malware Removal Logs. Those logs are not allowed here in Am I Infected, or anywhere else other than the aforementioned forum.

If you need assistance with cleaning your computer, please follow the guide and then start a new topic in the Malware Removal Logs area, not here.

 

So what then is this forum for? It sure looks like the OP here is asking for help and getting cleaning assistance. Please explain the differences between the two forums. Thanks


Edited by BlackHawk1, 26 July 2015 - 02:55 AM.


#7 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:14 AM

Posted 26 July 2015 - 03:03 AM

The Am I Infected forum is for general diagnosis - it can be malware or something else. In here only automated scanning tools and non-invasive procedures are allowed. Anyone can help, so wait time is shorter but you will have to decide which advice to follow.

The Malware Removal Logs area is for confirmed malware cases or unbootable computers that require intervention by invasive manual tools. Only Malware Response Team members are allowed to reply there so the quality of assistance is higher than Am I Infected, but it has a wait time (the average wait time is 5 days).

By the way, you are hijacking another member's topic.

#8 jegohio

jegohio
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 26 July 2015 - 10:32 AM

Sorry I created a commotion.  So do I continue here with my outcome of the advice of boopme or go to a different forum?  And I didn't mean to hijack another's thread. 



#9 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:14 AM

Posted 26 July 2015 - 10:33 AM

As you are the thread starter, please continue with boopme's advice. My statement was directed at BlackHawk1 - apologies for the confusion.

#10 jegohio

jegohio
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 26 July 2015 - 10:43 AM

PART TWO

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 8.1 x64
Ran by JANINE on Sat 07/25/2015 at 23:53:22.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\coupons

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 07/26/2015 at  0:00:04.09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

ESET

 

C:\Users\All Users\Trend Micro\AMSP\temp\virus\VS8QGLLJ.000 Win32/RiskWare.PEMalform.B application 
C:\Users\All Users\Trend Micro\AMSP\temp\virus\VSFCOBL0.000 Win32/RiskWare.PEMalform.B application 
C:\ProgramData\Trend Micro\AMSP\temp\virus\VS8QGLLJ.000 Win32/RiskWare.PEMalform.B application cleaned by deleting - quarantined
C:\ProgramData\Trend Micro\AMSP\temp\virus\VSFCOBL0.000 Win32/RiskWare.PEMalform.B application cleaned by deleting - quarantined
C:\Users\JANINE\AppData\Local\Temp\9a5844\janine\appdata\local\microsoft\windows\inetcache\IE\K0LPN7ML\js1VHN6J03.js HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\JANINE\AppData\Local\Temp\9a5844\janine\appdata\local\microsoft\windows\inetcache\IE\K0LPN7ML\jsX7ZXAB8Y.js HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\JANINE\AppData\Local\Temp\9a5844\janine\appdata\local\microsoft\windows\inetcache\IE\K0LPN7ML\js[4].js HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\JANINE\AppData\Local\Temp\9a5844\janine\appdata\local\microsoft\windows\inetcache\IE\K0LPN7ML\js[6].js HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\JANINE\AppData\Local\Temp\9a5844\janine\appdata\local\microsoft\windows\inetcache\IE\K0LPN7ML\mF3fGd[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\JANINE\AppData\Local\Temp\9a5844\janine\appdata\local\microsoft\windows\inetcache\IE\K0LPN7ML\mF3fGd[2].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\JANINE\AppData\Local\Temp\9a5844\janine\appdata\local\microsoft\windows\inetcache\IE\K0LPN7ML\mF3fGd[3].htm HTML/Iframe.B.Gen virus deleted - quarantined

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/26/2015
Scan Time: 10:40 AM
Logfile: Malwarebyes.txt
Administrator: Yes

Version: 0.0.0.0000
Malware Database: v2015.07.26.04
Rootkit Database: v2015.07.22.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: JANINE

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 413209
Time Elapsed: 27 min, 10 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

 



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:14 PM

Posted 28 July 2015 - 11:49 AM

We need to remove what ADWCleaner found and finsh the scans.

Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 jegohio

jegohio
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 28 July 2015 - 08:49 PM

Boopme...here are the logs from ADWCleaner.  Thanks so much.  Windows Defender no longer showed the Trojan file after completing all the previous steps. 

 

# AdwCleaner v4.208 - Logfile created 28/07/2015 at 21:15:00
# Updated 09/07/2015 by Xplode
# Database : 2015-07-26.2 [Server]
# Operating system : Windows 8.1  (x64)
# Username : JANINE - TOSHIBA_LAPTOP
# Running from : C:\Users\JANINE\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\JANINE\AppData\Roaming\catalina – print savings
Folder Deleted : C:\Users\JANINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\catalina – print savings
File Deleted : C:\WINDOWS\Reimage.ini

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.10
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840

-\\ Mozilla Firefox v

*************************

AdwCleaner[R0].txt - [3298 bytes] - [25/07/2015 22:20:11]
AdwCleaner[R1].txt - [2873 bytes] - [25/07/2015 23:44:52]
AdwCleaner[R2].txt - [2800 bytes] - [28/07/2015 21:12:30]
AdwCleaner[S0].txt - [2712 bytes] - [28/07/2015 21:15:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2771  bytes] ##########



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:14 PM

Posted 29 July 2015 - 01:38 PM

Looks good to go.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 jegohio

jegohio
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 29 July 2015 - 02:36 PM

Thank you again!!!  You saved me from A LOT of reinstalling of programs.  Was real close to redoing the whole computer.  Thank you



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:14 PM

Posted 29 July 2015 - 03:04 PM

Your welcome!!

As a last step you may want to empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users