Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Takeover! Please help.


  • Please log in to reply
6 replies to this topic

#1 Steakboy

Steakboy

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 AM

Posted 25 May 2016 - 11:37 AM

So i was being dumb, reset my computer and forgot the credentials for my Microsoft Office suite. So i just downloaded KMSpico to bypass authentication. Long story short, ive got tons of malware. Command prompt keeps getting opened everytime i do something.
The problem was semi addressed here - http://www.bleepingcomputer.com/forums/t/593327/installed-fake-kmspico/ 
So, i followed those directions and here are the following logs. Global Moderator, i hope you can help :D
 
MINITOOLBOX LOG -------------------------------------------------------------------------------------------------------------------------------------------------------------
MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Administrator (administrator) on 24-05-2016 at 23:13:06
Running from "C:\Users\Administrator\Downloads"
Microsoft Windows 8.1 with Bing  (X64)
Model: Inspiron 3646 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
Dell Wireless 1705 802.11b/g/n (2.4GHZ) = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Moms-pc
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : B0-10-41-83-B0-A2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 12-10-41-83-B0-A1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : B0-83-FE-60-33-10
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::58aa:8c1:de35:b212%4(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, May 24, 2016 10:59:36 PM
   Lease Expires . . . . . . . . . . : Wednesday, May 25, 2016 10:59:35 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 162563070
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-96-66-2D-B0-83-FE-60-33-10
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wi-Fi:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Dell Wireless 1705 802.11b/g/n (2.4GHZ)
   Physical Address. . . . . . . . . : B0-10-41-83-B0-A1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{99D870D9-64D7-4B3A-92DD-6C2BEB85A3C1}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 6:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:14f6:3cc8:b6be:3c5c(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::14f6:3cc8:b6be:3c5c%10(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 369098752
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-96-66-2D-B0-83-FE-60-33-10
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4005:806::200e
 172.217.3.238
 
 
Pinging google.com [216.58.194.174] with 32 bytes of data:
Reply from 216.58.194.174: bytes=32 time=101ms TTL=54
Reply from 216.58.194.174: bytes=32 time=37ms TTL=54
 
Ping statistics for 216.58.194.174:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 37ms, Maximum = 101ms, Average = 69ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 2001:4998:58:c02::a9
 98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=109ms TTL=50
Reply from 98.138.253.109: bytes=32 time=50ms TTL=50
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 50ms, Maximum = 109ms, Average = 79ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  8...b0 10 41 83 b0 a2 ......Bluetooth Device (Personal Area Network)
  5...12 10 41 83 b0 a1 ......Microsoft Wi-Fi Direct Virtual Adapter
  4...b0 83 fe 60 33 10 ......Realtek PCIe GBE Family Controller
  3...b0 10 41 83 b0 a1 ......Dell Wireless 1705 802.11b/g/n (2.4GHZ)
  1...........................Software Loopback Interface 1
  6...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 10    306 2001::/32                On-link
 10    306 2001:0:5ef5:79fd:14f6:3cc8:b6be:3c5c/128
                                    On-link
  4    276 fe80::/64                On-link
 10    306 fe80::/64                On-link
 10    306 fe80::14f6:3cc8:b6be:3c5c/128
                                    On-link
  4    276 fe80::58aa:8c1:de35:b212/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    276 ff00::/8                 On-link
 10    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/24/2016 11:00:24 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (05/24/2016 10:48:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe, version: 6.3.9600.16384, time stamp: 0x52158827
Faulting module name: spwCdrom.dll, version: 5.17.6938.0, time stamp: 0x55e8495f
Exception code: 0xc000041d
Fault offset: 0x00003c94
Faulting process id: 0x960
Faulting application start time: 0xrundll32.exe0
Faulting application path: rundll32.exe1
Faulting module path: rundll32.exe2
Report Id: rundll32.exe3
Faulting package full name: rundll32.exe4
Faulting package-relative application ID: rundll32.exe5
 
Error: (05/24/2016 10:38:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037, time stamp: 0x5312c30a
Faulting module name: spwCdrom.dll, version: 5.17.6938.0, time stamp: 0x55e8495f
Exception code: 0xc000041d
Fault offset: 0x00003c94
Faulting process id: 0x308
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (05/24/2016 10:38:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe, version: 6.3.9600.16384, time stamp: 0x52158827
Faulting module name: spwCdrom.dll, version: 5.17.6938.0, time stamp: 0x55e8495f
Exception code: 0xc000041d
Fault offset: 0x00003c94
Faulting process id: 0x1d1c
Faulting application start time: 0xrundll32.exe0
Faulting application path: rundll32.exe1
Faulting module path: rundll32.exe2
Report Id: rundll32.exe3
Faulting package full name: rundll32.exe4
Faulting package-relative application ID: rundll32.exe5
 
Error: (05/24/2016 10:38:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe, version: 6.3.9600.16384, time stamp: 0x52158827
Faulting module name: spwCdrom.dll, version: 5.17.6938.0, time stamp: 0x55e8495f
Exception code: 0xc0000005
Fault offset: 0x00003c94
Faulting process id: 0x1d1c
Faulting application start time: 0xrundll32.exe0
Faulting application path: rundll32.exe1
Faulting module path: rundll32.exe2
Report Id: rundll32.exe3
Faulting package full name: rundll32.exe4
Faulting package-relative application ID: rundll32.exe5
 
Error: (05/24/2016 10:38:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037, time stamp: 0x5312c30a
Faulting module name: spwCdrom.dll, version: 5.17.6938.0, time stamp: 0x55e8495f
Exception code: 0xc0000005
Fault offset: 0x00003c94
Faulting process id: 0x308
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (05/24/2016 10:36:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe, version: 6.3.9600.16384, time stamp: 0x52158827
Faulting module name: spwCdrom.dll, version: 5.17.6938.0, time stamp: 0x55e8495f
Exception code: 0xc000041d
Fault offset: 0x00003c94
Faulting process id: 0x1e54
Faulting application start time: 0xrundll32.exe0
Faulting application path: rundll32.exe1
Faulting module path: rundll32.exe2
Report Id: rundll32.exe3
Faulting package full name: rundll32.exe4
Faulting package-relative application ID: rundll32.exe5
 
Error: (05/24/2016 10:36:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037, time stamp: 0x5312c30a
Faulting module name: spwCdrom.dll, version: 5.17.6938.0, time stamp: 0x55e8495f
Exception code: 0xc000041d
Fault offset: 0x00003c94
Faulting process id: 0x1d94
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (05/24/2016 10:35:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe, version: 6.3.9600.16384, time stamp: 0x52158827
Faulting module name: spwCdrom.dll, version: 5.17.6938.0, time stamp: 0x55e8495f
Exception code: 0xc0000005
Fault offset: 0x00003c94
Faulting process id: 0x1e54
Faulting application start time: 0xrundll32.exe0
Faulting application path: rundll32.exe1
Faulting module path: rundll32.exe2
Report Id: rundll32.exe3
Faulting package full name: rundll32.exe4
Faulting package-relative application ID: rundll32.exe5
 
Error: (05/24/2016 10:35:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037, time stamp: 0x5312c30a
Faulting module name: spwCdrom.dll, version: 5.17.6938.0, time stamp: 0x55e8495f
Exception code: 0xc0000005
Fault offset: 0x00003c94
Faulting process id: 0x1d94
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
 
System errors:
=============
Error: (05/24/2016 10:59:49 PM) (Source: Service Control Manager) (User: )
Description: The Window Find Manager2 service failed to start due to the following error: 
%%2
 
Error: (05/24/2016 10:59:49 PM) (Source: Service Control Manager) (User: )
Description: The Window Find Manager service failed to start due to the following error: 
%%2
 
Error: (05/24/2016 10:59:47 PM) (Source: Service Control Manager) (User: )
Description: The McAfee OOBE Service2 service failed to start due to the following error: 
%%1083
 
Error: (05/24/2016 09:12:23 PM) (Source: DCOM) (User: Moms-pc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (05/24/2016 09:11:53 PM) (Source: DCOM) (User: Moms-pc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (05/24/2016 08:12:14 PM) (Source: DCOM) (User: Moms-pc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (05/24/2016 08:11:44 PM) (Source: DCOM) (User: Moms-pc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (05/24/2016 11:41:42 AM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
%%1
 
Error: (05/24/2016 11:35:50 AM) (Source: Microsoft-Windows-Eventlog) (User: NT AUTHORITY)
Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.
 
Error: (05/24/2016 11:35:42 AM) (Source: Microsoft-Windows-Eventlog) (User: NT AUTHORITY)
Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.
 
 
Microsoft Office Sessions:
=========================
Error: (05/24/2016 11:00:24 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (05/24/2016 10:48:21 PM) (Source: Application Error)(User: )
Description: rundll32.exe6.3.9600.1638452158827spwCdrom.dll5.17.6938.055e8495fc000041d00003c9496001d1b63ea1d32c4dC:\WINDOWS\SysWOW64\rundll32.exeC:\Users\Administrator\AppData\Local\Ovsdics\spwCdrom.dlle7d32b4e-2233-11e6-825c-b0104183b0a2
 
Error: (05/24/2016 10:38:14 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.170375312c30aspwCdrom.dll5.17.6938.055e8495fc000041d00003c9430801d1b63f3bf99147C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Administrator\AppData\Local\Ovsdics\spwCdrom.dll7dee08be-2232-11e6-825c-b0104183b0a2
 
Error: (05/24/2016 10:38:12 PM) (Source: Application Error)(User: )
Description: rundll32.exe6.3.9600.1638452158827spwCdrom.dll5.17.6938.055e8495fc000041d00003c941d1c01d1b63f3c031acdC:\WINDOWS\SysWOW64\rundll32.exeC:\Users\Administrator\AppData\Local\Ovsdics\spwCdrom.dll7cc9d8e9-2232-11e6-825c-b0104183b0a2
 
Error: (05/24/2016 10:38:08 PM) (Source: Application Error)(User: )
Description: rundll32.exe6.3.9600.1638452158827spwCdrom.dll5.17.6938.055e8495fc000000500003c941d1c01d1b63f3c031acdC:\WINDOWS\SysWOW64\rundll32.exeC:\Users\Administrator\AppData\Local\Ovsdics\spwCdrom.dll7a436191-2232-11e6-825c-b0104183b0a2
 
Error: (05/24/2016 10:38:08 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.170375312c30aspwCdrom.dll5.17.6938.055e8495fc000000500003c9430801d1b63f3bf99147C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Administrator\AppData\Local\Ovsdics\spwCdrom.dll7a4276d0-2232-11e6-825c-b0104183b0a2
 
Error: (05/24/2016 10:36:04 PM) (Source: Application Error)(User: )
Description: rundll32.exe6.3.9600.1638452158827spwCdrom.dll5.17.6938.055e8495fc000041d00003c941e5401d1b63eed9b1b85C:\WINDOWS\SysWOW64\rundll32.exeC:\Users\Administrator\AppData\Local\Ovsdics\spwCdrom.dll3026bc28-2232-11e6-825c-b0104183b0a2
 
Error: (05/24/2016 10:36:03 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.170375312c30aspwCdrom.dll5.17.6938.055e8495fc000041d00003c941d9401d1b63eed8ccd32C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Administrator\AppData\Local\Ovsdics\spwCdrom.dll2fd8f42d-2232-11e6-825c-b0104183b0a2
 
Error: (05/24/2016 10:35:57 PM) (Source: Application Error)(User: )
Description: rundll32.exe6.3.9600.1638452158827spwCdrom.dll5.17.6938.055e8495fc000000500003c941e5401d1b63eed9b1b85C:\WINDOWS\SysWOW64\rundll32.exeC:\Users\Administrator\AppData\Local\Ovsdics\spwCdrom.dll2bedd6f3-2232-11e6-825c-b0104183b0a2
 
Error: (05/24/2016 10:35:56 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.170375312c30aspwCdrom.dll5.17.6938.055e8495fc000000500003c941d9401d1b63eed8ccd32C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Administrator\AppData\Local\Ovsdics\spwCdrom.dll2bbe77d3-2232-11e6-825c-b0104183b0a2
 
 
=========================== Installed Programs ============================
 
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.)
Dell Update (HKLM-x32\...\{9E4750A7-90F6-4181-8A8A-B1ADF4216E93}) (Version: 1.0.1059.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.8185 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.190 - McAfee, Inc.)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Quicken 2016 (HKLM-x32\...\{519B4ED1-AF5F-4812-B2A8-B18D783AEFE8}) (Version: 25.1.7.7 - Intuit)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30174 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
Window Find Manager (HKLM-x32\...\Window Find Manager) (Version: 1.58 - Labour LLC)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 55%
Total physical RAM: 3987.2 MB
Available physical RAM: 1768 MB
Total Virtual: 5395.2 MB
Available Virtual: 3500.01 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:456.54 GB) (Free:407.9 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MOMS-PC
 
Administrator            Guest                    Mary                     
Mary B                   
 
 
**** End of log ****
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
TDSSKILLER
 
23:17:21.0529 0x0aa4  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:17:21.0529 0x0aa4  UEFI system
23:17:31.0425 0x0aa4  ============================================================
23:17:31.0425 0x0aa4  Current date / time: 2016/05/24 23:17:31.0425
23:17:31.0425 0x0aa4  SystemInfo:
23:17:31.0425 0x0aa4  
23:17:31.0425 0x0aa4  OS Version: 6.3.9600 ServicePack: 0.0
23:17:31.0425 0x0aa4  Product type: Workstation
23:17:31.0425 0x0aa4  ComputerName: MOMS-PC
23:17:31.0426 0x0aa4  UserName: Administrator
23:17:31.0426 0x0aa4  Windows directory: C:\WINDOWS
23:17:31.0426 0x0aa4  System windows directory: C:\WINDOWS
23:17:31.0426 0x0aa4  Running under WOW64
23:17:31.0426 0x0aa4  Processor architecture: Intel x64
23:17:31.0426 0x0aa4  Number of processors: 2
23:17:31.0426 0x0aa4  Page size: 0x1000
23:17:31.0426 0x0aa4  Boot type: Normal boot
23:17:31.0426 0x0aa4  ============================================================
23:17:31.0747 0x0aa4  KLMD registered as C:\WINDOWS\system32\drivers\15696907.sys
23:17:32.0292 0x0aa4  System UUID: {F8F57765-C81E-9E53-B21F-83A4D8261087}
23:17:33.0496 0x0aa4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:17:33.0514 0x0aa4  ============================================================
23:17:33.0514 0x0aa4  \Device\Harddisk0\DR0:
23:17:33.0515 0x0aa4  GPT partitions:
23:17:33.0515 0x0aa4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6EF2476A-9909-4CDF-AB36-24CAE2710830}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
23:17:33.0515 0x0aa4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {75A40B99-EAF0-4C19-A8B3-666D0C7F76C9}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
23:17:33.0516 0x0aa4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {152395BA-5E5E-4FE0-A656-AAEDFCE914D2}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
23:17:33.0516 0x0aa4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C6CA2A64-8F07-473C-BC8E-273E213BEB70}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0x177000
23:17:33.0516 0x0aa4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E151236D-BB66-41AC-BD50-0FB9DD494464}, Name: Basic data partition, StartLBA 0x2C5800, BlocksNum 0x39115800
23:17:33.0516 0x0aa4  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {AA8D802C-9058-4E14-8014-B926D3BE3D95}, Name: Microsoft recovery partition, StartLBA 0x393DB000, BlocksNum 0xFAA830
23:17:33.0516 0x0aa4  MBR partitions:
23:17:33.0516 0x0aa4  ============================================================
23:17:33.0533 0x0aa4  C: <-> \Device\Harddisk0\DR0\Partition5
23:17:33.0533 0x0aa4  ============================================================
23:17:33.0533 0x0aa4  Initialize success
23:17:33.0533 0x0aa4  ============================================================
23:17:40.0438 0x112c  ============================================================
23:17:40.0439 0x112c  Scan started
23:17:40.0439 0x112c  Mode: Manual; 
23:17:40.0439 0x112c  ============================================================
23:17:40.0439 0x112c  KSN ping started
23:17:42.0917 0x112c  KSN ping finished: true
23:17:45.0548 0x112c  ================ Scan system memory ========================
23:17:45.0548 0x112c  System memory - ok
23:17:45.0548 0x112c  ================ Scan services =============================
23:17:45.0933 0x112c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
23:17:45.0948 0x112c  1394ohci - ok
23:17:46.0014 0x112c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
23:17:46.0020 0x112c  3ware - ok
23:17:46.0077 0x112c  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
23:17:46.0102 0x112c  ACPI - ok
23:17:46.0117 0x112c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
23:17:46.0117 0x112c  acpiex - ok
23:17:46.0117 0x112c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
23:17:46.0117 0x112c  acpipagr - ok
23:17:46.0133 0x112c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
23:17:46.0133 0x112c  AcpiPmi - ok
23:17:46.0148 0x112c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
23:17:46.0148 0x112c  acpitime - ok
23:17:46.0223 0x112c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:17:46.0245 0x112c  ADP80XX - ok
23:17:46.0283 0x112c  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
23:17:46.0293 0x112c  AeLookupSvc - ok
23:17:46.0390 0x112c  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
23:17:46.0396 0x112c  AERTFilters - ok
23:17:46.0444 0x112c  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
23:17:46.0466 0x112c  AFD - ok
23:17:46.0491 0x112c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
23:17:46.0494 0x112c  agp440 - ok
23:17:46.0514 0x112c  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:17:46.0517 0x112c  ahcache - ok
23:17:46.0532 0x112c  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
23:17:46.0532 0x112c  ALG - ok
23:17:46.0548 0x112c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
23:17:46.0548 0x112c  AmdK8 - ok
23:17:46.0563 0x112c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
23:17:46.0563 0x112c  AmdPPM - ok
23:17:46.0589 0x112c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
23:17:46.0592 0x112c  amdsata - ok
23:17:46.0608 0x112c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
23:17:46.0616 0x112c  amdsbs - ok
23:17:46.0623 0x112c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
23:17:46.0625 0x112c  amdxata - ok
23:17:46.0653 0x112c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
23:17:46.0656 0x112c  AppID - ok
23:17:46.0668 0x112c  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
23:17:46.0671 0x112c  AppIDSvc - ok
23:17:46.0691 0x112c  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\WINDOWS\System32\appinfo.dll
23:17:46.0696 0x112c  Appinfo - ok
23:17:46.0733 0x112c  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
23:17:46.0751 0x112c  AppReadiness - ok
23:17:46.0809 0x112c  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
23:17:46.0847 0x112c  AppXSvc - ok
23:17:46.0860 0x112c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
23:17:46.0864 0x112c  arcsas - ok
23:17:46.0871 0x112c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
23:17:46.0873 0x112c  atapi - ok
23:17:46.0903 0x112c  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
23:17:46.0907 0x112c  AthBTPort - ok
23:17:47.0011 0x112c  [ 6E70B87C65E9610891B18DDC5BF0D7AE, 16462625851128434668958F2E69DEE55C579A51B076B1D57122AA3E579B21FE ] AtherosSvc      C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
23:17:47.0030 0x112c  AtherosSvc - ok
23:17:47.0289 0x112c  [ 2A11580E835FE3762C36FBC6F3666643, 089DF149B411FE3BE51AA1F9E9A18222B6D3D32EE136C0E28158959F0E015623 ] athr            C:\WINDOWS\system32\DRIVERS\athwbx.sys
23:17:47.0397 0x112c  athr - ok
23:17:47.0441 0x112c  [ F83D49F4B10E813A1F9AC8B92F16592D, E7B2F508D33861A9826F2C7B2087F14F6937C9B8F660D6363F737BAC60BD4578 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:17:47.0447 0x112c  AudioEndpointBuilder - ok
23:17:47.0492 0x112c  [ 9A71BD2E4B8EB550D0022AFDF8616014, 34D595684624114F23265CE8031ADC9E03AD374A5AFEEBB794AC57796A3CDA2F ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
23:17:47.0517 0x112c  Audiosrv - ok
23:17:47.0533 0x112c  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
23:17:47.0548 0x112c  AxInstSV - ok
23:17:47.0607 0x112c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
23:17:47.0633 0x112c  b06bdrv - ok
23:17:47.0666 0x112c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:17:47.0670 0x112c  BasicDisplay - ok
23:17:47.0689 0x112c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
23:17:47.0693 0x112c  BasicRender - ok
23:17:47.0718 0x112c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
23:17:47.0718 0x112c  bcmfn2 - ok
23:17:47.0777 0x112c  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
23:17:47.0792 0x112c  BDESVC - ok
23:17:47.0805 0x112c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:17:47.0807 0x112c  Beep - ok
23:17:47.0875 0x112c  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\WINDOWS\System32\bfe.dll
23:17:47.0903 0x112c  BFE - ok
23:17:48.0117 0x112c  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
23:17:48.0148 0x112c  BITS - ok
23:17:48.0174 0x112c  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
23:17:48.0178 0x112c  bowser - ok
23:17:48.0214 0x112c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:17:48.0223 0x112c  BrokerInfrastructure - ok
23:17:48.0268 0x112c  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
23:17:48.0277 0x112c  Browser - ok
23:17:48.0317 0x112c  [ 4DCAF7A846AAABA6D3565F827A917576, 543D6436283C315103BDE557794A740D61A3BEA773D8CD413143F801E94955B9 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
23:17:48.0333 0x112c  BTATH_A2DP - ok
23:17:48.0348 0x112c  [ 1D175D11CEC6B7D4C53CBA1CFFC126E8, 38170E4616140CF68D8C59EC4D478E5AF76642A3CA00E4DB7EB019AD23147051 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
23:17:48.0348 0x112c  btath_avdt - ok
23:17:48.0364 0x112c  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
23:17:48.0364 0x112c  BTATH_BUS - ok
23:17:48.0393 0x112c  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
23:17:48.0399 0x112c  BTATH_HCRP - ok
23:17:48.0416 0x112c  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
23:17:48.0420 0x112c  BTATH_LWFLT - ok
23:17:48.0437 0x112c  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
23:17:48.0441 0x112c  BTATH_RCP - ok
23:17:48.0482 0x112c  [ 1EB23EE6AB49EF864B08F49BD48C35D2, 6CCEB3F1D1C594E89AEA78322A2CFFE392CF9CF8F118AC3242DCCCFEA8E9E521 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
23:17:48.0500 0x112c  BtFilter - ok
23:17:48.0517 0x112c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:17:48.0533 0x112c  BthAvrcpTg - ok
23:17:48.0549 0x112c  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
23:17:48.0549 0x112c  BthEnum - ok
23:17:48.0564 0x112c  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
23:17:48.0564 0x112c  BthHFEnum - ok
23:17:48.0587 0x112c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
23:17:48.0590 0x112c  bthhfhid - ok
23:17:48.0617 0x112c  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
23:17:48.0624 0x112c  BthLEEnum - ok
23:17:48.0636 0x112c  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
23:17:48.0639 0x112c  BTHMODEM - ok
23:17:48.0668 0x112c  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
23:17:48.0672 0x112c  BthPan - ok
23:17:48.0717 0x112c  [ AB8CD3914AD779C15B27DDD9F53F7434, 6E9911C146A038192B95916387FA9D94D952BEFE158E6CBA44F1500A304221A3 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
23:17:48.0748 0x112c  BTHPORT - ok
23:17:48.0796 0x112c  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
23:17:48.0800 0x112c  bthserv - ok
23:17:48.0816 0x112c  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
23:17:48.0820 0x112c  BTHUSB - ok
23:17:48.0832 0x112c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:17:48.0836 0x112c  cdfs - ok
23:17:48.0857 0x112c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
23:17:48.0863 0x112c  cdrom - ok
23:17:48.0876 0x112c  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
23:17:48.0882 0x112c  CertPropSvc - ok
23:17:48.0919 0x112c  [ 1CA7070F72330C33A42CF678E92F030B, 0F9AAACE9949B76C0B4D6E53DB35BD599507265FB982AE8ACEB7E1B1CDD0B566 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
23:17:48.0922 0x112c  cfwids - ok
23:17:48.0937 0x112c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
23:17:48.0937 0x112c  circlass - ok
23:17:49.0012 0x112c  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
23:17:49.0028 0x112c  CLFS - ok
23:17:49.0077 0x112c  [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
23:17:49.0081 0x112c  CLVirtualDrive - ok
23:17:49.0107 0x112c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
23:17:49.0109 0x112c  CmBatt - ok
23:17:49.0159 0x112c  [ DD795DADD9366C13001E980B334C2ED4, 88B1A8B3D1A33CEDD42E0AB274E71A382C2FDA1176FE11021AFF686CB008A5D2 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
23:17:49.0195 0x112c  CNG - ok
23:17:49.0218 0x112c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
23:17:49.0220 0x112c  CompositeBus - ok
23:17:49.0228 0x112c  COMSysApp - ok
23:17:49.0248 0x112c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
23:17:49.0251 0x112c  condrv - ok
23:17:49.0341 0x112c  [ 530AAB6550837EA583D3200BC181F732, A4D9EA0B20C59E4C95F8CE56441F2C12632E803E39D030FE72C3C68BBA996017 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
23:17:49.0357 0x112c  cphs - ok
23:17:49.0398 0x112c  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
23:17:49.0405 0x112c  CryptSvc - ok
23:17:49.0421 0x112c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
23:17:49.0424 0x112c  dam - ok
23:17:49.0494 0x112c  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:17:49.0525 0x112c  DcomLaunch - ok
23:17:49.0550 0x112c  [ 78089FCDE082FD4FA471C30A7C2DC736, C4816D7125C39290C3B0B1F580CEE8BB7FFC004F727EA9E9767671D3EDB946AE ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
23:17:49.0563 0x0848  Object required for P2P: [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata
23:17:49.0581 0x112c  defragsvc - ok
23:17:49.0688 0x112c  [ 0B7F51B13AFB88B5D35FC6BF326F2A4E, 4285D7E3698A3CA45E43AD499F6512BF6AAB8CA20B00978BA12A7F452AFD22EE ] DellProdRegManager C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
23:17:49.0706 0x112c  DellProdRegManager - ok
23:17:49.0737 0x112c  [ 3CB00D91375229AF9034CE506F4134BB, 5F77F7EA7E3FF86CFD7404FC9A9E31BE9D3060D0E109663435D957DE0187F29F ] DellUpdate      C:\Program Files (x86)\Dell Update\DellUpService.exe
23:17:49.0743 0x112c  DellUpdate - ok
23:17:49.0777 0x112c  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:17:49.0790 0x112c  DeviceAssociationService - ok
23:17:49.0830 0x112c  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
23:17:49.0838 0x112c  DeviceInstall - ok
23:17:49.0879 0x112c  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
23:17:49.0884 0x112c  Dfsc - ok
23:17:49.0913 0x112c  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
23:17:49.0925 0x112c  Dhcp - ok
23:17:49.0936 0x112c  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
23:17:49.0940 0x112c  disk - ok
23:17:49.0976 0x112c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
23:17:49.0979 0x112c  dmvsc - ok
23:17:50.0011 0x112c  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:17:50.0026 0x112c  Dnscache - ok
23:17:50.0051 0x112c  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:17:50.0064 0x112c  dot3svc - ok
23:17:50.0079 0x112c  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
23:17:50.0086 0x112c  DPS - ok
23:17:50.0101 0x112c  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:17:50.0103 0x112c  drmkaud - ok
23:17:50.0148 0x112c  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
23:17:50.0164 0x112c  DsmSvc - ok
23:17:50.0293 0x112c  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:17:50.0333 0x112c  DXGKrnl - ok
23:17:50.0349 0x112c  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
23:17:50.0364 0x112c  Eaphost - ok
23:17:50.0549 0x112c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
23:17:50.0653 0x112c  ebdrv - ok
23:17:50.0684 0x112c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
23:17:50.0689 0x112c  EFS - ok
23:17:50.0717 0x112c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
23:17:50.0717 0x112c  EhStorClass - ok
23:17:50.0749 0x112c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:17:50.0765 0x112c  EhStorTcgDrv - ok
23:17:50.0788 0x112c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
23:17:50.0789 0x112c  ErrDev - ok
23:17:50.0925 0x112c  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
23:17:50.0940 0x112c  EventSystem - ok
23:17:50.0956 0x112c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
23:17:50.0972 0x112c  exfat - ok
23:17:50.0990 0x112c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
23:17:50.0997 0x112c  fastfat - ok
23:17:51.0046 0x112c  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:17:51.0070 0x112c  Fax - ok
23:17:51.0080 0x112c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
23:17:51.0081 0x112c  fdc - ok
23:17:51.0117 0x112c  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
23:17:51.0117 0x112c  fdPHost - ok
23:17:51.0133 0x112c  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
23:17:51.0133 0x112c  FDResPub - ok
23:17:51.0177 0x112c  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
23:17:51.0188 0x112c  fhsvc - ok
23:17:51.0202 0x112c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
23:17:51.0206 0x112c  FileInfo - ok
23:17:51.0217 0x112c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
23:17:51.0220 0x112c  Filetrace - ok
23:17:51.0229 0x112c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
23:17:51.0230 0x112c  flpydisk - ok
23:17:51.0250 0x112c  [ 46D1DF775FFF14585218BBE16E5B2C9A, F39EF615B18CEC7BA3F68C7639B636C06812AD9DBEDE90EB7B2C04C64396FC9E ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:17:51.0261 0x112c  FltMgr - ok
23:17:51.0352 0x112c  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\WINDOWS\system32\FntCache.dll
23:17:51.0395 0x112c  FontCache - ok
23:17:51.0492 0x112c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:17:51.0512 0x112c  FontCache3.0.0.0 - ok
23:17:51.0545 0x112c  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
23:17:51.0545 0x112c  FsDepends - ok
23:17:51.0584 0x112c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:17:51.0587 0x112c  Fs_Rec - ok
23:17:51.0639 0x112c  [ B2BD017231836DA9F63F41E3A075D73E, 31B1DD677FE8B4F90B8AB5A131DA0105439AC2D91BC0CEDC972D2D87E595A686 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:17:51.0666 0x112c  fvevol - ok
23:17:51.0690 0x112c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
23:17:51.0692 0x112c  FxPPM - ok
23:17:51.0711 0x112c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
23:17:51.0714 0x112c  gagp30kx - ok
23:17:51.0738 0x112c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
23:17:51.0740 0x112c  gencounter - ok
23:17:51.0767 0x112c  [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:17:51.0772 0x112c  GPIOClx0101 - ok
23:17:51.0870 0x112c  [ 58C11DCCC6241CC13861A559E31A69F0, 78B38BBC362C9209B06849CC79301EC595AFCE3E2BDE402A0B1F2725D3EDEFA3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
23:17:51.0910 0x112c  gpsvc - ok
23:17:52.0058 0x112c  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:17:52.0070 0x112c  gupdate - ok
23:17:52.0156 0x112c  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:17:52.0165 0x112c  gupdatem - ok
23:17:52.0215 0x112c  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
23:17:52.0230 0x112c  HdAudAddService - ok
23:17:52.0255 0x112c  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
23:17:52.0260 0x112c  HDAudBus - ok
23:17:52.0268 0x112c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
23:17:52.0270 0x112c  HidBatt - ok
23:17:52.0280 0x112c  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
23:17:52.0284 0x112c  HidBth - ok
23:17:52.0293 0x112c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
23:17:52.0295 0x112c  hidi2c - ok
23:17:52.0304 0x112c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
23:17:52.0306 0x112c  HidIr - ok
23:17:52.0330 0x112c  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
23:17:52.0334 0x112c  hidserv - ok
23:17:52.0351 0x112c  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
23:17:52.0353 0x112c  HidUsb - ok
23:17:52.0393 0x112c  [ E7AF59F1E0352F5EBEC4ECD32103D405, 0E02E031799F407A1BCE926D46471E7EFB8820359CBDE73759219B86C1882EB8 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
23:17:52.0402 0x112c  HipShieldK - ok
23:17:52.0421 0x112c  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
23:17:52.0428 0x0848  Object send P2P result: true
23:17:52.0430 0x112c  hkmsvc - ok
23:17:52.0468 0x112c  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:17:52.0480 0x112c  HomeGroupListener - ok
23:17:52.0535 0x112c  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:17:52.0555 0x112c  HomeGroupProvider - ok
23:17:52.0691 0x112c  [ 53BF05234B2DFBEE008364AF1982C6D9, B750811587170B3899ABA1D6BAFC0D759E6E7AC3BDBC2EE9A2312790CC15F423 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:17:52.0714 0x112c  HomeNetSvc - ok
23:17:52.0734 0x112c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
23:17:52.0749 0x112c  HpSAMD - ok
23:17:52.0839 0x112c  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
23:17:52.0872 0x112c  HTTP - ok
23:17:52.0889 0x112c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
23:17:52.0891 0x112c  hwpolicy - ok
23:17:52.0908 0x112c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
23:17:52.0910 0x112c  hyperkbd - ok
23:17:52.0918 0x112c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:17:52.0918 0x112c  HyperVideo - ok
23:17:52.0933 0x112c  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
23:17:52.0933 0x112c  i8042prt - ok
23:17:52.0949 0x112c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:17:52.0949 0x112c  iaLPSSi_GPIO - ok
23:17:52.0965 0x112c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:17:52.0970 0x112c  iaLPSSi_I2C - ok
23:17:53.0029 0x112c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
23:17:53.0049 0x112c  iaStorAV - ok
23:17:53.0070 0x112c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
23:17:53.0082 0x112c  iaStorV - ok
23:17:53.0117 0x112c  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
23:17:53.0117 0x112c  ICCS - ok
23:17:53.0133 0x112c  IEEtwCollectorService - ok
23:17:53.0349 0x112c  [ E786FA74AA145ECB7FA3467A362B1AF5, 4A84AA3595ADC586EB03526750735219B16629C9372B4A606F352424656AE6D3 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
23:17:53.0468 0x112c  igfx - ok
23:17:53.0559 0x112c  [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
23:17:53.0597 0x112c  IKEEXT - ok
23:17:53.0626 0x112c  [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
23:17:53.0629 0x112c  intaud_WaveExtensible - ok
23:17:53.0814 0x112c  [ 70DD225646BF84233E18890583E57EFB, 657CFBEBE5C131873BB0B28F6C719772E19D51B48A795E459C388C8EC5EE655B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:17:53.0917 0x112c  IntcAzAudAddService - ok
23:17:53.0983 0x112c  [ EC80E6B9E27DC3E22ED5B2E0E75A39C0, 8EEC89F88AE79DA256BB651983397773F6B25139006C8A7C8F77960F47774CF5 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
23:17:54.0001 0x112c  IntcDAud - ok
23:17:54.0009 0x112c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
23:17:54.0011 0x112c  intelide - ok
23:17:54.0030 0x112c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
23:17:54.0032 0x112c  intelpep - ok
23:17:54.0051 0x112c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
23:17:54.0055 0x112c  intelppm - ok
23:17:54.0064 0x112c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:17:54.0068 0x112c  IpFilterDriver - ok
23:17:54.0117 0x112c  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
23:17:54.0149 0x112c  iphlpsvc - ok
23:17:54.0164 0x112c  [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:17:54.0169 0x112c  IPMIDRV - ok
23:17:54.0182 0x112c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
23:17:54.0186 0x112c  IPNAT - ok
23:17:54.0198 0x112c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
23:17:54.0200 0x112c  IRENUM - ok
23:17:54.0207 0x112c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
23:17:54.0209 0x112c  isapnp - ok
23:17:54.0246 0x112c  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
23:17:54.0254 0x112c  iScsiPrt - ok
23:17:54.0277 0x112c  [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
23:17:54.0279 0x112c  iwdbus - ok
23:17:54.0294 0x112c  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
23:17:54.0297 0x112c  kbdclass - ok
23:17:54.0348 0x112c  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
23:17:54.0348 0x112c  kbdhid - ok
23:17:54.0364 0x112c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
23:17:54.0364 0x112c  kdnic - ok
23:17:54.0389 0x112c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
23:17:54.0396 0x112c  KeyIso - ok
23:17:54.0419 0x112c  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
23:17:54.0425 0x112c  KSecDD - ok
23:17:54.0460 0x112c  [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:17:54.0467 0x112c  KSecPkg - ok
23:17:54.0476 0x112c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
23:17:54.0478 0x112c  ksthunk - ok
23:17:54.0518 0x112c  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
23:17:54.0549 0x112c  KtmRm - ok
23:17:54.0665 0x112c  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
23:17:54.0685 0x112c  LanmanServer - ok
23:17:54.0735 0x112c  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:17:54.0750 0x112c  LanmanWorkstation - ok
23:17:54.0800 0x112c  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
23:17:54.0822 0x112c  lfsvc - ok
23:17:54.0842 0x112c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
23:17:54.0845 0x112c  lltdio - ok
23:17:54.0884 0x112c  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
23:17:54.0897 0x112c  lltdsvc - ok
23:17:54.0917 0x112c  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
23:17:54.0921 0x112c  lmhosts - ok
23:17:54.0949 0x112c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
23:17:54.0964 0x112c  LSI_SAS - ok
23:17:54.0964 0x112c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
23:17:54.0980 0x112c  LSI_SAS2 - ok
23:17:54.0991 0x112c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
23:17:54.0994 0x112c  LSI_SAS3 - ok
23:17:55.0004 0x112c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
23:17:55.0008 0x112c  LSI_SSS - ok
23:17:55.0068 0x112c  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
23:17:55.0093 0x112c  LSM - ok
23:17:55.0110 0x112c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
23:17:55.0114 0x112c  luafv - ok
23:17:55.0198 0x112c  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
23:17:55.0201 0x112c  MBAMProtector - ok
23:17:55.0343 0x112c  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
23:17:55.0386 0x112c  MBAMScheduler - ok
23:17:55.0475 0x112c  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
23:17:55.0508 0x112c  MBAMService - ok
23:17:55.0612 0x112c  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
23:17:55.0624 0x112c  MBAMSwissArmy - ok
23:17:55.0647 0x112c  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
23:17:55.0653 0x112c  MBAMWebAccessControl - ok
23:17:55.0733 0x112c  [ C2703D81DB39EFF891016851F3522974, 3F45F299C70F8EFCF8A8447CAAD5EC9B7C5CA28A434116B83FB04C780670C8F4 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
23:17:55.0733 0x112c  McAfee SiteAdvisor Service - ok
23:17:55.0881 0x112c  [ 91F15221CB9086D913AD5A0D211B38BB, F9C034A54A2986723713DA1B6AE2452F0F75DE9F48588312A0EED4E680B32F6A ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
23:17:55.0907 0x112c  McAPExe - ok
23:17:55.0991 0x112c  [ 4F3FAE9E811E64BBE68152F0ED186D75, 55C53B218F8769E9E8774278E7FFB4A8B7753B103D280248E9D5FE42F12B2DCB ] McAWFwk         c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
23:17:56.0010 0x112c  McAWFwk - ok
23:17:56.0133 0x112c  [ 53BF05234B2DFBEE008364AF1982C6D9, B750811587170B3899ABA1D6BAFC0D759E6E7AC3BDBC2EE9A2312790CC15F423 ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:17:56.0164 0x112c  McBootDelayStartSvc - ok
23:17:56.0273 0x112c  [ 6134FD95748129D152171E5574DBC74B, 00C123929EBA49CE3653622864A369B6BA16E860C5A092B61915A044FF962BEF ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.9.656.0\McCSPServiceHost.exe
23:17:56.0317 0x112c  mccspsvc - ok
23:17:56.0349 0x112c  [ 53BF05234B2DFBEE008364AF1982C6D9, B750811587170B3899ABA1D6BAFC0D759E6E7AC3BDBC2EE9A2312790CC15F423 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:17:56.0349 0x112c  McMPFSvc - ok
23:17:56.0380 0x112c  [ 53BF05234B2DFBEE008364AF1982C6D9, B750811587170B3899ABA1D6BAFC0D759E6E7AC3BDBC2EE9A2312790CC15F423 ] McNaiAnn        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
23:17:56.0397 0x112c  McNaiAnn - ok
23:17:56.0465 0x112c  [ 9EC833A1AAFDC6A0FC75567DA6DAC26D, 5462F69208E0E67CB0F8D059DA3B3681B073EA3859A040054109AB55A83C9D87 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
23:17:56.0490 0x112c  McODS - ok
23:17:56.0511 0x112c  [ 53BF05234B2DFBEE008364AF1982C6D9, B750811587170B3899ABA1D6BAFC0D759E6E7AC3BDBC2EE9A2312790CC15F423 ] McOobeSv2       C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
23:17:56.0517 0x112c  McOobeSv2 - ok
23:17:56.0533 0x112c  [ 53BF05234B2DFBEE008364AF1982C6D9, B750811587170B3899ABA1D6BAFC0D759E6E7AC3BDBC2EE9A2312790CC15F423 ] mcpltsvc        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
23:17:56.0549 0x112c  mcpltsvc - ok
23:17:56.0584 0x112c  [ 53BF05234B2DFBEE008364AF1982C6D9, B750811587170B3899ABA1D6BAFC0D759E6E7AC3BDBC2EE9A2312790CC15F423 ] McProxy         C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
23:17:56.0597 0x112c  McProxy - ok
23:17:56.0622 0x112c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
23:17:56.0624 0x112c  megasas - ok
23:17:56.0675 0x112c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
23:17:56.0697 0x112c  megasr - ok
23:17:56.0794 0x112c  [ 6EA13EA739CCB3BFDC7258926E986885, 5ED857E52D65A2E5680F8C00A2CCA995873674CE0554488F16E96102139807AE ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
23:17:56.0815 0x112c  mfeaack - ok
23:17:56.0869 0x112c  [ 971F243A588493D093982EFA089001DA, 72259E50FEE36768748C5390D6723E1A12D3AA76B3D1769A9D804A6905867014 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
23:17:56.0882 0x112c  mfeavfk - ok
23:17:56.0894 0x112c  [ 062649F008287DB3D257DC5902E87FF6, 7C5D9A80DBAF011DE0F5B630EAD5DE22336BE20BC8663C4551191D102587EB99 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
23:17:56.0899 0x112c  mfeelamk - ok
23:17:56.0949 0x112c  [ 540C973370E07028C7DEDB79CD2B2463, EFD181B8128FF9769ACDDA6CB23EF07D5FAFBA9DD17C4C56EBEBC63A3AE5ABA7 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
23:17:56.0971 0x112c  mfefire - ok
23:17:57.0012 0x112c  [ 9A223D31E66B42FED95F28F5E4A71084, 658AF2F50F78269B4F961AC413E6D266131E991F1D9FDA44AF053AA9608655C9 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
23:17:57.0031 0x112c  mfefirek - ok
23:17:57.0077 0x112c  [ DA6A9E929E5C2B6CA1D8ABD16C2153F5, A98F3A96628CA6A827C6AD2D795EAA374DE19EC222AFD0B6E5A376958C7A9123 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
23:17:57.0102 0x112c  mfehidk - ok
23:17:57.0137 0x112c  [ 0D5986FD9B12D2FA6DA76EEEB186C78A, 396F1CAC55416C8C8F099C0B8A4B315510CC900EB21B9993FB01202F7385933D ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
23:17:57.0149 0x112c  mfemms - ok
23:17:57.0195 0x112c  [ 0B03533634318BA4905C7F8964B9AEA6, 0338722CA84FDBB44A218C331911B2476A0D5F1E19EFCA3A887FE843379A3026 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
23:17:57.0215 0x112c  mfencbdc - ok
23:17:57.0238 0x112c  [ 8175800CA2B36BDA004E78ECE568011A, 6D137D83706D049BD9EB7BF26B87948A9F5C36ED7E6E07AB65C2C0AC83AEB916 ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
23:17:57.0242 0x112c  mfencrk - ok
23:17:57.0275 0x112c  [ B8487AB1E90E38BF428216D2772F450F, 5416951B35F7A5B63434D371C9FA81DA2656852A82D2613191AC2056FB8F895A ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
23:17:57.0277 0x112c  mfesapsn - ok
23:17:57.0312 0x112c  [ BD33A511702A03DEF58CA31584E1EFEB, D47015DA57D1968FAC71A73A1D08601579F294552F351B6E556B9307D8FEEE0B ] mfevtp          C:\Windows\system32\mfevtps.exe
23:17:57.0328 0x112c  mfevtp - ok
23:17:57.0357 0x112c  [ 4FF88ABD53310B9E8F4DE732AC3AEFB0, 0498879C56FE94C1DAB0FBB050969C1A092D4CA4A5FC155E7E22BCD0F7CC8593 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
23:17:57.0366 0x112c  mfewfpk - ok
23:17:57.0403 0x112c  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
23:17:57.0408 0x112c  MMCSS - ok
23:17:57.0441 0x112c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
23:17:57.0445 0x112c  Modem - ok
23:17:57.0545 0x112c  [ 76699EB4E2CEC5683588F3292CA2E53D, 6682F7A7747DA179D208A7CD0C1C7322C343E8A93713B5D6601C00D534E2CC30 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
23:17:57.0575 0x112c  ModuleCoreService - ok
23:17:57.0593 0x112c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
23:17:57.0595 0x112c  monitor - ok
23:17:57.0607 0x112c  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
23:17:57.0610 0x112c  mouclass - ok
23:17:57.0622 0x112c  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
23:17:57.0624 0x112c  mouhid - ok
23:17:57.0641 0x112c  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
23:17:57.0644 0x112c  mountmgr - ok
23:17:57.0656 0x112c  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
23:17:57.0659 0x112c  mpsdrv - ok
23:17:57.0717 0x112c  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
23:17:57.0749 0x112c  MpsSvc - ok
23:17:57.0776 0x112c  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
23:17:57.0781 0x112c  MRxDAV - ok
23:17:57.0827 0x112c  [ 5F2BB54E0223E46646789E90BB4CCD81, 44D5983512688D3C36D66C1D9EFFEED91A2CA5FDB3B106E313015082C72E344D ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:17:57.0840 0x112c  mrxsmb - ok
23:17:57.0866 0x112c  [ C83AF14432DF58324FBC2E80A5E42AB5, 63281C114CD9F4BDC80ED5DEE0578C0084DBE10D34DD2103F3BDEB2AF9AB757E ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:17:57.0875 0x112c  mrxsmb10 - ok
23:17:57.0890 0x112c  [ 9EFBEC37E87DB6C9E791075987AAB413, 9533F54C494FBD8868A2A973EA956C22E3C1AD9FA79C4F6A2C43F2CAB14DB9D4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:17:57.0896 0x112c  mrxsmb20 - ok
23:17:57.0917 0x112c  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
23:17:57.0933 0x112c  MsBridge - ok
23:17:57.0964 0x112c  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
23:17:57.0980 0x112c  MSDTC - ok
23:17:58.0009 0x112c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:17:58.0011 0x112c  Msfs - ok
23:17:58.0032 0x112c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:17:58.0034 0x112c  msgpiowin32 - ok
23:17:58.0052 0x112c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:17:58.0054 0x112c  mshidkmdf - ok
23:17:58.0069 0x112c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
23:17:58.0070 0x112c  mshidumdf - ok
23:17:58.0084 0x112c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
23:17:58.0086 0x112c  msisadrv - ok
23:17:58.0117 0x112c  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
23:17:58.0117 0x112c  MSiSCSI - ok
23:17:58.0133 0x112c  msiserver - ok
23:17:58.0164 0x112c  [ 53BF05234B2DFBEE008364AF1982C6D9, B750811587170B3899ABA1D6BAFC0D759E6E7AC3BDBC2EE9A2312790CC15F423 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:17:58.0182 0x112c  MSK80Service - ok
23:17:58.0195 0x112c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:17:58.0196 0x112c  MSKSSRV - ok
23:17:58.0215 0x112c  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
23:17:58.0219 0x112c  MsLldp - ok
23:17:58.0229 0x112c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:17:58.0231 0x112c  MSPCLOCK - ok
23:17:58.0247 0x112c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:17:58.0248 0x112c  MSPQM - ok
23:17:58.0278 0x112c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
23:17:58.0292 0x112c  MsRPC - ok
23:17:58.0314 0x112c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
23:17:58.0316 0x112c  mssmbios - ok
23:17:58.0334 0x112c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
23:17:58.0336 0x112c  MSTEE - ok
23:17:58.0348 0x112c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
23:17:58.0349 0x112c  MTConfig - ok
23:17:58.0359 0x112c  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
23:17:58.0362 0x112c  Mup - ok
23:17:58.0391 0x112c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
23:17:58.0394 0x112c  mvumis - ok
23:17:58.0445 0x112c  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
23:17:58.0468 0x112c  napagent - ok
23:17:58.0500 0x112c  [ 647C7652FA19F98CADF2BFDA2164BFEC, 711A4A06309393922A70D7FBE5684938CD634F5DED158D847BFADDD5ACF9E44C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:17:58.0514 0x112c  NativeWifiP - ok
23:17:58.0551 0x112c  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
23:17:58.0551 0x112c  NcaSvc - ok
23:17:58.0579 0x112c  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
23:17:58.0587 0x112c  NcbService - ok
23:17:58.0621 0x112c  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
23:17:58.0628 0x112c  NcdAutoSetup - ok
23:17:58.0721 0x112c  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
23:17:58.0752 0x112c  NDIS - ok
23:17:58.0780 0x112c  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
23:17:58.0782 0x112c  NdisCap - ok
23:17:58.0800 0x112c  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
23:17:58.0805 0x112c  NdisImPlatform - ok
23:17:58.0824 0x112c  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:17:58.0826 0x112c  NdisTapi - ok
23:17:58.0861 0x112c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:17:58.0866 0x112c  Ndisuio - ok
23:17:58.0886 0x112c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:17:58.0889 0x112c  NdisVirtualBus - ok
23:17:58.0911 0x112c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:17:58.0919 0x112c  NdisWan - ok
23:17:58.0931 0x112c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:17:58.0938 0x112c  NdisWanLegacy - ok
23:17:58.0947 0x112c  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:17:58.0950 0x112c  NDProxy - ok
23:17:58.0968 0x112c  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
23:17:58.0974 0x112c  Ndu - ok
23:17:58.0992 0x112c  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:17:58.0994 0x112c  NetBIOS - ok
23:17:59.0010 0x112c  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:17:59.0019 0x112c  NetBT - ok
23:17:59.0034 0x112c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:17:59.0039 0x112c  Netlogon - ok
23:17:59.0087 0x112c  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
23:17:59.0102 0x112c  Netman - ok
23:17:59.0142 0x112c  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
23:17:59.0166 0x112c  netprofm - ok
23:17:59.0418 0x112c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:17:59.0442 0x112c  NetTcpPortSharing - ok
23:17:59.0471 0x112c  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
23:17:59.0478 0x112c  netvsc - ok
23:17:59.0534 0x112c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
23:17:59.0555 0x112c  NlaSvc - ok
23:17:59.0573 0x112c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:17:59.0576 0x112c  Npfs - ok
23:17:59.0594 0x112c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
23:17:59.0595 0x112c  npsvctrig - ok
23:17:59.0625 0x112c  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
23:17:59.0628 0x112c  nsi - ok
23:17:59.0643 0x112c  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
23:17:59.0647 0x112c  nsiproxy - ok
23:17:59.0760 0x112c  [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:17:59.0816 0x112c  Ntfs - ok
23:17:59.0835 0x112c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:17:59.0836 0x112c  Null - ok
23:17:59.0862 0x112c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
23:17:59.0867 0x112c  nvraid - ok
23:17:59.0879 0x112c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
23:17:59.0885 0x112c  nvstor - ok
23:17:59.0896 0x112c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
23:17:59.0900 0x112c  nv_agp - ok
23:17:59.0933 0x112c  [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:17:59.0949 0x112c  ose64 - ok
23:17:59.0987 0x112c  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
23:18:00.0003 0x112c  p2pimsvc - ok
23:18:00.0035 0x112c  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
23:18:00.0052 0x112c  p2psvc - ok
23:18:00.0063 0x112c  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
23:18:00.0066 0x112c  Parport - ok
23:18:00.0081 0x112c  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
23:18:00.0085 0x112c  partmgr - ok
23:18:00.0117 0x112c  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
23:18:00.0133 0x112c  PcaSvc - ok
23:18:00.0149 0x112c  [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci             C:\WINDOWS\system32\drivers\pci.sys
23:18:00.0166 0x112c  pci - ok
23:18:00.0182 0x112c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
23:18:00.0183 0x112c  pciide - ok
23:18:00.0209 0x112c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
23:18:00.0213 0x112c  pcmcia - ok
23:18:00.0237 0x112c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
23:18:00.0240 0x112c  pcw - ok
23:18:00.0262 0x112c  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
23:18:00.0267 0x112c  pdc - ok
23:18:00.0333 0x112c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
23:18:00.0349 0x112c  PEAUTH - ok
23:18:00.0437 0x112c  [ E0CCC1196CB78C13CC5F6FCEEEA0FCBE, 3992B4F1490B94C2EEF7AA8B60FA69A05B14D8B199444D3E99260593337E653B ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
23:18:00.0464 0x112c  PEFService - ok
23:18:00.0533 0x112c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
23:18:00.0533 0x112c  PerfHost - ok
23:18:00.0671 0x112c  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
23:18:00.0716 0x112c  pla - ok
23:18:00.0769 0x112c  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
23:18:00.0780 0x112c  PlugPlay - ok
23:18:00.0797 0x112c  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
23:18:00.0804 0x112c  PNRPAutoReg - ok
23:18:00.0825 0x112c  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
23:18:00.0838 0x112c  PNRPsvc - ok
23:18:00.0888 0x112c  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
23:18:00.0903 0x112c  PolicyAgent - ok
23:18:00.0917 0x112c  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
23:18:00.0917 0x112c  Power - ok
23:18:01.0133 0x112c  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
23:18:01.0333 0x112c  PrintNotify - ok
23:18:01.0349 0x112c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
23:18:01.0367 0x112c  Processor - ok
23:18:01.0403 0x112c  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
23:18:01.0421 0x112c  ProfSvc - ok
23:18:01.0441 0x112c  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
23:18:01.0447 0x112c  Psched - ok
23:18:01.0490 0x112c  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
23:18:01.0505 0x112c  QWAVE - ok
23:18:01.0533 0x112c  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
23:18:01.0533 0x112c  QWAVEdrv - ok
23:18:01.0549 0x112c  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:18:01.0549 0x112c  RasAcd - ok
23:18:01.0564 0x112c  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:18:01.0586 0x112c  RasAuto - ok
23:18:01.0646 0x112c  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:18:01.0669 0x112c  RasMan - ok
23:18:01.0680 0x112c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:18:01.0683 0x112c  RasPppoe - ok
23:18:01.0714 0x112c  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:18:01.0726 0x112c  rdbss - ok
23:18:01.0737 0x112c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
23:18:01.0739 0x112c  rdpbus - ok
23:18:01.0760 0x112c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
23:18:01.0766 0x112c  RDPDR - ok
23:18:01.0800 0x112c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:18:01.0802 0x112c  RdpVideoMiniport - ok
23:18:01.0817 0x112c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
23:18:01.0826 0x112c  rdyboost - ok
23:18:01.0882 0x112c  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
23:18:01.0908 0x112c  ReFS - ok
23:18:01.0937 0x112c  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:18:01.0947 0x112c  RemoteAccess - ok
23:18:01.0969 0x112c  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:18:01.0978 0x112c  RemoteRegistry - ok
23:18:01.0990 0x112c  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
23:18:01.0996 0x112c  RFCOMM - ok
23:18:02.0114 0x112c  [ CBE300DA6064C31F2AC4ED8A0722BEF0, D98D41937E36390426F521713AF2BAA1E49E750BBEAC420D1BD770EB303F1E4F ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
23:18:02.0128 0x112c  RichVideo - ok
23:18:02.0167 0x112c  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
23:18:02.0175 0x112c  RpcEptMapper - ok
23:18:02.0207 0x112c  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:18:02.0213 0x112c  RpcLocator - ok
23:18:02.0271 0x112c  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:18:02.0307 0x112c  RpcSs - ok
23:18:02.0342 0x112c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
23:18:02.0347 0x112c  rspndr - ok
23:18:02.0400 0x112c  [ 14182642967B8751F3717E94FC90DF48, 0EEF109D51E7D8AE89DFF4C94AD42764682953DEBA2C4C62B6062F3753164A4F ] RSUSBSTOR       C:\WINDOWS\System32\Drivers\RtsUStor.sys
23:18:02.0415 0x112c  RSUSBSTOR - ok
23:18:02.0522 0x112c  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
23:18:02.0540 0x112c  RtkAudioService - ok
23:18:02.0613 0x112c  [ 7CC0D898D00675F14BA0C4BF056C1CF4, E9203DD2A201AEF206C1A4177FD564DDFC8E7468DC268BD99389626A2C6593D3 ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
23:18:02.0644 0x112c  RTL8168 - ok
23:18:02.0662 0x112c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
23:18:02.0664 0x112c  s3cap - ok
23:18:02.0688 0x112c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
23:18:02.0692 0x112c  SamSs - ok
23:18:02.0718 0x112c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
23:18:02.0722 0x112c  sbp2port - ok
23:18:02.0763 0x112c  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
23:18:02.0779 0x112c  SCardSvr - ok
23:18:02.0794 0x112c  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
23:18:02.0803 0x112c  ScDeviceEnum - ok
23:18:02.0818 0x112c  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:18:02.0820 0x112c  scfilter - ok
23:18:02.0907 0x112c  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:18:02.0951 0x112c  Schedule - ok
23:18:02.0997 0x112c  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
23:18:03.0008 0x112c  SCPolicySvc - ok
23:18:03.0049 0x112c  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
23:18:03.0062 0x112c  sdbus - ok
23:18:03.0107 0x112c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
23:18:03.0113 0x112c  sdstor - ok
23:18:03.0133 0x112c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
23:18:03.0136 0x112c  secdrv - ok
23:18:03.0166 0x112c  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll
23:18:03.0173 0x112c  seclogon - ok
23:18:03.0206 0x112c  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
23:18:03.0216 0x112c  SENS - ok
23:18:03.0257 0x112c  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
23:18:03.0270 0x112c  SensrSvc - ok
23:18:03.0282 0x112c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
23:18:03.0286 0x112c  SerCx - ok
23:18:03.0300 0x112c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
23:18:03.0305 0x112c  SerCx2 - ok
23:18:03.0314 0x112c  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
23:18:03.0315 0x112c  Serenum - ok
23:18:03.0319 0x112c  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
23:18:03.0319 0x112c  Serial - ok
23:18:03.0335 0x112c  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
23:18:03.0335 0x112c  sermouse - ok
23:18:03.0381 0x112c  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
23:18:03.0396 0x112c  SessionEnv - ok
23:18:03.0404 0x112c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
23:18:03.0405 0x112c  sfloppy - ok
23:18:03.0533 0x112c  [ 1AFF08DFBB72A235DE60433C4FE7920B, 0EFA5914B96CF8544BA6452086CED8EF6EBD0F69E6977CDB1ECDB75908F07650 ] SftService      C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
23:18:03.0601 0x112c  SftService - ok
23:18:03.0702 0x112c  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:18:03.0717 0x112c  SharedAccess - ok
23:18:03.0897 0x112c  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:18:03.0917 0x112c  ShellHWDetection - ok
23:18:03.0933 0x112c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:18:03.0933 0x112c  SiSRaid2 - ok
23:18:03.0975 0x112c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
23:18:03.0979 0x112c  SiSRaid4 - ok
23:18:04.0015 0x112c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
23:18:04.0024 0x112c  smphost - ok
23:18:04.0070 0x112c  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:18:04.0076 0x112c  SNMPTRAP - ok
23:18:04.0117 0x112c  [ 45D3998394D45DEC47A700ACE962AEDB, E03C024FCE068B109069E102D5C6B4889B2ABE6CDF81F86AF39066E15BE76AA4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
23:18:04.0133 0x112c  spaceport - ok
23:18:04.0164 0x112c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
23:18:04.0164 0x112c  SpbCx - ok
23:18:04.0231 0x112c  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
23:18:04.0256 0x112c  Spooler - ok
23:18:04.0564 0x112c  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
23:18:04.0866 0x112c  sppsvc - ok
23:18:04.0917 0x112c  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:18:04.0933 0x112c  srv - ok
23:18:04.0968 0x112c  [ E62EAEF0BAC9DD61BF22D4A7F2F18571, 910D85FDDBAF0E003A0CA0C23D27615F1B7D6145FB9E3A1661E93498196B303A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
23:18:04.0988 0x112c  srv2 - ok
23:18:05.0004 0x112c  [ 466BDC0006103F2547D308DD3CD64398, 334E0729B369C7F7CBB9878F423B53E05476D1288A8ECEB18240318ABF2370C1 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:18:05.0011 0x112c  srvnet - ok
23:18:05.0045 0x112c  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:18:05.0055 0x112c  SSDPSRV - ok
23:18:05.0100 0x112c  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
23:18:05.0115 0x112c  SstpSvc - ok
23:18:05.0137 0x112c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
23:18:05.0137 0x112c  stexstor - ok
23:18:05.0211 0x112c  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
23:18:05.0232 0x112c  stisvc - ok
23:18:05.0244 0x112c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
23:18:05.0248 0x112c  storahci - ok
23:18:05.0271 0x112c  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
23:18:05.0273 0x112c  storflt - ok
23:18:05.0283 0x112c  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
23:18:05.0286 0x112c  stornvme - ok
23:18:05.0315 0x112c  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
23:18:05.0318 0x112c  StorSvc - ok
23:18:05.0334 0x112c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
23:18:05.0334 0x112c  storvsc - ok
23:18:05.0365 0x112c  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
23:18:05.0395 0x112c  svsvc - ok
23:18:05.0413 0x112c  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
23:18:05.0416 0x112c  swenum - ok
23:18:05.0494 0x112c  [ E3C92D60F6AD7763961D1E7628002844, A33EED7CB3EE0EF4890AAD095F989FCA7F44CA1055E03D3892AB543DEE74C9B6 ] swprv           C:\WINDOWS\System32\swprv.dll
23:18:05.0524 0x112c  swprv - ok
23:18:05.0600 0x112c  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
23:18:05.0636 0x112c  SysMain - ok
23:18:05.0674 0x112c  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:18:05.0685 0x112c  SystemEventsBroker - ok
23:18:05.0716 0x112c  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:18:05.0724 0x112c  TabletInputService - ok
23:18:05.0754 0x112c  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:18:05.0768 0x112c  TapiSrv - ok
23:18:05.0901 0x112c  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
23:18:05.0976 0x112c  Tcpip - ok
23:18:06.0093 0x112c  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:18:06.0194 0x112c  TCPIP6 - ok
23:18:06.0238 0x112c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
23:18:06.0242 0x112c  tcpipreg - ok
23:18:06.0264 0x112c  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
23:18:06.0270 0x112c  tdx - ok
23:18:06.0295 0x112c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
23:18:06.0298 0x112c  terminpt - ok
23:18:06.0385 0x112c  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\WINDOWS\System32\termsrv.dll
23:18:06.0421 0x112c  TermService - ok
23:18:06.0439 0x112c  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
23:18:06.0444 0x112c  Themes - ok
23:18:06.0485 0x112c  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
23:18:06.0490 0x112c  THREADORDER - ok
23:18:06.0518 0x112c  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
23:18:06.0533 0x112c  TimeBroker - ok
23:18:06.0564 0x112c  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
23:18:06.0564 0x112c  TPM - ok
23:18:06.0614 0x112c  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
23:18:06.0621 0x112c  TrkWks - ok
23:18:06.0669 0x112c  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:18:06.0674 0x112c  TrustedInstaller - ok
23:18:06.0687 0x112c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
23:18:06.0690 0x112c  TsUsbFlt - ok
23:18:06.0697 0x112c  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:18:06.0700 0x112c  TsUsbGD - ok
23:18:06.0717 0x112c  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
23:18:06.0723 0x112c  tunnel - ok
23:18:06.0755 0x112c  [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64         C:\WINDOWS\System32\drivers\TXEIx64.sys
23:18:06.0759 0x112c  TXEIx64 - ok
23:18:06.0768 0x112c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
23:18:06.0771 0x112c  uagp35 - ok
23:18:06.0780 0x112c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
23:18:06.0784 0x112c  UASPStor - ok
23:18:06.0816 0x112c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
23:18:06.0823 0x112c  UCX01000 - ok
23:18:06.0855 0x112c  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
23:18:06.0865 0x112c  udfs - ok
23:18:06.0889 0x112c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
23:18:06.0891 0x112c  UEFI - ok
23:18:06.0919 0x112c  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
23:18:06.0919 0x112c  UI0Detect - ok
23:18:06.0934 0x112c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
23:18:06.0934 0x112c  uliagpkx - ok
23:18:06.0950 0x112c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
23:18:06.0950 0x112c  umbus - ok
23:18:06.0968 0x112c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
23:18:06.0970 0x112c  UmPass - ok
23:18:07.0011 0x112c  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
23:18:07.0025 0x112c  UmRdpService - ok
23:18:07.0058 0x112c  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:18:07.0077 0x112c  upnphost - ok
23:18:07.0102 0x112c  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
23:18:07.0107 0x112c  usbccgp - ok
23:18:07.0117 0x112c  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
23:18:07.0133 0x112c  usbcir - ok
23:18:07.0164 0x112c  [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
23:18:07.0164 0x112c  usbehci - ok
23:18:07.0206 0x112c  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
23:18:07.0220 0x112c  usbhub - ok
23:18:07.0252 0x112c  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
23:18:07.0266 0x112c  USBHUB3 - ok
23:18:07.0293 0x112c  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
23:18:07.0295 0x112c  usbohci - ok
23:18:07.0317 0x112c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
23:18:07.0317 0x112c  usbprint - ok
23:18:07.0349 0x112c  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:18:07.0366 0x112c  usbscan - ok
23:18:07.0385 0x112c  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:18:07.0391 0x112c  USBSTOR - ok
23:18:07.0406 0x112c  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
23:18:07.0408 0x112c  usbuhci - ok
23:18:07.0434 0x112c  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:18:07.0445 0x112c  USBXHCI - ok
23:18:07.0458 0x112c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
23:18:07.0461 0x112c  VaultSvc - ok
23:18:07.0474 0x112c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
23:18:07.0476 0x112c  vdrvroot - ok
23:18:07.0549 0x112c  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
23:18:07.0640 0x112c  vds - ok
23:18:07.0662 0x112c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
23:18:07.0668 0x112c  VerifierExt - ok
23:18:07.0703 0x112c  [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
23:18:07.0720 0x112c  vhdmp - ok
23:18:07.0740 0x112c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
23:18:07.0742 0x112c  viaide - ok
23:18:07.0752 0x112c  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
23:18:07.0756 0x112c  vmbus - ok
23:18:07.0763 0x112c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
23:18:07.0765 0x112c  VMBusHID - ok
23:18:07.0827 0x112c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:18:07.0853 0x112c  vmicguestinterface - ok
23:18:07.0876 0x112c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
23:18:07.0892 0x112c  vmicheartbeat - ok
23:18:07.0915 0x112c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:18:07.0932 0x112c  vmickvpexchange - ok
23:18:07.0955 0x112c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
23:18:07.0972 0x112c  vmicrdv - ok
23:18:08.0005 0x112c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
23:18:08.0021 0x112c  vmicshutdown - ok
23:18:08.0044 0x112c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
23:18:08.0060 0x112c  vmictimesync - ok
23:18:08.0083 0x112c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
23:18:08.0100 0x112c  vmicvss - ok
23:18:08.0133 0x112c  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
23:18:08.0133 0x112c  volmgr - ok
23:18:08.0164 0x112c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
23:18:08.0164 0x112c  volmgrx - ok
23:18:08.0214 0x112c  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
23:18:08.0225 0x112c  volsnap - ok
23:18:08.0249 0x112c  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
23:18:08.0252 0x112c  vpci - ok
23:18:08.0280 0x112c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
23:18:08.0286 0x112c  vsmraid - ok
23:18:08.0380 0x112c  [ 4957B27219515B93A508B91068B87BF5, 5B6B37A57FC8F4FC8B119C013338292550C63AB5295A596D382D8DCF26D751A2 ] VSS             C:\WINDOWS\system32\vssvc.exe
23:18:08.0443 0x112c  VSS - ok
23:18:08.0464 0x112c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
23:18:08.0474 0x112c  VSTXRAID - ok
23:18:08.0502 0x112c  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
23:18:08.0504 0x112c  vwifibus - ok
23:18:08.0517 0x112c  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
23:18:08.0521 0x112c  vwififlt - ok
23:18:08.0537 0x112c  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
23:18:08.0540 0x112c  vwifimp - ok
23:18:08.0594 0x112c  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
23:18:08.0615 0x112c  W32Time - ok
23:18:08.0636 0x112c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
23:18:08.0639 0x112c  WacomPen - ok
23:18:08.0749 0x112c  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\WINDOWS\system32\wbengine.exe
23:18:08.0839 0x112c  wbengine - ok
23:18:08.0894 0x112c  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
23:18:08.0917 0x112c  WbioSrvc - ok
23:18:08.0949 0x112c  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
23:18:08.0969 0x112c  Wcmsvc - ok
23:18:09.0021 0x112c  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
23:18:09.0039 0x112c  wcncsvc - ok
23:18:09.0057 0x112c  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:18:09.0063 0x112c  WcsPlugInService - ok
23:18:09.0088 0x112c  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
23:18:09.0091 0x112c  WdBoot - ok
23:18:09.0117 0x112c  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
23:18:09.0117 0x112c  WDC_SAM - ok
23:18:09.0211 0x112c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
23:18:09.0242 0x112c  Wdf01000 - ok
23:18:09.0269 0x112c  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
23:18:09.0277 0x112c  WdFilter - ok
23:18:09.0315 0x112c  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
23:18:09.0317 0x112c  WdiServiceHost - ok
23:18:09.0317 0x112c  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
23:18:09.0333 0x112c  WdiSystemHost - ok
23:18:09.0349 0x112c  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:18:09.0364 0x112c  WdNisDrv - ok
23:18:09.0392 0x112c  WdNisSvc - ok
23:18:09.0432 0x112c  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:18:09.0448 0x112c  WebClient - ok
23:18:09.0488 0x112c  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
23:18:09.0505 0x112c  Wecsvc - ok
23:18:09.0535 0x112c  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
23:18:09.0535 0x112c  WEPHOSTSVC - ok
23:18:09.0574 0x112c  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
23:18:09.0581 0x15f4  Object required for P2P: [ 53BF05234B2DFBEE008364AF1982C6D9 ] HomeNetSvc
23:18:09.0583 0x112c  wercplsupport - ok
23:18:09.0612 0x112c  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
23:18:09.0619 0x112c  WerSvc - ok
23:18:09.0654 0x112c  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
23:18:09.0660 0x112c  WFPLWFS - ok
23:18:09.0733 0x112c  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
23:18:09.0749 0x112c  WiaRpc - ok
23:18:09.0783 0x112c  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
23:18:09.0786 0x112c  WIMMount - ok
23:18:09.0794 0x112c  WinDefend - ok
23:18:09.0817 0x112c  WinFindSvc - ok
23:18:09.0830 0x112c  WinFindSvc2 - ok
23:18:09.0900 0x112c  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:18:09.0935 0x112c  WinHttpAutoProxySvc - ok
23:18:10.0016 0x112c  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:18:10.0031 0x112c  Winmgmt - ok
23:18:10.0178 0x112c  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
23:18:10.0281 0x112c  WinRM - ok
23:18:10.0376 0x112c  [ 5A917027826D759CC3238C7D3CEC3438, A8FFA28B6D8A314692AA08788FC9E2E0F03D8AD1FCD662826ABA71DB39C3605A ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
23:18:10.0421 0x112c  WlanSvc - ok
23:18:10.0511 0x112c  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
23:18:10.0591 0x112c  wlidsvc - ok
23:18:10.0623 0x112c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
23:18:10.0624 0x112c  WmiAcpi - ok
23:18:10.0650 0x112c  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:18:10.0657 0x112c  wmiApSrv - ok
23:18:10.0690 0x112c  WMPNetworkSvc - ok
23:18:10.0712 0x112c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
23:18:10.0721 0x112c  Wof - ok
23:18:10.0832 0x112c  [ 65C65F3BD784158C456E721DDC9F0EA2, CBD3ADFD960456BD4B9557BF691E12D31153499549F5D3D08258BD62013952ED ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
23:18:10.0894 0x112c  workfolderssvc - ok
23:18:10.0920 0x112c  [ C1F564F324685C088ECAB1933576CF91, 022F0EC160352AB73AF7DA557D1A5798964231B82C556F22F4163E8B3E4088B2 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:18:10.0923 0x112c  wpcfltr - ok
23:18:10.0949 0x112c  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
23:18:10.0954 0x112c  WPCSvc - ok
23:18:10.0986 0x112c  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
23:18:10.0994 0x112c  WPDBusEnum - ok
23:18:11.0005 0x112c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:18:11.0007 0x112c  WpdUpFltr - ok
23:18:11.0025 0x112c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:18:11.0027 0x112c  ws2ifsl - ok
23:18:11.0064 0x112c  [ 515583507D3828E827FF6352C9ACCEFA, D0C42020FA787804DA26FE07D67C8880FE027A230BD9EB6A706862D89181F2BE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
23:18:11.0078 0x112c  wscsvc - ok
23:18:11.0089 0x112c  WSearch - ok
23:18:11.0278 0x112c  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
23:18:11.0429 0x112c  WSService - ok
23:18:11.0616 0x112c  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
23:18:11.0814 0x112c  wuauserv - ok
23:18:11.0853 0x112c  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
23:18:11.0857 0x112c  WudfPf - ok
23:18:11.0879 0x112c  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
23:18:11.0886 0x112c  WUDFRd - ok
23:18:11.0909 0x112c  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
23:18:11.0917 0x112c  wudfsvc - ok
23:18:11.0917 0x112c  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:18:11.0933 0x112c  WUDFWpdFs - ok
23:18:11.0986 0x112c  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
23:18:12.0008 0x112c  WwanSvc - ok
23:18:12.0067 0x112c  [ 3B3DD0A864547FD2A45589F8D9B5997D, 1E116A3C5249FC2FEF60C9EBD60DD61BCA5684EA8E21E6B11431328F17547AF8 ] WysePocketCloud C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
23:18:12.0070 0x112c  WysePocketCloud - ok
23:18:12.0179 0x112c  [ A85058C7BD11372404E3C3AE63C78E71, 1E30C20187FF273638965119C6395EFD1ECED098CB6A0623C6AD2800458FF4CB ] WyseRemoteAccess C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
23:18:12.0230 0x112c  WyseRemoteAccess - ok
23:18:12.0256 0x112c  ================ Scan global ===============================
23:18:12.0314 0x112c  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
23:18:12.0333 0x112c  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
23:18:12.0349 0x112c  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
23:18:12.0399 0x112c  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
23:18:12.0410 0x15f4  Object send P2P result: true
23:18:12.0410 0x15f4  Object required for P2P: [ 53BF05234B2DFBEE008364AF1982C6D9 ] McBootDelayStartSvc
23:18:12.0416 0x112c  [ Global ] - ok
23:18:12.0417 0x112c  ================ Scan MBR ==================================
23:18:12.0430 0x112c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:18:12.0442 0x112c  \Device\Harddisk0\DR0 - ok
23:18:12.0442 0x112c  ================ Scan VBR ==================================
23:18:12.0453 0x112c  [ CAFF2E8D0D7C38672162B06832DEE4AA ] \Device\Harddisk0\DR0\Partition1
23:18:12.0465 0x112c  \Device\Harddisk0\DR0\Partition1 - ok
23:18:12.0480 0x112c  [ EA219428BF605089C9CCC5360DF6AECA ] \Device\Harddisk0\DR0\Partition2
23:18:12.0493 0x112c  \Device\Harddisk0\DR0\Partition2 - ok
23:18:12.0505 0x112c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
23:18:12.0506 0x112c  \Device\Harddisk0\DR0\Partition3 - ok
23:18:12.0518 0x112c  [ F4FC6DBBA139218430B9496E96CF5EF7 ] \Device\Harddisk0\DR0\Partition4
23:18:12.0533 0x112c  \Device\Harddisk0\DR0\Partition4 - ok
23:18:12.0549 0x112c  [ 897EA16561C1D6586B4620606C09DBF5 ] \Device\Harddisk0\DR0\Partition5
23:18:12.0564 0x112c  \Device\Harddisk0\DR0\Partition5 - ok
23:18:12.0600 0x112c  [ 0A1212640024294AD4C8AE3FF0DD374C ] \Device\Harddisk0\DR0\Partition6
23:18:12.0604 0x112c  \Device\Harddisk0\DR0\Partition6 - ok
23:18:12.0605 0x112c  ================ Scan generic autorun ======================
23:18:12.0664 0x112c  [ 68D73DE8129B450867A9878C355D8796, E7690F0C9BA2124F8503ADBEB88E4CDEB9AED7F0AA066748D03472591C8B070A ] C:\Windows\system32\igfxtray.exe
23:18:12.0685 0x112c  IgfxTray - ok
23:18:12.0731 0x112c  [ D0F42E32960EC8181E03ED77C52CDBF7, 97645F992C2371ED581500247A4C046E747501F2FD6C695504A83B963794F884 ] C:\Windows\system32\hkcmd.exe
23:18:12.0759 0x112c  HotKeysCmds - ok
23:18:12.0791 0x112c  [ 0D9FBEAF59192C82B10919B4B5808FB3, 85C11C9BA333B295EF783D76D6C49DF4A7CA570DD7D78C974429830854F9A5D5 ] C:\Windows\system32\igfxpers.exe
23:18:12.0818 0x112c  Persistence - ok
23:18:13.0133 0x112c  [ A433600D55D6C7E165954009FA0149E0, DCEE341BF3AC501E150D64C9BF7FA697939D03480DF7A14BA28ACCB17F638D1C ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
23:18:13.0428 0x112c  RTHDVCPL - ok
23:18:13.0527 0x112c  [ 2EFD6AD223D2650B9B822374EE311CCA, EE4A6DE21DFAB55E870BBE27E924344D7BF765E5F2A356FCC1AFFA6EA56D52C1 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
23:18:13.0579 0x112c  RtHDVBg - ok
23:18:13.0604 0x112c  [ C1F24E96BCF43327BC6D47F4A72092F7, 2FC02DC2763D9486F93D37C69F19C646D61DCF2446D1DAC50F1DA8BB47FD70D0 ] C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
23:18:13.0643 0x112c  WavesSvc - ok
23:18:13.0714 0x112c  [ 2EFD6AD223D2650B9B822374EE311CCA, EE4A6DE21DFAB55E870BBE27E924344D7BF765E5F2A356FCC1AFFA6EA56D52C1 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
23:18:13.0762 0x112c  RtHDVBg_PushButton - ok
23:18:13.0822 0x112c  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
23:18:13.0830 0x112c  HP Software Update - ok
23:18:13.0839 0x112c  Ovsdics - ok
23:18:13.0912 0x112c  [ F46E33B5A378DC24BB57DAA42D0FA140, 8AD91827830F327B04D863E501C991EBAFF735F3C22D287A25084F6C52272C8D ] C:\Windows\SysWOW64\regsvr32.exe
23:18:13.0919 0x112c  Atntworks - ok
23:18:13.0920 0x112c  fastweb - ok
23:18:14.0594 0x112c  [ 6DD1DBC860FC89FB6FFE34CC3A80E508, AAB976878485CCBB46D007CB70372E5FB0166791E238F44C634ACCF4D8E34216 ] C:\Program Files\CCleaner\CCleaner64.exe
23:18:15.0133 0x112c  CCleaner Monitoring - ok
23:18:15.0157 0x112c  Waiting for KSN requests completion. In queue: 351
23:18:15.0229 0x15f4  Object send P2P result: true
23:18:15.0230 0x15f4  Object required for P2P: [ 53BF05234B2DFBEE008364AF1982C6D9 ] McMPFSvc
23:18:16.0165 0x112c  Waiting for KSN requests completion. In queue: 350
23:18:17.0165 0x112c  Waiting for KSN requests completion. In queue: 350
23:18:17.0986 0x15f4  Object send P2P result: true
23:18:17.0987 0x15f4  Object required for P2P: [ 53BF05234B2DFBEE008364AF1982C6D9 ] McNaiAnn
23:18:18.0166 0x112c  Waiting for KSN requests completion. In queue: 256
23:18:19.0167 0x112c  Waiting for KSN requests completion. In queue: 256
23:18:20.0168 0x112c  Waiting for KSN requests completion. In queue: 256
23:18:20.0833 0x15f4  Object send P2P result: true
23:18:20.0833 0x15f4  Object required for P2P: [ 53BF05234B2DFBEE008364AF1982C6D9 ] McOobeSv2
23:18:21.0169 0x112c  Waiting for KSN requests completion. In queue: 255
23:18:22.0180 0x112c  Waiting for KSN requests completion. In queue: 255
23:18:23.0180 0x112c  Waiting for KSN requests completion. In queue: 255
23:18:23.0581 0x15f4  Object send P2P result: true
23:18:23.0581 0x15f4  Object required for P2P: [ 53BF05234B2DFBEE008364AF1982C6D9 ] mcpltsvc
23:18:24.0181 0x112c  Waiting for KSN requests completion. In queue: 254
23:18:25.0182 0x112c  Waiting for KSN requests completion. In queue: 254
23:18:26.0183 0x112c  Waiting for KSN requests completion. In queue: 254
23:18:26.0411 0x15f4  Object send P2P result: true
23:18:26.0412 0x15f4  Object required for P2P: [ 53BF05234B2DFBEE008364AF1982C6D9 ] McProxy
23:18:27.0183 0x112c  Waiting for KSN requests completion. In queue: 253
23:18:28.0184 0x112c  Waiting for KSN requests completion. In queue: 253
23:18:29.0185 0x112c  Waiting for KSN requests completion. In queue: 253
23:18:29.0186 0x15f4  Object send P2P result: true
23:18:29.0186 0x15f4  Object required for P2P: [ 53BF05234B2DFBEE008364AF1982C6D9 ] MSK80Service
23:18:30.0185 0x112c  Waiting for KSN requests completion. In queue: 252
23:18:31.0186 0x112c  Waiting for KSN requests completion. In queue: 252
23:18:31.0951 0x15f4  Object send P2P result: true
23:18:31.0964 0x15f4  Object required for P2P: [ 9EC833A1AAFDC6A0FC75567DA6DAC26D ] McODS
23:18:32.0186 0x112c  Waiting for KSN requests completion. In queue: 196
23:18:33.0187 0x112c  Waiting for KSN requests completion. In queue: 196
23:18:34.0188 0x112c  Waiting for KSN requests completion. In queue: 196
23:18:34.0755 0x15f4  Object send P2P result: true
23:18:34.0779 0x15f4  Object required for P2P: [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt
23:18:35.0188 0x112c  Waiting for KSN requests completion. In queue: 13
23:18:36.0202 0x112c  Waiting for KSN requests completion. In queue: 13
23:18:37.0213 0x112c  Waiting for KSN requests completion. In queue: 13
23:18:37.0573 0x15f4  Object send P2P result: true
23:18:38.0838 0x112c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
23:18:38.0841 0x112c  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
23:18:38.0844 0x112c  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
23:18:41.0512 0x112c  ============================================================
23:18:41.0512 0x112c  Scan finished
23:18:41.0512 0x112c  ============================================================
23:18:41.0529 0x17a8  Detected object count: 0
23:18:41.0529 0x17a8  Actual detected object count: 0
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ADWCLEANER
 
# AdwCleaner v5.117 - Logfile created 24/05/2016 at 23:25:01
# Updated 15/05/2016 by Xplode
# Database : 2016-05-23.3 [Server]
# Operating system : Windows 8.1 Connected  (X64)
# Username : Administrator - MOMS-PC
# Running from : C:\Users\Administrator\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum
 
***** [ Services ] *****
 
Service Found : WinFindSvc2
Service Found : WinFindSvc
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLL ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Found : HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753}
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\NetStream 1.0
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Window Find Manager
Key Found : HKU\S-1-5-21-451502389-2274476304-1549705108-500\Software\IM
Key Found : HKU\S-1-5-21-451502389-2274476304-1549705108-500\Software\Microsoft\Windows\CurrentVersion\Uninstall\NetStream 1.0
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Key Found : [x64] HKLM\SOFTWARE\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
 
***** [ Web browsers ] *****
 
[C:\Users\Mary\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Mary\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\Mary B\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Mary B\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
 
*************************
 
C:\AdwCleaner\AdwCleaner[S1].txt - [2462 bytes] - [24/05/2016 23:25:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2535 bytes] ##########
 
****With this im pretty sure i DO NOT want anything here because malware bytes already deleted a folder called winfindsvc2 which was created at the time kmspico was, which means its bad***********
And this is the LOG from clearing it.
 

# AdwCleaner v5.117 - Logfile created 24/05/2016 at 23:31:36
# Updated 15/05/2016 by Xplode
# Database : 2016-05-23.3 [Server]
# Operating system : Windows 8.1 Connected  (X64)
# Username : Administrator - MOMS-PC
# Running from : C:\Users\Administrator\Downloads\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum
 
***** [ Services ] *****
 
[-] Service Deleted : WinFindSvc2
[-] Service Deleted : WinFindSvc
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753}
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\NetStream 1.0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Window Find Manager
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Mary\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Mary\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Mary B\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Mary B\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [2368 bytes] - [24/05/2016 23:31:36]
C:\AdwCleaner\AdwCleaner[S1].txt - [2622 bytes] - [24/05/2016 23:25:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2514 bytes] ##########
 


 
JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 8.1 Connected x64 
Ran by Administrator (Administrator) on Tue 05/24/2016 at 23:36:22.65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 5 
 
Successfully deleted: C:\Program Files (x86)\google\chrome\application\chrome.bat (File) 
Successfully deleted: C:\Program Files (x86)\internet explorer\iexplore.bat (File) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\search.lnk (Shortcut) 
Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 05/24/2016 at 23:41:26.61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
ESET
-------------------------------
 

C:\Users\Administrator\AppData\Local\Temp\nsuE3CE.tmp.exe Win32/Adware.ConvertAd.AEY application cleaned by deleting
C:\Users\Administrator\AppData\Roaming\Delta.d Win32/Boaxxe.EJ trojan cleaned by deleting
C:\Users\Mary\AppData\Local\Temp\7zS7035\Optional\HP_IPG_Toolbar_installer.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Mary\Desktop\Mom desktop\Andrea's\rcp_dcomnew_sec_300.exe Win32/Systweak.B potentially unwanted application deleted
C:\Users\Mary\Desktop\Mom desktop\Documents\cbsidlm-cbsi183-CR2_viewer-SEO-75212232.exe a variant of Win32/CNETInstaller.B potentially unwanted application cleaned by deleting
C:\Users\Mary B\Desktop\Mary\AppData\Local\Temp\7zS7035\Optional\HP_IPG_Toolbar_installer.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Mary B\Desktop\Mom desktop\Andrea's\rcp_dcomnew_sec_300.exe Win32/Systweak.B potentially unwanted application deleted
C:\Users\Mary B\Desktop\Mom desktop\Documents\cbsidlm-cbsi183-CR2_viewer-SEO-75212232.exe a variant of Win32/CNETInstaller.B potentially unwanted application cleaned by deleting
C:\Users\Mary B\Downloads\KMSPico 10.1.9.iso multiple threats deleted
C:\Windows.old\Users\Mary\AppData\Local\nsg56F2.tmp Win32/VOPackage.BC potentially unwanted application deleted
C:\Windows.old\Users\Mary\AppData\Local\nskE16A.tmp Win32/VOPackage.BC potentially unwanted application deleted
C:\Windows.old\Users\Mary\AppData\Local\Temp\is45637729\23858720_stp\Generic_vo.exe a variant of Win32/Adware.ConvertAd.QI application cleaned by deleting
C:\Windows.old\Users\Mary\AppData\Local\Temp\is45637729\25455972_stp\Generic_vo.exe a variant of Win32/Adware.ConvertAd.QI application cleaned by deleting
C:\Windows.old\Users\Mary\AppData\Local\Temp\is45637729\895496_stp\Generic_vo.exe a variant of Win32/Adware.ConvertAd.QI application cleaned by deleting
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
 
 
these are all the logs files. What to do next? am i clean now?

Edit: Moved topic from Windows 8 to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:04 PM

Posted 25 May 2016 - 03:23 PM

Reboot the machine/// If still not right run...

ZN3USrZ.png Emsisoft Emergency Kit
  • Click here to download Emsisoft Emergency Kit. The download will automatically start after a moment.
  • Save EmsisoftEmergencyKit.exe to your Desktop.
  • Double click on EmsisoftEmergencyKit.exe (Windows Vista/7/8 users: Accept UAC warning if it is enabled). A screen like this will appear:
    dQVDkTW.png
  • Leave everything as it is, then click Extract. This will unpack Emsisoft Emergency Kit to the EEK folder located in the root drive (usually C:\).
  • Once the extraction is done, an icon qwL1Upn.png will appear on your Desktop. Double click it to start Emsisoft Emergency Kit.
  • Wait for Emsisoft Emergency Kit to finish loading signatures. A screen like this should appear:
    yEgPemv.png
  • Choose Yes, then wait for EEK to finish updating.
  • Choose Malware Scan under the Scan button. When EEK asks to activate PUP detection, choose Yes.
  • Wait for the scan to finish.
    RUeRoi4.png
  • If EEK detects something, all detected items will be displayed. Place a checkmark before everything, then choose Quarantine Selected.
  • If Emsisoft Emergency Kit asks to reboot, please do so immediately.
  • The scan log is located in Logs -> Scan Logs. Click on the entry of the latest scan, choose Export and save the report on your Desktop.
    P7FSALs.png
  • Please Copy and Paste the contents of the scan log in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Steakboy

Steakboy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 AM

Posted 26 May 2016 - 03:08 PM

Emsisoft Emergency Kit - Version 11.0
Last update: 5/26/2016 12:36:47 PM
User account: Moms-pc\Administrator
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 5/26/2016 12:37:33 PM
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN detected: Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN detected: Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS detected: Setting.NoFolderOptions (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS detected: Setting.NoFolderOptions (A)
 
Scanned 81472
Found 8
 
Scan end: 5/26/2016 12:43:49 PM
Scan time: 0:06:16
 
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Setting.NoFolderOptions (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Setting.DisableTaskMgr (A)
 
Quarantined 4
 
Why did it only quarantine 4, but found 8??


#4 Steakboy

Steakboy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 AM

Posted 26 May 2016 - 03:34 PM

also, this picture turns up everytime i log in. 

http://s1077.photobucket.com/user/Benjamin_Busath/media/Untitled_zps7htbhho4.png.html 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:04 PM

Posted 27 May 2016 - 09:21 AM

Picture fails for me

It finds potential threat then reviews them, followed by action.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Steakboy

Steakboy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 AM

Posted 27 May 2016 - 10:58 AM

i reuploaded. try now. 

http://s1077.photobucket.com/user/Benjamin_Busath/media/problem_zps4jopwyc4.png.html 

or

here



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:04 PM

Posted 27 May 2016 - 02:50 PM

Its not unusual to receive such an error after using specialized fix tools.

A "Cannot find...", "Could not run...", "Error loading... or "specific module could not be found" message is usually related to malware that was set to run at startup but has been deleted. Windows is trying to load this file but cannot locate it since the file was mostly likely removed during an anti-virus or anti-malware scan. However, an associated orphaned registry entry remains and is telling Windows to load the file when you boot up. Since the file no longer exists, Windows will display an error message. You need to remove this registry entry so Windows stops searching for the file when it loads.

To resolve this, download Autoruns search for the related entry and then delete it.

Create a new folder on your hard drive called AutoRuns (C:\AutoRuns) and extract (unzip) the file there. (click here if you're not sure how to do this.)
Open the folder and double-click on autoruns.exe to launch it.
Please be patient as it scans and populates the entries.
When done scanning, it will say Ready at the bottom.
Scroll through the list and look for a startup entry related to the file(s) in the error message. spwCdrom.dll
Right-click on the entry and choose delete.
Reboot your computer and see if the startup error returns.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users