Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Heur.JS.Downloader found by Emisoft-spreading via home network?


  • Please log in to reply
41 replies to this topic

#1 Janho

Janho

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 19 October 2016 - 08:06 PM

I believe my desktop computer is infected and that it is now spreading to my other devices via my home network. Heur.JS.Downloader was found by Emisoft – here's the logs:

 

Emsisoft Emergency Kit - Version 11.9

Quarantine log

 

Date Source Event Detection

10/19/2016 3:04:55 PM C:\Users\Jan\AppData\Local\Mozilla\Firefox\Profiles\qtxxxi9w.default\cache2\entries\8A20722A65843E17CBFB9C1CD2FC666EE43C2436 Moved to quarantine Gen:Heur.JS.Downloader.3 ( B)

 

10/19/2016 3:04:55 PM C:\Users\Jan\AppData\Local\Mozilla\Firefox\Profiles\qtxxxi9w.default\cache2\entries\97D1E3D9F7FC500DEDF08DEC397248930EC91E9F Moved to quarantine Gen:Heur.JS.Downloader.3 ( B)

 

10/19/2016 1:39:12 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\CONDUIT Moved to quarantine Application.InstallAd (A)

 

Scans by both Avast Anti-virus and Malwarebytes showed nothing. MS Malicious Software Removal Tool showed 11 infected files while the scan was running, but when it ended it said no infections were found and no list of those 11 files were shown.

 

Prior to today, the only strange thing I've noticed about my desktop was that the mouse began to act up – it often takes 4 or 5 clicks to get something to open; other times one click functions as a double click, e.g., opening a mail message into full screen when I didn't want it to. Actually, this is the second mouse that has started to exhibit this behavior in the past few months. I replaced the first one when it became impossible to navigate anything on the internet with it.

 

Then today, I attempted to log into my Facebook page but was greeted with a notice that my computer is infected with malware and that I needed to download and run a Kapersky virus scanner before I would be allowed to log into FB again.

 

Suspicious of the legitimacy of this notice, instead I logged out and ran the scans I mentioned above.

 

I then logged into FB with my laptop and got right in, no infection warnings. However, there was a message from FB that I was “temporarily restricted from creating open graph actions until tomorrow at 6:28AM”. I have no idea what “open graph actions” even are, so I doubt I was using them.

 

I then typed a post on my home page to alert my friends that I might have been hacked and that if they had gotten any nefarious posts or messages from me, that it wasn't me. Then I signed out. When I attempted to sign back in a little later, I was greeted with the same notice that I got for my desktop, that now the laptop was infected and that I needed to download and run the Kapersky virus program. Again, I opted to log out instead.

 

Meantime, I searched the net and found that this overall appears to be random targeting on FB's part, with numerous testimonies of people who couldn't log into their account, but their spouse could, using the very same, supposedly corrupted computer. And that the anti-virus downloads not only hung up, but inactivated any virus programs the user had on their computer, as well as wiped out restore points and caused other problems. And that it was next to impossible to then find and remove the Kapersky program, once they finally got the full scan to run. This is why I would NOT run the software recommended by FB.

 

So, then I logged into my Apple ipad, via my home network. I did NOT log with my FB app, but instead launched Firefox and only typed in www.facebook.com. Frankly, I was intending to open a new account in a family member's name who does not currently have one just so I could get back on. However, instead of going to the main FB web page, I was taken to a website with the address of eslo.pw with a notice that my “MICROSOFT computer has been blocked”. Note I am on my APPLE ipad – what has that got to do with my Microsoft compter? Unless the infection is spreading to all my devices, via my home network. The notice gave a phone number that I was urged to call immediately to save my MICROSOFT computer's hard drive from crashing. I did not call it.  Here is the link to the full message on the screen:

 

21l20ig.jpg

 

But I was completely unable to close this web page or the browser itself. All I could do was power my ipad off. Every time I went back on and chose Firefox again, that page with the error message came right up. I ended up completely deleting the Firefox app off my ipad.

 

So one of two things seems to be going on. Either I have an infection on my main desktop computer and it is being spread to all my devices via the wifi on my home network or Facebook's site is completely compromised.

 

So now:



  1. What other programs do I need to run to make sure my desktop/laptop/ipad are clean?



  2. What do I do about my router/home wifi network? Are there programs to scan that, should I disable wifi until my various computers are secure? Or further security measures needed, other than the passwords, etc., that are already on my router?



 

My equipment:

HP Desktop – Windows 8.1 Home edition, Intel i5-4460 processor, 3.20Ghz, 8GB RAM, 2 TB hd, 64 BIT OS, X64 PROCESSOR

HP PROBOOK LAPTOP – Windows 7, Professional, Intel i3 M350, 2.27 Ghz, 8GB RAM, 500 GB HD, 64 bit OS.

Apple 2 ipad - OS version 10.0.2, no phone carrier, only home wifi.

Router: Technicolor 8715D, DOCSIS software version 01.EF.04.29.00

 

Thank you for any and all help you can give me. This is a nightmare!  Thanks so much!

 

Regards,

Jan H

 

 



BC AdBot (Login to Remove)

 


#2 boooliyooo

boooliyooo

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 19 October 2016 - 09:36 PM

Hello..

 

First of all, I would like to say that all thanks to your attentiveness and security awareness, you were able to contain the issue on hand.

 

I will like to provide you with some detail of eslo.pw:

 

WHOIS Record Created
Mar 18, 2016
Updated
Mar 30, 2016
Expires
Mar 19, 2017
Registrant Name
WhoisGuard Protected
Registrant Organization
WhoisGuard, Inc.
Registrant Country
Panama
Registrar Name
Namecheap
Email
cd16f7a507c94c20b8e93e69aac9d00c.protect@whoisguard.com

 

It was also part of a Tech Support Scam happened in July'16

 

As for what you might suspect it could be an issue with Heur.JS.Downloader, here's a detailed writeup from Symantec:

https://www.symantec.com/security_response/writeup.jsp?docid=2003-102718-1528-99&tabid=2

 

Since you are quite adept with the knowledge of cyber security, I wonder if you will be able to tweak your firewall/router to block either by:

URL: *.pw (I assumed you don't browse .pw) or;

         elso.pw

 

IP Range/Subnet: 198.54.116.0/24 or;
                             198.54.116.0 - 198.54.116.255

 

Once you do this, try surfing facebook again on your computer and Ipad to see if the connection still persists.



#3 Janho

Janho
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 20 October 2016 - 08:14 AM

Thanks, Boooliyoo, for the fast reply and your help!  Much appreciated!

 

I'm not as adept as you think I am.  I found out how to block on Windows Firewall - but I have only added an Inbound block - do I need to add an outbound block as well?

 

Still have to research how to block on the Technicolor router - it's not the greatest router for configuring (not that I know anything about routers) but after going through six different routers from my cable provider, it's the only one that doesn't drop my connection.

 

And still have to figure out how to block ip's on the ipad.  Will get back to you  when I've got everything blocked.

 

Thanks,

Jan



#4 Janho

Janho
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 20 October 2016 - 08:55 AM

Okay, only have the ip addresses blocked in Windows Firewall on the desktop and laptop.  Cannot find any info on how to block ip addresses on the ipad.  And looked for info on how to block ip addresses on the technicolor router and basically, you can't.  You can block MAC addresses, but not ip addresses.

 

And I just went to my FB page, hit log in, and I still get the message that my computer is infected.  So, need more help!

 

Meantime, will research routers that allow ip address blocking and will have to buy one of those and switch it out.  Meantime, should I disable my wireless?

 

Thanks,

Jan



#5 boooliyooo

boooliyooo

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 20 October 2016 - 08:43 PM

Thanks, Boooliyoo, for the fast reply and your help!  Much appreciated!

 

I'm not as adept as you think I am.  I found out how to block on Windows Firewall - but I have only added an Inbound block - do I need to add an outbound block as well?

 

Still have to research how to block on the Technicolor router - it's not the greatest router for configuring (not that I know anything about routers) but after going through six different routers from my cable provider, it's the only one that doesn't drop my connection.

 

And still have to figure out how to block ip's on the ipad.  Will get back to you  when I've got everything blocked.

 

Thanks,

Jan

Hello,

 

You may try the outbound as well.



#6 Janho

Janho
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 21 October 2016 - 08:54 AM

Added outbound rules, did not help.  And now my VOIP phone is not working either.

 

Are there no suggestions for programs I can run to find out if there are other problems on my system - because this is apparently a home network wide problem.

 

Should I be posting this in the maleware logs forum instead?  I need help here!

Jan



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:01 AM

Posted 24 October 2016 - 02:13 PM

Hello , please do these also.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
>>>

51a46ae42d560-malwarebytes_anti_malware.Malwarebytes Anti-Malware
  • Download MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Janho

Janho
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 24 October 2016 - 06:26 PM

Thanks, Boopme, for your help.

 

Before I post MiniToolBox results, just wanted to know if I should also run all these tools on my laptop.  My entire home system is messed up, including my Ooma Home phone (can't get or make calls) and even my Apple Ipad got a virus notice which locked up Firefox and the only way I could get it to close was to turn the ipad off.  If I should run these tools, I'm guessing I should do that after we finish with the desktop, to avoid confusion - correct?

 

Also, in the directions for Junkware Removal Tool, it says to sut down your protection software - that means the antivirus, correct?  And I already have Malwarebytes installed - should that be closed as well?

 

Thanks,

Jan

 

Here's the MiniToolBox log:

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Jan (administrator) on 24-10-2016 at 17:18:58
Running from "C:\Users\Jan\Desktop"
Microsoft Windows 8.1  (X64)
Model: 550-050qe Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)
Broadcom BCM43142 802.11 bgn Wi-Fi Adapter = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.0.101 metric=1 publish=Yes
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : jans
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : triad.rr.com

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : D8-5D-E2-E4-56-9E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : DA-5D-E2-E4-56-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom BCM43142 802.11 bgn Wi-Fi Adapter
   Physical Address. . . . . . . . . : D8-5D-E2-E4-56-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : triad.rr.com
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 7C-05-07-94-41-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2606:a000:82c6:5e00::2(Preferred) 
   Lease Obtained. . . . . . . . . . : Monday, October 24, 2016 2:33:13 PM
   Lease Expires . . . . . . . . . . : Monday, October 24, 2016 6:18:13 PM
   IPv6 Address. . . . . . . . . . . : 2606:a000:82c6:5e00:ed79:181c:b939:6ab2(Preferred) 
   Temporary IPv6 Address. . . . . . : 2606:a000:82c6:5e00:e8e3:2329:ab53:97ee(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::ed79:181c:b939:6ab2%3(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, October 24, 2016 2:33:16 PM
   Lease Expires . . . . . . . . . . : Monday, October 24, 2016 6:03:20 PM
   Default Gateway . . . . . . . . . : fe80::fe52:8dff:fe44:a816%3
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 58459399
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-5E-C6-30-7C-05-07-94-41-9D
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.triad.rr.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : triad.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3ced:31e5:3f57:ff9b(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3ced:31e5:3f57:ff9b%8(Preferred) 
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 369098752
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-5E-C6-30-7C-05-07-94-41-9D
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:400d:c09::64
	  173.194.206.100
	  173.194.206.113
	  173.194.206.138
	  173.194.206.139
	  173.194.206.101
	  173.194.206.102


Pinging google.com [2607:f8b0:4004:809::200e] with 32 bytes of data:
Reply from 2607:f8b0:4004:809::200e: time=31ms 
Reply from 2607:f8b0:4004:809::200e: time=32ms 

Ping statistics for 2607:f8b0:4004:809::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 31ms, Maximum = 32ms, Average = 31ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
	  2001:4998:58:c02::a9
	  2001:4998:44:204::a7
	  98.139.183.24
	  98.138.253.109
	  206.190.36.45


Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:
Reply from 2001:4998:44:204::a7: time=65ms 
Reply from 2001:4998:44:204::a7: time=73ms 

Ping statistics for 2001:4998:44:204::a7:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 65ms, Maximum = 73ms, Average = 69ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  6...d8 5d e2 e4 56 9e ......Bluetooth Device (Personal Area Network)
  5...da 5d e2 e4 56 9d ......Microsoft Wi-Fi Direct Virtual Adapter
  4...d8 5d e2 e4 56 9d ......Broadcom BCM43142 802.11 bgn Wi-Fi Adapter
  3...7c 05 07 94 41 9d ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  8...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.100     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0    192.168.0.101    192.168.0.100     11
      192.168.0.0    255.255.255.0         On-link     192.168.0.100    266
    192.168.0.100  255.255.255.255         On-link     192.168.0.100    266
    192.168.0.255  255.255.255.255         On-link     192.168.0.100    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.100    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.100    266
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
      169.254.0.0      255.255.0.0    192.168.0.101       1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  3    266 ::/0                     fe80::fe52:8dff:fe44:a816
  1    306 ::1/128                  On-link
  8    306 2001::/32                On-link
  8    306 2001:0:5ef5:79fd:3ced:31e5:3f57:ff9b/128
                                    On-link
  3    266 2606:a000:82c6:5e00::/56 fe80::fe52:8dff:fe44:a816
  3    266 2606:a000:82c6:5e00::/64 On-link
  3    266 2606:a000:82c6:5e00::2/128
                                    On-link
  3    266 2606:a000:82c6:5e00:e8e3:2329:ab53:97ee/128
                                    On-link
  3    266 2606:a000:82c6:5e00:ed79:181c:b939:6ab2/128
                                    On-link
  3    266 fe80::/64                On-link
  8    306 fe80::/64                On-link
  8    306 fe80::3ced:31e5:3f57:ff9b/128
                                    On-link
  3    266 fe80::ed79:181c:b939:6ab2/128
                                    On-link
  1    306 ff00::/8                 On-link
  3    266 ff00::/8                 On-link
  8    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/24/2016 05:10:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (10/24/2016 05:10:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (10/24/2016 03:23:10 PM) (Source: Application Hang) (User: )
Description: The program FoxitPhantomPDF.exe version 7.0.310.226 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 179c

Start Time: 01d22e2bdb7b6aa6

Termination Time: 0

Application Path: C:\Program Files (x86)\Foxit PhantomPDF\FoxitPhantomPDF.exe

Report Id: 489c01c1-9a1f-11e6-82d9-d85de2e4569e

Faulting package full name: 

Faulting package-relative application ID:

Error: (10/22/2016 01:34:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15125

Error: (10/22/2016 01:34:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15125

Error: (10/22/2016 01:34:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/22/2016 07:19:13 AM) (Source: Application Hang) (User: )
Description: The program seamonkey.exe version 43.0.1.5863 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: dcc

Start Time: 01d22c5303190e78

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\SeaMonkey\seamonkey.exe

Report Id: 58dc9740-9849-11e6-82d9-d85de2e4569e

Faulting package full name: 

Faulting package-relative application ID:

Error: (10/20/2016 09:35:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15172

Error: (10/20/2016 09:35:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15172

Error: (10/20/2016 09:35:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (10/24/2016 11:42:21 AM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Windows.

The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x9000000000009.  The name of the file is "<unable to determine file name>".

Error: (10/24/2016 11:42:17 AM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Windows.

The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x9000000000009.  The name of the file is "<unable to determine file name>".

Error: (10/24/2016 11:25:08 AM) (Source: DCOM) (User: jans)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (10/24/2016 11:24:37 AM) (Source: DCOM) (User: jans)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/24/2016 10:03:15 AM) (Source: DCOM) (User: jans)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (10/24/2016 10:02:44 AM) (Source: DCOM) (User: jans)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/24/2016 09:03:06 AM) (Source: DCOM) (User: jans)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (10/24/2016 09:02:35 AM) (Source: DCOM) (User: jans)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/24/2016 08:29:24 AM) (Source: DCOM) (User: jans)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/24/2016 08:28:53 AM) (Source: DCOM) (User: jans)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office Sessions:
=========================
Error: (10/24/2016 05:10:58 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifestC:\Users\Jan\Desktop\esetsmartinstaller_enu.exe

Error: (10/24/2016 05:10:09 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifestC:\Users\Jan\Downloads\esetsmartinstaller_enu.exe

Error: (10/24/2016 03:23:10 PM) (Source: Application Hang)(User: )
Description: FoxitPhantomPDF.exe7.0.310.226179c01d22e2bdb7b6aa60C:\Program Files (x86)\Foxit PhantomPDF\FoxitPhantomPDF.exe489c01c1-9a1f-11e6-82d9-d85de2e4569e

Error: (10/22/2016 01:34:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15125

Error: (10/22/2016 01:34:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15125

Error: (10/22/2016 01:34:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/22/2016 07:19:13 AM) (Source: Application Hang)(User: )
Description: seamonkey.exe43.0.1.5863dcc01d22c5303190e784294967295C:\Program Files (x86)\SeaMonkey\seamonkey.exe58dc9740-9849-11e6-82d9-d85de2e4569e

Error: (10/20/2016 09:35:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15172

Error: (10/20/2016 09:35:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15172

Error: (10/20/2016 09:35:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2016-10-19 20:08:33.041
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-19 20:08:32.811
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-19 20:08:32.580
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-19 20:08:32.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-19 20:08:32.012
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-19 20:08:31.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-19 20:08:31.447
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-19 20:08:31.105
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-19 20:08:30.765
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-19 20:08:30.423
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


=========================== Installed Programs ============================

7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Aquarella version 1.23 (HKLM\...\{42AF5C37-EB7C-442E-AF9F-3208EA29A0E3}}_is1) (Version: 1.23 - JixiPix Software)
Athentech Perfectly Clear (HKLM\...\{FCD153C3-8B54-4C50-B0A6-A12D465DFDD9}) (Version: 1.0.0.122 - Corel Corporation) Hidden
Athentech Perfectly Clear (HKLM-x32\...\_{6CB22877-5117-4C04-84D4-78072AB836FC}) (Version: 1.0.0.122 - Corel Corporation)
Athentech Perfectly Clear (HKLM-x32\...\{6CB22877-5117-4C04-84D4-78072AB836FC}) (Version: 1.0.0.122 - Corel Corporation) Hidden
AutoMagic (HKLM\...\{9E6EB1EC-AB87-4F40-872A-A52EE499E8D0}) (Version: 2.0.2 - Auto FX Software)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.170 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.4.0 - Canon Inc.)
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version:  - )
Canon iP3600 series User Registration (HKLM-x32\...\Canon iP3600 series User Registration) (Version:  - )
Canon iX6800 series On-screen Manual (HKLM-x32\...\Canon iX6800 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon iX6800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iX6800_series) (Version:  - Canon Inc.)
Canon iX6800 series User Registration (HKLM-x32\...\Canon iX6800 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.3.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
Corel AfterShot HDR (HKLM\...\{E871EA56-F403-4B5C-A90C-9A133F31E3AE}) (Version: 1.00.0000 - Corel Corporation)
Corel AfterShot HDR (HKLM-x32\...\{BF2C2583-1B2B-4F3F-B40E-10A0445B983E}) (Version: 1.00.0000 - Corel Corporation)
Corel AfterShot Pro 2 - ICA (HKLM-x32\...\{9D1B9136-1948-42BA-8D4A-FCA5F9A1D645}) (Version: 2.2.2 - Corel Corporation) Hidden
Corel AfterShot Pro 2 - ICA x64 (HKLM\...\{FBBE376F-E586-449C-A521-B32A2DEC841E}) (Version: 2.2.2 - Corel Corporation) Hidden
Corel AfterShot Pro 2 - IPM (HKLM-x32\...\{4A5C0A55-3811-49F2-8435-01FC4BC9103E}) (Version: 2.2.2 - Corel Corporation) Hidden
Corel AfterShot Pro 2 - IPM Content (HKLM-x32\...\{0F0C08FE-FFAC-4C18-A4EF-391F5EB73A15}) (Version: 2.2.2 - Corel Corporation) Hidden
Corel AfterShot Pro 2 - IPM Content x64 (HKLM\...\{556CA6F6-431C-44B2-924D-10B56A31EDB9}) (Version: 2.4.0 - Corel Corporation) Hidden
Corel AfterShot Pro 2 - IPM x64 (HKLM\...\{57A2DB66-77DB-47EB-9DD1-BAA6B69BA8D5}) (Version: 2.4.0 - Corel Corporation) Hidden
Corel AfterShot Pro 2 (HKLM-x32\...\_{9D1B9136-1948-42BA-8D4A-FCA5F9A1D645}) (Version: 2.3.0.99 - Corel Corporation)
Corel AfterShot Pro 2 (HKLM-x32\...\{3FA2C341-BA7B-489D-B2E2-F0E47AC29912}) (Version: 2.3.0 - Corel Corporation) Hidden
Corel AfterShot Pro 2 x64 (HKLM\...\{2608D95D-F113-41DB-A807-B0054F769F9A}) (Version: 2.4.0 - Corel Corporation) Hidden
Corel AfterShot Pro 2(64-bit) (HKLM\...\_{FBBE376F-E586-449C-A521-B32A2DEC841E}) (Version: 2.4.0.119 - Corel Corporation)
Corel KPT Collection (HKLM-x32\...\_{47257E9E-E234-4C74-BD41-FDB44DC206B6}) (Version: 1.0.0.119 - Corel Corporation)
Corel KPT Collection (HKLM-x32\...\{47257E9E-E234-4C74-BD41-FDB44DC206B6}) (Version: 1.0.0.119 - Corel Corporation) Hidden
Corel Painter 13 - IPM (HKLM\...\{85E8F7AD-8A82-43BC-827D-6F474C1280C7}) (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 13 - IPM Content (HKLM\...\{BBDEA835-6E15-4B9B-ACEB-4021DBC6CED5}) (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 2015 (HKLM\...\_{DDB3F5F0-2583-426C-A652-8404AFF3A4D0}) (Version: 14.1.0.1105 - Corel Corporation)
Corel Painter 2016 - Content (HKLM\...\{728D4551-DB51-4D3F-8123-AED69C3F5A57}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - Core (HKLM\...\{D169FC15-DF51-42F5-9C28-B6CFB2218872}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - Corex64 (HKLM\...\{06CAD9DA-8C4F-4C53-ADEC-D37CF0E569B5}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - CT (HKLM\...\{0C0D56B0-429B-4011-BF66-FC2628AA22EF}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - DE (HKLM\...\{7582B55A-4F1F-4727-9EEA-181111E74510}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - EN (HKLM\...\{167574A7-D8B6-4F00-BCE9-CEAA82DC3AC1}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - FR (HKLM\...\{4C381455-7ACC-4DF1-9312-A0B7C859A018}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - IPM (HKLM\...\{84539480-78E2-4EBD-ADE4-298C908605A1}) (Version: 15.1 - Corel Corporation) Hidden
Corel Painter 2016 - IPM Content (HKLM\...\{D8090580-DACC-4687-A637-B97BA5505F89}) (Version: 15.0 - Corel Corporation) Hidden
Corel Painter 2016 - JP (HKLM\...\{84CEC8DC-D6FD-445F-8867-F9603B51B97A}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 (HKLM\...\_{D67BA419-F1DE-42C2-A319-DE5F15A05333}) (Version: 15.1.0.740 - Corel Corporation)
Corel Painter 2017 - Content (HKLM\...\{2E67836E-3087-4F6A-88F6-E30F96618ADC}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - Core (HKLM\...\{05945C4C-CF26-4C7C-BDAF-BA3AF0654EBF}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - Corex64 (HKLM\...\{ABE58ECC-2366-4C3D-8D22-F7C6CFCC68C6}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - CT (HKLM\...\{244AB8D2-9305-40A2-B103-E6C266DDC484}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - DE (HKLM\...\{0F53601B-2091-4811-AE21-62728E4D768C}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - EN (HKLM\...\{CF892806-28B0-49DD-8CD9-6390F56BC202}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - FR (HKLM\...\{65E8DA73-4A21-4A55-8B47-5DB96AFA195A}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - IPM (HKLM\...\{ACC572DA-DF2E-4B0B-8BCA-B6E7E4C6E0F3}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - IPM Content (HKLM\...\{FAD58DDC-E46E-4230-9722-A2A8C7528454}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - JP (HKLM\...\{055A9D5C-B21F-4745-8F29-9CDCB2EA40BF}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 (HKLM\...\_{0EB4382B-8422-4059-8027-3403DE8E8C3F}) (Version: 16.0.0.400 - Corel Corporation)
Corel PaintShop Pro X8 (HKLM-x32\...\_{85C69B9B-F9BD-4A60-BD83-F2B7E081ED39}) (Version: 18.2.0.61 - Corel Corporation)
Corel PaintShop Pro X8 (HKLM-x32\...\{8239357B-E792-4EEB-9F8B-F2535730A315}) (Version: 18.0.0.124 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.3.77 - Corel corporation) Hidden
Creative Content (HKLM-x32\...\_{F50C70EA-E084-49A6-B2CC-7035971AA5E7}) (Version: 1.0.0.123 - Corel Corporation) Hidden
Creative Content (HKLM-x32\...\{F50C70EA-E084-49A6-B2CC-7035971AA5E7}) (Version: 1.0.0.123 - Corel Corporation) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.5017 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4.6121 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4.6121 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.4928 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.9.5103 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.2.1307 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 12.4.22 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.3.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.27.77 - Dropbox, Inc.) Hidden
DVDFab 9.3.1.2 (17/08/2016) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
Evernote v. 5.8.1 (HKLM-x32\...\{4FD2D1C8-8636-11E4-9D21-00163E98E7D6}) (Version: 5.8.1.6061 - Evernote Corp.)
FinePixViewer Resource (HKLM-x32\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation)
FinePixViewer Ver.5.5 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.5 - FUJIFILM Corporation)
FinePixViewer YTUPL (HKLM-x32\...\{65EB09A3-993B-401E-8936-C9708CBFAB26}) (Version: 1.0 - FUJIFILM Corporation)
Foxit PhantomPDF (HKLM-x32\...\{4E32271C-B55A-4CDF-8DB7-88FD1C45927C}) (Version: 7.0.310.226 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GoToMeeting 7.24.0.5636 (HKCU\...\GoToMeeting) (Version: 7.24.0.5636 - CitrixOnline)
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version:  - UltimateOutsider)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{4BF17F05-B2DA-4266-8AEB-09BC9D008EAF}) (Version: 1.3.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 8.1 (HKLM-x32\...\{CF3BE446-3D26-49D3-B202-C9A13511DEEC}) (Version: 1.6.1 - Hewlett-Packard Company)
HP My Display (HKLM-x32\...\{15733AD1-1CEF-459A-9245-0924FC63BDD5}) (Version: 2.10.009 - Portrait Displays, Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7960.5089 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.39 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
ICA (HKLM-x32\...\{85C69B9B-F9BD-4A60-BD83-F2B7E081ED39}) (Version: 18.0.0.124 - Corel Corporation) Hidden
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
IconHandler 64 bit (HKLM\...\{4E82E2E9-668B-4F8A-814A-78E163FCDBCD}) (Version: 2.0 - Corel Corporation) Hidden
Impresso Pro version 1.5.0 (HKLM\...\{D2A71F11-6C95-4B95-B07E-5126C5A1D53E}}_is1) (Version: 1.5.0 - JixiPix Software)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.39 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.39 - Softex Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.27.1012 - Intel Corporation)
IPM_PSP_COM (HKLM-x32\...\{80A28CA4-189A-4EB2-9F76-7845A0A83D2A}) (Version: 18.0.0.124 - Corel Corporation) Hidden
IPM_PSP_COM64 (HKLM\...\{842A3E2E-15B2-4D49-A50F-05964CA93374}) (Version: 18.0.0.124 - Corel Corporation) Hidden
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Lucis Pro 6.0.9 (64-bit) (HKLM\...\{562379C2-E78D-46ED-A995-5F12054B3115}) (Version: 6.0.9.0 - Image Content Technology)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.109.05220 (HKLM-x32\...\{B48AA269-C017-875E-AE23-CE1DCEE07626}) (Version: 2.20.109.05220 - Sony)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Movavi Screen Capture Studio 6 (HKLM-x32\...\Movavi Screen Capture Studio 6) (Version: 6.3.0 - Movavi)
Mozilla Firefox 49.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 en-US)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Painter 2015 - Contentx64 (HKLM\...\{E2D71436-E79B-4EF3-9ACB-4622C77CFEF1}) (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Core (HKLM\...\{313D2845-7967-4ACB-9CF7-CD355F268EEC}) (Version: 14.1.5 - Corel Corporation) Hidden
Painter 2015 - Corex64 (HKLM\...\{8C0965F5-F929-47DF-8785-93E65E3F8E74}) (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - CT (HKLM\...\{D8152135-100D-4F72-8790-81E789198BB5}) (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - DE (HKLM\...\{DFE27B08-651B-42F3-ACC1-769E1E7038DF}) (Version: 14.1.5 - Corel Corporation) Hidden
Painter 2015 - EN (HKLM\...\{53A8611D-EDDB-4943-A4B5-042756ADF10F}) (Version: 14.1.5 - Corel Corporation) Hidden
Painter 2015 - FR (HKLM\...\{83570A31-245C-437D-AF3C-A1558E394C29}) (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Setup Files (HKLM\...\{DDB3F5F0-2583-426C-A652-8404AFF3A4D0}) (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2016 - Setup Files (HKLM\...\{D67BA419-F1DE-42C2-A319-DE5F15A05333}) (Version: 15.1.5 - Corel Corporation) Hidden
Painter 2017 - Setup Files (HKLM\...\{0EB4382B-8422-4059-8027-3403DE8E8C3F}) (Version: 16.0 - Corel Corporation) Hidden
Pastello version 1.0.0 (HKLM\...\{421B7C80-0E1B-4EE6-A7AA-E033B04BD8D3}}_is1) (Version: 1.0.0 - JixiPix Software)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Perfect Effects 9 (HKLM-x32\...\Perfect Effects 9 STD) (Version: 9.5.0 - on1)
PhotoArtista - Haiku version 2.50 (HKLM\...\{34C8D350-9903-4C57-9084-619CF65692D4}}_is1) (Version: 2.50 - JixiPix Software)
PhotoArtista - Sketch version 2.00 (HKLM\...\{B9E4EC18-6E0C-4B3D-B3CF-50EF72362A0A}}_is1) (Version: 2.00 - JixiPix Software)
PhotoDonut (HKCU\...\PhotoDonut 1.0) (Version: 1.0 - Xycod)
Pivot Software (HKLM-x32\...\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}) (Version: 9.03.004 - Portrait Displays, Inc.) Hidden
Portfolio Browser (HKLM-x32\...\{00D3BDAF-C064-4821-89C5-89105F6C738E}) (Version: 6.01.0000 - Nova Development)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
PostworkShop 3.0 32 (HKLM-x32\...\PostworkShop 3 32) (Version:  - )
PSD Codec by Ardfry Imaging, LLC (32 bit) (HKLM-x32\...\{345E25C8-EC20-45D5-A088-C5891FC603D4}) (Version: 1.0.15.0 - Ardfry Imaging, LLC) Hidden
PSD Codec by Ardfry Imaging, LLC (64 bit) (HKLM\...\{AD4E43FF-20E5-4E91-9B10-5BFAB7F66EE2}) (Version: 1.0.15.0 - Ardfry Imaging, LLC) Hidden
PSD CODEC Version 1.6.1.0 (HKLM\...\Ardfry PSD CODEC_is1) (Version: 1.6.1.0 - Ardfry Imaging, LLC)
PSPPContent (HKLM-x32\...\{89E018D8-558F-4051-BB26-64DD9B90DF68}) (Version: 18.0.0.124 - Corel Corporation) Hidden
PSPPHelp (HKLM-x32\...\{88340123-2A5C-48D4-98C1-58C18D12F09C}) (Version: 18.0.0.124 - Corel Corporation) Hidden
PSPPro64 (HKLM\...\{88CFC59F-1491-4359-819F-87DFAFF9CCF4}) (Version: 18.0.0.124 - Corel Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7487 - Realtek Semiconductor Corp.)
Rebelle (HKLM\...\Rebelle_is1) (Version: 1.5.1 - Escape Motions, s.r.o)
SafeZone Stable 1.51.2220.62 (HKLM-x32\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.40.012 - Portrait Displays, Inc.) Hidden
SeaMonkey 2.40 (x86 en-US) (HKLM-x32\...\SeaMonkey 2.40 (x86 en-US)) (Version: 2.40 - Mozilla)
Serif DrawPlus X8 (HKLM\...\{05C14553-9A81-4DA2-A439-B4C79E7D877D}) (Version: 14.0.1.21 - Serif (Europe) Ltd)
Setup (HKLM-x32\...\{8BFA76B5-47DD-4C88-9C9B-7407019F0E13}) (Version: 18.0.0.124 - Corel Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.56 - NVIDIA Corporation) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC)
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz DeNoise 6 (HKLM-x32\...\Topaz DeNoise 6) (Version: 6.0.0 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (64-bit) (HKLM-x32\...\Topaz Fusion Express 2 (64-bit)) (Version: 2.1.1 - Topaz Labs)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz Impression (HKLM\...\Topaz Impression) (Version: 1.1.2 - Topaz Labs, LLC)
Topaz Impression 2 (HKLM\...\Topaz Impression 2) (Version: 2.0.3 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 4 (HKLM-x32\...\Topaz ReMask 4) (Version: 4.0.0 - Topaz Labs, LLC)
Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.1.1 - Topaz Labs, LLC)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs, LLC)
Topaz Texture Effects (HKLM\...\Topaz Texture Effects) (Version: 1.0.1 - Topaz Labs, LLC)
Topaz Texture Effects 2 (HKLM-x32\...\Topaz Texture Effects 2) (Version: 2.0.0 - Topaz Labs, LLC)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.9w3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)

========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 8130.04 MB
Available physical RAM: 6544.42 MB
Total Virtual: 9410.04 MB
Available Virtual: 7450.75 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:1842.63 GB) (Free:1053.35 GB) NTFS
2 Drive d: (Recovery Image) (Fixed) (Total:18.91 GB) (Free:2.42 GB) NTFS
4 Drive f: (Linux Mint 18 Ci) (CDROM) (Total:1.58 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\JANS

Administrator            Guest                    Jan                      


**** End of log ****


#9 Janho

Janho
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 24 October 2016 - 06:34 PM

Here's TDSS Killer Log:

 

19:28:39.0677 0x0e9c  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
19:28:39.0677 0x0e9c  UEFI system
19:29:31.0170 0x0e9c  ============================================================
19:29:31.0170 0x0e9c  Current date / time: 2016/10/24 19:29:31.0170
19:29:31.0170 0x0e9c  SystemInfo:
19:29:31.0170 0x0e9c  
19:29:31.0170 0x0e9c  OS Version: 6.3.9600 ServicePack: 0.0
19:29:31.0170 0x0e9c  Product type: Workstation
19:29:31.0170 0x0e9c  ComputerName: JANS
19:29:31.0170 0x0e9c  UserName: Jan
19:29:31.0170 0x0e9c  Windows directory: C:\windows
19:29:31.0170 0x0e9c  System windows directory: C:\windows
19:29:31.0170 0x0e9c  Running under WOW64
19:29:31.0170 0x0e9c  Processor architecture: Intel x64
19:29:31.0170 0x0e9c  Number of processors: 4
19:29:31.0170 0x0e9c  Page size: 0x1000
19:29:31.0170 0x0e9c  Boot type: Normal boot
19:29:31.0170 0x0e9c  CodeIntegrityOptions = 0x00000001
19:29:31.0170 0x0e9c  ============================================================
19:29:31.0358 0x0e9c  KLMD registered as C:\windows\system32\drivers\07635702.sys
19:29:31.0358 0x0e9c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19
19:29:31.0733 0x0e9c  System UUID: {76440FCB-99E5-7E35-007C-D34675AE86AA}
19:29:32.0561 0x0e9c  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:29:32.0577 0x0e9c  ============================================================
19:29:32.0577 0x0e9c  \Device\Harddisk0\DR0:
19:29:32.0577 0x0e9c  GPT partitions:
19:29:32.0577 0x0e9c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F0EB1CA5-C8CD-4EBF-B87E-2721666E9924}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
19:29:32.0577 0x0e9c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {7C73C309-AEAF-465B-A096-C219086BC0CA}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
19:29:32.0577 0x0e9c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {962DC39A-897C-4D51-99B4-17DC363470B2}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
19:29:32.0577 0x0e9c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2AEE0A96-F5D0-4B02-941C-9EFBB1ABEF8B}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0xE6543800
19:29:32.0577 0x0e9c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E33CBF25-8E19-419B-AF75-B0C36B3062D3}, Name: Basic data partition, StartLBA 0xE6837800, BlocksNum 0x25D1000
19:29:32.0577 0x0e9c  MBR partitions:
19:29:32.0577 0x0e9c  ============================================================
19:29:32.0592 0x0e9c  C: <-> \Device\Harddisk0\DR0\Partition4
19:29:32.0624 0x0e9c  D: <-> \Device\Harddisk0\DR0\Partition5
19:29:32.0624 0x0e9c  ============================================================
19:29:32.0624 0x0e9c  Initialize success
19:29:32.0624 0x0e9c  ============================================================
19:30:00.0347 0x0348  ============================================================
19:30:00.0347 0x0348  Scan started
19:30:00.0347 0x0348  Mode: Manual;
19:30:00.0347 0x0348  ============================================================
19:30:00.0347 0x0348  KSN ping started
19:30:00.0472 0x0348  KSN ping finished: true
19:30:01.0785 0x0348  ================ Scan system memory ========================
19:30:01.0785 0x0348  System memory - ok
19:30:01.0785 0x0348  ================ Scan services =============================
19:30:01.0910 0x0348  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
19:30:01.0925 0x0348  1394ohci - ok
19:30:01.0957 0x0348  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\windows\system32\drivers\3ware.sys
19:30:01.0957 0x0348  3ware - ok
19:30:02.0004 0x0348  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\windows\system32\drivers\ACPI.sys
19:30:02.0019 0x0348  ACPI - ok
19:30:02.0019 0x0348  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\windows\system32\Drivers\acpiex.sys
19:30:02.0019 0x0348  acpiex - ok
19:30:02.0019 0x0348  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
19:30:02.0019 0x0348  acpipagr - ok
19:30:02.0019 0x0348  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
19:30:02.0035 0x0348  AcpiPmi - ok
19:30:02.0035 0x0348  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\windows\System32\drivers\acpitime.sys
19:30:02.0035 0x0348  acpitime - ok
19:30:02.0050 0x0348  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\windows\system32\drivers\ADP80XX.SYS
19:30:02.0066 0x0348  ADP80XX - ok
19:30:02.0082 0x0348  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
19:30:02.0082 0x0348  AeLookupSvc - ok
19:30:02.0113 0x0348  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\windows\system32\drivers\afd.sys
19:30:02.0129 0x0348  AFD - ok
19:30:02.0144 0x0348  [ C9A22A71421B64DA9DC82B3D7EAC95DE, 3B353AA067BC280610C7A3B16238AFE5082E5596F661F5FF5018579CA8888D0E ] agp440          C:\windows\system32\drivers\agp440.sys
19:30:02.0160 0x0348  agp440 - ok
19:30:02.0191 0x0348  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\windows\system32\DRIVERS\ahcache.sys
19:30:02.0191 0x0348  ahcache - ok
19:30:02.0207 0x0348  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\windows\System32\alg.exe
19:30:02.0207 0x0348  ALG - ok
19:30:02.0238 0x0348  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\windows\System32\drivers\amdk8.sys
19:30:02.0238 0x0348  AmdK8 - ok
19:30:02.0269 0x0348  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
19:30:02.0269 0x0348  AmdPPM - ok
19:30:02.0285 0x0348  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\windows\system32\drivers\amdsata.sys
19:30:02.0285 0x0348  amdsata - ok
19:30:02.0300 0x0348  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
19:30:02.0300 0x0348  amdsbs - ok
19:30:02.0316 0x0348  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\windows\system32\drivers\amdxata.sys
19:30:02.0316 0x0348  amdxata - ok
19:30:02.0348 0x0348  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\windows\system32\inetsrv\apphostsvc.dll
19:30:02.0348 0x0348  AppHostSvc - ok
19:30:02.0348 0x0348  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\windows\system32\drivers\appid.sys
19:30:02.0363 0x0348  AppID - ok
19:30:02.0394 0x0348  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\windows\System32\appidsvc.dll
19:30:02.0394 0x0348  AppIDSvc - ok
19:30:02.0410 0x0348  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\windows\System32\appinfo.dll
19:30:02.0410 0x0348  Appinfo - ok
19:30:02.0535 0x0348  [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:30:02.0535 0x0348  Apple Mobile Device Service - ok
19:30:02.0582 0x0348  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\windows\system32\AppReadiness.dll
19:30:02.0598 0x0348  AppReadiness - ok
19:30:02.0629 0x0348  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\windows\system32\appxdeploymentserver.dll
19:30:02.0644 0x0348  AppXSvc - ok
19:30:02.0660 0x0348  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\windows\system32\drivers\arcsas.sys
19:30:02.0660 0x0348  arcsas - ok
19:30:02.0723 0x0348  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:30:02.0723 0x0348  aspnet_state - ok
19:30:02.0754 0x0348  [ 9B480B472D6826E7257C90E2D0EE2954, C52C198602D180011A9345AE6F108EC4B1FD91234AF2E6296B2E39C1888B0D4D ] aswHwid         C:\windows\system32\drivers\aswHwid.sys
19:30:02.0754 0x0348  aswHwid - ok
19:30:02.0785 0x0348  [ 06362BBA1347CBA0996F4B39BB1D8353, 0C6B7B085F13FB7C71E2AF481CD216C6ACB63577DC7E2793182F734378C141DA ] aswKbd          C:\windows\system32\drivers\aswKbd.sys
19:30:02.0785 0x0348  aswKbd - ok
19:30:02.0801 0x0348  [ 1BB00571CC2C78463ABD7E9C32970758, BF523468754CB1628D66F28B06FAF7C545C5724801B04888517A2FB4BF9582BF ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
19:30:02.0816 0x0348  aswMonFlt - ok
19:30:02.0832 0x0348  [ 7010B57D708DA5C9686A5923EE621776, 5A554B8941C156EC341C602F34679A7475802B19EE6A99AA29AE2628A123ECB1 ] aswRdr          C:\windows\system32\drivers\aswRdr2.sys
19:30:02.0848 0x0348  aswRdr - ok
19:30:02.0894 0x0348  [ 937885085BFE5BD08EC1BC0245DD203B, 6DDD89245EEA3B8106C5F2EB6FA8CF525F3B42AA7032276DE78953E06FE7F4B4 ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
19:30:02.0894 0x0348  aswRvrt - ok
19:30:02.0973 0x0348  [ 0B6352251C5D84130DF4252D33D266C2, C6A2E0074A7FCFB5799949431F5660B9AF6441001EA9B609F7B3900F4007EBD0 ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
19:30:02.0988 0x0348  aswSnx - ok
19:30:03.0019 0x0348  [ 28213B34725B18387CC1B8C3D73858A1, D86113D89C62F090B393B68B522581248AEF3568F8FD0FF86B3625F2E6DD4DB8 ] aswSP           C:\windows\system32\drivers\aswSP.sys
19:30:03.0019 0x0348  aswSP - ok
19:30:03.0066 0x0348  [ 9C58B6E9663D0A76D00D83E43C765BDF, 3F474932E77318CD450A3A9C89667D2B26A7E3FAB9AA95D97FF3B1979623A7F2 ] aswStm          C:\windows\system32\drivers\aswStm.sys
19:30:03.0066 0x0348  aswStm - ok
19:30:03.0098 0x0348  [ D60D9201739400F0FBDB9E36A3212D91, 01A17516AB7F4D2C72E2DC51F7B49D1C4F50F564992F78A71E73821D7F8220E7 ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
19:30:03.0098 0x0348  aswVmm - ok
19:30:03.0113 0x0348  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
19:30:03.0129 0x0348  AsyncMac - ok
19:30:03.0129 0x0348  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\windows\system32\drivers\atapi.sys
19:30:03.0129 0x0348  atapi - ok
19:30:03.0176 0x0348  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
19:30:03.0176 0x0348  AudioEndpointBuilder - ok
19:30:03.0207 0x0348  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\windows\System32\Audiosrv.dll
19:30:03.0223 0x0348  Audiosrv - ok
19:30:03.0285 0x0348  [ F4E0580B5789474385E7ACB189C4AF2C, DB5BE2C852AC102AB8EB186362E582E250B843BA52B3B71AF08A5FDA8A6F91AF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:30:03.0301 0x0348  avast! Antivirus - ok
19:30:03.0332 0x0348  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\windows\System32\AxInstSV.dll
19:30:03.0348 0x0348  AxInstSV - ok
19:30:03.0394 0x0348  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
19:30:03.0410 0x0348  b06bdrv - ok
19:30:03.0426 0x0348  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
19:30:03.0426 0x0348  BasicDisplay - ok
19:30:03.0441 0x0348  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
19:30:03.0441 0x0348  BasicRender - ok
19:30:03.0457 0x0348  [ F8FE7E12F8151E0A17C23CF840599F9A, 5D1AA3A5DAC08B521A7BE775F32434AFF1F5F19B69CD16D2D94B0D399E61C371 ] bcbtums         C:\windows\system32\drivers\bcbtums.sys
19:30:03.0457 0x0348  bcbtums - ok
19:30:03.0629 0x0348  [ B8AC710FDB3D0DA8A8C14CC5E3407AF2, 58C74616AE25945F2A409603854904C5A93665AE4B2F3B2509C884DD84BDC1F7 ] BCM43XX         C:\windows\system32\DRIVERS\bcmwl63a.sys
19:30:03.0754 0x0348  BCM43XX - ok
19:30:03.0816 0x0348  [ 43907773F7563AF4DF0999D47522E802, 2563666842008E202B6A64435F06169A259D6DC56D16AF7359114C20A4FA4400 ] BcmBtRSupport   C:\windows\system32\BtwRSupportService.exe
19:30:03.0848 0x0348  BcmBtRSupport - ok
19:30:03.0863 0x0348  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\windows\System32\drivers\bcmfn2.sys
19:30:03.0863 0x0348  bcmfn2 - ok
19:30:03.0894 0x0348  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\windows\System32\bdesvc.dll
19:30:03.0894 0x0348  BDESVC - ok
19:30:03.0910 0x0348  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\windows\system32\drivers\Beep.sys
19:30:03.0910 0x0348  Beep - ok
19:30:03.0973 0x0348  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\windows\System32\bfe.dll
19:30:03.0988 0x0348  BFE - ok
19:30:04.0035 0x0348  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\windows\System32\qmgr.dll
19:30:04.0051 0x0348  BITS - ok
19:30:04.0082 0x0348  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:30:04.0082 0x0348  Bonjour Service - ok
19:30:04.0098 0x0348  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\windows\system32\DRIVERS\bowser.sys
19:30:04.0098 0x0348  bowser - ok
19:30:04.0129 0x0348  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
19:30:04.0129 0x0348  BrokerInfrastructure - ok
19:30:04.0144 0x0348  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\windows\System32\browser.dll
19:30:04.0144 0x0348  Browser - ok
19:30:04.0160 0x0348  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
19:30:04.0160 0x0348  BthAvrcpTg - ok
19:30:04.0207 0x0348  [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
19:30:04.0207 0x0348  BthEnum - ok
19:30:04.0254 0x0348  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
19:30:04.0254 0x0348  BthHFEnum - ok
19:30:04.0285 0x0348  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
19:30:04.0285 0x0348  bthhfhid - ok
19:30:04.0348 0x0348  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\windows\System32\BthHFSrv.dll
19:30:04.0348 0x0348  BthHFSrv - ok
19:30:04.0379 0x0348  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\windows\system32\DRIVERS\BthLEEnum.sys
19:30:04.0379 0x0348  BthLEEnum - ok
19:30:04.0395 0x0348  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
19:30:04.0395 0x0348  BTHMODEM - ok
19:30:04.0426 0x0348  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\windows\System32\drivers\bthpan.sys
19:30:04.0426 0x0348  BthPan - ok
19:30:04.0473 0x0348  [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
19:30:04.0488 0x0348  BTHPORT - ok
19:30:04.0504 0x0348  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\windows\system32\bthserv.dll
19:30:04.0504 0x0348  bthserv - ok
19:30:04.0504 0x0348  [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
19:30:04.0504 0x0348  BTHUSB - ok
19:30:04.0520 0x0348  [ 51B7FE7C14BE06F422A92C9A210AF1B7, BEF0E1CEA91CBE71E24E28DE65DE4896F3B6DAAC1D66A4440868F31936496DCA ] btwampfl        C:\windows\system32\DRIVERS\btwampfl.sys
19:30:04.0535 0x0348  btwampfl - ok
19:30:04.0551 0x0348  [ B562128A79C03A5915E207990EF0CA94, 6C9BB6AAF68CCB19EE7B60CEF5F0151A26B5FDD5D6ADD235DBFC1F62692FD1A9 ] BtwSerialBus    C:\windows\System32\drivers\BtwSerialBus.sys
19:30:04.0551 0x0348  BtwSerialBus - ok
19:30:04.0567 0x0348  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
19:30:04.0567 0x0348  cdfs - ok
19:30:04.0582 0x0348  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\windows\System32\drivers\cdrom.sys
19:30:04.0582 0x0348  cdrom - ok
19:30:04.0598 0x0348  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\windows\System32\certprop.dll
19:30:04.0598 0x0348  CertPropSvc - ok
19:30:04.0613 0x0348  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\windows\System32\drivers\circlass.sys
19:30:04.0629 0x0348  circlass - ok
19:30:04.0629 0x0348  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\windows\system32\drivers\CLFS.sys
19:30:04.0645 0x0348  CLFS - ok
19:30:04.0660 0x0348  [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
19:30:04.0660 0x0348  CLVirtualDrive - ok
19:30:04.0676 0x0348  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
19:30:04.0676 0x0348  CmBatt - ok
19:30:04.0723 0x0348  [ 5CBF8B3E27D824D2AA2A34AFB406F1D0, 955AF1307C02D2B4DEEB150F37F77B8631C0F3C450037C233E9E27D6571B0265 ] CNG             C:\windows\system32\Drivers\cng.sys
19:30:04.0723 0x0348  CNG - ok
19:30:04.0738 0x0348  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
19:30:04.0738 0x0348  CompositeBus - ok
19:30:04.0738 0x0348  COMSysApp - ok
19:30:04.0754 0x0348  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\windows\system32\drivers\condrv.sys
19:30:04.0754 0x0348  condrv - ok
19:30:04.0770 0x0348  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\windows\system32\cryptsvc.dll
19:30:04.0770 0x0348  CryptSvc - ok
19:30:04.0770 0x0348  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\windows\system32\drivers\dam.sys
19:30:04.0785 0x0348  dam - ok
19:30:04.0848 0x0348  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:30:04.0848 0x0348  dbupdate - ok
19:30:04.0863 0x0348  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:30:04.0879 0x0348  dbupdatem - ok
19:30:04.0879 0x0348  dbx - ok
19:30:04.0926 0x0348  [ A8352D11F8E2F7E8FA0BD6F8EF599C61, 72B9F8B96433CCFE5CC9FB786BF976068BDDC04D39F9F3BCFA5132E61A97C3FD ] DbxSvc          C:\windows\system32\DbxSvc.exe
19:30:04.0926 0x0348  DbxSvc - ok
19:30:05.0004 0x0348  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\windows\system32\rpcss.dll
19:30:05.0035 0x0348  DcomLaunch - ok
19:30:05.0051 0x0348  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\windows\System32\defragsvc.dll
19:30:05.0051 0x0348  defragsvc - ok
19:30:05.0067 0x0348  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\windows\system32\das.dll
19:30:05.0082 0x0348  DeviceAssociationService - ok
19:30:05.0098 0x0348  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
19:30:05.0098 0x0348  DeviceInstall - ok
19:30:05.0129 0x0348  [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
19:30:05.0145 0x0348  Dfsc - ok
19:30:05.0160 0x0348  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\windows\system32\dhcpcore.dll
19:30:05.0160 0x0348  Dhcp - ok
19:30:05.0176 0x0348  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\windows\system32\drivers\disk.sys
19:30:05.0192 0x0348  disk - ok
19:30:05.0207 0x0348  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
19:30:05.0207 0x0348  dmvsc - ok
19:30:05.0223 0x0348  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\windows\System32\dnsrslvr.dll
19:30:05.0223 0x0348  Dnscache - ok
19:30:05.0238 0x0348  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\windows\System32\dot3svc.dll
19:30:05.0254 0x0348  dot3svc - ok
19:30:05.0254 0x0348  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\windows\system32\dps.dll
19:30:05.0254 0x0348  DPS - ok
19:30:05.0270 0x0348  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
19:30:05.0270 0x0348  drmkaud - ok
19:30:05.0285 0x0348  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
19:30:05.0285 0x0348  DsmSvc - ok
19:30:05.0317 0x0348  [ D5B9C2FFEAF59AE1AE79A056BE6ED181, 3F58EDD63E4DC4E0662BD164B76B6E2A899B93F9BE7EF07889495B0E7B9EF91D ] DTSRVC          C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
19:30:05.0317 0x0348  DTSRVC - ok
19:30:05.0379 0x0348  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
19:30:05.0395 0x0348  DXGKrnl - ok
19:30:05.0410 0x0348  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\windows\system32\DRIVERS\e1i63x64.sys
19:30:05.0426 0x0348  e1iexpress - ok
19:30:05.0426 0x0348  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\windows\System32\eapsvc.dll
19:30:05.0442 0x0348  Eaphost - ok
19:30:05.0504 0x0348  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\windows\system32\drivers\evbda.sys
19:30:05.0567 0x0348  ebdrv - ok
19:30:05.0582 0x0348  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\windows\System32\lsass.exe
19:30:05.0582 0x0348  EFS - ok
19:30:05.0582 0x0348  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
19:30:05.0582 0x0348  EhStorClass - ok
19:30:05.0614 0x0348  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
19:30:05.0614 0x0348  EhStorTcgDrv - ok
19:30:05.0614 0x0348  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\windows\System32\drivers\errdev.sys
19:30:05.0629 0x0348  ErrDev - ok
19:30:05.0660 0x0348  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\windows\system32\es.dll
19:30:05.0660 0x0348  EventSystem - ok
19:30:05.0676 0x0348  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\windows\system32\drivers\exfat.sys
19:30:05.0676 0x0348  exfat - ok
19:30:05.0692 0x0348  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\windows\system32\drivers\fastfat.sys
19:30:05.0692 0x0348  fastfat - ok
19:30:05.0707 0x0348  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\windows\system32\fxssvc.exe
19:30:05.0723 0x0348  Fax - ok
19:30:05.0723 0x0348  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\windows\System32\drivers\fdc.sys
19:30:05.0723 0x0348  fdc - ok
19:30:05.0739 0x0348  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\windows\system32\fdPHost.dll
19:30:05.0739 0x0348  fdPHost - ok
19:30:05.0754 0x0348  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\windows\system32\fdrespub.dll
19:30:05.0754 0x0348  FDResPub - ok
19:30:05.0770 0x0348  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\windows\system32\fhsvc.dll
19:30:05.0770 0x0348  fhsvc - ok
19:30:05.0785 0x0348  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
19:30:05.0785 0x0348  FileInfo - ok
19:30:05.0785 0x0348  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\windows\system32\drivers\filetrace.sys
19:30:05.0785 0x0348  Filetrace - ok
19:30:05.0785 0x0348  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
19:30:05.0801 0x0348  flpydisk - ok
19:30:05.0801 0x0348  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
19:30:05.0801 0x0348  FltMgr - ok
19:30:05.0879 0x0348  [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache       C:\windows\system32\FntCache.dll
19:30:05.0910 0x0348  FontCache - ok
19:30:05.0942 0x0348  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:30:05.0942 0x0348  FontCache3.0.0.0 - ok
19:30:05.0942 0x0348  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
19:30:05.0942 0x0348  FsDepends - ok
19:30:05.0957 0x0348  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
19:30:05.0957 0x0348  Fs_Rec - ok
19:30:05.0973 0x0348  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
19:30:05.0973 0x0348  fvevol - ok
19:30:05.0989 0x0348  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
19:30:05.0989 0x0348  FxPPM - ok
19:30:05.0989 0x0348  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
19:30:05.0989 0x0348  gagp30kx - ok
19:30:06.0004 0x0348  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
19:30:06.0004 0x0348  gencounter - ok
19:30:06.0051 0x0348  [ B0463138D3F872E3D2EC0C4C471AC067, CB0342294BD49732572C81A721DFFA531A031D65A640BF46A5C5AD0B1ACF6AED ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:30:06.0067 0x0348  GfExperienceService - ok
19:30:06.0082 0x0348  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
19:30:06.0098 0x0348  GPIOClx0101 - ok
19:30:06.0129 0x0348  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\windows\System32\gpsvc.dll
19:30:06.0160 0x0348  gpsvc - ok
19:30:06.0270 0x0348  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:30:06.0285 0x0348  gupdate - ok
19:30:06.0301 0x0348  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:30:06.0301 0x0348  gupdatem - ok
19:30:06.0332 0x0348  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:30:06.0332 0x0348  HdAudAddService - ok
19:30:06.0348 0x0348  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
19:30:06.0348 0x0348  HDAudBus - ok
19:30:06.0364 0x0348  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
19:30:06.0364 0x0348  HidBatt - ok
19:30:06.0426 0x0348  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\windows\System32\drivers\hidbth.sys
19:30:06.0426 0x0348  HidBth - ok
19:30:06.0442 0x0348  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
19:30:06.0442 0x0348  hidi2c - ok
19:30:06.0457 0x0348  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\windows\System32\drivers\hidir.sys
19:30:06.0457 0x0348  HidIr - ok
19:30:06.0504 0x0348  [ D42E350C3F5B9DDCE7BDDB109B413109, F015CCAB3719B1834DF3EE0265D905675C743F116526A2882B6077E540B8A74F ] hidkmdf         C:\windows\System32\drivers\hidkmdf.sys
19:30:06.0504 0x0348  hidkmdf - ok
19:30:06.0520 0x0348  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\windows\system32\hidserv.dll
19:30:06.0520 0x0348  hidserv - ok
19:30:06.0536 0x0348  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
19:30:06.0536 0x0348  HidUsb - ok
19:30:06.0567 0x0348  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\windows\system32\kmsvc.dll
19:30:06.0567 0x0348  hkmsvc - ok
19:30:06.0582 0x0348  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:30:06.0598 0x0348  HomeGroupListener - ok
19:30:06.0629 0x0348  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:30:06.0629 0x0348  HomeGroupProvider - ok
19:30:06.0676 0x0348  [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:30:06.0676 0x0348  HP Support Assistant Service - ok
19:30:06.0723 0x0348  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
19:30:06.0739 0x0348  hpqwmiex - ok
19:30:06.0739 0x0348  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
19:30:06.0754 0x0348  HpSAMD - ok
19:30:06.0801 0x0348  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\windows\system32\drivers\HTTP.sys
19:30:06.0817 0x0348  HTTP - ok
19:30:06.0817 0x0348  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
19:30:06.0817 0x0348  hwpolicy - ok
19:30:06.0832 0x0348  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
19:30:06.0832 0x0348  hyperkbd - ok
19:30:06.0832 0x0348  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
19:30:06.0832 0x0348  HyperVideo - ok
19:30:06.0864 0x0348  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
19:30:06.0864 0x0348  i8042prt - ok
19:30:06.0895 0x0348  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\windows\System32\drivers\iaLPSSi_GPIO.sys
19:30:06.0973 0x0348  iaLPSSi_GPIO - ok
19:30:06.0989 0x0348  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\windows\System32\drivers\iaLPSSi_I2C.sys
19:30:06.0989 0x0348  iaLPSSi_I2C - ok
19:30:07.0051 0x0348  [ 47813F2DB651B54F1D3B44848E6CB4F9, 85FD9CEE050C5564EA4665B9B99B58E713217D8CBB5B85A075CA8C0C23D50388 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
19:30:07.0067 0x0348  iaStorA - ok
19:30:07.0082 0x0348  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\windows\system32\drivers\iaStorAV.sys
19:30:07.0098 0x0348  iaStorAV - ok
19:30:07.0114 0x0348  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
19:30:07.0114 0x0348  iaStorV - ok
19:30:07.0114 0x0348  IEEtwCollectorService - ok
19:30:07.0176 0x0348  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\windows\System32\ikeext.dll
19:30:07.0192 0x0348  IKEEXT - ok
19:30:07.0301 0x0348  [ 734E92848983F17822B4F71C5F912C6C, 1A11816FF47CA73270AFCCB57B85A4AA9CDCFAEA21D129062694484677AA601D ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
19:30:07.0379 0x0348  IntcAzAudAddService - ok
19:30:07.0426 0x0348  [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:30:07.0473 0x0348  Intel® Capability Licensing Service TCP IP Interface - ok
19:30:07.0473 0x0348  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\windows\system32\drivers\intelide.sys
19:30:07.0473 0x0348  intelide - ok
19:30:07.0489 0x0348  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\windows\system32\drivers\intelpep.sys
19:30:07.0489 0x0348  intelpep - ok
19:30:07.0489 0x0348  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\windows\System32\drivers\intelppm.sys
19:30:07.0489 0x0348  intelppm - ok
19:30:07.0504 0x0348  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
19:30:07.0504 0x0348  IpFilterDriver - ok
19:30:07.0551 0x0348  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
19:30:07.0567 0x0348  iphlpsvc - ok
19:30:07.0567 0x0348  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
19:30:07.0567 0x0348  IPMIDRV - ok
19:30:07.0583 0x0348  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
19:30:07.0583 0x0348  IPNAT - ok
19:30:07.0614 0x0348  [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:30:07.0629 0x0348  iPod Service - ok
19:30:07.0645 0x0348  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\windows\system32\drivers\irenum.sys
19:30:07.0645 0x0348  IRENUM - ok
19:30:07.0661 0x0348  [ 6DD083DF4C681F8E384BF211664FA7F1, 59F88BC5A1F5895A9A7CDD25B782B8AD96A5646F4156DD8F1DC4A8C97810BBF2 ] isapnp          C:\windows\system32\drivers\isapnp.sys
19:30:07.0661 0x0348  isapnp - ok
19:30:07.0676 0x0348  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
19:30:07.0676 0x0348  iScsiPrt - ok
19:30:07.0723 0x0348  [ 2749D828991C160D1D8E7A06A0A95D93, 6F590E3A8F295D367A23938E062AEB0D904CDD8B8262B1EBB1208369587EA186 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
19:30:07.0723 0x0348  jhi_service - ok
19:30:07.0754 0x0348  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
19:30:07.0754 0x0348  kbdclass - ok
19:30:07.0770 0x0348  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
19:30:07.0770 0x0348  kbdhid - ok
19:30:07.0786 0x0348  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
19:30:07.0786 0x0348  kdnic - ok
19:30:07.0801 0x0348  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\windows\system32\lsass.exe
19:30:07.0801 0x0348  KeyIso - ok
19:30:07.0848 0x0348  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
19:30:07.0848 0x0348  KSecDD - ok
19:30:07.0879 0x0348  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
19:30:07.0879 0x0348  KSecPkg - ok
19:30:07.0895 0x0348  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
19:30:07.0895 0x0348  ksthunk - ok
19:30:07.0942 0x0348  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\windows\system32\msdtckrm.dll
19:30:07.0958 0x0348  KtmRm - ok
19:30:07.0973 0x0348  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\windows\system32\srvsvc.dll
19:30:07.0989 0x0348  LanmanServer - ok
19:30:08.0004 0x0348  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:30:08.0004 0x0348  LanmanWorkstation - ok
19:30:08.0036 0x0348  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\windows\System32\GeofenceMonitorService.dll
19:30:08.0051 0x0348  lfsvc - ok
19:30:08.0051 0x0348  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
19:30:08.0067 0x0348  lltdio - ok
19:30:08.0067 0x0348  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\windows\System32\lltdsvc.dll
19:30:08.0082 0x0348  lltdsvc - ok
19:30:08.0098 0x0348  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\windows\System32\lmhsvc.dll
19:30:08.0098 0x0348  lmhosts - ok
19:30:08.0129 0x0348  [ 9C30978597D52AD8EA319BABE6112AAE, 50A63FB33797D79D688CA86600693FA4BD668588FAE0F67D9725ACDD20445D2E ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:30:08.0145 0x0348  LMS - ok
19:30:08.0161 0x0348  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
19:30:08.0161 0x0348  LSI_SAS - ok
19:30:08.0161 0x0348  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
19:30:08.0161 0x0348  LSI_SAS2 - ok
19:30:08.0176 0x0348  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\windows\system32\drivers\lsi_sas3.sys
19:30:08.0176 0x0348  LSI_SAS3 - ok
19:30:08.0176 0x0348  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
19:30:08.0176 0x0348  LSI_SSS - ok
19:30:08.0207 0x0348  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\windows\System32\lsm.dll
19:30:08.0223 0x0348  LSM - ok
19:30:08.0223 0x0348  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\windows\system32\drivers\luafv.sys
19:30:08.0223 0x0348  luafv - ok
19:30:08.0239 0x0348  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\windows\system32\drivers\megasas.sys
19:30:08.0239 0x0348  megasas - ok
19:30:08.0270 0x0348  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\windows\system32\drivers\megasr.sys
19:30:08.0270 0x0348  megasr - ok
19:30:08.0286 0x0348  [ F90198317AFD70357583CCD6474A7CB3, 0F9E426FE6A92C914DC5BBA80840ECBBB78826510C3066362A012F3314D0CFDB ] MEIx64          C:\windows\system32\DRIVERS\TeeDriverx64.sys
19:30:08.0301 0x0348  MEIx64 - ok
19:30:08.0301 0x0348  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\windows\system32\mmcss.dll
19:30:08.0301 0x0348  MMCSS - ok
19:30:08.0317 0x0348  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\windows\system32\drivers\modem.sys
19:30:08.0317 0x0348  Modem - ok
19:30:08.0317 0x0348  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\windows\System32\drivers\monitor.sys
19:30:08.0333 0x0348  monitor - ok
19:30:08.0333 0x0348  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\windows\System32\drivers\mouclass.sys
19:30:08.0333 0x0348  mouclass - ok
19:30:08.0333 0x0348  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\windows\System32\drivers\mouhid.sys
19:30:08.0333 0x0348  mouhid - ok
19:30:08.0364 0x0348  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
19:30:08.0379 0x0348  mountmgr - ok
19:30:08.0411 0x0348  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:30:08.0411 0x0348  MozillaMaintenance - ok
19:30:08.0426 0x0348  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
19:30:08.0442 0x0348  mpsdrv - ok
19:30:08.0489 0x0348  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\windows\system32\mpssvc.dll
19:30:08.0504 0x0348  MpsSvc - ok
19:30:08.0536 0x0348  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
19:30:08.0536 0x0348  MRxDAV - ok
19:30:08.0583 0x0348  [ 3AF30CEB99E581E2FADA0B5FC4B551D8, 59BDE83C10D6F31E13B81FC317F1DE0E00793FBA288EAF844E29CFA0EB184502 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
19:30:08.0583 0x0348  mrxsmb - ok
19:30:08.0598 0x0348  [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
19:30:08.0598 0x0348  mrxsmb10 - ok
19:30:08.0614 0x0348  [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
19:30:08.0614 0x0348  mrxsmb20 - ok
19:30:08.0629 0x0348  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
19:30:08.0629 0x0348  MsBridge - ok
19:30:08.0645 0x0348  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\windows\System32\msdtc.exe
19:30:08.0645 0x0348  MSDTC - ok
19:30:08.0661 0x0348  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\windows\system32\drivers\Msfs.sys
19:30:08.0661 0x0348  Msfs - ok
19:30:08.0676 0x0348  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
19:30:08.0676 0x0348  msgpiowin32 - ok
19:30:08.0676 0x0348  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
19:30:08.0676 0x0348  mshidkmdf - ok
19:30:08.0692 0x0348  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
19:30:08.0692 0x0348  mshidumdf - ok
19:30:08.0692 0x0348  [ 47C3046FB84F260E6ADB300F0F9C65A9, 97FE61A4881DB09F013027C277AD371B45B731AD88A42C602244438B9BB7457C ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
19:30:08.0692 0x0348  msisadrv - ok
19:30:08.0723 0x0348  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\windows\system32\iscsiexe.dll
19:30:08.0723 0x0348  MSiSCSI - ok
19:30:08.0723 0x0348  msiserver - ok
19:30:08.0723 0x0348  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
19:30:08.0739 0x0348  MSKSSRV - ok
19:30:08.0739 0x0348  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
19:30:08.0739 0x0348  MsLldp - ok
19:30:08.0754 0x0348  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
19:30:08.0754 0x0348  MSPCLOCK - ok
19:30:08.0754 0x0348  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
19:30:08.0754 0x0348  MSPQM - ok
19:30:08.0770 0x0348  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
19:30:08.0770 0x0348  MsRPC - ok
19:30:08.0786 0x0348  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
19:30:08.0786 0x0348  mssmbios - ok
19:30:08.0786 0x0348  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
19:30:08.0786 0x0348  MSTEE - ok
19:30:08.0786 0x0348  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
19:30:08.0786 0x0348  MTConfig - ok
19:30:08.0801 0x0348  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\windows\system32\Drivers\mup.sys
19:30:08.0801 0x0348  Mup - ok
19:30:08.0817 0x0348  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\windows\system32\drivers\mvumis.sys
19:30:08.0817 0x0348  mvumis - ok
19:30:08.0833 0x0348  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\windows\system32\qagentRT.dll
19:30:08.0848 0x0348  napagent - ok
19:30:08.0864 0x0348  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
19:30:08.0864 0x0348  NativeWifiP - ok
19:30:08.0879 0x0348  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\windows\System32\ncasvc.dll
19:30:08.0879 0x0348  NcaSvc - ok
19:30:08.0895 0x0348  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\windows\System32\ncbservice.dll
19:30:08.0895 0x0348  NcbService - ok
19:30:08.0942 0x0348  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
19:30:08.0942 0x0348  NcdAutoSetup - ok
19:30:09.0020 0x0348  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\windows\system32\drivers\ndis.sys
19:30:09.0036 0x0348  NDIS - ok
19:30:09.0051 0x0348  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
19:30:09.0051 0x0348  NdisCap - ok
19:30:09.0067 0x0348  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
19:30:09.0067 0x0348  NdisImPlatform - ok
19:30:09.0083 0x0348  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
19:30:09.0083 0x0348  NdisTapi - ok
19:30:09.0098 0x0348  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
19:30:09.0098 0x0348  Ndisuio - ok
19:30:09.0114 0x0348  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\windows\System32\drivers\NdisVirtualBus.sys
19:30:09.0114 0x0348  NdisVirtualBus - ok
19:30:09.0129 0x0348  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
19:30:09.0129 0x0348  NdisWan - ok
19:30:09.0129 0x0348  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\windows\system32\DRIVERS\ndiswan.sys
19:30:09.0145 0x0348  NdisWanLegacy - ok
19:30:09.0176 0x0348  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
19:30:09.0176 0x0348  NDProxy - ok
19:30:09.0192 0x0348  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\windows\system32\drivers\Ndu.sys
19:30:09.0192 0x0348  Ndu - ok
19:30:09.0208 0x0348  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
19:30:09.0208 0x0348  NetBIOS - ok
19:30:09.0239 0x0348  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
19:30:09.0254 0x0348  NetBT - ok
19:30:09.0254 0x0348  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\windows\system32\lsass.exe
19:30:09.0254 0x0348  Netlogon - ok
19:30:09.0270 0x0348  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\windows\System32\netman.dll
19:30:09.0286 0x0348  Netman - ok
19:30:09.0301 0x0348  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\windows\System32\netprofmsvc.dll
19:30:09.0301 0x0348  netprofm - ok
19:30:09.0348 0x0348  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:30:09.0395 0x0348  NetTcpPortSharing - ok
19:30:09.0411 0x0348  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\windows\System32\drivers\netvsc63.sys
19:30:09.0411 0x0348  netvsc - ok
19:30:09.0426 0x0348  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\windows\System32\nlasvc.dll
19:30:09.0442 0x0348  NlaSvc - ok
19:30:09.0458 0x0348  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\windows\system32\drivers\Npfs.sys
19:30:09.0458 0x0348  Npfs - ok
19:30:09.0458 0x0348  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
19:30:09.0473 0x0348  npsvctrig - ok
19:30:09.0473 0x0348  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\windows\system32\nsisvc.dll
19:30:09.0473 0x0348  nsi - ok
19:30:09.0489 0x0348  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
19:30:09.0489 0x0348  nsiproxy - ok
19:30:09.0520 0x0348  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
19:30:09.0551 0x0348  Ntfs - ok
19:30:09.0567 0x0348  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\windows\system32\drivers\Null.sys
19:30:09.0567 0x0348  Null - ok
19:30:09.0583 0x0348  [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA           C:\windows\system32\drivers\nvhda64v.sys
19:30:09.0583 0x0348  NVHDA - ok
19:30:09.0864 0x0348  [ B5CA32E1FF073627BDA00278A21AE966, 3A462D489C5F8587E4341D2C3B3C8E3DF6DDB0C4FD4DF4102E0E378CCB69908B ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
19:30:10.0145 0x0348  nvlddmkm - ok
19:30:10.0223 0x0348  [ E55893C3A3E328810583555652EEB4DC, 52AA52B6AC99B8D77A60706B27C4F4F514EDB2F0CFF8608266F4B3C76D1158E9 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:30:10.0255 0x0348  NvNetworkService - ok
19:30:10.0270 0x0348  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\windows\system32\drivers\nvraid.sys
19:30:10.0270 0x0348  nvraid - ok
19:30:10.0270 0x0348  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\windows\system32\drivers\nvstor.sys
19:30:10.0286 0x0348  nvstor - ok
19:30:10.0301 0x0348  [ E8804B858EB4A18C0B386C58DBEBB7C8, 5A47435AB323D2E7BE487DFC4D0197999C2C4E618C42D9910210E134345FF4A4 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:30:10.0301 0x0348  NvStreamKms - ok
19:30:10.0661 0x0348  [ 8A6985CB27B206910F3903E14B8742D1, FC55D8BD60FBA6ABF6DB111C1E90DA64D0E2460F71F35F752987E75D9AF05D69 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
19:30:10.0880 0x0348  NvStreamSvc - ok
19:30:10.0927 0x0348  [ 29FF627926A44B030CFBAF0FB4F98973, EFBBC15DE8B0B6E69E3712B0CE65E36463D87EE716669C649E4FB7341DD3E66C ] nvsvc           C:\windows\system32\nvvsvc.exe
19:30:10.0942 0x0348  nvsvc - ok
19:30:10.0958 0x0348  [ 17D21ADA263B31EEDB7EA344AEA4F2E7, 7F6DE0A27DAE8040AC5EA806759A91A61E6AA24717627083508195D21B95FA37 ] NVSWCFilter     C:\windows\System32\drivers\nvswcfilter.sys
19:30:10.0958 0x0348  NVSWCFilter - ok
19:30:10.0958 0x0348  [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\windows\system32\drivers\nvvad64v.sys
19:30:10.0973 0x0348  nvvad_WaveExtensible - ok
19:30:10.0989 0x0348  [ CCBB4C5E3967F7798A6DC22935C80ABB, DE7CCE69E823DC6723BE1DF04901D598908E5311C181AB5739272DE6AE7BA521 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
19:30:10.0989 0x0348  nv_agp - ok
19:30:11.0036 0x0348  [ A3909B56B2B195ACA5313D1B264CDE0F, CB9EDA6EB57C99EC61B6E16C13FBB374A5FA5AA40BFEB1E222CBC5E91EA05387 ] omniserv        C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
19:30:11.0036 0x0348  omniserv - ok
19:30:11.0067 0x0348  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
19:30:11.0083 0x0348  p2pimsvc - ok
19:30:11.0098 0x0348  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\windows\system32\p2psvc.dll
19:30:11.0114 0x0348  p2psvc - ok
19:30:11.0161 0x0348  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\windows\System32\drivers\parport.sys
19:30:11.0161 0x0348  Parport - ok
19:30:11.0208 0x0348  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\windows\system32\drivers\partmgr.sys
19:30:11.0208 0x0348  partmgr - ok
19:30:11.0239 0x0348  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\windows\System32\pcasvc.dll
19:30:11.0255 0x0348  PcaSvc - ok
19:30:11.0286 0x0348  [ 4C5E95E6D6BB3014E94D7205B1DDA4B2, BAD8EAF34236F52BCA7F52C1B52A52D53E9C3BC413934B929B209FF840B9C1DA ] pci             C:\windows\system32\drivers\pci.sys
19:30:11.0286 0x0348  pci - ok
19:30:11.0302 0x0348  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\windows\system32\drivers\pciide.sys
19:30:11.0302 0x0348  pciide - ok
19:30:11.0317 0x0348  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
19:30:11.0317 0x0348  pcmcia - ok
19:30:11.0333 0x0348  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\windows\system32\drivers\pcw.sys
19:30:11.0333 0x0348  pcw - ok
19:30:11.0349 0x0348  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\windows\system32\drivers\pdc.sys
19:30:11.0349 0x0348  pdc - ok
19:30:11.0380 0x0348  [ DD2CDBEB55480E40E4D84F59D6A214B1, C028F92BBA049C0A4C428D9B69797C85EA6224CBC53E467BA62FC463C61BE664 ] PdiService      C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
19:30:11.0380 0x0348  PdiService - ok
19:30:11.0411 0x0348  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
19:30:11.0427 0x0348  PEAUTH - ok
19:30:11.0458 0x0348  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\windows\SysWow64\perfhost.exe
19:30:11.0489 0x0348  PerfHost - ok
19:30:11.0552 0x0348  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\windows\system32\pla.dll
19:30:11.0583 0x0348  pla - ok
19:30:11.0598 0x0348  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\windows\system32\umpnpmgr.dll
19:30:11.0598 0x0348  PlugPlay - ok
19:30:11.0614 0x0348  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
19:30:11.0614 0x0348  PNRPAutoReg - ok
19:30:11.0630 0x0348  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
19:30:11.0630 0x0348  PNRPsvc - ok
19:30:11.0677 0x0348  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
19:30:11.0692 0x0348  PolicyAgent - ok
19:30:11.0708 0x0348  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\windows\system32\umpo.dll
19:30:11.0708 0x0348  Power - ok
19:30:11.0723 0x0348  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
19:30:11.0723 0x0348  PptpMiniport - ok
19:30:11.0848 0x0348  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll
19:30:11.0942 0x0348  PrintNotify - ok
19:30:11.0973 0x0348  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\windows\System32\drivers\processr.sys
19:30:11.0973 0x0348  Processor - ok
19:30:12.0020 0x0348  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\windows\system32\profsvc.dll
19:30:12.0036 0x0348  ProfSvc - ok
19:30:12.0052 0x0348  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
19:30:12.0067 0x0348  Psched - ok
19:30:12.0130 0x0348  [ 16783D49B6931414BAD1B2368ADD9656, 596F28B0F1DBC8AC3A43FE00A890AF088CA837DA3BB227411FD76C4D27BF27E9 ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
19:30:12.0130 0x0348  PSI_SVC_2 - ok
19:30:12.0224 0x0348  [ 6C112DA6C86DB7FB2C50522EFDDA706A, 46BB9970F3C58E47143C133B34423ABE5D19F2A865280852CE672BF57EC2F98A ] PSI_SVC_2_x64   c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
19:30:12.0239 0x0348  PSI_SVC_2_x64 - ok
19:30:12.0255 0x0348  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\windows\system32\qwave.dll
19:30:12.0270 0x0348  QWAVE - ok
19:30:12.0286 0x0348  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
19:30:12.0286 0x0348  QWAVEdrv - ok
19:30:12.0286 0x0348  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
19:30:12.0286 0x0348  RasAcd - ok
19:30:12.0302 0x0348  [ 3EE5097945A7F680E320953271EB2D4F, 0B9F2B458177A654F65C5E862B7C55B35E20271B76D5E20A20F30D3223A1216F ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
19:30:12.0302 0x0348  RasAgileVpn - ok
19:30:12.0317 0x0348  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\windows\System32\rasauto.dll
19:30:12.0317 0x0348  RasAuto - ok
19:30:12.0333 0x0348  [ 1BD3022FD6E450B00DE560265638FD2A, 3878B443053DFFED62641BE8736891F426C7121EB8C4DB38FF0F218697133A6D ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
19:30:12.0333 0x0348  Rasl2tp - ok
19:30:12.0349 0x0348  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\windows\System32\rasmans.dll
19:30:12.0364 0x0348  RasMan - ok
19:30:12.0380 0x0348  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
19:30:12.0380 0x0348  RasPppoe - ok
19:30:12.0380 0x0348  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
19:30:12.0380 0x0348  RasSstp - ok
19:30:12.0411 0x0348  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
19:30:12.0411 0x0348  rdbss - ok
19:30:12.0427 0x0348  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
19:30:12.0427 0x0348  rdpbus - ok
19:30:12.0442 0x0348  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
19:30:12.0442 0x0348  RDPDR - ok
19:30:12.0458 0x0348  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
19:30:12.0458 0x0348  RdpVideoMiniport - ok
19:30:12.0458 0x0348  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
19:30:12.0474 0x0348  rdyboost - ok
19:30:12.0489 0x0348  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\windows\system32\drivers\ReFS.sys
19:30:12.0505 0x0348  ReFS - ok
19:30:12.0536 0x0348  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\windows\System32\mprdim.dll
19:30:12.0552 0x0348  RemoteAccess - ok
19:30:12.0552 0x0348  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\windows\system32\regsvc.dll
19:30:12.0552 0x0348  RemoteRegistry - ok
19:30:12.0599 0x0348  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
19:30:12.0599 0x0348  RFCOMM - ok
19:30:12.0677 0x0348  [ 9E18DF158751CF968E7DF83256D70233, 89385DA5ABD283F289E37D7D9E33358B06216E9B3659B2E70F19FD5BA49C7F90 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
19:30:12.0692 0x0348  RichVideo64 - ok
19:30:12.0708 0x0348  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
19:30:12.0724 0x0348  RpcEptMapper - ok
19:30:12.0724 0x0348  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\windows\system32\locator.exe
19:30:12.0739 0x0348  RpcLocator - ok
19:30:12.0770 0x0348  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\windows\system32\rpcss.dll
19:30:12.0786 0x0348  RpcSs - ok
19:30:12.0802 0x0348  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
19:30:12.0802 0x0348  rspndr - ok
19:30:12.0802 0x0348  RSUSBSTOR - ok
19:30:12.0833 0x0348  [ 55B2F67A9764B30AA32AD58915A92FA5, E6137D1F275BD72A50296E226E475BB98A2D244D693475C15BCE6E66C0EB8466 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
19:30:12.0833 0x0348  RtkAudioService - ok
19:30:12.0864 0x0348  [ BDADF1B669FDF8D498B7D7DF402A4359, F6737C525731538CB34A5D5F9C09B4EC4BEFD1187CC04711AAB940C6F80A2F3F ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
19:30:12.0880 0x0348  RTL8168 - ok
19:30:12.0895 0x0348  [ AB959F26FBB851A9D31E2F229DB3FA1A, 35961B761C83B48DBB9960C6DEC89806F3BC9FA0F450E566333ABE3F22E42AA9 ] RTSUER          C:\windows\system32\Drivers\RtsUer.sys
19:30:12.0895 0x0348  RTSUER - ok
19:30:12.0911 0x0348  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
19:30:12.0911 0x0348  s3cap - ok
19:30:12.0927 0x0348  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\windows\system32\lsass.exe
19:30:12.0927 0x0348  SamSs - ok
19:30:12.0942 0x0348  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
19:30:12.0942 0x0348  sbp2port - ok
19:30:12.0958 0x0348  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\windows\System32\SCardSvr.dll
19:30:12.0958 0x0348  SCardSvr - ok
19:30:12.0974 0x0348  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\windows\System32\ScDeviceEnum.dll
19:30:12.0974 0x0348  ScDeviceEnum - ok
19:30:12.0989 0x0348  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
19:30:12.0989 0x0348  scfilter - ok
19:30:13.0036 0x0348  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\windows\system32\schedsvc.dll
19:30:13.0067 0x0348  Schedule - ok
19:30:13.0083 0x0348  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\windows\System32\certprop.dll
19:30:13.0083 0x0348  SCPolicySvc - ok
19:30:13.0114 0x0348  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\windows\System32\drivers\sdbus.sys
19:30:13.0130 0x0348  sdbus - ok
19:30:13.0145 0x0348  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\windows\System32\drivers\sdstor.sys
19:30:13.0145 0x0348  sdstor - ok
19:30:13.0161 0x0348  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
19:30:13.0161 0x0348  secdrv - ok
19:30:13.0192 0x0348  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\windows\system32\seclogon.dll
19:30:13.0192 0x0348  seclogon - ok
19:30:13.0208 0x0348  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\windows\System32\sens.dll
19:30:13.0208 0x0348  SENS - ok
19:30:13.0224 0x0348  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
19:30:13.0239 0x0348  SensrSvc - ok
19:30:13.0239 0x0348  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\windows\system32\drivers\SerCx.sys
19:30:13.0255 0x0348  SerCx - ok
19:30:13.0255 0x0348  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\windows\system32\drivers\SerCx2.sys
19:30:13.0255 0x0348  SerCx2 - ok
19:30:13.0286 0x0348  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\windows\System32\drivers\serenum.sys
19:30:13.0286 0x0348  Serenum - ok
19:30:13.0317 0x0348  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\windows\System32\drivers\serial.sys
19:30:13.0317 0x0348  Serial - ok
19:30:13.0333 0x0348  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\windows\System32\drivers\sermouse.sys
19:30:13.0349 0x0348  sermouse - ok
19:30:13.0380 0x0348  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\windows\system32\sessenv.dll
19:30:13.0396 0x0348  SessionEnv - ok
19:30:13.0411 0x0348  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
19:30:13.0411 0x0348  sfloppy - ok
19:30:13.0458 0x0348  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\windows\System32\ipnathlp.dll
19:30:13.0474 0x0348  SharedAccess - ok
19:30:13.0489 0x0348  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:30:13.0505 0x0348  ShellHWDetection - ok
19:30:13.0521 0x0348  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
19:30:13.0521 0x0348  SiSRaid2 - ok
19:30:13.0536 0x0348  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
19:30:13.0536 0x0348  SiSRaid4 - ok
19:30:13.0552 0x0348  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\windows\System32\smphost.dll
19:30:13.0552 0x0348  smphost - ok
19:30:13.0567 0x0348  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
19:30:13.0567 0x0348  SNMPTRAP - ok
19:30:13.0614 0x0348  [ B312191DCBECE3C07DF9A99DE433B126, D9D9028331C703CE9B9EC75772D29BB04FE43B3A7895F8CBB3AC701CA0548F8D ] spaceport       C:\windows\system32\drivers\spaceport.sys
19:30:13.0630 0x0348  spaceport - ok
19:30:13.0630 0x0348  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
19:30:13.0630 0x0348  SpbCx - ok
19:30:13.0661 0x0348  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\windows\System32\spoolsv.exe
19:30:13.0677 0x0348  Spooler - ok
19:30:13.0833 0x0348  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\windows\system32\sppsvc.exe
19:30:13.0989 0x0348  sppsvc - ok
19:30:14.0021 0x0348  [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv             C:\windows\system32\DRIVERS\srv.sys
19:30:14.0021 0x0348  srv - ok
19:30:14.0036 0x0348  [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
19:30:14.0052 0x0348  srv2 - ok
19:30:14.0067 0x0348  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
19:30:14.0067 0x0348  srvnet - ok
19:30:14.0083 0x0348  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
19:30:14.0099 0x0348  SSDPSRV - ok
19:30:14.0114 0x0348  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\windows\system32\sstpsvc.dll
19:30:14.0114 0x0348  SstpSvc - ok
19:30:14.0130 0x0348  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\windows\system32\drivers\stexstor.sys
19:30:14.0130 0x0348  stexstor - ok
19:30:14.0146 0x0348  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\windows\System32\wiaservc.dll
19:30:14.0177 0x0348  stisvc - ok
19:30:14.0192 0x0348  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\windows\system32\drivers\storahci.sys
19:30:14.0192 0x0348  storahci - ok
19:30:14.0208 0x0348  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\windows\system32\drivers\vmstorfl.sys
19:30:14.0208 0x0348  storflt - ok
19:30:14.0224 0x0348  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\windows\system32\drivers\stornvme.sys
19:30:14.0224 0x0348  stornvme - ok
19:30:14.0239 0x0348  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\windows\system32\storsvc.dll
19:30:14.0239 0x0348  StorSvc - ok
19:30:14.0239 0x0348  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\windows\system32\drivers\storvsc.sys
19:30:14.0239 0x0348  storvsc - ok
19:30:14.0255 0x0348  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\windows\system32\svsvc.dll
19:30:14.0255 0x0348  svsvc - ok
19:30:14.0271 0x0348  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\windows\System32\drivers\swenum.sys
19:30:14.0271 0x0348  swenum - ok
19:30:14.0349 0x0348  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:30:14.0364 0x0348  SwitchBoard - ok
19:30:14.0396 0x0348  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\windows\System32\swprv.dll
19:30:14.0411 0x0348  swprv - ok
19:30:14.0489 0x0348  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\windows\system32\sysmain.dll
19:30:14.0521 0x0348  SysMain - ok
19:30:14.0552 0x0348  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
19:30:14.0567 0x0348  SystemEventsBroker - ok
19:30:14.0567 0x0348  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\windows\System32\TabSvc.dll
19:30:14.0583 0x0348  TabletInputService - ok
19:30:14.0599 0x0348  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\windows\System32\tapisrv.dll
19:30:14.0599 0x0348  TapiSrv - ok
19:30:14.0692 0x0348  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
19:30:14.0739 0x0348  Tcpip - ok
19:30:14.0786 0x0348  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
19:30:14.0817 0x0348  TCPIP6 - ok
19:30:14.0849 0x0348  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
19:30:14.0849 0x0348  tcpipreg - ok
19:30:14.0864 0x0348  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
19:30:14.0864 0x0348  tdx - ok
19:30:14.0880 0x0348  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\windows\System32\drivers\terminpt.sys
19:30:14.0880 0x0348  terminpt - ok
19:30:14.0942 0x0348  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\windows\System32\termsrv.dll
19:30:14.0958 0x0348  TermService - ok
19:30:14.0974 0x0348  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\windows\system32\themeservice.dll
19:30:14.0974 0x0348  Themes - ok
19:30:14.0989 0x0348  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\windows\system32\mmcss.dll
19:30:14.0989 0x0348  THREADORDER - ok
19:30:15.0005 0x0348  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
19:30:15.0005 0x0348  TimeBroker - ok
19:30:15.0036 0x0348  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\windows\system32\drivers\tpm.sys
19:30:15.0036 0x0348  TPM - ok
19:30:15.0052 0x0348  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\windows\System32\trkwks.dll
19:30:15.0067 0x0348  TrkWks - ok
19:30:15.0099 0x0348  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:30:15.0099 0x0348  TrustedInstaller - ok
19:30:15.0114 0x0348  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
19:30:15.0114 0x0348  TsUsbFlt - ok
19:30:15.0114 0x0348  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
19:30:15.0114 0x0348  TsUsbGD - ok
19:30:15.0161 0x0348  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
19:30:15.0161 0x0348  tunnel - ok
19:30:15.0177 0x0348  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\windows\system32\drivers\uagp35.sys
19:30:15.0177 0x0348  uagp35 - ok
19:30:15.0192 0x0348  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
19:30:15.0192 0x0348  UASPStor - ok
19:30:15.0239 0x0348  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
19:30:15.0239 0x0348  UCX01000 - ok
19:30:15.0271 0x0348  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\windows\system32\DRIVERS\udfs.sys
19:30:15.0286 0x0348  udfs - ok
19:30:15.0302 0x0348  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\windows\System32\drivers\UEFI.sys
19:30:15.0302 0x0348  UEFI - ok
19:30:15.0302 0x0348  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\windows\system32\UI0Detect.exe
19:30:15.0302 0x0348  UI0Detect - ok
19:30:15.0317 0x0348  [ 078FA1A6FDEDCA26A5AD2E049F563A08, D95A634FDDF257BF73CAFE4ECD3DAB208B1132A69CD908A698B5798BEA92F48A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
19:30:15.0317 0x0348  uliagpkx - ok
19:30:15.0317 0x0348  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\windows\System32\drivers\umbus.sys
19:30:15.0333 0x0348  umbus - ok
19:30:15.0333 0x0348  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\windows\System32\drivers\umpass.sys
19:30:15.0333 0x0348  UmPass - ok
19:30:15.0349 0x0348  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\windows\System32\umrdp.dll
19:30:15.0364 0x0348  UmRdpService - ok
19:30:15.0380 0x0348  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\windows\System32\upnphost.dll
19:30:15.0396 0x0348  upnphost - ok
19:30:15.0427 0x0348  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\windows\System32\Drivers\usbaapl64.sys
19:30:15.0427 0x0348  USBAAPL64 - ok
19:30:15.0443 0x0348  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
19:30:15.0443 0x0348  usbccgp - ok
19:30:15.0458 0x0348  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\windows\System32\drivers\usbcir.sys
19:30:15.0458 0x0348  usbcir - ok
19:30:15.0489 0x0348  [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci         C:\windows\System32\drivers\usbehci.sys
19:30:15.0505 0x0348  usbehci - ok
19:30:15.0505 0x0348  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\windows\System32\drivers\usbhub.sys
19:30:15.0521 0x0348  usbhub - ok
19:30:15.0568 0x0348  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
19:30:15.0568 0x0348  USBHUB3 - ok
19:30:15.0599 0x0348  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\windows\System32\drivers\usbohci.sys
19:30:15.0599 0x0348  usbohci - ok
19:30:15.0614 0x0348  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\windows\System32\drivers\usbprint.sys
19:30:15.0614 0x0348  usbprint - ok
19:30:15.0646 0x0348  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
19:30:15.0646 0x0348  usbscan - ok
19:30:15.0677 0x0348  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
19:30:15.0677 0x0348  USBSTOR - ok
19:30:15.0693 0x0348  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
19:30:15.0708 0x0348  usbuhci - ok
19:30:15.0739 0x0348  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
19:30:15.0755 0x0348  USBXHCI - ok
19:30:15.0755 0x0348  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\windows\system32\lsass.exe
19:30:15.0755 0x0348  VaultSvc - ok
19:30:15.0771 0x0348  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
19:30:15.0771 0x0348  vdrvroot - ok
19:30:15.0802 0x0348  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\windows\System32\vds.exe
19:30:15.0818 0x0348  vds - ok
19:30:15.0833 0x0348  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
19:30:15.0849 0x0348  VerifierExt - ok
19:30:15.0864 0x0348  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
19:30:15.0880 0x0348  vhdmp - ok
19:30:15.0896 0x0348  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\windows\system32\drivers\viaide.sys
19:30:15.0896 0x0348  viaide - ok
19:30:15.0911 0x0348  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\windows\system32\drivers\vmbus.sys
19:30:15.0911 0x0348  vmbus - ok
19:30:15.0911 0x0348  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
19:30:15.0911 0x0348  VMBusHID - ok
19:30:15.0943 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\windows\System32\ICSvc.dll
19:30:15.0958 0x0348  vmicguestinterface - ok
19:30:15.0958 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
19:30:15.0974 0x0348  vmicheartbeat - ok
19:30:15.0989 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\windows\System32\ICSvc.dll
19:30:15.0989 0x0348  vmickvpexchange - ok
19:30:16.0005 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\windows\System32\ICSvc.dll
19:30:16.0005 0x0348  vmicrdv - ok
19:30:16.0021 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\windows\System32\ICSvc.dll
19:30:16.0021 0x0348  vmicshutdown - ok
19:30:16.0036 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\windows\System32\ICSvc.dll
19:30:16.0036 0x0348  vmictimesync - ok
19:30:16.0052 0x0348  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\windows\System32\ICSvc.dll
19:30:16.0052 0x0348  vmicvss - ok
19:30:16.0099 0x0348  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\windows\system32\drivers\volmgr.sys
19:30:16.0099 0x0348  volmgr - ok
19:30:16.0130 0x0348  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
19:30:16.0146 0x0348  volmgrx - ok
19:30:16.0161 0x0348  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\windows\system32\drivers\volsnap.sys
19:30:16.0177 0x0348  volsnap - ok
19:30:16.0193 0x0348  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\windows\System32\drivers\vpci.sys
19:30:16.0193 0x0348  vpci - ok
19:30:16.0208 0x0348  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
19:30:16.0208 0x0348  vsmraid - ok
19:30:16.0239 0x0348  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\windows\system32\vssvc.exe
19:30:16.0271 0x0348  VSS - ok
19:30:16.0302 0x0348  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
19:30:16.0302 0x0348  VSTXRAID - ok
19:30:16.0333 0x0348  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
19:30:16.0333 0x0348  vwifibus - ok
19:30:16.0365 0x0348  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
19:30:16.0365 0x0348  vwififlt - ok
19:30:16.0380 0x0348  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
19:30:16.0380 0x0348  vwifimp - ok
19:30:16.0396 0x0348  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\windows\system32\w32time.dll
19:30:16.0411 0x0348  W32Time - ok
19:30:16.0427 0x0348  [ A22546B0093EBBDE03C52E56C3391373, 0C28D5C6A4E4EF12ABF0195409CAED17E07DEA22FB330D99FEEF847CBBC04A4E ] w3logsvc        C:\windows\system32\inetsrv\w3logsvc.dll
19:30:16.0443 0x0348  w3logsvc - ok
19:30:16.0474 0x0348  [ A212A4F5D2BB731F9CC6E2C546A0B464, 32828D9A153519D3521F89419DCE91ABB25AD0601A525ED8947C1FA2434DF608 ] WacHidRouter    C:\windows\System32\drivers\wachidrouter.sys
19:30:16.0474 0x0348  WacHidRouter - ok
19:30:16.0489 0x0348  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\windows\System32\drivers\wacompen.sys
19:30:16.0489 0x0348  WacomPen - ok
19:30:16.0489 0x0348  [ E722E0C28881186D1B7E09A66C4D4DA5, 8BAF9D96706EE4251F20E850ECDF4201ADB04C9A8E31FD5C669F75E2299A0414 ] wacomrouterfilter C:\windows\System32\drivers\wacomrouterfilter.sys
19:30:16.0505 0x0348  wacomrouterfilter - ok
19:30:16.0536 0x0348  [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
19:30:16.0552 0x0348  Wanarp - ok
19:30:16.0552 0x0348  [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
19:30:16.0568 0x0348  Wanarpv6 - ok
19:30:16.0614 0x0348  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\windows\system32\inetsrv\iisw3adm.dll
19:30:16.0630 0x0348  WAS - ok
19:30:16.0677 0x0348  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\windows\system32\wbengine.exe
19:30:16.0708 0x0348  wbengine - ok
19:30:16.0724 0x0348  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
19:30:16.0739 0x0348  WbioSrvc - ok
19:30:16.0739 0x0348  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
19:30:16.0755 0x0348  Wcmsvc - ok
19:30:16.0771 0x0348  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\windows\System32\wcncsvc.dll
19:30:16.0771 0x0348  wcncsvc - ok
19:30:16.0786 0x0348  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:30:16.0786 0x0348  WcsPlugInService - ok
19:30:16.0802 0x0348  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
19:30:16.0802 0x0348  WdBoot - ok
19:30:16.0833 0x0348  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
19:30:16.0849 0x0348  Wdf01000 - ok
19:30:16.0849 0x0348  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
19:30:16.0864 0x0348  WdFilter - ok
19:30:16.0880 0x0348  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\windows\system32\wdi.dll
19:30:16.0880 0x0348  WdiServiceHost - ok
19:30:16.0880 0x0348  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\windows\system32\wdi.dll
19:30:16.0880 0x0348  WdiSystemHost - ok
19:30:16.0896 0x0348  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\windows\system32\Drivers\WdNisDrv.sys
19:30:16.0911 0x0348  WdNisDrv - ok
19:30:16.0927 0x0348  WdNisSvc - ok
19:30:16.0958 0x0348  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\windows\System32\webclnt.dll
19:30:16.0958 0x0348  WebClient - ok
19:30:16.0974 0x0348  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\windows\system32\wecsvc.dll
19:30:16.0974 0x0348  Wecsvc - ok
19:30:16.0990 0x0348  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\windows\system32\wephostsvc.dll
19:30:16.0990 0x0348  WEPHOSTSVC - ok
19:30:17.0005 0x0348  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\windows\System32\wercplsupport.dll
19:30:17.0005 0x0348  wercplsupport - ok
19:30:17.0021 0x0348  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\windows\System32\WerSvc.dll
19:30:17.0021 0x0348  WerSvc - ok
19:30:17.0036 0x0348  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
19:30:17.0036 0x0348  WFPLWFS - ok
19:30:17.0052 0x0348  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\windows\System32\wiarpc.dll
19:30:17.0068 0x0348  WiaRpc - ok
19:30:17.0068 0x0348  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
19:30:17.0068 0x0348  WIMMount - ok
19:30:17.0068 0x0348  WinDefend - ok
19:30:17.0115 0x0348  [ 310388D06C11C507226CD7C2D21D5ACE, E8158111566D553B8F0E86C33B5F75AF3A4A3405503927822B80DF64D8DEFB05 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
19:30:17.0130 0x0348  WinHttpAutoProxySvc - ok
19:30:17.0161 0x0348  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
19:30:17.0177 0x0348  Winmgmt - ok
19:30:17.0239 0x0348  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\windows\system32\WsmSvc.dll
19:30:17.0286 0x0348  WinRM - ok
19:30:17.0302 0x0348  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
19:30:17.0302 0x0348  WinUsb - ok
19:30:17.0365 0x0348  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\windows\System32\wlansvc.dll
19:30:17.0380 0x0348  WlanSvc - ok
19:30:17.0427 0x0348  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\windows\system32\wlidsvc.dll
19:30:17.0443 0x0348  wlidsvc - ok
19:30:17.0474 0x0348  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
19:30:17.0474 0x0348  WmiAcpi - ok
19:30:17.0490 0x0348  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
19:30:17.0490 0x0348  wmiApSrv - ok
19:30:17.0505 0x0348  WMPNetworkSvc - ok
19:30:17.0521 0x0348  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\windows\system32\drivers\Wof.sys
19:30:17.0521 0x0348  Wof - ok
19:30:17.0552 0x0348  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\windows\system32\workfolderssvc.dll
19:30:17.0583 0x0348  workfolderssvc - ok
19:30:17.0599 0x0348  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
19:30:17.0599 0x0348  wpcfltr - ok
19:30:17.0599 0x0348  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\windows\System32\wpcsvc.dll
19:30:17.0615 0x0348  WPCSvc - ok
19:30:17.0615 0x0348  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
19:30:17.0630 0x0348  WPDBusEnum - ok
19:30:17.0646 0x0348  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
19:30:17.0646 0x0348  WpdUpFltr - ok
19:30:17.0646 0x0348  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
19:30:17.0646 0x0348  ws2ifsl - ok
19:30:17.0661 0x0348  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\windows\System32\wscsvc.dll
19:30:17.0661 0x0348  wscsvc - ok
19:30:17.0677 0x0348  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\windows\System32\drivers\WSDPrint.sys
19:30:17.0693 0x0348  WSDPrintDevice - ok
19:30:17.0693 0x0348  WSearch - ok
19:30:17.0755 0x0348  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\windows\System32\WSService.dll
19:30:17.0833 0x0348  WSService - ok
19:30:17.0911 0x0348  [ 7183B66F434E6E0CBA2AB0F3A33F0E35, 4C2AE153E0CC9F0879292494BCA0A53E2C11B67437BA4CD943118D973C6F8076 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
19:30:17.0927 0x0348  WTabletServicePro - ok
19:30:18.0068 0x0348  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\windows\system32\wuaueng.dll
19:30:18.0177 0x0348  wuauserv - ok
19:30:18.0193 0x0348  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
19:30:18.0193 0x0348  WudfPf - ok
19:30:18.0208 0x0348  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
19:30:18.0224 0x0348  WUDFRd - ok
19:30:18.0240 0x0348  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
19:30:18.0240 0x0348  wudfsvc - ok
19:30:18.0240 0x0348  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
19:30:18.0255 0x0348  WUDFWpdFs - ok
19:30:18.0255 0x0348  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
19:30:18.0255 0x0348  WUDFWpdMtp - ok
19:30:18.0271 0x0348  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\windows\System32\wwansvc.dll
19:30:18.0286 0x0348  WwanSvc - ok
19:30:18.0286 0x0348  ================ Scan global ===============================
19:30:18.0318 0x0348  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\windows\system32\basesrv.dll
19:30:18.0333 0x0348  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\windows\system32\winsrv.dll
19:30:18.0349 0x0348  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\windows\system32\sxssrv.dll
19:30:18.0396 0x0348  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\windows\system32\services.exe
19:30:18.0427 0x0348  [ Global ] - ok
19:30:18.0427 0x0348  ================ Scan MBR ==================================
19:30:18.0427 0x0348  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:30:18.0427 0x0348  \Device\Harddisk0\DR0 - ok
19:30:18.0427 0x0348  ================ Scan VBR ==================================
19:30:18.0427 0x0348  [ 913B73EED90748CFDD436AFCE669362D ] \Device\Harddisk0\DR0\Partition1
19:30:18.0443 0x0348  \Device\Harddisk0\DR0\Partition1 - ok
19:30:18.0443 0x0348  [ FC58AD446E884730C6FCABC66202B2B2 ] \Device\Harddisk0\DR0\Partition2
19:30:18.0443 0x0348  \Device\Harddisk0\DR0\Partition2 - ok
19:30:18.0458 0x0348  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
19:30:18.0458 0x0348  \Device\Harddisk0\DR0\Partition3 - ok
19:30:18.0458 0x0348  [ 2C39E75B2E317C931150A7EC7DDF58BE ] \Device\Harddisk0\DR0\Partition4
19:30:18.0458 0x0348  \Device\Harddisk0\DR0\Partition4 - ok
19:30:18.0490 0x0348  [ A759CE118FBF7D526BAFE65766D28F42 ] \Device\Harddisk0\DR0\Partition5
19:30:18.0490 0x0348  \Device\Harddisk0\DR0\Partition5 - ok
19:30:18.0490 0x0348  ================ Scan generic autorun ======================
19:30:18.0646 0x0348  [ 0FB69C93DB4A1EABCD53DB7346E5BD19, 04A94E835D94C25B2036A2A70EAA08B1293514DA0F8CB9D830FFF46424FC38C9 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:30:18.0740 0x0348  RTHDVCPL - ok
19:30:18.0833 0x0348  [ DC1C247923B6164206499B652CD548CE, 018BB514BBA2E1C8BB9357E5C1AC33AB191D87D6B57A20158A46C2E46D2346F9 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:30:18.0865 0x0348  NvBackend - ok
19:30:18.0880 0x0348  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\windows\system32\rundll32.exe
19:30:18.0880 0x0348  ShadowPlay - ok
19:30:18.0912 0x0348  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
19:30:18.0927 0x0348  AdobeAAMUpdater-1.0 - ok
19:30:18.0958 0x0348  [ 889E56C58F5AC4242E395E3AD5F7780C, 35AA891112BE86C28C6AF8DF44BFEE342BAB7BDA877917C9B6466204091B9ADE ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
19:30:18.0974 0x0348  Classic Start Menu - ok
19:30:19.0068 0x0348  [ B9CCBA39317F2CE2AE9EC5E94271AD23, C497D5EC8F3DED41AF1FC93CE48D237C54F4C4286E7B633C3ADC2F7D524E8ED8 ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
19:30:19.0083 0x0348  CanonSolutionMenu - ok
19:30:19.0271 0x0348  [ C6EA8429C22C53BC7A738FFEC4831429, BF0B2C1F38F2DDE284C20CA0C4027495F52E52B35B846A1F655C6670816552C8 ] C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
19:30:19.0318 0x0348  GwxControlPanelMonitor - ok
19:30:19.0396 0x0348  [ 9C3F26DCA9142F16ED3D7EE8AB4E417D, 867AD96CB5738266E5BC93E424EA1673881C5F5FBF19C7B699F800C7206CA929 ] C:\Program Files\iTunes\iTunesHelper.exe
19:30:19.0412 0x0348  iTunesHelper - ok
19:30:19.0458 0x0348  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:30:19.0474 0x0348  SwitchBoard - ok
19:30:19.0521 0x0348  [ 27CFFB1E41A2BE2A25957A679BD84E10, 521DC8F3439EAA780AE0DA68B0FC6E671963AF76E165590EA83D2F6896B1C941 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
19:30:19.0521 0x0348  AdobeCS5ServiceManager - ok
19:30:19.0552 0x0348  [ ECB68740144E027E14675E21A3096FDB, 73D0B83F8DB9DA1615BB63BB8017856497315F45214F7CD0D809F452595B5141 ] C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe
19:30:19.0568 0x0348  PivotSoftware - ok
19:30:19.0599 0x0348  [ A8832273D7C7C7198C93AB60C8A96D13, 9FB2C93AF9549976548DA73FD4C673126B74763AC8578C0B36D4B7EAD3EB8C91 ] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe
19:30:19.0599 0x0348  DT HPC - ok
19:30:19.0818 0x0348  [ CC84336ECBD7A97CEE502360AF5CE915, 6B87ACFC8E7628A422F3089BACFB1BA90C1A1F7C883986CFFD1E8DC1BB5A0FCA ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:30:19.0990 0x0348  AvastUI.exe - ok
19:30:20.0068 0x0348  Dropbox - ok
19:30:20.0162 0x0348  [ DFCD94101C5AAE5BDE2F662A60E725EA, ACEF94E75342AE8328C21555B2D640FA80F0110ED0BDE1CB4D3188A8AE9F600F ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
19:30:20.0193 0x0348  CanonQuickMenu - ok
19:30:20.0208 0x0348  [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:30:20.0224 0x0348  SunJavaUpdateSched - ok
19:30:20.0318 0x0348  [ 64BD910F426F389CB1050764AF254E6E, 67341775B3AA1376339984DA3741263A0EC6ADD80A0878E9F5C9529CCDEE7808 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
19:30:20.0318 0x0348  iCloudServices - ok
19:30:20.0349 0x0348  [ 9BF52261C5CB340047DCFA505F5B0DB8, D22AE9148C416836EB2B809CC3AA7B6FCE5ED464C93BEEEF3F272AB837B7F816 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
19:30:20.0349 0x0348  iCloudDrive - ok
19:30:20.0365 0x0348  [ 3957B2BCC2EF4C86C9E153BCF70C150F, 06DB82F9D15ACD11792913C7F69C3F7DA9E824B63BFE56B6495997B67A1760B9 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
19:30:20.0380 0x0348  iCloudPhotos - ok
19:30:20.0380 0x0348  Waiting for KSN requests completion. In queue: 168
19:30:21.0459 0x0348  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60110 ( disabled : outofdate )
19:30:21.0474 0x0348  AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41000 ( enabled : updated )
19:30:21.0474 0x0348  Win FW state via NFP2: enabled ( trusted )
19:30:21.0771 0x0348  ============================================================
19:30:21.0771 0x0348  Scan finished
19:30:21.0771 0x0348  ============================================================
19:30:21.0787 0x1d44  Detected object count: 0
19:30:21.0787 0x1d44  Actual detected object count: 0
 



#10 Janho

Janho
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 24 October 2016 - 06:45 PM

Adw Cleaner - no program(s) I wanted to keep, so I told AdwCleaner to clean them. I don't even use Google Chrome - what's it doing on my computer?

 

# AdwCleaner v6.030 - Logfile created 24/10/2016 at 19:37:43
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-23.2 [Server]
# Operating System : Windows 8.1 (X64)
# Username : Jan - JANS
# Running from : C:\Users\Jan\Desktop\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found: C:\Users\Jan\AppData\Local\PackageAware


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found: [C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1151 Bytes] - [24/10/2016 19:37:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1224 Bytes] ##########



#11 Janho

Janho
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 24 October 2016 - 06:52 PM

And here's the AdwCleaner log after I told it to clean:

 

# AdwCleaner v6.030 - Logfile created 24/10/2016 at 19:46:55
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-23.2 [Server]
# Operating System : Windows 8.1 (X64)
# Username : Jan - JANS
# Running from : C:\Users\Jan\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Users\Jan\AppData\Local\PackageAware


***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****



***** [ Web browsers ] *****

[-] [C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1013 Bytes] - [24/10/2016 19:46:55]
C:\AdwCleaner\AdwCleaner[S0].txt - [1303 Bytes] - [24/10/2016 19:37:43]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1159 Bytes] ##########



#12 Janho

Janho
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 24 October 2016 - 07:06 PM

Junkware Removal Tool report:

 

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 8.1 x64
Ran by Jan (Administrator) on Mon 10/24/2016 at 20:03:02.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\ProgramData\esellerate (Folder)
Successfully deleted: C:\ProgramData\mntemp (File)



Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{53A88010-7148-4852-8157-7AF5DBC51B06} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{53A88010-7148-4852-8157-7AF5DBC51B06} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 10/24/2016 at 20:04:50.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#13 Janho

Janho
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 24 October 2016 - 10:37 PM

ESET found nothing, no log.

 

Malwarebytes Anti-Malware Log

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/24/2016
Scan Time: 11:04 PM
Logfile: MBAM-History-01.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.10.25.04
Rootkit Database: v2016.09.26.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Jan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 350825
Time Elapsed: 19 min, 39 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:01 AM

Posted 25 October 2016 - 12:03 PM

It looksclean now. Yes you can run these on all the machines.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Janho

Janho
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 25 October 2016 - 07:49 PM

Thanks, Boopme, will run these programs on my laptop next and post those logs.

 

My desktop seems a little slow - getting that spinning wheel more than I used to.  Is it alright to defrag, clean out temp files, etc., now?

 

I reset my ipad and then I got notice of an o/s upgrade to 10.1, so I ran that.  After that installed, re-downloaded firefox from the app store and it is free now from that ransomware message.  Was able to get into FB on the ipad now as well, only problem is it will not store/remember my password anymore.

 

Earlier, I had attempted to log into fb on an old Dell laptop that I installed Linux Mint on yesterday (wiped the Windows o/s off completely).  What I got was a message telling me that my Mac needed to be cleaned with anti-virus.  There was a button below that said "I'm not on a Mac", which I pushed.  I got a new message along the lines of "oops, we better fix that then."  Yeah, ya think!  Facebook is so messed up, I'm beginning to think that's what infected my system.

 

And, any ideas how to get my Ooma VOIP working again?  It rings, but I hear nothing and when I pick up, that hangs up on who ever is calling me.  And when I call a number, I hear nothing, even though the call goes through - tested with my cell phone.

 

Thanks,

Jan






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users