Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by many adwares and possibly more!


  • Please log in to reply
10 replies to this topic

#1 rumpled103

rumpled103

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 PM

Posted 07 December 2016 - 05:15 AM

I'm using Windows 7 Home Premium 64 bit on my local computer. I have another computer with Windows 7 Home Premium 64-bit. And I have an Android Phone. It's an LG-K7 and the Android version is 5.1.1. I have MalwareBytes Anti-Malware (not sure if it's the trial version or the free version and if that's supposed to make a difference.), Anti-Exploit Free, Mcafee, Microsoft Security Essentials, and now a trial of HitManPro (recent version) on the local computer (the one I'm using to write this).

I am infected by popup.taboola, bbtrack.com, and adclick.g.doubleclick.  For example, if I go to here: http://download.cnet.com/HitmanPro-3-64-bit/3000-2239_4-75110395.html

It shows all those adwares. But if I go here to foxla.com/live, it'll only show the popup.taboola

Now, if I go to youtube, now I start getting ads from showsgcdn.2mdn.net.
And when I go to Chrome on my Android phone (http://download.cnet.com/HitmanPro-3-64-bit/3000-2239_4-75110395.html), there's also an ad by r.bat.bing. I don't know how many more adwares I could. I know the Firefox on my Android phone is also infected.

Edit 1: I just found another adware by content.ad. I don't know how many more adwares I've been infected with and whether that might make it more difficult to help me.

Edit 2: Just realized my Skype also has this adware and it's coming from secure-lax.adnxs, so it's possible that adwares have infected my entire computer, not just my browsers.

Luckily, the other computer that I have does not seem to be affected. But now I wonder if these adwares are now connected to my local computer, my Google Account for logging into Chrome, and my Firefox Sync Account. I don't feel like creating/connecting different Google Accounts and Firefox Sync Accounts and see what were to happen if I switched to those accounts on my Android Phone because I'm afraid nothing will change and I might end up getting those accounts infected too. And something tells me that my Android Phone is now infected with these adwares. How it infected my phone, I don't know. But I can likely guess that the infection started on the local computer and also spread to my phone (not sure how though). I wonder what were to happen if my local computer was not infected, but what would happen if I ended up getting infected on my phone and whether and how that would spread back to the local computer.

Edit 3: Just checked my other computer (a computer in another room; we'll call it Computer 2 . The computer I first noticed that had the adware and the one I'm using to write this topic, we'll call that Computer 1 and I guess this topic will just be only for Computer 1.

Edit 4: I tried creating a Windows 10 virtual machine to see what would happen. When the desktop came up, I went to Microsoft Edge and went to foxla.com/live and sure enough I'm getting Taboola ads. And as soon as the desktop starts up for the first time I get "Do you want to find PCs, devices, and content on this network, and automatically connect to devices like printers and TVs? We recommend that you do this on your home and work networks, but not public ones." One time when installing Windows 10, I clicked yes. Another time, I clicked no.  I don't think that had anything to do with the Taboola ads. I also noticed that I get connected to a public network for the first time. Don't know why. But I'm not sure why I'm getting the Taboola ads, even on a virtual machine.

I tried following all the tips from here:https://malwaretips.com/blogs/remove-taboola-ads/
But it did not work. Luckily, I still have my Firefox User Profile Data.

I know some people might say to just use an adblocker, but that just hides the adwares, it doesn't eliminate the problem. For example, this Chrome extension called Removes Taboola, that just hides the ads, it doesn't eliminate the adware.

I probably got these adwares in one or more ways. Maybe I got it by visiting a risky porn site or maybe I got it while installing BitTorrent and maybe I forgot to uncheck the Advanced options with those add-ons that they so deceptively try to get you to install (although I'm pretty sure I unchecked them). Or maybe it's coming from my computer backup on my external hard drive and it somehow infected my local computer (not sure if that's even possible or how that would work). I've also tried to install Any Video Converter because the program in the past worked for me and I don't remember it having any adwares when installing it. But just recently, I tried downloading it and Mcafee said it was a dangerous download. I downloaded it anyway and when I clicked on the file to install, Mcafee automatically quarantines it. I'm wondering if the installation file contained the adwares that you get while installing Any Video Converter and maybe instead of getting the adwares while installing it, you get it just by clicking on the installation file itself. So maybe that's why Mcafee blocked it? I don't know. I can't think of any other ways I could have gotten those adwares.

I don't think these adwares will really hurt my privacy. But they are annoying. That's just my opinion. You can try to convince me otherwise. But I wish I could get rid of them. And I also plan on getting my first laptop soon with Windows 10, so I don't want that getting infected too. I was also thinking about maybe going to some android phone repair shop that knows about removing adwares, but I don't want them to root my phone. So I'd also like your opinion on that.

 
 
I apologize if I may have posted this in the wrong forum. Maybe it was supposed to be posted in Virus, Trojan, Spyware, and Malware Removal Logs. Someone will have to correct me on this.

Edited by rumpled103, 07 December 2016 - 10:15 PM.


BC AdBot (Login to Remove)

 


#2 robby501

robby501

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:16 AM

Posted 07 December 2016 - 05:39 AM

As you can see, I'm not a staff member here and am not here to offer assistance in cleaning your device(s). JFYI, I think you are in the correct forum.

 

However, I certainly wouldn't 100% trust using vendors like C-Net for downloading security packages, AV, malware/adware removal tools etc for fear of it being bundled with other packages you simply don't need or even want. Instead, I'd use the downloads available from within BLEEPING COMPUTER. Tools such as AdwCleaner, Zemana, Malwarebytes, JRT, HitmanPro etc are available on this site and will likely assist in helping you cleanse your device.

 

Having said all this, I am sure one of the staff members will be along soon to assist you.

 

All the best.


Edited by robby501, 07 December 2016 - 05:50 AM.

Im a rookie and purely recreational pc user. Im utterly obsessed with security (even though I consider myself a safe and law-abiding internet user!) and run a combo of the following freeware security suites.....

Windows Defender/firewall

Regular scans with Malwarebytes, AdwCleaner, JRT, HitmanPro

 

 

 


#3 54M33R

54M33R

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 07 December 2016 - 02:49 PM

Reviewing the Any video converter or just known as AVC, Mcafee may be detecting this as a false positive unless you have downloaded it from not their official site.

If you would like to review it yourself Click here

 

Let's start trying to remove this adware and any other possible infections.

 

 

AdwCleaner

 

  • Download AdwCleaner and then save it to your desktop
  • Right-click the application and select run as administrator
  • Click the Scan button, Notice: The scan will take some time to finish
  • If anything is found after the scan, press the report button and copy and paste the contents in your next reply
  • After if anything is found, I suggest pressing the Clean button
  • All log files are held in C:\AdwCleaner
  • If AdwCleaner causes a reboot this is normal as it is needed for the removal of any findings

 

 

JRT (Junkware Removal Tool)

 

  • Download JRT and save it to your desktop
  • Notice:  To avoid conflicts, disable your protection software
  • Right click the application and run as administrator
  • If an update is found accept the update
  • Press any key to run the scan Notice: The scan will take some time
  • Once the scan is finished JRT.txt log will open which is located on your desktop, copy the contents and paste it in your next reply

 

TDSSKiller

 

  • Download TDSSKiller Zip version and save it to your desktop
  • Unzip the file and right-click the application in the new folder and run as administrator
  • Click start scan Notice: The scan will take some time
  • If an infected or suspicious file is found please do not change the default action
  • If a Reboot  is required please reboot, if not press Report to open the log file, copy it's content's and paste on your next reply
  • If you required a Reboot the report can be found in the Root directory or just known as C:\ the contents of the file name will be named TDSSKiller_xxxx_log.txt.  please copy its contents and paste on your next reply

Edited by 54M33R, 07 December 2016 - 04:50 PM.


#4 rumpled103

rumpled103
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 PM

Posted 07 December 2016 - 06:55 PM

Oh, I was getting the Any Video Converter Free version. I found this: https://www.virustotal.com/en/file/422dc4d79aeb34bd4a465f3500e96de183a928036face7d329e7f9cfdf260871/analysis/1481150587/
Apparently, Mcafee doesn't find anything wrong with it. I even opened it up and it doesn't seem to come with those sneaky advanced options that get you to install those malicious programs.

Anyway, I did the AdwCleaner until AdwCleaner couldn't find anything anymore. I think I'll give you multiple AdwCleaner logs because I think they may be relevant. I'll give the last one that reported issues and then the next one and so on until the previous log didn't find anything.

# AdwCleaner v6.040 - Logfile created 07/12/2016 at 14:10:18
# Updated on 02/12/2016 by Malwarebytes
# Database : 2016-12-07.1 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username :<censored>
# Running from : C:\Users\<censored>\Downloads\adwcleaner_6.040.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****



***** [ Web browsers ] *****

[-] [C:\Users\<censored>\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\<censored>\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.aol.com


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1609 Bytes] - [06/12/2016 23:37:35]
C:\AdwCleaner\AdwCleaner[C2].txt - [1113 Bytes] - [07/12/2016 14:10:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [1170 Bytes] - [30/08/2016 04:34:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [1626 Bytes] - [06/12/2016 23:32:19]
C:\AdwCleaner\AdwCleaner[S2].txt - [1584 Bytes] - [07/12/2016 14:04:09]
C:\AdwCleaner\AdwCleaner[S3].txt - [1656 Bytes] - [07/12/2016 14:09:22]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1478 Bytes] ##########



# AdwCleaner v6.040 - Logfile created 07/12/2016 at 14:04:09
# Updated on 02/12/2016 by Malwarebytes
# Database : 2016-12-07.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : <censored> - <censored>-PC
# Running from : C:\Users\<censored>\Downloads\adwcleaner_6.040.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found:  [C:\Users\<censored>\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found:  [C:\Users\<censored>\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.aol.com

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1609 Bytes] - [06/12/2016 23:37:35]
C:\AdwCleaner\AdwCleaner[S0].txt - [1170 Bytes] - [30/08/2016 04:34:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [1626 Bytes] - [06/12/2016 23:32:19]
C:\AdwCleaner\AdwCleaner[S2].txt - [1432 Bytes] - [07/12/2016 14:04:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1505 Bytes] ##########




# AdwCleaner v6.040 - Logfile created 06/12/2016 at 23:32:19
# Updated on 02/12/2016 by Malwarebytes
# Database : 2016-12-06.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : <censored>
# Running from : C:\Users\<censored>\Downloads\adwcleaner_6.040.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

Service Found:  EsgScanner


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

File Found:  C:\Windows\SysNative\drivers\EsgScanner.sys
File Found:  C:\Users\<censored>\AppData\Roaming\Mozilla\Firefox\Profiles\i29debrs.default\extensions\abb@amazon.com.xpi


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found:  HKLM\SOFTWARE\Classes\FileTime.FileTimeShlExt
Key Found:  HKLM\SOFTWARE\Classes\FileTime.FileTimeShlExt.1
Key Found:  [x64] HKLM\SOFTWARE\Classes\FileTime.FileTimeShlExt
Key Found:  [x64] HKLM\SOFTWARE\Classes\FileTime.FileTimeShlExt.1


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1170 Bytes] - [30/08/2016 04:34:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [1466 Bytes] - [06/12/2016 23:32:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1539 Bytes] ##########


Here's the Junkware Removal Tool. Did it until it couldn't find anything bad anymore.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64
Ran by <censored> (Administrator) on Wed 12/07/2016 at 15:04:43.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 16

Successfully deleted: C:\Users\<censored>\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2D2N9HL7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\<censored>\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\97OZR824 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\<censored>\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CVLDRWA0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\<censored>\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ4NDRR5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\<censored>\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DORJ6H81 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\<censored>\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MSEFJU5C (Temporary Internet Files Folder)
Successfully deleted: C:\Users\<censored>\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RRPSM912 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\<censored>\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ULFDVHHW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2D2N9HL7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\97OZR824 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CVLDRWA0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ4NDRR5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DORJ6H81 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MSEFJU5C (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RRPSM912 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ULFDVHHW (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/07/2016 at 15:09:47.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


TDSS Killer. I just used the default scan (without going into default parameters for the first time).
15:32:08.0325 0x14e4  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
15:32:42.0182 0x14e4  ============================================================
15:32:42.0182 0x14e4  Current date / time: 2016/12/07 15:32:42.0182
15:32:42.0182 0x14e4  SystemInfo:
15:32:42.0183 0x14e4  
15:32:42.0183 0x14e4  OS Version: 6.1.7601 ServicePack: 1.0
15:32:42.0183 0x14e4  Product type: Workstation
15:32:42.0183 0x14e4  ComputerName: <censored>-PC
15:32:42.0183 0x14e4  UserName: <censored>
15:32:42.0184 0x14e4  Windows directory: C:\Windows
15:32:42.0184 0x14e4  System windows directory: C:\Windows
15:32:42.0184 0x14e4  Running under WOW64
15:32:42.0184 0x14e4  Processor architecture: Intel x64
15:32:42.0184 0x14e4  Number of processors: 2
15:32:42.0184 0x14e4  Page size: 0x1000
15:32:42.0184 0x14e4  Boot type: Normal boot
15:32:42.0184 0x14e4  CodeIntegrityOptions = 0x00000001
15:32:42.0184 0x14e4  ============================================================
15:32:43.0786 0x14e4  KLMD registered as C:\Windows\system32\drivers\56944678.sys
15:32:43.0786 0x14e4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
15:32:44.0954 0x14e4  System UUID: {91E79E4C-4517-A5F5-FF50-517CE658536D}
15:32:45.0648 0x14e4  Drive \Device\Harddisk0\DR0 - Size: 0x1D1BD110000 ( 1862.95 Gb ), SectorSize: 0x200, Cylinders: 0x3B5F9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:32:45.0659 0x14e4  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:32:45.0714 0x14e4  Drive \Device\Harddisk7\DR7 - Size: 0x3CF0F0000 ( 15.24 Gb ), SectorSize: 0x200, Cylinders: 0x7C4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:32:45.0716 0x14e4  ============================================================
15:32:45.0716 0x14e4  \Device\Harddisk0\DR0:
15:32:45.0716 0x14e4  MBR partitions:
15:32:45.0716 0x14e4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:32:45.0716 0x14e4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DB5800
15:32:45.0716 0x14e4  \Device\Harddisk1\DR1:
15:32:45.0716 0x14e4  MBR partitions:
15:32:45.0716 0x14e4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0xE8E08840
15:32:45.0716 0x14e4  \Device\Harddisk7\DR7:
15:32:45.0718 0x14e4  MBR partitions:
15:32:45.0718 0x14e4  \Device\Harddisk7\DR7\Partition1: MBR, Type 0xC, StartLBA 0xDB0, BlocksNum 0x1E779D0
15:32:45.0718 0x14e4  ============================================================
15:32:45.0734 0x14e4  C: <-> \Device\Harddisk0\DR0\Partition2
15:32:46.0303 0x14e4  K: <-> \Device\Harddisk1\DR1\Partition1
15:32:46.0303 0x14e4  ============================================================
15:32:46.0303 0x14e4  Initialize success
15:32:46.0303 0x14e4  ============================================================
15:34:18.0137 0x1248  ============================================================
15:34:18.0137 0x1248  Scan started
15:34:18.0137 0x1248  Mode: Manual;
15:34:18.0137 0x1248  ============================================================
15:34:18.0137 0x1248  KSN ping started
15:34:18.0382 0x1248  KSN ping finished: true
15:34:19.0367 0x1248  ================ Scan system memory ========================
15:34:19.0367 0x1248  System memory - ok
15:34:19.0368 0x1248  ================ Scan services =============================
15:34:19.0471 0x1248  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:34:19.0481 0x1248  1394ohci - ok
15:34:19.0559 0x1248  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:34:19.0569 0x1248  ACDaemon - ok
15:34:19.0600 0x1248  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:34:19.0617 0x1248  ACPI - ok
15:34:19.0630 0x1248  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:34:19.0632 0x1248  AcpiPmi - ok
15:34:19.0717 0x1248  [ 36C606A3A3FB332129E1DFB5EAAEBF83, D67C96B2D53C5548A86600F64B8EED0ED0472DDE0BEE46F07A780FA02F020EBD ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
15:34:19.0835 0x1248  AcrSch2Svc - ok
15:34:19.0881 0x1248  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:34:19.0888 0x1248  AdobeARMservice - ok
15:34:19.0966 0x1248  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:34:19.0975 0x1248  AdobeFlashPlayerUpdateSvc - ok
15:34:20.0023 0x1248  [ 8532B30A054D83614A90D24AD61A29DF, 959C74C63AF7F4E5588C705FBF08EA7A8749268BC28819879ED53AB7A3410B74 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
15:34:20.0044 0x1248  AdobeUpdateService - ok
15:34:20.0070 0x1248  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:34:20.0088 0x1248  adp94xx - ok
15:34:20.0101 0x1248  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:34:20.0110 0x1248  adpahci - ok
15:34:20.0120 0x1248  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:34:20.0126 0x1248  adpu320 - ok
15:34:20.0151 0x1248  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:34:20.0154 0x1248  AeLookupSvc - ok
15:34:20.0274 0x1248  [ D58AFA917D97BFF073E58763B13E4A65, 5D735F27CC1C17CED976E0996033AF72E3C70BADAE8BFE6506AAF5BD747E6DA2 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
15:34:20.0707 0x1248  afcdpsrv - ok
15:34:20.0777 0x1248  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
15:34:20.0800 0x1248  AFD - ok
15:34:20.0824 0x1248  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:34:20.0828 0x1248  agp440 - ok
15:34:20.0945 0x1248  [ 021D06851E7AFF5C314039DF813608F3, 081B14840F4AD428B4407AA2E639369A45D174D9507BD107F33FE3A94FB8F8EC ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
15:34:21.0009 0x1248  AGSService - ok
15:34:21.0026 0x1248  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:34:21.0028 0x1248  ALG - ok
15:34:21.0046 0x1248  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:34:21.0047 0x1248  aliide - ok
15:34:21.0063 0x1248  [ A359974EAAC83A435497C52F62A2E590, 7A7AFFE1CCE8732C478AE3EA630AA46C94DE0DBFE19EE63E3FB99B0D3338F038 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:34:21.0654 0x1248  AMD External Events Utility - ok
15:34:21.0668 0x1248  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:34:21.0670 0x1248  amdide - ok
15:34:21.0685 0x1248  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:34:21.0687 0x1248  AmdK8 - ok
15:34:21.0963 0x1248  [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:34:22.0238 0x1248  amdkmdag - ok
15:34:22.0276 0x1248  [ 6B4E9261B613B047A9A145F328889968, E5C6611E88381A9D40AD1CE80BFDDBDA733F4A8D3602AAE25A155D2C39B3B7FD ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:34:22.0284 0x1248  amdkmdap - ok
15:34:22.0294 0x1248  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:34:22.0296 0x1248  AmdPPM - ok
15:34:22.0311 0x1248  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:34:22.0315 0x1248  amdsata - ok
15:34:22.0330 0x1248  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:34:22.0334 0x1248  amdsbs - ok
15:34:22.0342 0x1248  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:34:22.0343 0x1248  amdxata - ok
15:34:22.0363 0x1248  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
15:34:22.0386 0x1248  AppID - ok
15:34:22.0407 0x1248  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:34:22.0434 0x1248  AppIDSvc - ok
15:34:22.0456 0x1248  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
15:34:22.0459 0x1248  Appinfo - ok
15:34:22.0469 0x1248  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:34:22.0472 0x1248  arc - ok
15:34:22.0480 0x1248  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:34:22.0483 0x1248  arcsas - ok
15:34:22.0501 0x1248  [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:34:22.0502 0x1248  ArcSoftKsUFilter - ok
15:34:22.0555 0x1248  [ 1918931DAC607E14BAACCC03A24334A1, 2EFF0241CCDF2BC4579F0778BEC0392703BE7134F30483308A312384E823393B ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:34:22.0559 0x1248  aspnet_state - ok
15:34:22.0629 0x1248  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:34:22.0632 0x1248  AsyncMac - ok
15:34:22.0697 0x1248  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:34:22.0699 0x1248  atapi - ok
15:34:22.0739 0x1248  [ EE672EACF3CBEDAB390E0655BF5A11AB, DFAFB55584CED9ECF499067D113F81BE51D492627FD36784C4BED06AE0BECC52 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:34:22.0743 0x1248  AtiHDAudioService - ok
15:34:22.0779 0x1248  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:34:22.0813 0x1248  AudioEndpointBuilder - ok
15:34:22.0845 0x1248  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:34:22.0859 0x1248  AudioSrv - ok
15:34:22.0887 0x1248  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:34:22.0892 0x1248  AxInstSV - ok
15:34:22.0919 0x1248  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:34:22.0936 0x1248  b06bdrv - ok
15:34:22.0959 0x1248  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:34:22.0967 0x1248  b57nd60a - ok
15:34:22.0987 0x1248  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:34:22.0991 0x1248  BDESVC - ok
15:34:23.0003 0x1248  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:34:23.0005 0x1248  Beep - ok
15:34:23.0042 0x1248  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:34:23.0064 0x1248  BFE - ok
15:34:23.0105 0x1248  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:34:23.0132 0x1248  BITS - ok
15:34:23.0142 0x1248  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:34:23.0144 0x1248  blbdrive - ok
15:34:23.0163 0x1248  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:34:23.0191 0x1248  bowser - ok
15:34:23.0230 0x1248  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:34:23.0231 0x1248  BrFiltLo - ok
15:34:23.0240 0x1248  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:34:23.0241 0x1248  BrFiltUp - ok
15:34:23.0271 0x1248  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:34:23.0276 0x1248  Browser - ok
15:34:23.0290 0x1248  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:34:23.0298 0x1248  Brserid - ok
15:34:23.0308 0x1248  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:34:23.0310 0x1248  BrSerWdm - ok
15:34:23.0318 0x1248  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:34:23.0319 0x1248  BrUsbMdm - ok
15:34:23.0329 0x1248  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:34:23.0330 0x1248  BrUsbSer - ok
15:34:23.0366 0x1248  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
15:34:23.0385 0x1248  BthEnum - ok
15:34:23.0397 0x1248  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:34:23.0399 0x1248  BTHMODEM - ok
15:34:23.0427 0x1248  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:34:23.0454 0x1248  BthPan - ok
15:34:23.0481 0x1248  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
15:34:23.0517 0x1248  BTHPORT - ok
15:34:23.0528 0x1248  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:34:23.0531 0x1248  bthserv - ok
15:34:23.0551 0x1248  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
15:34:23.0597 0x1248  BTHUSB - ok
15:34:23.0625 0x1248  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:34:23.0628 0x1248  cdfs - ok
15:34:23.0648 0x1248  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:34:23.0652 0x1248  cdrom - ok
15:34:23.0664 0x1248  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:34:23.0667 0x1248  CertPropSvc - ok
15:34:23.0690 0x1248  [ 2CFB41937C053476270CEE913AC55BE6, E667DB12F650A68F73DD817E8D4C4C68139CB7B67567A894215F0208CF9360CD ] cfwids          C:\Windows\system32\drivers\cfwids.sys
15:34:23.0693 0x1248  cfwids - ok
15:34:23.0702 0x1248  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:34:23.0705 0x1248  circlass - ok
15:34:23.0730 0x1248  [ 3891EA60B84EFE115CE070311FA83BBB, 2A30FB15C8D0C69289C087DFE1F822AB4F9C3F091DBB3FD2E99DC5B562E90DFB ] CLFS            C:\Windows\system32\CLFS.sys
15:34:23.0740 0x1248  CLFS - ok
15:34:23.0899 0x1248  [ BDED70145D7F931CAD02BD531BEB38B7, 6B6355482F7FD44ECD958BBFDC9795C8F79A60EB5294349DCB0DBBECE607A5B6 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
15:34:23.0965 0x1248  ClickToRunSvc - ok
15:34:24.0019 0x1248  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:34:24.0022 0x1248  clr_optimization_v2.0.50727_32 - ok
15:34:24.0052 0x1248  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:34:24.0055 0x1248  clr_optimization_v2.0.50727_64 - ok
15:34:24.0112 0x1248  [ FEB23309B5452EBACD52D3E6AC8B012D, 6D2D6514DA97AD8B67FC4CEEF7C904883340048055A2FB985BCAB7C475970299 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:34:24.0115 0x1248  clr_optimization_v4.0.30319_32 - ok
15:34:24.0142 0x1248  [ BF17E3D9E51517A03CE9938E7641F3D8, 5AB4FA6157354F275A9996BE416A88F6BA6BF0A5E89A351703792394BF3B373D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:34:24.0148 0x1248  clr_optimization_v4.0.30319_64 - ok
15:34:24.0158 0x1248  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:34:24.0159 0x1248  CmBatt - ok
15:34:24.0179 0x1248  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:34:24.0181 0x1248  cmdide - ok
15:34:24.0221 0x1248  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:34:24.0238 0x1248  CNG - ok
15:34:24.0252 0x1248  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:34:24.0254 0x1248  Compbatt - ok
15:34:24.0270 0x1248  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:34:24.0272 0x1248  CompositeBus - ok
15:34:24.0281 0x1248  COMSysApp - ok
15:34:24.0298 0x1248  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:34:24.0299 0x1248  crcdisk - ok
15:34:24.0332 0x1248  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:34:24.0360 0x1248  CryptSvc - ok
15:34:24.0457 0x1248  [ 87A70750325AFC300F0977DC3137A350, F4E894A4235443ABFF7CEA4ADB3BEECE0C16B062AADD03326A63E77341939D67 ] DCamUSBNovatek  C:\Windows\system32\Drivers\nvtcam.sys
15:34:24.0533 0x1248  DCamUSBNovatek - ok
15:34:24.0567 0x1248  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:34:24.0584 0x1248  DcomLaunch - ok
15:34:24.0608 0x1248  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:34:24.0617 0x1248  defragsvc - ok
15:34:24.0655 0x1248  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:34:24.0693 0x1248  DfsC - ok
15:34:24.0709 0x1248  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:34:24.0718 0x1248  Dhcp - ok
15:34:24.0769 0x1248  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:34:24.0849 0x1248  DiagTrack - ok
15:34:24.0970 0x1248  [ 64F6A6B21B25528F7368928C0171C8E3, B9D56EA97E57501D567D71965C1CD57C85DA1C7EAF958B38F3D199457DD4D2E3 ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
15:34:25.0148 0x1248  Disc Soft Lite Bus Service - ok
15:34:25.0161 0x1248  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:34:25.0163 0x1248  discache - ok
15:34:25.0171 0x1248  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
15:34:25.0174 0x1248  Disk - ok
15:34:25.0197 0x1248  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:34:25.0203 0x1248  Dnscache - ok
15:34:25.0213 0x1248  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:34:25.0221 0x1248  dot3svc - ok
15:34:25.0231 0x1248  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:34:25.0236 0x1248  DPS - ok
15:34:25.0257 0x1248  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:34:25.0258 0x1248  drmkaud - ok
15:34:25.0282 0x1248  [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus   C:\Windows\system32\DRIVERS\dtlitescsibus.sys
15:34:25.0283 0x1248  dtlitescsibus - ok
15:34:25.0295 0x1248  [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus    C:\Windows\system32\DRIVERS\dtliteusbbus.sys
15:34:25.0296 0x1248  dtliteusbbus - ok
15:34:25.0330 0x1248  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:34:25.0365 0x1248  DXGKrnl - ok
15:34:25.0382 0x1248  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:34:25.0386 0x1248  EapHost - ok
15:34:25.0482 0x1248  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:34:25.0567 0x1248  ebdrv - ok
15:34:25.0583 0x1248  [ 4747BB1EF5246596B864831903C7E3F9, 45A8B23593FAA0219AD4541CD9F525587AAFD4EC0EBBA46814DC9874C4816E5C ] EFS             C:\Windows\System32\lsass.exe
15:34:25.0604 0x1248  EFS - ok
15:34:25.0655 0x1248  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:34:25.0681 0x1248  ehRecvr - ok
15:34:25.0691 0x1248  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:34:25.0695 0x1248  ehSched - ok
15:34:25.0716 0x1248  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:34:25.0733 0x1248  elxstor - ok
15:34:25.0749 0x1248  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:34:25.0750 0x1248  ErrDev - ok
15:34:25.0796 0x1248  [ 19053C083F59BDC037768F31810996A8, 2795CA4EA721B812CE2C333487CAA44B24921FB571171D36E8B962572709A187 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
15:34:25.0838 0x1248  ESProtectionDriver - ok
15:34:25.0861 0x1248  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:34:25.0878 0x1248  EventSystem - ok
15:34:25.0887 0x1248  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:34:25.0893 0x1248  exfat - ok
15:34:25.0944 0x1248  FairplayKD - ok
15:34:25.0973 0x1248  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:34:25.0986 0x1248  fastfat - ok
15:34:26.0047 0x1248  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:34:26.0071 0x1248  Fax - ok
15:34:26.0077 0x1248  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:34:26.0079 0x1248  fdc - ok
15:34:26.0101 0x1248  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:34:26.0103 0x1248  fdPHost - ok
15:34:26.0115 0x1248  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:34:26.0117 0x1248  FDResPub - ok
15:34:26.0135 0x1248  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:34:26.0139 0x1248  FileInfo - ok
15:34:26.0150 0x1248  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:34:26.0152 0x1248  Filetrace - ok
15:34:26.0176 0x1248  [ 27B3C0F193F00D65F2D6B2C8C7FD22FF, B7DFE6D3065091C26085DB661503847F729EC2D2842C3D56D4F003548CC46503 ] file_tracker    C:\Windows\system32\DRIVERS\file_tracker.sys
15:34:26.0267 0x1248  file_tracker - ok
15:34:26.0273 0x1248  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:34:26.0274 0x1248  flpydisk - ok
15:34:26.0291 0x1248  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:34:26.0299 0x1248  FltMgr - ok
15:34:26.0327 0x1248  [ 4AD91299304A5E75084434F246DE0F9A, 3617EFEBCCB23F15FC9423544D061AF183E8E87B7E1EA9AA13EAAC5A9F0DE439 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
15:34:26.0376 0x1248  fltsrv - ok
15:34:26.0431 0x1248  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
15:34:26.0495 0x1248  FontCache - ok
15:34:26.0528 0x1248  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:34:26.0531 0x1248  FontCache3.0.0.0 - ok
15:34:26.0547 0x1248  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:34:26.0549 0x1248  FsDepends - ok
15:34:26.0561 0x1248  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:34:26.0563 0x1248  Fs_Rec - ok
15:34:26.0584 0x1248  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:34:26.0590 0x1248  fvevol - ok
15:34:26.0598 0x1248  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:34:26.0600 0x1248  gagp30kx - ok
15:34:26.0663 0x1248  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
15:34:26.0683 0x1248  gpsvc - ok
15:34:26.0750 0x1248  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:34:26.0767 0x1248  gupdate - ok
15:34:26.0783 0x1248  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:34:26.0787 0x1248  gupdatem - ok
15:34:26.0820 0x1248  [ B23BDC42F7F8EB7A37587FA029B81ADE, 1ABE941F0FDB36CF7B6556B2124FAEDF296EB04B7789CFC8056D55C2B00B5B54 ] hcmon           C:\Windows\system32\DRIVERS\hcmon.sys
15:34:26.0824 0x1248  hcmon - ok
15:34:26.0832 0x1248  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:34:26.0834 0x1248  hcw85cir - ok
15:34:26.0862 0x1248  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:34:26.0873 0x1248  HdAudAddService - ok
15:34:26.0890 0x1248  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:34:26.0894 0x1248  HDAudBus - ok
15:34:26.0899 0x1248  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:34:26.0901 0x1248  HidBatt - ok
15:34:26.0909 0x1248  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:34:26.0913 0x1248  HidBth - ok
15:34:26.0918 0x1248  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:34:26.0921 0x1248  HidIr - ok
15:34:26.0928 0x1248  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:34:26.0930 0x1248  hidserv - ok
15:34:26.0953 0x1248  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:34:26.0955 0x1248  HidUsb - ok
15:34:26.0977 0x1248  [ F60E629BADC03B5BCCF8AAE022651A64, 08D3BA75F3A43843F8F13D7EEA263E46A9452FAB3B30BFD389E4B0477675CB3B ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
15:34:26.0983 0x1248  HipShieldK - ok
15:34:26.0996 0x1248  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:34:26.0999 0x1248  hkmsvc - ok
15:34:27.0014 0x1248  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:34:27.0021 0x1248  HomeGroupListener - ok
15:34:27.0043 0x1248  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:34:27.0050 0x1248  HomeGroupProvider - ok
15:34:27.0098 0x1248  [ A5AEFF1699CB64EE4AA8D7278762852E, 65B1C523DB87F38EEB33CBC0A806EADA59291E4EE200864549D5EC00332E2D53 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:34:27.0111 0x1248  HomeNetSvc - ok
15:34:27.0120 0x1248  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:34:27.0122 0x1248  HpSAMD - ok
15:34:27.0176 0x1248  HPSLPSVC - ok
15:34:27.0214 0x1248  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:34:27.0240 0x1248  HTTP - ok
15:34:27.0251 0x1248  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:34:27.0253 0x1248  hwpolicy - ok
15:34:27.0272 0x1248  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:34:27.0274 0x1248  i8042prt - ok
15:34:27.0306 0x1248  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:34:27.0323 0x1248  iaStorV - ok
15:34:27.0368 0x1248  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:34:27.0394 0x1248  idsvc - ok
15:34:27.0399 0x1248  IEEtwCollectorService - ok
15:34:27.0415 0x1248  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:34:27.0417 0x1248  iirsp - ok
15:34:27.0462 0x1248  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:34:27.0488 0x1248  IKEEXT - ok
15:34:27.0633 0x1248  [ 3A2D6740F51BE48C0FD01AD907329DEE, 4FD899CD6E3B3D5C9803E52CB72F002B6CFC144D524FAF6845CF6D115EC6E059 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:34:27.0759 0x1248  IntcAzAudAddService - ok
15:34:27.0778 0x1248  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:34:27.0779 0x1248  intelide - ok
15:34:27.0802 0x1248  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
15:34:27.0805 0x1248  intelppm - ok
15:34:27.0818 0x1248  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:34:27.0822 0x1248  IPBusEnum - ok
15:34:27.0828 0x1248  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:34:27.0831 0x1248  IpFilterDriver - ok
15:34:27.0859 0x1248  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:34:27.0877 0x1248  iphlpsvc - ok
15:34:27.0883 0x1248  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:34:27.0886 0x1248  IPMIDRV - ok
15:34:27.0893 0x1248  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:34:27.0897 0x1248  IPNAT - ok
15:34:27.0906 0x1248  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:34:27.0907 0x1248  IRENUM - ok
15:34:27.0920 0x1248  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:34:27.0921 0x1248  isapnp - ok
15:34:27.0946 0x1248  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:34:27.0953 0x1248  iScsiPrt - ok
15:34:27.0969 0x1248  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:34:27.0971 0x1248  kbdclass - ok
15:34:27.0978 0x1248  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:34:27.0979 0x1248  kbdhid - ok
15:34:27.0986 0x1248  [ 4747BB1EF5246596B864831903C7E3F9, 45A8B23593FAA0219AD4541CD9F525587AAFD4EC0EBBA46814DC9874C4816E5C ] KeyIso          C:\Windows\system32\lsass.exe
15:34:27.0988 0x1248  KeyIso - ok
15:34:28.0010 0x1248  [ DADA537418AEBB35AF6EEA3AD58B02A4, 86D483C6106F67678F72E100F9FD86660F528CFEE11835B523657C61DCA54704 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:34:28.0013 0x1248  KSecDD - ok
15:34:28.0039 0x1248  [ 641DA91DB8858FD9F156E6F1977AC14E, 4BCE86DDFC6E0E3D950ECFC023969F87BF1969AA0341A4CAEEBBF6E34254DB37 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:34:28.0044 0x1248  KSecPkg - ok
15:34:28.0050 0x1248  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:34:28.0052 0x1248  ksthunk - ok
15:34:28.0075 0x1248  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:34:28.0086 0x1248  KtmRm - ok
15:34:28.0115 0x1248  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:34:28.0122 0x1248  LanmanServer - ok
15:34:28.0133 0x1248  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:34:28.0139 0x1248  LanmanWorkstation - ok
15:34:28.0154 0x1248  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:34:28.0156 0x1248  lltdio - ok
15:34:28.0174 0x1248  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:34:28.0183 0x1248  lltdsvc - ok
15:34:28.0200 0x1248  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:34:28.0202 0x1248  lmhosts - ok
15:34:28.0222 0x1248  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:34:28.0226 0x1248  LSI_FC - ok
15:34:28.0233 0x1248  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:34:28.0237 0x1248  LSI_SAS - ok
15:34:28.0246 0x1248  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:34:28.0248 0x1248  LSI_SAS2 - ok
15:34:28.0258 0x1248  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:34:28.0261 0x1248  LSI_SCSI - ok
15:34:28.0268 0x1248  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:34:28.0271 0x1248  luafv - ok
15:34:28.0286 0x1248  lxdx_device - ok
15:34:28.0313 0x1248  [ A1D6AB0A277845198F228115460F6836, D57C5467E848DA3ACD1CAC38E309EE1460C3416F10AE0000AB1A6911F8B03EB4 ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
15:34:28.0461 0x1248  MbaeSvc - ok
15:34:28.0470 0x1248  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:34:28.0471 0x1248  MBAMProtector - ok
15:34:28.0520 0x1248  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
15:34:28.0554 0x1248  MBAMService - ok
15:34:28.0567 0x1248  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:34:28.0569 0x1248  MBAMWebAccessControl - ok
15:34:28.0616 0x1248  [ 963E110F8189126FD175EDA853612B42, B4E45D42767E582590B730FBC50E6108362896954B5D3A58FB5201C4206341A0 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
15:34:28.0634 0x1248  McAfee SiteAdvisor Service - ok
15:34:28.0711 0x1248  [ 8191E6B2C07D15F76DED7E895AA4824C, 8BCF6DB4F90014100984A2C34D344AD5481D07E87D75F123B95497611FBE4980 ] McAPExe         C:\Program Files\Common Files\McAfee\VSCore_15_5\McAPExe.exe
15:34:28.0817 0x1248  McAPExe - ok
15:34:28.0848 0x1248  [ A5AEFF1699CB64EE4AA8D7278762852E, 65B1C523DB87F38EEB33CBC0A806EADA59291E4EE200864549D5EC00332E2D53 ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:34:28.0860 0x1248  McBootDelayStartSvc - ok
15:34:28.0948 0x1248  [ 80C4D087A22EF22BBA7ECE24744C8B3E, 83666D5F6B66EA3310E6E27A2BF8DAC1A1197D31D72E823FD861696872666666 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\2.2.351.0\\McCSPServiceHost.exe
15:34:29.0083 0x1248  mccspsvc - ok
15:34:29.0115 0x1248  [ A5AEFF1699CB64EE4AA8D7278762852E, 65B1C523DB87F38EEB33CBC0A806EADA59291E4EE200864549D5EC00332E2D53 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:34:29.0127 0x1248  McMPFSvc - ok
15:34:29.0146 0x1248  [ A5AEFF1699CB64EE4AA8D7278762852E, 65B1C523DB87F38EEB33CBC0A806EADA59291E4EE200864549D5EC00332E2D53 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:34:29.0158 0x1248  McNaiAnn - ok
15:34:29.0212 0x1248  [ F604986CD57AC67E0BC8D42B4BA89086, AA32081670AEE8C1F27BE472CFD6C8B1540D19F7159D28B73F82F06E2CA381C3 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
15:34:29.0338 0x1248  McODS - ok
15:34:29.0357 0x1248  [ A5AEFF1699CB64EE4AA8D7278762852E, 65B1C523DB87F38EEB33CBC0A806EADA59291E4EE200864549D5EC00332E2D53 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:34:29.0369 0x1248  mcpltsvc - ok
15:34:29.0388 0x1248  [ A5AEFF1699CB64EE4AA8D7278762852E, 65B1C523DB87F38EEB33CBC0A806EADA59291E4EE200864549D5EC00332E2D53 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:34:29.0400 0x1248  McProxy - ok
15:34:29.0421 0x1248  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:34:29.0425 0x1248  Mcx2Svc - ok
15:34:29.0436 0x1248  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:34:29.0438 0x1248  megasas - ok
15:34:29.0462 0x1248  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:34:29.0470 0x1248  MegaSR - ok
15:34:29.0503 0x1248  [ A32B45FFAAA38427E9D2EE9AF9DC997E, 372C432BFE09667903F3DD25AA40C45727D24681CE042A3A264916ECE43EDF4F ] mfeaack         C:\Windows\system32\drivers\mfeaack.sys
15:34:29.0520 0x1248  mfeaack - ok
15:34:29.0543 0x1248  [ ADA9EF2281972B36B15C1C46E57D18FE, F5E5D740D499CE944D18673B90CA76154FAD7C47946CF79902E136B229576309 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
15:34:29.0553 0x1248  mfeavfk - ok
15:34:29.0580 0x1248  [ 06A5D8C909232E0FE11F147EB18F88FF, 13469DA801C950016EE017C6C2CCE85C8CB9743A58B46F6B80DEF6F12DF6D049 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:34:29.0587 0x1248  mfefire - ok
15:34:29.0620 0x1248  [ A5A4E261F1DC7342F67AD2C4B4F51E6C, 694EBE9B870186962A30E21888F91945BC1EE66779300C6C746795049CAE9B41 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
15:34:29.0636 0x1248  mfefirek - ok
15:34:29.0679 0x1248  [ 1105A16A7F975FEBF17355BDE4A7D089, 22A5CA04A36813CD71826B1695FE176A7AAED8876CCCB46AA56F08EA4FFE8E9E ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
15:34:29.0705 0x1248  mfehidk - ok
15:34:29.0724 0x1248  [ F77A255AA2EFD7E90DDD2B5AA56C138C, 981940C4492BE5DF20FBEC1AFBBB54E474BC9A81C60CCE09E28E31B89C36BC58 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
15:34:29.0734 0x1248  mfemms - ok
15:34:29.0761 0x1248  [ 445494D06B3A3A29675DC301929DE3D3, F882E39FB72E12A61D23EED26912C75CA67918FBE3CC7FFA5770D0828CF6647D ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
15:34:29.0778 0x1248  mfencbdc - ok
15:34:29.0788 0x1248  [ C9C9FD96A926F4E15CD9F3735B79A0CA, 61996DB9C642DF22CC555E745E835E661E247F4C0AB51ED4AEEF52AB9DF9A516 ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
15:34:29.0792 0x1248  mfencrk - ok
15:34:29.0820 0x1248  [ 649BFB05427A4C6010E36FA9B77D508A, D8857AADD9C017DE78F1BB0EF19E98273C4A66EC7706E5EA252423DFF80FC755 ] mfeplk          C:\Windows\system32\drivers\mfeplk.sys
15:34:29.0824 0x1248  mfeplk - ok
15:34:29.0851 0x1248  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
15:34:29.0853 0x1248  mfesapsn - ok
15:34:29.0872 0x1248  [ B50C9F4F32BA5CE0E6D31D35C542F28A, 7F627D1E4E15234109440CEE19FDE41EC6FD0E8B4CBF9D44D1E74D7E74DF5A89 ] mfevtp          C:\Windows\system32\mfevtps.exe
15:34:29.0881 0x1248  mfevtp - ok
15:34:29.0892 0x1248  [ 3C9394C962515E501733692A553C3A9E, BC0F40F08CD4EAFC83EC6D047E8392ECA23E04025E079C47C5C6F7AAF27BEB76 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
15:34:29.0899 0x1248  mfewfpk - ok
15:34:29.0918 0x1248  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:34:29.0922 0x1248  MMCSS - ok
15:34:30.0110 0x1248  [ D9652739D1007B9B5CE34CEF38E095C5, 20AFFEA3B2E7F254A58CDD9F4F9D51D94710C20E98A650BE33FD446A474D7D12 ] mmsminisrv      C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
15:34:30.0248 0x1248  mmsminisrv - ok
15:34:30.0274 0x1248  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:34:30.0276 0x1248  Modem - ok
15:34:30.0336 0x1248  [ 7A6C8A1143266B0487CF7882E619ED40, F5AE6CF4B60BC43489915102B1DD819C45917FAAFBA01B3C863D9B65F006F345 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
15:34:30.0462 0x1248  ModuleCoreService - ok
15:34:30.0480 0x1248  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:34:30.0481 0x1248  monitor - ok
15:34:30.0496 0x1248  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:34:30.0498 0x1248  mouclass - ok
15:34:30.0509 0x1248  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:34:30.0510 0x1248  mouhid - ok
15:34:30.0534 0x1248  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:34:30.0537 0x1248  mountmgr - ok
15:34:30.0571 0x1248  [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:34:30.0576 0x1248  MozillaMaintenance - ok
15:34:30.0596 0x1248  [ 3665AB2F67F4024F5F3F80335ED5322A, BE3DC246F176E00D7611A7E16FBC22615199F49EBCB4C90B0C107294E592BF8D ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:34:30.0604 0x1248  MpFilter - ok
15:34:30.0622 0x1248  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:34:30.0664 0x1248  mpio - ok
15:34:30.0685 0x1248  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:34:30.0688 0x1248  mpsdrv - ok
15:34:30.0720 0x1248  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:34:30.0760 0x1248  MpsSvc - ok
15:34:30.0787 0x1248  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:34:30.0833 0x1248  MRxDAV - ok
15:34:30.0886 0x1248  [ C514067DA02C938D4F96BB7769408089, 3ABA77FA2E7C6A3B07FF0E9927EA209AF5102D23137DB0F27451BAFE338D1B6D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:34:30.0997 0x1248  mrxsmb - ok
15:34:31.0021 0x1248  [ 0B86690B115B3F99707F12D962015769, C60EA050FD436C774B0847F1D0B4D303473768448D59E8D275049BD9164BEC94 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:34:31.0076 0x1248  mrxsmb10 - ok
15:34:31.0099 0x1248  [ 8D5D3EEBCF4DABCE2B2006AF69155046, 0565DBE3B220EAEDEA6FB235CE128A1964A7F481A7987B4CCEDA9C2BFD149E98 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:34:31.0126 0x1248  mrxsmb20 - ok
15:34:31.0138 0x1248  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:34:31.0140 0x1248  msahci - ok
15:34:31.0147 0x1248  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:34:31.0152 0x1248  msdsm - ok
15:34:31.0162 0x1248  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:34:31.0167 0x1248  MSDTC - ok
15:34:31.0183 0x1248  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:34:31.0185 0x1248  Msfs - ok
15:34:31.0207 0x1248  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:34:31.0208 0x1248  mshidkmdf - ok
15:34:31.0217 0x1248  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:34:31.0219 0x1248  msisadrv - ok
15:34:31.0236 0x1248  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:34:31.0242 0x1248  MSiSCSI - ok
15:34:31.0248 0x1248  msiserver - ok
15:34:31.0273 0x1248  [ A5AEFF1699CB64EE4AA8D7278762852E, 65B1C523DB87F38EEB33CBC0A806EADA59291E4EE200864549D5EC00332E2D53 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:34:31.0286 0x1248  MSK80Service - ok
15:34:31.0307 0x1248  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:34:31.0309 0x1248  MSKSSRV - ok
15:34:31.0344 0x1248  [ 5ADED2C1239D7BD798E2C4EF9EAA1FA3, 6A462DAC110015F3E59610202714120C557674019A0196680B72031C50D7C474 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:34:31.0348 0x1248  MsMpSvc - ok
15:34:31.0352 0x1248  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:34:31.0354 0x1248  MSPCLOCK - ok
15:34:31.0364 0x1248  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:34:31.0365 0x1248  MSPQM - ok
15:34:31.0385 0x1248  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:34:31.0395 0x1248  MsRPC - ok
15:34:31.0406 0x1248  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:34:31.0407 0x1248  mssmbios - ok
15:34:31.0411 0x1248  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:34:31.0413 0x1248  MSTEE - ok
15:34:31.0418 0x1248  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:34:31.0420 0x1248  MTConfig - ok
15:34:31.0434 0x1248  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:34:31.0436 0x1248  Mup - ok
15:34:31.0467 0x1248  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:34:31.0485 0x1248  napagent - ok
15:34:31.0515 0x1248  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:34:31.0523 0x1248  NativeWifiP - ok
15:34:31.0567 0x1248  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:34:31.0600 0x1248  NDIS - ok
15:34:31.0618 0x1248  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:34:31.0620 0x1248  NdisCap - ok
15:34:31.0636 0x1248  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:34:31.0637 0x1248  NdisTapi - ok
15:34:31.0652 0x1248  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:34:31.0654 0x1248  Ndisuio - ok
15:34:31.0662 0x1248  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:34:31.0666 0x1248  NdisWan - ok
15:34:31.0682 0x1248  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:34:31.0684 0x1248  NDProxy - ok
15:34:31.0691 0x1248  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:34:31.0693 0x1248  NetBIOS - ok
15:34:31.0712 0x1248  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:34:31.0718 0x1248  NetBT - ok
15:34:31.0727 0x1248  [ 4747BB1EF5246596B864831903C7E3F9, 45A8B23593FAA0219AD4541CD9F525587AAFD4EC0EBBA46814DC9874C4816E5C ] Netlogon        C:\Windows\system32\lsass.exe
15:34:31.0729 0x1248  Netlogon - ok
15:34:31.0749 0x1248  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:34:31.0766 0x1248  Netman - ok
15:34:31.0807 0x1248  [ 1691508046941E185A040F4EC0906A16, CE0F2BA472AE0126AB92859FA96529847BAE554B40285382A1DF220FDEEF992F ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:34:31.0811 0x1248  NetMsmqActivator - ok
15:34:31.0817 0x1248  [ 1691508046941E185A040F4EC0906A16, CE0F2BA472AE0126AB92859FA96529847BAE554B40285382A1DF220FDEEF992F ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:34:31.0820 0x1248  NetPipeActivator - ok
15:34:31.0848 0x1248  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:34:31.0865 0x1248  netprofm - ok
15:34:31.0882 0x1248  [ 1691508046941E185A040F4EC0906A16, CE0F2BA472AE0126AB92859FA96529847BAE554B40285382A1DF220FDEEF992F ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:34:31.0885 0x1248  NetTcpActivator - ok
15:34:31.0892 0x1248  [ 1691508046941E185A040F4EC0906A16, CE0F2BA472AE0126AB92859FA96529847BAE554B40285382A1DF220FDEEF992F ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:34:31.0895 0x1248  NetTcpPortSharing - ok
15:34:31.0904 0x1248  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:34:31.0907 0x1248  nfrd960 - ok
15:34:31.0945 0x1248  [ CE5F6E635FE4506AE6F2D6EB87425128, 3DB5ECF7CD2F2C3C010AA40CE57F1B3856E284BBA359FBC41A1B340E3180FD5F ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:34:31.0949 0x1248  NisDrv - ok
15:34:31.0971 0x1248  [ D630B510E1E3FF6BA12B705F47F115D9, 05D76065D5D9A82E53EA18CD2D0184338681A7BBD3CD5D6C44D1FA5CB1C63640 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:34:31.0981 0x1248  NisSrv - ok
15:34:32.0011 0x1248  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:34:32.0039 0x1248  NlaSvc - ok
15:34:32.0049 0x1248  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:34:32.0051 0x1248  Npfs - ok
15:34:32.0067 0x1248  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:34:32.0069 0x1248  nsi - ok
15:34:32.0074 0x1248  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:34:32.0075 0x1248  nsiproxy - ok
15:34:32.0142 0x1248  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:34:32.0194 0x1248  Ntfs - ok
15:34:32.0213 0x1248  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:34:32.0214 0x1248  Null - ok
15:34:32.0235 0x1248  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:34:32.0240 0x1248  nvraid - ok
15:34:32.0251 0x1248  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:34:32.0256 0x1248  nvstor - ok
15:34:32.0267 0x1248  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:34:32.0271 0x1248  nv_agp - ok
15:34:32.0277 0x1248  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:34:32.0279 0x1248  ohci1394 - ok
15:34:32.0320 0x1248  [ 90488CE0BF08D3FCCF090E9A3CD16945, 7ACEACCEDAD2D25CB79689E4F6A2840AACA743ADA078371D7C9225A1C4C12DE3 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:34:32.0326 0x1248  ose - ok
15:34:32.0502 0x1248  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:34:32.0667 0x1248  osppsvc - ok
15:34:32.0857 0x1248  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:34:32.0882 0x1248  p2pimsvc - ok
15:34:32.0910 0x1248  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:34:32.0927 0x1248  p2psvc - ok
15:34:32.0934 0x1248  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:34:32.0937 0x1248  Parport - ok
15:34:32.0956 0x1248  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:34:32.0959 0x1248  partmgr - ok
15:34:32.0983 0x1248  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:34:33.0016 0x1248  PcaSvc - ok
15:34:33.0031 0x1248  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:34:33.0036 0x1248  pci - ok
15:34:33.0057 0x1248  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:34:33.0058 0x1248  pciide - ok
15:34:33.0081 0x1248  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:34:33.0087 0x1248  pcmcia - ok
15:34:33.0099 0x1248  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:34:33.0101 0x1248  pcw - ok
15:34:33.0128 0x1248  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:34:33.0182 0x1248  PEAUTH - ok
15:34:33.0241 0x1248  [ 895C88D8F266FD71C8CB2F375D8A806F, 75AF94A1141DF422B27AC0A55138DEA227ABF22419907A7464199D040F5FFF73 ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
15:34:33.0383 0x1248  PEFService - ok
15:34:33.0435 0x1248  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:34:33.0438 0x1248  PerfHost - ok
15:34:33.0495 0x1248  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:34:33.0539 0x1248  pla - ok
15:34:33.0568 0x1248  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:34:33.0585 0x1248  PlugPlay - ok
15:34:33.0591 0x1248  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:34:33.0594 0x1248  PNRPAutoReg - ok
15:34:33.0610 0x1248  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:34:33.0619 0x1248  PNRPsvc - ok
15:34:33.0654 0x1248  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:34:33.0680 0x1248  PolicyAgent - ok
15:34:33.0714 0x1248  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:34:33.0720 0x1248  Power - ok
15:34:33.0734 0x1248  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:34:33.0736 0x1248  PptpMiniport - ok
15:34:33.0742 0x1248  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:34:33.0744 0x1248  Processor - ok
15:34:33.0763 0x1248  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:34:33.0808 0x1248  ProfSvc - ok
15:34:33.0819 0x1248  [ 4747BB1EF5246596B864831903C7E3F9, 45A8B23593FAA0219AD4541CD9F525587AAFD4EC0EBBA46814DC9874C4816E5C ] ProtectedStorage C:\Windows\system32\lsass.exe
15:34:33.0820 0x1248  ProtectedStorage - ok
15:34:33.0837 0x1248  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:34:33.0840 0x1248  Psched - ok
15:34:33.0893 0x1248  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:34:33.0930 0x1248  ql2300 - ok
15:34:33.0946 0x1248  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:34:33.0950 0x1248  ql40xx - ok
15:34:33.0975 0x1248  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:34:33.0983 0x1248  QWAVE - ok
15:34:33.0994 0x1248  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:34:33.0996 0x1248  QWAVEdrv - ok
15:34:34.0004 0x1248  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:34:34.0005 0x1248  RasAcd - ok
15:34:34.0025 0x1248  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:34:34.0027 0x1248  RasAgileVpn - ok
15:34:34.0042 0x1248  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:34:34.0046 0x1248  RasAuto - ok
15:34:34.0056 0x1248  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:34:34.0059 0x1248  Rasl2tp - ok
15:34:34.0072 0x1248  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:34:34.0082 0x1248  RasMan - ok
15:34:34.0096 0x1248  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:34:34.0098 0x1248  RasPppoe - ok
15:34:34.0108 0x1248  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:34:34.0110 0x1248  RasSstp - ok
15:34:34.0122 0x1248  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:34:34.0130 0x1248  rdbss - ok
15:34:34.0146 0x1248  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:34:34.0148 0x1248  rdpbus - ok
15:34:34.0173 0x1248  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:34:34.0174 0x1248  RDPCDD - ok
15:34:34.0190 0x1248  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:34:34.0191 0x1248  RDPENCDD - ok
15:34:34.0197 0x1248  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:34:34.0199 0x1248  RDPREFMP - ok
15:34:34.0243 0x1248  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:34:34.0315 0x1248  RdpVideoMiniport - ok
15:34:34.0338 0x1248  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:34:34.0346 0x1248  RDPWD - ok
15:34:34.0358 0x1248  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:34:34.0366 0x1248  rdyboost - ok
15:34:34.0379 0x1248  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:34:34.0384 0x1248  RemoteAccess - ok
15:34:34.0402 0x1248  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:34:34.0408 0x1248  RemoteRegistry - ok
15:34:34.0435 0x1248  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:34:34.0468 0x1248  RFCOMM - ok
15:34:34.0482 0x1248  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:34:34.0486 0x1248  RpcEptMapper - ok
15:34:34.0500 0x1248  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:34:34.0502 0x1248  RpcLocator - ok
15:34:34.0533 0x1248  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
15:34:34.0544 0x1248  RpcSs - ok
15:34:34.0554 0x1248  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:34:34.0556 0x1248  rspndr - ok
15:34:34.0586 0x1248  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A, 9F6CFBE7E64A63E0AFEF546C4B8D889657B2055CE80279EA1B63EB5650E730F8 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:34:34.0595 0x1248  RTL8167 - ok
15:34:34.0610 0x1248  [ 4747BB1EF5246596B864831903C7E3F9, 45A8B23593FAA0219AD4541CD9F525587AAFD4EC0EBBA46814DC9874C4816E5C ] SamSs           C:\Windows\system32\lsass.exe
15:34:34.0613 0x1248  SamSs - ok
15:34:34.0622 0x1248  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:34:34.0629 0x1248  sbp2port - ok
15:34:34.0644 0x1248  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:34:34.0651 0x1248  SCardSvr - ok
15:34:34.0694 0x1248  [ 81912490882BE0F971B582AD1C33CA57, F0D94B8DAB7012C6407A866A148A93641684D26400CCF65856A08E423AD18DF0 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
15:34:34.0699 0x1248  SCDEmu - ok
15:34:34.0709 0x1248  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:34:34.0711 0x1248  scfilter - ok
15:34:34.0755 0x1248  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
15:34:34.0834 0x1248  Schedule - ok
15:34:34.0889 0x1248  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:34:34.0895 0x1248  SCPolicySvc - ok
15:34:34.0957 0x1248  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:34:34.0983 0x1248  SDRSVC - ok
15:34:35.0011 0x1248  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:34:35.0014 0x1248  secdrv - ok
15:34:35.0031 0x1248  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
15:34:35.0036 0x1248  seclogon - ok
15:34:35.0049 0x1248  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:34:35.0055 0x1248  SENS - ok
15:34:35.0064 0x1248  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:34:35.0067 0x1248  SensrSvc - ok
15:34:35.0081 0x1248  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:34:35.0083 0x1248  Serenum - ok
15:34:35.0099 0x1248  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
15:34:35.0102 0x1248  Serial - ok
15:34:35.0107 0x1248  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:34:35.0108 0x1248  sermouse - ok
15:34:35.0133 0x1248  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:34:35.0138 0x1248  SessionEnv - ok
15:34:35.0144 0x1248  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:34:35.0145 0x1248  sffdisk - ok
15:34:35.0150 0x1248  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:34:35.0152 0x1248  sffp_mmc - ok
15:34:35.0156 0x1248  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:34:35.0158 0x1248  sffp_sd - ok
15:34:35.0167 0x1248  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:34:35.0168 0x1248  sfloppy - ok
15:34:35.0189 0x1248  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:34:35.0199 0x1248  SharedAccess - ok
15:34:35.0222 0x1248  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:34:35.0239 0x1248  ShellHWDetection - ok
15:34:35.0247 0x1248  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:34:35.0250 0x1248  SiSRaid2 - ok
15:34:35.0260 0x1248  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:34:35.0263 0x1248  SiSRaid4 - ok
15:34:35.0326 0x1248  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:34:35.0342 0x1248  SkypeUpdate - ok
15:34:35.0360 0x1248  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:34:35.0364 0x1248  Smb - ok
15:34:35.0401 0x1248  [ 67E7E7DB39769F2D8C4DC7BD4EBA02E6, 0FA9E2D4B100AA5BD258B152D1CA7CD7682DF2796584892710F822FEF1AF1A85 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
15:34:35.0451 0x1248  snapman - ok
15:34:35.0461 0x1248  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:34:35.0464 0x1248  SNMPTRAP - ok
15:34:35.0469 0x1248  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:34:35.0471 0x1248  spldr - ok
15:34:35.0495 0x1248  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
15:34:35.0521 0x1248  Spooler - ok
15:34:35.0625 0x1248  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:34:35.0718 0x1248  sppsvc - ok
15:34:35.0740 0x1248  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:34:35.0744 0x1248  sppuinotify - ok
15:34:35.0781 0x1248  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:34:35.0819 0x1248  srv - ok
15:34:35.0842 0x1248  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:34:35.0888 0x1248  srv2 - ok
15:34:35.0906 0x1248  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:34:35.0935 0x1248  srvnet - ok
15:34:35.0951 0x1248  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:34:35.0958 0x1248  SSDPSRV - ok
15:34:35.0968 0x1248  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:34:35.0972 0x1248  SstpSvc - ok
15:34:36.0083 0x1248  [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:34:36.0122 0x1248  Steam Client Service - ok
15:34:36.0141 0x1248  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:34:36.0142 0x1248  stexstor - ok
15:34:36.0172 0x1248  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:34:36.0198 0x1248  stisvc - ok
15:34:36.0212 0x1248  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:34:36.0214 0x1248  swenum - ok
15:34:36.0262 0x1248  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:34:36.0280 0x1248  SwitchBoard - ok
15:34:36.0303 0x1248  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:34:36.0317 0x1248  swprv - ok
15:34:36.0609 0x1248  [ C653C8A3D3079A7D03F8DAB6C5FE6DD7, 7A0A6F6697227924F9EEB6CA020D807746FADAEC1D27096A9A9F7FC5B54DC593 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
15:34:36.0857 0x1248  syncagentsrv - ok
15:34:36.0940 0x1248  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
15:34:36.0991 0x1248  SysMain - ok
15:34:37.0010 0x1248  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:34:37.0014 0x1248  TabletInputService - ok
15:34:37.0031 0x1248  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:34:37.0041 0x1248  TapiSrv - ok
15:34:37.0113 0x1248  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:34:37.0164 0x1248  Tcpip - ok
15:34:37.0216 0x1248  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:34:37.0253 0x1248  TCPIP6 - ok
15:34:37.0279 0x1248  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:34:37.0299 0x1248  tcpipreg - ok
15:34:37.0308 0x1248  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:34:37.0310 0x1248  TDPIPE - ok
15:34:37.0328 0x1248  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:34:37.0330 0x1248  TDTCP - ok
15:34:37.0353 0x1248  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:34:37.0356 0x1248  tdx - ok
15:34:37.0594 0x1248  [ D778B8E00A5ABF6C27DDB74F382ACBE9, E874053B0DC603465F08559961E57D9D65AAFA0C8E525B606F91299BC1BE309B ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
15:34:37.0817 0x1248  TeamViewer - ok
15:34:37.0854 0x1248  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:34:37.0857 0x1248  TermDD - ok
15:34:37.0893 0x1248  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:34:37.0944 0x1248  TermService - ok
15:34:37.0966 0x1248  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:34:37.0969 0x1248  Themes - ok
15:34:37.0984 0x1248  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:34:37.0987 0x1248  THREADORDER - ok
15:34:38.0032 0x1248  [ D66C989F0C86A11472A57963841643D4, B75C1645512DE29281DE28AB125CFB449E75D285BF3EF577FD4A096DF3FF7260 ] tib             C:\Windows\system32\DRIVERS\tib.sys
15:34:38.0103 0x1248  tib - ok
15:34:38.0120 0x1248  [ 0F9FD35675C7B29AA01DF7CA038FC18C, E0FE87FBD73A9070D6C900BC535B9B99402005957306562CA1D68AB920CB0EE9 ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
15:34:38.0159 0x1248  tib_mounter - ok
15:34:38.0175 0x1248  [ 199C2E87D9A5EC58D0BCD94E893BF629, A3CE21A62BB3D31FEE36E517D7ED7B86E41D4A80F22A51B9821AC57991014DC9 ] TIEHDUSB        C:\Windows\system32\DRIVERS\tiehdusb.sys
15:34:38.0180 0x1248  TIEHDUSB - ok
15:34:38.0207 0x1248  [ 21AFBEAC264AB4C6A399E41EF7B2A500, 005089F7F971BED5184A36C6FAE21A68117FB1C017B2F00021FA218131E9AC3A ] tnd             C:\Windows\system32\DRIVERS\tnd.sys
15:34:38.0263 0x1248  tnd - ok
15:34:38.0283 0x1248  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:34:38.0288 0x1248  TrkWks - ok
15:34:38.0327 0x1248  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:34:38.0360 0x1248  TrustedInstaller - ok
15:34:38.0385 0x1248  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:34:38.0402 0x1248  tssecsrv - ok
15:34:38.0422 0x1248  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:34:38.0441 0x1248  TsUsbFlt - ok
15:34:38.0453 0x1248  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:34:38.0471 0x1248  TsUsbGD - ok
15:34:38.0487 0x1248  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:34:38.0490 0x1248  tunnel - ok
15:34:38.0496 0x1248  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:34:38.0499 0x1248  uagp35 - ok
15:34:38.0524 0x1248  [ 63F6D08C54D5B3C1B12A6172032055C7, 87D872731D2C85E1A0ED3128CB7AB91AF00D830B0E4307054ABFD1D3900C990D ] uCamMonitor     C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe
15:34:38.0527 0x1248  uCamMonitor - ok
15:34:38.0549 0x1248  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:34:38.0558 0x1248  udfs - ok
15:34:38.0573 0x1248  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:34:38.0576 0x1248  UI0Detect - ok
15:34:38.0588 0x1248  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:34:38.0591 0x1248  uliagpkx - ok
15:34:38.0607 0x1248  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:34:38.0609 0x1248  umbus - ok
15:34:38.0629 0x1248  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:34:38.0631 0x1248  UmPass - ok
15:34:38.0650 0x1248  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:34:38.0661 0x1248  upnphost - ok
15:34:38.0694 0x1248  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:34:38.0697 0x1248  usbaudio - ok
15:34:38.0710 0x1248  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
15:34:38.0730 0x1248  usbccgp - ok
15:34:38.0756 0x1248  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:34:38.0759 0x1248  usbcir - ok
15:34:38.0775 0x1248  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:34:38.0792 0x1248  usbehci - ok
15:34:38.0818 0x1248  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
15:34:38.0862 0x1248  usbhub - ok
15:34:38.0880 0x1248  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:34:38.0932 0x1248  usbohci - ok
15:34:38.0969 0x1248  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:34:38.0971 0x1248  usbprint - ok
15:34:38.0986 0x1248  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:34:38.0989 0x1248  usbscan - ok
15:34:39.0005 0x1248  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:34:39.0025 0x1248  USBSTOR - ok
15:34:39.0043 0x1248  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:34:39.0060 0x1248  usbuhci - ok
15:34:39.0079 0x1248  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:34:39.0084 0x1248  usbvideo - ok
15:34:39.0098 0x1248  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:34:39.0101 0x1248  UxSms - ok
15:34:39.0111 0x1248  [ 4747BB1EF5246596B864831903C7E3F9, 45A8B23593FAA0219AD4541CD9F525587AAFD4EC0EBBA46814DC9874C4816E5C ] VaultSvc        C:\Windows\system32\lsass.exe
15:34:39.0113 0x1248  VaultSvc - ok
15:34:39.0128 0x1248  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:34:39.0130 0x1248  vdrvroot - ok
15:34:39.0155 0x1248  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:34:39.0172 0x1248  vds - ok
15:34:39.0185 0x1248  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:34:39.0187 0x1248  vga - ok
15:34:39.0195 0x1248  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:34:39.0196 0x1248  VgaSave - ok
15:34:39.0216 0x1248  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:34:39.0222 0x1248  vhdmp - ok
15:34:39.0232 0x1248  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:34:39.0234 0x1248  viaide - ok
15:34:39.0257 0x1248  [ 593D66A1424176B07E1E04B581C636C2, D4E1FA96A1A24DD3EEB3FAB0F32C702C5A621F633007B3D7874995C77CB116E5 ] virtual_file    C:\Windows\system32\DRIVERS\virtual_file.sys
15:34:39.0303 0x1248  virtual_file - ok
15:34:39.0343 0x1248  [ 0375A6AAAC9D617E192BBA8CF2808956, 45564408F7B927153D34F77A7144DD62E9EBADFCE5FD371F302CD9AA7354F7F1 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
15:34:39.0346 0x1248  VMAuthdService - ok
15:34:39.0371 0x1248  [ 207BD7BE759F658351A8AD1EAF62CED0, F0A1AF48D8345BEC9EF918466986218CEED3D031CCBF7766EF7E5A4629A11AC4 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
15:34:39.0374 0x1248  vmci - ok
15:34:39.0388 0x1248  [ 1CA7A1295E0DF2DB74EA2005FF1B47D1, A9F5634782FD7887BEB445A76FF5E27F3311AB5B3397C9A9A61220F417A51BF7 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
15:34:39.0390 0x1248  VMnetAdapter - ok
15:34:39.0407 0x1248  [ 069261D445C6B037DE3FD0773547E91E, F7E799E050B5D4DBC852AF7FCD04276ED1441C5259118B04FA89D0F6ECACB220 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
15:34:39.0410 0x1248  VMnetBridge - ok
15:34:39.0433 0x1248  [ BFEBD30F175D558498A23D5379E98123, D2B4B1A6D539E27499C81B93CF3163E7E0A44DBD43F70B5B2C688181008E65E1 ] VMnetDHCP       C:\Windows\SysWOW64\vmnetdhcp.exe
15:34:39.0449 0x1248  VMnetDHCP - ok
15:34:39.0464 0x1248  [ 9800D54EB175DE5500B2928C326BBCAB, 1EEA4D648F99EBAF4DD6F209C256C56CF26EFA5F7AF7A392655410EFFB625698 ] VMnetUserif     C:\Windows\system32\DRIVERS\vmnetuserif.sys
15:34:39.0466 0x1248  VMnetUserif - ok
15:34:39.0537 0x1248  [ D46F765ABFBBEE6A23B7D61603916B4F, 243F8938366232CA0DB357FCF3DCAD4358C2E0248C53B334D771472B8BB24528 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
15:34:39.0570 0x1248  VMUSBArbService - ok
15:34:39.0592 0x1248  [ 7A39E2125C1523A2AF0F7063310694C7, FD1ED619A0F32236BFA3B70EFA055DCD89D65FDCAD484E7B69890145255FB72A ] VMware NAT Service C:\Windows\SysWOW64\vmnat.exe
15:34:39.0609 0x1248  VMware NAT Service - ok
15:34:39.0619 0x1248  [ 145C7940CE014E0D77911652CC4984CC, 918A70CCA94EF96BD4B4798367469D4AC6EAD0D02440972803F7D8442A385B46 ] vmx86           C:\Windows\system32\DRIVERS\vmx86.sys
15:34:39.0622 0x1248  vmx86 - ok
15:34:39.0634 0x1248  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:34:39.0637 0x1248  volmgr - ok
15:34:39.0655 0x1248  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:34:39.0664 0x1248  volmgrx - ok
15:34:39.0676 0x1248  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:34:39.0684 0x1248  volsnap - ok
15:34:39.0692 0x1248  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:34:39.0697 0x1248  vsmraid - ok
15:34:39.0728 0x1248  [ F549FF59B775552C6DDDB8C7542084A1, 194432D48F57DC04727AF4AF3F9250235A851C517F2807A8FCE08A62D0E89C1A ] vsock           C:\Windows\system32\DRIVERS\vsock.sys
15:34:39.0732 0x1248  vsock - ok
15:34:39.0783 0x1248  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:34:39.0825 0x1248  VSS - ok
15:34:39.0851 0x1248  [ 3A68258C249F259ADDFB9467CA2A9265, 921220FDCE94A5DE6E3FD9DF89A3CF02937B05A5BEFE85082E27D9537BDDDF80 ] VUSB3HUB        C:\Windows\system32\DRIVERS\ViaHub3.sys
15:34:39.0857 0x1248  VUSB3HUB - ok
15:34:39.0867 0x1248  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:34:39.0868 0x1248  vwifibus - ok
15:34:39.0890 0x1248  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:34:39.0907 0x1248  W32Time - ok
15:34:39.0922 0x1248  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:34:39.0924 0x1248  WacomPen - ok
15:34:39.0949 0x1248  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:34:39.0951 0x1248  WANARP - ok
15:34:39.0964 0x1248  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:34:39.0966 0x1248  Wanarpv6 - ok
15:34:40.0029 0x1248  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:34:40.0063 0x1248  WatAdminSvc - ok
15:34:40.0118 0x1248  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:34:40.0161 0x1248  wbengine - ok
15:34:40.0181 0x1248  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:34:40.0188 0x1248  WbioSrvc - ok
15:34:40.0207 0x1248  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:34:40.0224 0x1248  wcncsvc - ok
15:34:40.0234 0x1248  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:34:40.0237 0x1248  WcsPlugInService - ok
15:34:40.0251 0x1248  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:34:40.0252 0x1248  Wd - ok
15:34:40.0289 0x1248  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:34:40.0315 0x1248  Wdf01000 - ok
15:34:40.0329 0x1248  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:34:40.0359 0x1248  WdiServiceHost - ok
15:34:40.0366 0x1248  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:34:40.0370 0x1248  WdiSystemHost - ok
15:34:40.0395 0x1248  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
15:34:40.0437 0x1248  WebClient - ok
15:34:40.0454 0x1248  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:34:40.0462 0x1248  Wecsvc - ok
15:34:40.0477 0x1248  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:34:40.0481 0x1248  wercplsupport - ok
15:34:40.0500 0x1248  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:34:40.0504 0x1248  WerSvc - ok
15:34:40.0511 0x1248  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:34:40.0513 0x1248  WfpLwf - ok
15:34:40.0518 0x1248  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:34:40.0520 0x1248  WIMMount - ok
15:34:40.0541 0x1248  WinDefend - ok
15:34:40.0554 0x1248  WinHttpAutoProxySvc - ok
15:34:40.0585 0x1248  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:34:40.0592 0x1248  Winmgmt - ok
15:34:40.0666 0x1248  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:34:40.0773 0x1248  WinRM - ok
15:34:40.0833 0x1248  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
15:34:40.0837 0x1248  WinUsb - ok
15:34:40.0890 0x1248  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:34:40.0922 0x1248  Wlansvc - ok
15:34:40.0934 0x1248  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:34:40.0935 0x1248  WmiAcpi - ok
15:34:40.0952 0x1248  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:34:40.0958 0x1248  wmiApSrv - ok
15:34:40.0965 0x1248  WMPNetworkSvc - ok
15:34:40.0978 0x1248  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:34:40.0981 0x1248  WPCSvc - ok
15:34:40.0991 0x1248  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:34:40.0996 0x1248  WPDBusEnum - ok
15:34:41.0010 0x1248  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:34:41.0011 0x1248  ws2ifsl - ok
15:34:41.0023 0x1248  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:34:41.0028 0x1248  wscsvc - ok
15:34:41.0033 0x1248  WSearch - ok
15:34:41.0121 0x1248  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:34:41.0190 0x1248  wuauserv - ok
15:34:41.0216 0x1248  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:34:41.0218 0x1248  WudfPf - ok
15:34:41.0232 0x1248  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:34:41.0237 0x1248  WUDFRd - ok
15:34:41.0269 0x1248  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:34:41.0273 0x1248  wudfsvc - ok
15:34:41.0301 0x1248  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:34:41.0335 0x1248  WwanSvc - ok
15:34:41.0360 0x1248  [ C35ACE92C3FA193EFBAE22AD1CE0CE07, E2CBDF793AE4345246D7B34D4DAA9F13D34FD9DD264BA36D14BC43590D91D266 ] xhcdrv          C:\Windows\system32\DRIVERS\xhcdrv.sys
15:34:41.0367 0x1248  xhcdrv - ok
15:34:41.0380 0x1248  ================ Scan global ===============================
15:34:41.0408 0x1248  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:34:41.0453 0x1248  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
15:34:41.0494 0x1248  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
15:34:41.0513 0x1248  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:34:41.0525 0x1248  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:34:41.0533 0x1248  [ Global ] - ok
15:34:41.0533 0x1248  ================ Scan MBR ==================================
15:34:41.0545 0x1248  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:34:41.0696 0x1248  \Device\Harddisk0\DR0 - ok
15:34:41.0700 0x1248  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
15:34:41.0709 0x1248  \Device\Harddisk1\DR1 - ok
15:34:41.0716 0x1248  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk7\DR7
15:34:41.0723 0x1248  \Device\Harddisk7\DR7 - ok
15:34:41.0723 0x1248  ================ Scan VBR ==================================
15:34:41.0726 0x1248  [ EFB88004CF6AAA5AA0786F18610384BF ] \Device\Harddisk0\DR0\Partition1
15:34:41.0727 0x1248  \Device\Harddisk0\DR0\Partition1 - ok
15:34:41.0731 0x1248  [ 04B6F6A8959906D7CB1BE2BE0E4A7942 ] \Device\Harddisk0\DR0\Partition2
15:34:41.0732 0x1248  \Device\Harddisk0\DR0\Partition2 - ok
15:34:41.0735 0x1248  [ E9616A0FF201370A5F0FD31E9FC16D18 ] \Device\Harddisk1\DR1\Partition1
15:34:41.0737 0x1248  \Device\Harddisk1\DR1\Partition1 - ok
15:34:41.0741 0x1248  [ D825C6A9E323B750EB1762236DD3516C ] \Device\Harddisk7\DR7\Partition1
15:34:41.0743 0x1248  \Device\Harddisk7\DR7\Partition1 - ok
15:34:41.0743 0x1248  ================ Scan generic autorun ======================
15:34:41.0768 0x1248  [ 968EDA6EA6E00DFAE78586BFA6322B74, 8F3A01704E67D2F9212A08F0D5B4FF15DEE4791E1BB303DF4C9CF7DD3871E6E5 ] C:\VIA_XHCI\usb3Monitor.exe
15:34:41.0893 0x1248  VIAxHCUtl - ok
15:34:42.0005 0x1248  [ 7A727248EBC065BD2BB94A9B2892D190, B1E12ED3D07963EF0FA09B3ECD8AC3FBD316733D968A99C958DF7026B1BDFD99 ] c:\Program Files\Microsoft Security Client\msseces.exe
15:34:42.0045 0x1248  MSC - ok
15:34:42.0118 0x1248  [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
15:34:42.0142 0x1248  AdobeAAMUpdater-1.0 - ok
15:34:42.0186 0x1248  [ DFE7FD46194D1711DA45EFDF02B78BD9, 5BF9AFAAE5835F6FFA47638BCA3C85B555C9C7042287877E4E2B666A7A0D06E2 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
15:34:42.0286 0x1248  Acronis Scheduler2 Service - ok
15:34:42.0315 0x1248  [ 5677C8C60F4659E8626AC9036EEF38DF, 1C7D3EC3BCB3E34900DD9556A3EBAF449C68585DC8E07682E680790497105B8B ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
15:34:42.0319 0x1248  Classic Start Menu - ok
15:34:42.0341 0x1248  [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
15:34:42.0346 0x1248  ArcSoft Connection Service - ok
15:34:42.0379 0x1248  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:34:42.0389 0x1248  SwitchBoard - ok
15:34:42.0435 0x1248  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
15:34:42.0581 0x1248  AdobeCS6ServiceManager - ok
15:34:42.0714 0x1248  [ 44D0198A661F67F709D0FD232DAF3E16, FC441E8AE34AE444DAA507ADDCB2F78574A28C86573C7215336CE227BD38DAEA ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
15:34:42.0916 0x1248  AcronisTibMounterMonitor - ok
15:34:43.0228 0x1248  [ C20214822288DD3F64964B3B9FF8AA33, 60A24EAAB0B2434BDEE97324B0518DF2A26BFBA10DA23EEFF447C6EE291B1885 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
15:34:43.0470 0x1248  TrueImageMonitor.exe - ok
15:34:43.0574 0x1248  [ 7D5E8D5BDF324718BBC91DF02D830317, AA6A8B0536C14A7D11FDFFA5F980E90059F6C3BE99DE57503EC58DEA022C5398 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
15:34:43.0641 0x1248  Adobe Creative Cloud - ok
15:34:43.0689 0x1248  [ 4BA99530056FF46D839911B3CDF0A116, 0B463FD0F672D18B4658D6680D54FEF1D1CC64D5EF481A0B882FACDC7DB540E3 ] C:\Program Files\PowerISO\PWRISOVM.EXE
15:34:43.0699 0x1248  PWRISOVM.EXE - ok
15:34:43.0789 0x1248  [ AD5A68D675726D6EB039082D186AEB29, 7D2D5B1497D2A7F26BCF27948BBFF4662FFBE276C4A120D6797B43CA7DD36E88 ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
15:34:44.0177 0x1248  Malwarebytes Anti-Exploit - ok
15:34:44.0285 0x1248  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:34:44.0506 0x1248  Sidebar - ok
15:34:44.0529 0x1248  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:34:44.0533 0x1248  mctadmin - ok
15:34:44.0576 0x1248  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:34:44.0598 0x1248  Sidebar - ok
15:34:44.0605 0x1248  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:34:44.0608 0x1248  mctadmin - ok
15:34:44.0691 0x1248  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] C:\Users\<censored>\AppData\Local\Google\Update\GoogleUpdate.exe
15:34:44.0702 0x1248  Google Update - ok
15:34:44.0728 0x1248  Skype - ok
15:34:45.0025 0x1248  [ F81F345586F08409752FC89EE3C02B17, 64D6F5D290C53DA2867205B659C4EFFF245194E2ACA764CC88D32594A9EA5D56 ] C:\Program Files\CCleaner\CCleaner64.exe
15:34:45.0275 0x1248  CCleaner Monitoring - ok
15:34:45.0391 0x1248  [ D2CE6EA0E9F641D7153462D40C6B4193, 3AAE5239F951E29497D759326BDC23E19644B763DC5661CA4E4980418195C37D ] C:\Program Files (x86)\Steam\steam.exe
15:34:45.0443 0x1248  Steam - ok
15:34:45.0573 0x1248  [ B8E262F4824CD03AE58D70B33307DCD5, 74EECAD827C5C307A2A5281299C15EED24DDD54E3B8E656B830F6932A3BE7D62 ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
15:34:45.0800 0x1248  DAEMON Tools Lite Automount - ok
15:34:45.0809 0x1248  Waiting for KSN requests completion. In queue: 142
15:34:46.0852 0x1248  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.10.209.0 ), 0x61000 ( enabled : updated )
15:34:46.0854 0x1248  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.0.0.0 ), 0x52000 ( disabled : updated )
15:34:46.0858 0x1248  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.0.0.0 ), 0x52010 ( disabled )
15:34:46.0864 0x1248  Win FW state via NFP2: enabled ( trusted )
15:34:47.0163 0x1248  ============================================================
15:34:47.0163 0x1248  Scan finished
15:34:47.0163 0x1248  ============================================================
15:34:47.0184 0x16cc  Detected object count: 0
15:34:47.0184 0x16cc  Actual detected object count: 0


 


Edited by rumpled103, 07 December 2016 - 07:01 PM.


#5 54M33R

54M33R

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 07 December 2016 - 10:11 PM

Does hitmanpro still perhaps detect popup.taboola? If you are wondering why I'm asking this you mentioned you had hitmanpro on your "local" computer which I suppose is the computer with the adware, If not I also suggest running it on the potentially infected machine. I it does not work at all we still have some option's to attempt and remove this. To also let you know, adware does not spread when linking google account or a firefox sync from what I know, as adware mostly comes bundled with certain installers and possibly unwanted browser toolbar ad-ons / extensions that also could inject ads into the browser.


Edited by 54M33R, 07 December 2016 - 11:18 PM.


#6 rumpled103

rumpled103
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 PM

Posted 08 December 2016 - 03:07 AM

Does hitmanpro still perhaps detect popup.taboola? If you are wondering why I'm asking this you mentioned you had hitmanpro on your "local" computer which I suppose is the computer with the adware, If not I also suggest running it on the potentially infected machine. I it does not work at all we still have some option's to attempt and remove this. To also let you know, adware does not spread when linking google account or a firefox sync from what I know, as adware mostly comes bundled with certain installers and possibly unwanted browser toolbar ad-ons / extensions that also could inject ads into the browser.

No, what I mean is does the adware get linked/attach itself to those accounts? For example, if you sign in to Firefox Sync or Google Chrome on an unharmed computer, does the computer get infected? I am also trying to understand how I got the adware on my Android Phone and how it's getting on my virtual machine. And my older brother just told me that he's seen Taboola ads on his phone.

As for the HitManPro, I tried it on my Administrator account. I think it found a lot of things the first time I ran it, but I forgot what they were and I don't think I saved the results to a log. When I started HitManPro default scan again, this time it found a lot of things, and it's showing a lot of the URLs where the adwares originate from (www.googleadservices.com, g.doubleclick.net, trc.taboola.com, ect.). It removes the things. Although, when I tried HitManPro while I was still on a certain website, which was foxla.com/live in my case, HitManPro reported a couple of cookies again and deleted them. Although, I will probably keep getting cookies again as long as I stay on the website. If I close out Firefox completely (without having done HitManPro before), it'll find a bunch of cookies again and depending on the sites I went will show more cookies (which are all adware). So I deleted that, went back to Firefox and then went back to foxla.com/live again, did HitManPro again, and it showed the cookies again. Something tells me I definitely have some sort of malware that keeps bringing back the adware. I would give you the HitManPro logs, but that'll probably not do any good.

Now, I tried it on my dad's phone, went to foxla.com/live and scrolled to the bottom where the ads usually appear. But this time, they did not appear. When I went here: http://download.cnet.com/HitmanPro-3-64-bit/3000-2239_4-75110395.html on my dad's phone, I noticed there were two ads that came from r.bat.bing, which again, I discovered while on my local computer.

Edit 1: https://productforums.google.com/forum/#!topic/chrome/F7AdLdaGFwU
This guy said it's probably a malware. But my dad's phone is clean, so I don't how r.bat.bing would show up there.

But yeah, HitManPro has not been working for me, so I definitely still need some help.


Edited by rumpled103, 08 December 2016 - 03:16 AM.


#7 54M33R

54M33R

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 08 December 2016 - 09:54 AM

Well then, as you wanted more of a detailed answer adware can spread if it was linked only if there was a sort of add-on or extension that may have contained the adware. Your only chance to try and remove it from a phone is to use Malwarebytes or avast for android. But without further, let us try to continue to possibly remove this pesky adware.

 

Control panel

 

I suggest looking in your control panel and looking for programs you did not install as they could have been bundled with adware

You can use this site to possibly figure out any program that you do not know of and if you should remove it.

 

 

Malwarebytes

 

  • Download  Malwarebytes and save it to your desktop
  • Install the program and uncheck the box "Enable free trial"
  • Run Malwarebytes and run an update to update the database for better detection
  • Run a scan Notice: This will take some time to finish
  • If any items are found, press Remove selected
  • If Reboot is required please reboot
  • All logs are stored in the History, Application logs section please open the Scan log file in the History section and copy it's contents and paste on your next reply

 

CCleaner

 

  • Download CCleaner and save the installer to your desktop
  • Run the application and install CCleaner, this will be used to remove temporary internet files and cookies Notice:  I suggest not using the registry cleaner
  • On the Cleaner section, Check Cookies for Internet explorer on the Windows part of the Cleaner press Applications and for Google Chrome and Firefox check Cookies, if you would like to keep certain cookies press Options then Cookies and find the cookies and click on them then move them to the right by pressing the highlighted blue arrow
  • You may now press Analyze on the Cleaner then you may press Run Cleaner.
  • Reboot your system to establish the effects to make sure all cookies are gone.


#8 rumpled103

rumpled103
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 PM

Posted 09 December 2016 - 05:35 PM

Ok, I just checked the computer at my local library and when I go to foxla.com/live or http://download.cnet.com/HitmanPro-3-64-bit/3000-2239_4-75110395.html, I also notice "Sponsered links by Taboola." And remember when I mentioned the r.bat.bing ads on my dad's phone (which is clean btw), well, I don't notice it when I'm on a desktop, but I do notice it when I'm on a mobile phone, so maybe r.bat.bing is just the ad network that's used on mobile devices? And Taboola ads are probably just the ad network that the websites used, so it is most likely not an adware at all. Also, I checked this: http://www.scamvoid.com/check/724808.r.bat.bing.com
It uses the domain r.bat.bing, and it says that it's safe.

I think at this point, if I did have any adware on my computer, they would have been eliminated already. I know this because one time, I did get infected with "Ads not by this site" and I saw an ad on Google itself, so that's how I know I definitely got an adware. I also got infected with SlamDunk Savings and another adware or toolbar. I think I followed some guides by malwaretips.com that showed how to get rid of "Ads not by this site" and when I did that, the thing was gone. I think I did the same with SlamDunk Savings.

Now, I have already used MalwareBytes, so far it has now shown up with anything bad anymore. CCleaner, I haven't used that yet. But HitManPro also removes cookies and/or temporary internet files (not sure if they're the same thing). I guess I will use CCleaner and see what happens. If nothing new happens, then I will just assume that these are just the ad networks that the websites are using.

Edit 1: Ok, I did as you said with the CCleaner and nothing seems to have changed and again, Taboola and r.bat.bing are probably just the ad networks that the websites use. I will assume the ad that's in my Skype is also harmless. If I did have any adware or any other kinds of malware, they were probably eliminated by following the steps here: https://malwaretips.com/blogs/remove-taboola-ads/

 

Also, @robby501, I heard that CNet is actually supposed to be a good and safe website for downloading software. en.softtonic on the other hand, I think that website is bad.

 

I also tried downloading ROMs for my ePSXe from CoolROM. Maybe people reported that CoolROM used to be a safe place for downloading roms, but recently, they started forcing you (you can't get out of it) to use their downloader to download the ROM and sure enough, it has those deceivious "Optional installs" or "Advanced options" which includes the toolbars and adwares. If you're not careful, you could end up installing those malwares. What's more is that they make it really hard to look for those Option installs/Advanced options. I think they are making the text really small so you're less likely to notice it. Or they use other methods to get you to install it by being deceivious. YTD Downloader also has that, so beware. This was in the past and I don't have these malwares anymore, especially considering that I reinstalled Windows on a new hard drive.


Edited by rumpled103, 09 December 2016 - 06:35 PM.


#9 54M33R

54M33R

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 09 December 2016 - 06:26 PM

Alright then, you do have a point that the adware could just be directly from just the network itself which does allow you to just use a type of ad-blocker but it never hurts to always check twice.



#10 rumpled103

rumpled103
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 PM

Posted 09 December 2016 - 06:59 PM

Alright then, you do have a point that the adware could just be directly from just the network itself which does allow you to just use a type of ad-blocker but it never hurts to always check twice.

You mean the ads could just be directly from the network itself?

Also, I am not saying that clicking on ads will always be safe. Sometimes, you could click on an ad and you could end up infecting yourself. This is called malvertising, in which a hacker hijacks the ad network and uses it to inject malicious code, which, when clicked, will execute that malicious code and do bad things like installing an adware or toolbar, ect. Sometimes, just visiting a certain site and/or then clicking somewhere on the website will pop up (either in another window or in another tab) an ad. Doing this may or may not be harmful. An example of what happens when you just visit a site is Forbes. When the website detected that you had an adblocker it would say "Hi, still looks like you're using an adblocker. Please turn it off to continue to Forbes with ad-light experience." And then, if you still have the adblocker, it'll show the message again. Well, at one time, once you disabled the adblocker and visited Forbes again, you ended up being redirected to another website, looking like it's from Java and a pop-up telling you that "your current version is out of date. You need to update now." Whenever sometime like that happens to me, I immediate Ctrl-Alt-Del > Task Manager > and force close Chrome. An example of just visiting a website and getting a malware/pop-up: In the past, if you visited PirateBay, I don't exactly know how this happen, but at some point after clicking on PirateBay, you ended up getting the Cerber ransomware which would encrypt all your files and then it would warn you that you have to pay such amount before this date for a decryptor key, or else the price would go up. Again, I don't exactly know how one would have gotten the ransomware. Maybe just visiting the website or maybe clicking somewhere on the website, that would have activated the ransomware. And this was due to a Flash exploit. One more example of getting a popup. If you were to go to thehoodup.com, you'll notice that either after visiting the site or clicking somewhere in the site, you'll get a pop-up ad. These are usually not harmful. But again, it depends on the website and whether the website/ad network got hacked/hijacked.


Edited by rumpled103, 09 December 2016 - 07:04 PM.


#11 54M33R

54M33R

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 11 December 2016 - 01:51 PM

Not in a way of linked of being directly attached to your network but just on the website cause it just got up there as ads are just randomly put up, everyone sees different ads even on the same page. What you have stated on how hackers can use ad's to hack/hijack things are true but a new surprising tactic hackers use ads for today is to inject code into them so you could be exploited, redirected to an exploit site, and much more with the possibilities of ad's that use HTML or javascript.

 

At the moment we could perhaps safely determine perhaps the adware you have claimed you had could just be a false positive you have underestimated, as HitmanPro could just be removing tracking cookies. 

 

 

Seems we can safely determine that this most likely is a false positive and using an ad blocker would not hurt.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users