Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Little advice pls on PDFs & Malware


  • Please log in to reply
15 replies to this topic

#1 RaulMcCai

RaulMcCai

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 14 December 2016 - 02:45 PM

Someone I care about got sent a link  and she  went to the site and opened the pdf.

Yup.

The PDF  was just  some garbage the hackers lifted from the Treasury Department, but the thing came with a phishing scam too. It demanded an email and a password.  She unfortunately did give them her email so that's Burnt  and happily gave them gobbldygook for the password;  Thank heaven.

 

She closed the PDF and  did not tell me what she  had done for several hours. The machine was running the whole time with access to the internet.

 

I've disconnected her  box from the internet.

I suspect that no one would go through all that bother just to steal  emails and passwords. The PDF might very well have carried a payload.

Thing is,  I don't know how to make this determination.  Nothing exciting happened when the PDF  opened.

 

System is Win 7 64bit,  antivirus is Kaspersky, Browser is Firefox,  No alarms were triggered.

 

What sort of malware can be delivered with a PDF?  Can it be as bad as being hacked when on a P-to-P network where the hacker can easily turn the victim's box into a bot-net machine?

 

Can her data be saved without worry?  Can I save these things to a CD and  reload them later after I format her HD?

Word documents?

JPEGS?

Emails ( thunderbird)?

 

 

Should I consider something other than a format and complete OS  and  software re-install?

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:06 AM

Posted 14 December 2016 - 03:18 PM

Hi, Yes it's not uncommon

L@@K

Didier Stevens

 
​Scan the machine

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Double click on downloaded file. OK self extracting prompt.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 RaulMcCai

RaulMcCai
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 14 December 2016 - 04:07 PM

Hi, Yes it's not uncommon


 

 

Thanks for the response.  Do you have an opinion on Comodo,  HitmanPro, and Rkill or are the functions of those  incorporated in the set  that you recommended?

 

Oh, to return to part of my OP:

The Bot net question.

It's a terribly serious thing.  Around the country there have been several instances where some person on a P to P network  gets hacked by a child pornographer who loads an encrypted stealth program to the victim's computer which then houses in hidden code all the pornographer's inventory and uses down time to engage in trading of the images and files around the web. The Victim can never find the files & doesn't know they exist.   Sometimes the host ISP will observe the  traffic the police are called and the unsuspecting victim is the one who is charged because mere possession is the legal standard.

Usually they escape without prison, but prosecutors being what they are don't let it go easily they "want to send a message" ( dunno to whom) and the hacking victim ends up spending their life's savings defending against the criminal charges. All the while the pornographer has just moved on to another victim.

So I'm very curious to learn whether that sort of thing is possible by opening a PDF.

Can a PDF provide the same level of access that  Peer to Peer does?


Edited by RaulMcCai, 14 December 2016 - 05:03 PM.


#4 RaulMcCai

RaulMcCai
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 15 December 2016 - 11:35 AM

report from mini toolbox

---------------------------------------------------------------

CodeIntegrity Errors:
===================================
  Date: 2015-08-02 11:07:48.466
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-08-02 11:07:48.450
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-08-02 11:07:48.434
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-08-02 11:07:48.419
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-08-02 11:07:48.247
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-08-02 11:07:48.247
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-08-02 11:07:48.247
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-08-02 11:07:48.232
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-08-02 11:07:48.185
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-08-02 11:07:48.169
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.


=========================== Installed Programs ============================

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
ArcSoft Panorama Maker 6 (HKLM-x32\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
AuthenTec TrueAPI (HKLM\...\{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}) (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-46234831-cd96-477c-a832-f3a64bd6c9bb) (Version: 2.2.0.97 - WildTangent) Hidden
Best Buy Connect (HKLM-x32\...\{B435FD87-CA14-45E3-9D0B-A30F1F9F3866}) (Version: 3.00.68 - Best Buy)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (HKLM-x32\...\WTA-728f87db-9431-4405-ab47-f6533c2db393) (Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WTA-9afd59d1-1602-4551-9b6d-4a5c30d08367) (Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cradle of Rome 2 (HKLM-x32\...\WTA-eb9f8528-390d-402b-818a-b4d741343e7a) (Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (HKLM-x32\...\WTA-d10752d0-49fe-4d5f-9714-0ba656fe84e9) (Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-e6cda93a-85a0-4f63-b38a-196703a18d62) (Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (HKLM-x32\...\WTA-61eb7f73-20e6-4eb7-b39c-91b21f30abcd) (Version: 2.2.0.98 - WildTangent) Hidden
FATE (HKLM-x32\...\WTA-5b79d779-08a0-4242-981e-3406feef6cb6) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (HKLM-x32\...\WTA-3bc42993-9379-4e58-ac6e-997db3d7059a) (Version: 2.2.0.95 - WildTangent) Hidden
Folder Lock (HKLM-x32\...\Folder Lock) (Version:  - New Softwares.net)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.2.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Hoyle Card Games (HKLM-x32\...\WTA-1db7bd6b-3d3b-424c-9e71-d774a78e1752) (Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{5601F151-A69F-4E30-8C60-37928124CD07}) (Version: 4.1.9.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{54F0ED3B-BD05-4B41-BCFC-E03FE2DDFF1D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{0576788F-2993-455F-80CD-980114095103}) (Version: 1.0.11 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{AF240B18-034B-4A82-B3FC-0B879C4BAE2E}) (Version: 4.5.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
IcoFX 2.6 (HKLM-x32\...\IcoFX 2_is1) (Version:  - )
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6345.0 - IDT)
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel® WiDi (HKLM-x32\...\{7257132D-7F65-41E6-A90F-43BF6099461A}) (Version: 2.1.42.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5C1DA3D9-F590-4317-A4FB-274F658E504B}) (Version: 6.05.0000 - Intel Corporation)
IRIScan Book 2 (HKLM-x32\...\{F789A548-255B-4037-94FD-F536BFB67DDC}) (Version: 1.00.0000 - I.R.I.S.)
IRIScan Book 2 Control Panel (HKLM-x32\...\{815568B6-BD64-4FDD-8621-AA3D61F755AF}) (Version: 1.00.0000 - I.R.I.S.)
Jewel Match 3 (HKLM-x32\...\WTA-24528933-f044-4fbd-bd32-909873f3b339) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-cb4a0653-5481-400f-a855-a44b97feaece) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-7843dc93-e8ea-420b-acfa-0e1af91dc065) (Version: 2.2.0.95 - WildTangent) Hidden
Kaspersky Total Security (HKLM-x32\...\{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Letters from Nowhere 2 (HKLM-x32\...\WTA-97325728-8ff8-412c-8c68-2e2b5300ad4b) (Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (HKLM-x32\...\WTA-0f8815c1-60c7-4421-94df-c7526ab10e9f) (Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (HKLM-x32\...\WTA-5abd8331-3ce0-43a9-9698-5b7273fa7a0b) (Version: 2.2.0.95 - WildTangent) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM-x32\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mozilla Thunderbird 11.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 11.0 (x86 en-US)) (Version: 11.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Penguins! (HKLM-x32\...\WTA-eafe41cb-f966-4d5e-9e47-1cc735365e03) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-ecf5ddf2-67f5-42ba-86dc-d1037037a2c8) (Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WTA-cd52be6e-ac32-4c96-ae18-15131c79d70d) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-b7da9baf-9cd8-4b25-9a3a-72aea5847a3d) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-588e97a7-06c0-4fbe-a67f-092b3670c2ed) (Version: 2.2.0.98 - WildTangent) Hidden
Readiris Pro 12 for IRIScan Book 2 (HKLM-x32\...\{E125515C-29A4-4AAD-9BB7-9AE4FD521776}) (Version: 12.00.6416 - I.R.I.S.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation)
RollerCoaster Tycoon 3: Platinum (HKLM-x32\...\WTA-7719c548-3e3a-43b8-bd48-7776b4adba15) (Version: 2.2.0.98 - WildTangent) Hidden
Sandboxie 5.14 (64-bit) (HKLM\...\Sandboxie) (Version: 5.14 - Sandboxie Holdings, LLC)
Scratch 2 Offline Editor (HKLM-x32\...\{3E51AAA8-88BB-5C58-E50D-59E7AACF63CC}) (Version: 255.1 - MIT Media Lab) Hidden
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 439.1 - MIT Media Lab)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-4a42857a-7973-43d7-8873-d7d34848191f) (Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (HKLM-x32\...\WTA-551eac18-7881-42d5-b306-2146b1679ae5) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
VIP Access SDK (1.0.1.2)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-9a68a6e4-108e-421c-b375-7cd9cbb0fca5) (Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zuma's Revenge (HKLM-x32\...\WTA-eed2bd0f-5d44-4a08-9320-84cbd801cd43) (Version: 2.2.0.98 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 8139.86 MB
Available physical RAM: 6104.59 MB
Total Virtual: 16277.9 MB
Available Virtual: 14008.71 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:673.19 GB) (Free:519.25 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:21.28 GB) (Free:2.29 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32
4 Drive f: (Dec 14 2016) (CDROM) (Total:4.38 GB) (Free:4.35 GB) UDF

========================= Users: ========================================

User accounts for \\HOME

Administrator            [name deleted]                    Guest                    
[name deleted]                   new account             ]name deleted]            
 



#5 RaulMcCai

RaulMcCai
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 15 December 2016 - 12:50 PM

Working my way  down the list  I'm at the ESET scanner and it's r-e-a-l-l-y slow, but it's chugging along

Kaspersky protection is all paused.

 

The Adware cleaner found 10 threats I had it clean them and  rebooted.

 

Won't up load any more reports from that PC  till I can turn Kaspersky back on.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:06 AM

Posted 15 December 2016 - 01:47 PM

Yes, ESET may take long at times.
Appears only the bottom of the Mini log got posted.

Was it possible to acquire a Bot ? Yes That's a reason we review the logs to know what got on here.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 RaulMcCai

RaulMcCai
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 15 December 2016 - 04:17 PM

Was it possible to acquire a Bot ? Yes

Hmmm Well, that was the big question.  Man oh man the internet can be a scary place.  I'm on the last of the list  That you gave me and I have the log files  on the desktop  Malware bytes is running a scan now\

The ESET found two items  I'll post them all when the Malware bytes is done

thx



#8 RaulMcCai

RaulMcCai
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 15 December 2016 - 05:11 PM

ESET list of threats

---------------------------------------------------------------

C:\Users\[deleted]\Downloads\ccsetup323.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    
C:\Documents and Settings\[deleted]\Downloads\ccsetup323.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted
 


Edited by RaulMcCai, 15 December 2016 - 05:14 PM.


#9 RaulMcCai

RaulMcCai
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 15 December 2016 - 05:15 PM

Adware cleaner report

------------------------------------------------------------------

# AdwCleaner v6.040 - Logfile created 15/12/2016 at 11:58:04
# Updated on 02/12/2016 by Malwarebytes
# Database : 2016-12-15.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : [deleted - HOME
# Running from : C:\Users\[deleted]\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****

[-] File deleted: C:\Users\Public\Desktop\eBay.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKU\S-1-5-21-3819138642-1234233988-4100510110-1000\Software\Softonic
[#] Key deleted on reboot: HKCU\Software\Softonic
[#] Key deleted on reboot: [x64] HKCU\Software\Softonic
[-] Key deleted: HKU\S-1-5-21-3819138642-1234233988-4100510110-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}


***** [ Web browsers ] *****

[-] Chrome preferences cleaned: "extensions.fvd_single.surfcanyon.ramp.start_time" -  "1395843802386"


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1749 Bytes] - [15/12/2016 11:58:04]
C:\AdwCleaner\AdwCleaner[S0].txt - [2029 Bytes] - [15/12/2016 11:56:43]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1895 Bytes] ##########
 



#10 RaulMcCai

RaulMcCai
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 15 December 2016 - 05:17 PM

TDS KILLER report

----------------------------------------------

11:48:26.0692 0x091c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
11:48:46.0093 0x091c  ============================================================
11:48:46.0093 0x091c  Current date / time: 2016/12/15 11:48:46.0093
11:48:46.0093 0x091c  SystemInfo:
11:48:46.0093 0x091c  
11:48:46.0093 0x091c  OS Version: 6.1.7601 ServicePack: 1.0
11:48:46.0093 0x091c  Product type: Workstation
11:48:46.0093 0x091c  ComputerName: HOME
11:48:46.0093 0x091c  UserName: [deleted]
11:48:46.0093 0x091c  Windows directory: C:\Windows
11:48:46.0093 0x091c  System windows directory: C:\Windows
11:48:46.0093 0x091c  Running under WOW64
11:48:46.0093 0x091c  Processor architecture: Intel x64
11:48:46.0093 0x091c  Number of processors: 8
11:48:46.0093 0x091c  Page size: 0x1000
11:48:46.0093 0x091c  Boot type: Normal boot
11:48:46.0093 0x091c  CodeIntegrityOptions = 0x00000001
11:48:46.0093 0x091c  ============================================================
11:48:46.0576 0x091c  KLMD registered as C:\Windows\system32\drivers\14607665.sys
11:48:46.0576 0x091c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23569, osProperties = 0x1
11:48:47.0341 0x091c  System UUID: {84FCD0DB-ADFD-6998-C25F-A46E52A03BBB}
11:48:47.0887 0x091c  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:48:47.0902 0x091c  ============================================================
11:48:47.0902 0x091c  \Device\Harddisk0\DR0:
11:48:47.0902 0x091c  MBR partitions:
11:48:47.0902 0x091c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:48:47.0902 0x091c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x54263000
11:48:47.0902 0x091c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x542C7000, BlocksNum 0x2A8F800
11:48:47.0902 0x091c  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x56D56800, BlocksNum 0x7EF000
11:48:47.0902 0x091c  ============================================================
11:48:47.0918 0x091c  C: <-> \Device\Harddisk0\DR0\Partition2
11:48:47.0980 0x091c  D: <-> \Device\Harddisk0\DR0\Partition3
11:48:47.0996 0x091c  E: <-> \Device\Harddisk0\DR0\Partition4
11:48:47.0996 0x091c  ============================================================
11:48:47.0996 0x091c  Initialize success
11:48:47.0996 0x091c  ============================================================
11:48:54.0064 0x12e4  ============================================================
11:48:54.0064 0x12e4  Scan started
11:48:54.0064 0x12e4  Mode: Manual;
11:48:54.0064 0x12e4  ============================================================
11:48:54.0064 0x12e4  KSN ping started
11:48:54.0298 0x12e4  KSN ping finished: true
11:48:55.0421 0x12e4  ================ Scan system memory ========================
11:48:55.0421 0x12e4  System memory - ok
11:48:55.0421 0x12e4  ================ Scan services =============================
11:48:55.0624 0x12e4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:48:55.0640 0x12e4  1394ohci - ok
11:48:55.0687 0x12e4  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
11:48:55.0687 0x12e4  Accelerometer - ok
11:48:55.0718 0x12e4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:48:55.0718 0x12e4  ACPI - ok
11:48:55.0749 0x12e4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:48:55.0749 0x12e4  AcpiPmi - ok
11:48:55.0858 0x12e4  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:48:55.0858 0x12e4  AdobeARMservice - ok
11:48:56.0061 0x12e4  [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:48:56.0077 0x12e4  AdobeFlashPlayerUpdateSvc - ok
11:48:56.0170 0x12e4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:48:56.0186 0x12e4  adp94xx - ok
11:48:56.0233 0x12e4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:48:56.0248 0x12e4  adpahci - ok
11:48:56.0248 0x12e4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:48:56.0264 0x12e4  adpu320 - ok
11:48:56.0295 0x12e4  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:48:56.0326 0x12e4  AeLookupSvc - ok
11:48:56.0420 0x12e4  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
11:48:56.0420 0x12e4  AESTFilters - ok
11:48:56.0513 0x12e4  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
11:48:56.0529 0x12e4  AFD - ok
11:48:56.0560 0x12e4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:48:56.0560 0x12e4  agp440 - ok
11:48:56.0607 0x12e4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:48:56.0607 0x12e4  ALG - ok
11:48:56.0654 0x12e4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:48:56.0669 0x12e4  aliide - ok
11:48:56.0701 0x12e4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:48:56.0701 0x12e4  amdide - ok
11:48:56.0747 0x12e4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:48:56.0747 0x12e4  AmdK8 - ok
11:48:56.0779 0x12e4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:48:56.0779 0x12e4  AmdPPM - ok
11:48:56.0810 0x12e4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:48:56.0825 0x12e4  amdsata - ok
11:48:56.0857 0x12e4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:48:56.0872 0x12e4  amdsbs - ok
11:48:56.0888 0x12e4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:48:56.0888 0x12e4  amdxata - ok
11:48:56.0950 0x12e4  [ 0CD7BFDE151223C6976C5D1B3D49EB84, A16FAB4F77D03C0664CCE8082E40A7673BC7FA4E89854F9027D478CD99EB2088 ] AppID           C:\Windows\system32\drivers\appid.sys
11:48:56.0950 0x12e4  AppID - ok
11:48:56.0981 0x12e4  [ F9842669B31F20B8B157D33CCC457820, AC8FA65F0A3C479D3CFE10EFE9B3EC5BAE48059F57A12D8C2D7963A22EB043B8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:48:56.0981 0x12e4  AppIDSvc - ok
11:48:57.0013 0x12e4  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
11:48:57.0028 0x12e4  Appinfo - ok
11:48:57.0044 0x12e4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:48:57.0059 0x12e4  arc - ok
11:48:57.0075 0x12e4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:48:57.0091 0x12e4  arcsas - ok
11:48:57.0215 0x12e4  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:48:57.0215 0x12e4  aspnet_state - ok
11:48:57.0247 0x12e4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:48:57.0262 0x12e4  AsyncMac - ok
11:48:57.0325 0x12e4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:48:57.0325 0x12e4  atapi - ok
11:48:57.0387 0x12e4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:48:57.0403 0x12e4  AudioEndpointBuilder - ok
11:48:57.0418 0x12e4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:48:57.0434 0x12e4  AudioSrv - ok
11:48:57.0512 0x12e4  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
11:48:57.0527 0x12e4  AVP16.0.0 - ok
11:48:57.0559 0x12e4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:48:57.0559 0x12e4  AxInstSV - ok
11:48:57.0621 0x12e4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:48:57.0621 0x12e4  b06bdrv - ok
11:48:57.0668 0x12e4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:48:57.0668 0x12e4  b57nd60a - ok
11:48:57.0761 0x12e4  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
11:48:57.0777 0x12e4  BBSvc - ok
11:48:57.0793 0x12e4  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
11:48:57.0793 0x12e4  BBUpdate - ok
11:48:57.0886 0x12e4  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
11:48:57.0917 0x12e4  BCM43XX - ok
11:48:57.0949 0x12e4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:48:57.0949 0x12e4  BDESVC - ok
11:48:57.0980 0x12e4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:48:57.0980 0x12e4  Beep - ok
11:48:58.0058 0x12e4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:48:58.0073 0x12e4  BFE - ok
11:48:58.0120 0x12e4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:48:58.0136 0x12e4  BITS - ok
11:48:58.0167 0x12e4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
11:48:58.0167 0x12e4  blbdrive - ok
11:48:58.0229 0x12e4  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:48:58.0229 0x12e4  bowser - ok
11:48:58.0261 0x12e4  [ 56E4345F392F17D66683225E214840CB, 76B30C48BBF06B8A52F9E4502D10A776930C4F509C5493A63A846FD706DB41DB ] bpenum          C:\Windows\system32\DRIVERS\bpenum.sys
11:48:58.0276 0x12e4  bpenum - ok
11:48:58.0307 0x12e4  [ D50B07C4D7AFEC4CA6AC8FCB72583C5B, 57F6CE2984A74BBCBD4D4E70877896A327B3D2646ACAF8BC2B1927994A50F425 ] bpmp            C:\Windows\system32\DRIVERS\bpmp.sys
11:48:58.0323 0x12e4  bpmp - ok
11:48:58.0354 0x12e4  [ A85BA55E4FE9CB2F342F281AAF7DE810, 23B9BABB466B2B78AD830717F5A7159342F8ED7DB58C90F190CF22EAE144414D ] bpusb           C:\Windows\system32\Drivers\bpusb.sys
11:48:58.0370 0x12e4  bpusb - ok
11:48:58.0401 0x12e4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:48:58.0417 0x12e4  BrFiltLo - ok
11:48:58.0432 0x12e4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:48:58.0432 0x12e4  BrFiltUp - ok
11:48:58.0526 0x12e4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:48:58.0541 0x12e4  Browser - ok
11:48:58.0573 0x12e4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:48:58.0604 0x12e4  Brserid - ok
11:48:58.0619 0x12e4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:48:58.0619 0x12e4  BrSerWdm - ok
11:48:58.0651 0x12e4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:48:58.0651 0x12e4  BrUsbMdm - ok
11:48:58.0666 0x12e4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:48:58.0666 0x12e4  BrUsbSer - ok
11:48:58.0697 0x12e4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:48:58.0697 0x12e4  BTHMODEM - ok
11:48:58.0744 0x12e4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:48:58.0744 0x12e4  bthserv - ok
11:48:58.0822 0x12e4  [ 9887CA12F407D7FBC7F48F3678F5F0B6, 1EA21563AE990CE4EF407AB349DE5A66CB93CD7602FE6E450E119ADF0343914E ] BVRPMPR5a64     C:\Windows\system32\drivers\BVRPMPR5a64.SYS
11:48:58.0853 0x12e4  BVRPMPR5a64 - ok
11:48:58.0885 0x12e4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:48:58.0885 0x12e4  cdfs - ok
11:48:58.0947 0x12e4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:48:58.0947 0x12e4  cdrom - ok
11:48:58.0994 0x12e4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:48:58.0994 0x12e4  CertPropSvc - ok
11:48:59.0025 0x12e4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:48:59.0041 0x12e4  circlass - ok
11:48:59.0103 0x12e4  [ 3891EA60B84EFE115CE070311FA83BBB, 2A30FB15C8D0C69289C087DFE1F822AB4F9C3F091DBB3FD2E99DC5B562E90DFB ] CLFS            C:\Windows\system32\CLFS.sys
11:48:59.0119 0x12e4  CLFS - ok
11:48:59.0197 0x12e4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:48:59.0275 0x12e4  clr_optimization_v2.0.50727_32 - ok
11:48:59.0337 0x12e4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:48:59.0353 0x12e4  clr_optimization_v2.0.50727_64 - ok
11:48:59.0446 0x12e4  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:48:59.0509 0x12e4  clr_optimization_v4.0.30319_32 - ok
11:48:59.0540 0x12e4  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:48:59.0571 0x12e4  clr_optimization_v4.0.30319_64 - ok
11:48:59.0618 0x12e4  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
11:48:59.0618 0x12e4  clwvd - ok
11:48:59.0649 0x12e4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:48:59.0649 0x12e4  CmBatt - ok
11:48:59.0680 0x12e4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:48:59.0680 0x12e4  cmdide - ok
11:48:59.0758 0x12e4  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
11:48:59.0774 0x12e4  cm_km - ok
11:48:59.0836 0x12e4  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:48:59.0852 0x12e4  CNG - ok
11:48:59.0899 0x12e4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:48:59.0899 0x12e4  Compbatt - ok
11:48:59.0930 0x12e4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:48:59.0945 0x12e4  CompositeBus - ok
11:48:59.0945 0x12e4  COMSysApp - ok
11:48:59.0992 0x12e4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:48:59.0992 0x12e4  crcdisk - ok
11:49:00.0055 0x12e4  [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:49:00.0070 0x12e4  CryptSvc - ok
11:49:00.0148 0x12e4  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:49:00.0179 0x12e4  DcomLaunch - ok
11:49:00.0211 0x12e4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:49:00.0211 0x12e4  defragsvc - ok
11:49:00.0242 0x12e4  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:49:00.0242 0x12e4  DfsC - ok
11:49:00.0304 0x12e4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:49:00.0320 0x12e4  Dhcp - ok
11:49:00.0507 0x12e4  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:49:00.0538 0x12e4  DiagTrack - ok
11:49:00.0554 0x12e4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:49:00.0554 0x12e4  discache - ok
11:49:00.0601 0x12e4  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
11:49:00.0601 0x12e4  Disk - ok
11:49:00.0694 0x12e4  [ E7B489FA5B15D2FEC3E52066E015B788, 0EFE49506FCF85ACD3DFC9AC0D3F5E4EE24AA14676027F62EC4798B1687C2249 ] DMAgent         C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
11:49:00.0725 0x12e4  DMAgent - ok
11:49:00.0757 0x12e4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:49:00.0757 0x12e4  Dnscache - ok
11:49:00.0788 0x12e4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:49:00.0788 0x12e4  dot3svc - ok
11:49:00.0835 0x12e4  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
11:49:00.0850 0x12e4  Dot4 - ok
11:49:00.0897 0x12e4  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:49:00.0897 0x12e4  Dot4Print - ok
11:49:00.0928 0x12e4  [ 488669CD1CD3BDCFDD9A5FDA72209069, CCB6BCB23A30CFD016E4086ED010A0E9DA647D3FAD9724200A29938D2B79A3C0 ] Dot4Scan        C:\Windows\system32\DRIVERS\Dot4Scan.sys
11:49:00.0944 0x12e4  Dot4Scan - ok
11:49:00.0991 0x12e4  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
11:49:01.0006 0x12e4  dot4usb - ok
11:49:01.0037 0x12e4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:49:01.0053 0x12e4  DPS - ok
11:49:01.0084 0x12e4  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:49:01.0115 0x12e4  drmkaud - ok
11:49:01.0209 0x12e4  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:49:01.0225 0x12e4  DXGKrnl - ok
11:49:01.0287 0x12e4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:49:01.0303 0x12e4  EapHost - ok
11:49:01.0427 0x12e4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:49:01.0521 0x12e4  ebdrv - ok
11:49:01.0552 0x12e4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] EFS             C:\Windows\System32\lsass.exe
11:49:01.0552 0x12e4  EFS - ok
11:49:01.0646 0x12e4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:49:01.0661 0x12e4  ehRecvr - ok
11:49:01.0693 0x12e4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:49:01.0708 0x12e4  ehSched - ok
11:49:01.0786 0x12e4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:49:01.0786 0x12e4  elxstor - ok
11:49:01.0802 0x12e4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:49:01.0802 0x12e4  ErrDev - ok
11:49:01.0880 0x12e4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:49:01.0911 0x12e4  EventSystem - ok
11:49:02.0051 0x12e4  [ E3A96D5AE6E5C7B5472011BA77353368, 846D8E5AF471CEAB3E12D6CB2ED0D25EF28B768AC10AD873F33F3F5BEC80CF25 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:49:02.0083 0x12e4  EvtEng - ok
11:49:02.0098 0x12e4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:49:02.0114 0x12e4  exfat - ok
11:49:02.0129 0x12e4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:49:02.0129 0x12e4  fastfat - ok
11:49:02.0223 0x12e4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:49:02.0239 0x12e4  Fax - ok
11:49:02.0270 0x12e4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:49:02.0270 0x12e4  fdc - ok
11:49:02.0317 0x12e4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:49:02.0317 0x12e4  fdPHost - ok
11:49:02.0332 0x12e4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:49:02.0332 0x12e4  FDResPub - ok
11:49:02.0379 0x12e4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:49:02.0379 0x12e4  FileInfo - ok
11:49:02.0395 0x12e4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:49:02.0395 0x12e4  Filetrace - ok
11:49:02.0410 0x12e4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:49:02.0410 0x12e4  flpydisk - ok
11:49:02.0519 0x12e4  [ 5EEDDA81DB73A1124F97B07A6A5FB2B1, 60AB19112E1C8FD881A816F8A05F8E25FB88B8DBB0B3702818A1D151EA33528C ] FLService       C:\Windows\SysWow64\WinFLService.exe
11:49:02.0535 0x12e4  FLService - ok
11:49:02.0566 0x12e4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:49:02.0566 0x12e4  FltMgr - ok
11:49:02.0675 0x12e4  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
11:49:02.0691 0x12e4  FontCache - ok
11:49:02.0738 0x12e4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:49:02.0738 0x12e4  FontCache3.0.0.0 - ok
11:49:02.0847 0x12e4  [ F80BDC0D9E7B9595E74B434446AD3781, 383EC0F485D3E12D198343A0AD7BEEECFD2A569E73672345964CED38CAF34D83 ] FPLService      C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
11:49:02.0863 0x12e4  FPLService - ok
11:49:02.0878 0x12e4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:49:02.0878 0x12e4  FsDepends - ok
11:49:02.0925 0x12e4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:49:02.0925 0x12e4  Fs_Rec - ok
11:49:02.0987 0x12e4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:49:03.0003 0x12e4  fvevol - ok
11:49:03.0050 0x12e4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:49:03.0050 0x12e4  gagp30kx - ok
11:49:03.0128 0x12e4  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:49:03.0190 0x12e4  GamesAppService - ok
11:49:03.0253 0x12e4  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
11:49:03.0284 0x12e4  gpsvc - ok
11:49:03.0377 0x12e4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:49:03.0377 0x12e4  gupdate - ok
11:49:03.0377 0x12e4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:49:03.0377 0x12e4  gupdatem - ok
11:49:03.0409 0x12e4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:49:03.0409 0x12e4  hcw85cir - ok
11:49:03.0455 0x12e4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:49:03.0471 0x12e4  HdAudAddService - ok
11:49:03.0518 0x12e4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:49:03.0533 0x12e4  HDAudBus - ok
11:49:03.0549 0x12e4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:49:03.0549 0x12e4  HidBatt - ok
11:49:03.0565 0x12e4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:49:03.0580 0x12e4  HidBth - ok
11:49:03.0611 0x12e4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:49:03.0611 0x12e4  HidIr - ok
11:49:03.0643 0x12e4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:49:03.0643 0x12e4  hidserv - ok
11:49:03.0705 0x12e4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:49:03.0705 0x12e4  HidUsb - ok
11:49:03.0752 0x12e4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:49:03.0767 0x12e4  hkmsvc - ok
11:49:03.0814 0x12e4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:49:03.0845 0x12e4  HomeGroupListener - ok
11:49:03.0877 0x12e4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:49:03.0892 0x12e4  HomeGroupProvider - ok
11:49:03.0955 0x12e4  [ 13BB1114451C63BFB41BA7DAA4D70A29, A07D27DCD1D5F333973DDF7E91BF902307088C48696EE1D1970A0152A507231B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
11:49:03.0970 0x12e4  HP Support Assistant Service - ok
11:49:04.0017 0x12e4  [ 7B8C1B09C11E8DB7C4480ABD7D17E821, 0E35FD439B24CEAD623A5D7319B865A6BCE6F1F3057671F62B4F844D8EC3D206 ] HPAuto          C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
11:49:04.0033 0x12e4  HPAuto - ok
11:49:04.0048 0x12e4  [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
11:49:04.0048 0x12e4  HPClientSvc - ok
11:49:04.0126 0x12e4  [ E6AB9E7FF923928E9F549FDDFCEDB28A, 1280E40B1D4888684532654FD16A8FC1390B77C1EFBF76A8C492C32361B58649 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:49:04.0126 0x12e4  HPDrvMntSvc.exe - ok
11:49:04.0189 0x12e4  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
11:49:04.0204 0x12e4  hpdskflt - ok
11:49:04.0313 0x12e4  [ DBDC0581D4506C13E6BEF48D14B1C55B, 264F8F225EB1CD0240EC3195A595CF057A5081725121A2DE56909D2E73BDD207 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:49:04.0345 0x12e4  hpqwmiex - ok
11:49:04.0360 0x12e4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:49:04.0360 0x12e4  HpSAMD - ok
11:49:04.0376 0x12e4  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
11:49:04.0376 0x12e4  hpsrv - ok
11:49:04.0438 0x12e4  [ 77C15D7E8F002A173EEBFF0B20CD697D, 72220E3AE71CDAC5E7341FF3F8294A01D3BA7B0BE14EB92B3E5D3EE22F2C65A9 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
11:49:04.0438 0x12e4  HPWMISVC - ok
11:49:04.0516 0x12e4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:49:04.0547 0x12e4  HTTP - ok
11:49:04.0563 0x12e4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:49:04.0563 0x12e4  hwpolicy - ok
11:49:04.0579 0x12e4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:49:04.0594 0x12e4  i8042prt - ok
11:49:04.0657 0x12e4  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
11:49:04.0672 0x12e4  iaStor - ok
11:49:04.0781 0x12e4  [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:49:04.0781 0x12e4  IAStorDataMgrSvc - ok
11:49:04.0813 0x12e4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:49:04.0813 0x12e4  iaStorV - ok
11:49:04.0937 0x12e4  [ D72BF0AE484F88399E8343E821C10D6A, E8D78E61EEC80934396F233565DB5682B2475867C98F09C3CE3F906373A5C1A2 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
11:49:04.0984 0x12e4  IconMan_R - ok
11:49:05.0093 0x12e4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:49:05.0156 0x12e4  idsvc - ok
11:49:05.0203 0x12e4  IEEtwCollectorService - ok
11:49:05.0577 0x12e4  [ 33FAA40B288002C89529DBD14F3AB72C, 670BA536796322122EBD93F256331899DD2E1834471B017A58F74132EE8DFDB7 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:49:05.0936 0x12e4  igfx - ok
11:49:05.0967 0x12e4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:49:05.0967 0x12e4  iirsp - ok
11:49:06.0045 0x12e4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:49:06.0061 0x12e4  IKEEXT - ok
11:49:06.0092 0x12e4  [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:49:06.0107 0x12e4  intaud_WaveExtensible - ok
11:49:06.0232 0x12e4  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:49:06.0263 0x12e4  IntcDAud - ok
11:49:06.0310 0x12e4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:49:06.0310 0x12e4  intelide - ok
11:49:06.0341 0x12e4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:49:06.0357 0x12e4  intelppm - ok
11:49:06.0419 0x12e4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:49:06.0435 0x12e4  IPBusEnum - ok
11:49:06.0451 0x12e4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:49:06.0451 0x12e4  IpFilterDriver - ok
11:49:06.0529 0x12e4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:49:06.0560 0x12e4  iphlpsvc - ok
11:49:06.0575 0x12e4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:49:06.0575 0x12e4  IPMIDRV - ok
11:49:06.0591 0x12e4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:49:06.0591 0x12e4  IPNAT - ok
11:49:06.0622 0x12e4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:49:06.0638 0x12e4  IRENUM - ok
11:49:06.0669 0x12e4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:49:06.0669 0x12e4  isapnp - ok
11:49:06.0731 0x12e4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:49:06.0778 0x12e4  iScsiPrt - ok
11:49:06.0809 0x12e4  [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
11:49:06.0809 0x12e4  iwdbus - ok
11:49:06.0856 0x12e4  [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
11:49:06.0872 0x12e4  jhi_service - ok
11:49:06.0903 0x12e4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:49:06.0903 0x12e4  kbdclass - ok
11:49:06.0934 0x12e4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:49:06.0934 0x12e4  kbdhid - ok
11:49:06.0950 0x12e4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] KeyIso          C:\Windows\system32\lsass.exe
11:49:06.0950 0x12e4  KeyIso - ok
11:49:07.0043 0x12e4  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
11:49:07.0075 0x12e4  kl1 - ok
11:49:07.0137 0x12e4  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
11:49:07.0137 0x12e4  klbackupdisk - ok
11:49:07.0168 0x12e4  [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
11:49:07.0184 0x12e4  klbackupflt - ok
11:49:07.0231 0x12e4  [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
11:49:07.0231 0x12e4  kldisk - ok
11:49:07.0293 0x12e4  [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
11:49:07.0293 0x12e4  klflt - ok
11:49:07.0355 0x12e4  [ 84A66A73DD916014D240E9DE8864B84B, B3DB8E168E4B8249C953B05623EEAEEB4ED827BC867760DC8E118C4FE05F70B1 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
11:49:07.0371 0x12e4  klhk - ok
11:49:07.0418 0x12e4  [ B54F93308794842E37173152CE92F62C, 407C88B2596B753810346D91282E8FD89B031DF15596EDBC41FFDA9949F5F6FC ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
11:49:07.0433 0x12e4  KLIF - ok
11:49:07.0496 0x12e4  [ 4F50FD68F7F1A21AA1F811AF992574E6, 9683A48F454FEB187ED1DC1A14600E250283C9D757DAEBAEF983214916B11830 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
11:49:07.0496 0x12e4  KLIM6 - ok
11:49:07.0543 0x12e4  [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
11:49:07.0543 0x12e4  klkbdflt - ok
11:49:07.0558 0x12e4  klkbdflt2 - ok
11:49:07.0574 0x12e4  [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
11:49:07.0574 0x12e4  klmouflt - ok
11:49:07.0605 0x12e4  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
11:49:07.0605 0x12e4  klpd - ok
11:49:07.0652 0x12e4  [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
11:49:07.0652 0x12e4  kltdi - ok
11:49:07.0683 0x12e4  [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
11:49:07.0699 0x12e4  Klwtp - ok
11:49:07.0714 0x12e4  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
11:49:07.0730 0x12e4  kneps - ok
11:49:07.0761 0x12e4  [ 1F4B52A496A43C65AB0F26169650FAF2, 6D6F3505997A7DDEE6F127B3FB537AFFDE687D4F34489679674DC12FB12B842C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:49:07.0761 0x12e4  KSecDD - ok
11:49:07.0808 0x12e4  [ E4A599EDFAAB66C2BC17FB1593DC129B, 13098694B649E9146214D320FB14C3D305FCA155438CB531A8BAA4A70231D1A7 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:49:07.0823 0x12e4  KSecPkg - ok
11:49:07.0917 0x12e4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:49:07.0917 0x12e4  ksthunk - ok
11:49:07.0979 0x12e4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:49:07.0995 0x12e4  KtmRm - ok
11:49:08.0057 0x12e4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:49:08.0089 0x12e4  LanmanServer - ok
11:49:08.0120 0x12e4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:49:08.0151 0x12e4  LanmanWorkstation - ok
11:49:08.0182 0x12e4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:49:08.0182 0x12e4  lltdio - ok
11:49:08.0198 0x12e4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:49:08.0229 0x12e4  lltdsvc - ok
11:49:08.0245 0x12e4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:49:08.0260 0x12e4  lmhosts - ok
11:49:08.0323 0x12e4  [ 519D66259DF1672AABCE9D2E0ACC5552, 953EAEC04D45574ED9260726383438AA18A5EBEB2E0C93869DF4C57B9998BB27 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:49:08.0354 0x12e4  LMS - ok
11:49:08.0385 0x12e4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:49:08.0385 0x12e4  LSI_FC - ok
11:49:08.0416 0x12e4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:49:08.0432 0x12e4  LSI_SAS - ok
11:49:08.0447 0x12e4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:49:08.0463 0x12e4  LSI_SAS2 - ok
11:49:08.0479 0x12e4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:49:08.0494 0x12e4  LSI_SCSI - ok
11:49:08.0510 0x12e4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:49:08.0525 0x12e4  luafv - ok
11:49:08.0557 0x12e4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:49:08.0588 0x12e4  Mcx2Svc - ok
11:49:08.0713 0x12e4  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
11:49:08.0728 0x12e4  MDM - ok
11:49:08.0759 0x12e4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:49:08.0759 0x12e4  megasas - ok
11:49:08.0791 0x12e4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:49:08.0791 0x12e4  MegaSR - ok
11:49:08.0822 0x12e4  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:49:08.0837 0x12e4  MEIx64 - ok
11:49:08.0869 0x12e4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:49:08.0884 0x12e4  MMCSS - ok
11:49:08.0900 0x12e4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:49:08.0900 0x12e4  Modem - ok
11:49:08.0931 0x12e4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:49:08.0931 0x12e4  monitor - ok
11:49:08.0962 0x12e4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:49:08.0962 0x12e4  mouclass - ok
11:49:08.0993 0x12e4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:49:08.0993 0x12e4  mouhid - ok
11:49:09.0025 0x12e4  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:49:09.0025 0x12e4  mountmgr - ok
11:49:09.0103 0x12e4  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:49:09.0149 0x12e4  MozillaMaintenance - ok
11:49:09.0181 0x12e4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:49:09.0181 0x12e4  mpio - ok
11:49:09.0196 0x12e4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:49:09.0212 0x12e4  mpsdrv - ok
11:49:09.0259 0x12e4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:49:09.0290 0x12e4  MpsSvc - ok
11:49:09.0321 0x12e4  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:49:09.0337 0x12e4  MRxDAV - ok
11:49:09.0383 0x12e4  [ 25F918BB5D57C99FFEB0255143D0DF9A, E4BB656C3AEE19094B0F87828828DC73F248B45B30B678AA759DBAB3087399A2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:49:09.0399 0x12e4  mrxsmb - ok
11:49:09.0430 0x12e4  [ 8DF2B80510F438CFEC479181BD29C794, ECA5BC17D1DB92B887D468B0FF1D6302518DBD7C3607B14FA291ECDA204D5E85 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:49:09.0430 0x12e4  mrxsmb10 - ok
11:49:09.0446 0x12e4  [ F7622CFE3402A9BF10227BB124901E54, 3EE6BA42E712505AED9D3920163814719FAC591FB5CFF589E230C7005CB598AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:49:09.0446 0x12e4  mrxsmb20 - ok
11:49:09.0493 0x12e4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:49:09.0493 0x12e4  msahci - ok
11:49:09.0539 0x12e4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:49:09.0555 0x12e4  msdsm - ok
11:49:09.0586 0x12e4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:49:09.0602 0x12e4  MSDTC - ok
11:49:09.0633 0x12e4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:49:09.0633 0x12e4  Msfs - ok
11:49:09.0649 0x12e4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:49:09.0649 0x12e4  mshidkmdf - ok
11:49:09.0664 0x12e4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:49:09.0664 0x12e4  msisadrv - ok
11:49:09.0695 0x12e4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:49:09.0727 0x12e4  MSiSCSI - ok
11:49:09.0742 0x12e4  msiserver - ok
11:49:09.0773 0x12e4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:49:09.0789 0x12e4  MSKSSRV - ok
11:49:09.0789 0x12e4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:49:09.0789 0x12e4  MSPCLOCK - ok
11:49:09.0805 0x12e4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:49:09.0805 0x12e4  MSPQM - ok
11:49:09.0836 0x12e4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:49:09.0851 0x12e4  MsRPC - ok
11:49:09.0867 0x12e4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:49:09.0867 0x12e4  mssmbios - ok
11:49:09.0898 0x12e4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:49:09.0898 0x12e4  MSTEE - ok
11:49:09.0914 0x12e4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:49:09.0914 0x12e4  MTConfig - ok
11:49:09.0945 0x12e4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:49:09.0945 0x12e4  Mup - ok
11:49:10.0007 0x12e4  [ 8F57DB74BF5407A4CDA6C8B005DC8DD0, 07D8F8605DD8FCBB3404E3A35274C87E9EC78E402C11C3E809CB44C0EB516434 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:49:10.0023 0x12e4  MyWiFiDHCPDNS - ok
11:49:10.0054 0x12e4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:49:10.0070 0x12e4  napagent - ok
11:49:10.0132 0x12e4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:49:10.0163 0x12e4  NativeWifiP - ok
11:49:10.0226 0x12e4  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:49:10.0257 0x12e4  NDIS - ok
11:49:10.0288 0x12e4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:49:10.0288 0x12e4  NdisCap - ok
11:49:10.0304 0x12e4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:49:10.0304 0x12e4  NdisTapi - ok
11:49:10.0319 0x12e4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:49:10.0319 0x12e4  Ndisuio - ok
11:49:10.0335 0x12e4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:49:10.0351 0x12e4  NdisWan - ok
11:49:10.0351 0x12e4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:49:10.0351 0x12e4  NDProxy - ok
11:49:10.0382 0x12e4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:49:10.0382 0x12e4  NetBIOS - ok
11:49:10.0460 0x12e4  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:49:10.0475 0x12e4  NetBT - ok
11:49:10.0475 0x12e4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] Netlogon        C:\Windows\system32\lsass.exe
11:49:10.0491 0x12e4  Netlogon - ok
11:49:10.0522 0x12e4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:49:10.0538 0x12e4  Netman - ok
11:49:10.0647 0x12e4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:49:10.0663 0x12e4  NetMsmqActivator - ok
11:49:10.0694 0x12e4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:49:10.0694 0x12e4  NetPipeActivator - ok
11:49:10.0741 0x12e4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:49:10.0756 0x12e4  netprofm - ok
11:49:10.0787 0x12e4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:49:10.0787 0x12e4  NetTcpActivator - ok
11:49:10.0787 0x12e4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:49:10.0803 0x12e4  NetTcpPortSharing - ok
11:49:11.0146 0x12e4  [ 50AD7F7040C22BB7CAA59A0880875A21, 34A3BE5C708F3498F6350EF041CE33847C1D041D610DFDA41AA877F87DD26050 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
11:49:11.0411 0x12e4  NETwNs64 - ok
11:49:11.0521 0x12e4  [ 2D446F342467128EA389CF44EC79C2BA, A1FECDF58768B020318F32601DFDBE2A2F9F02BB249BF345911A40D75AF7417D ] NEWDRIVER       C:\Windows\SysWow64\WinVDEdrv6.sys
11:49:11.0536 0x12e4  NEWDRIVER - ok
11:49:11.0567 0x12e4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:49:11.0583 0x12e4  nfrd960 - ok
11:49:11.0630 0x12e4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:49:11.0645 0x12e4  NlaSvc - ok
11:49:11.0661 0x12e4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:49:11.0661 0x12e4  Npfs - ok
11:49:11.0677 0x12e4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:49:11.0692 0x12e4  nsi - ok
11:49:11.0708 0x12e4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:49:11.0708 0x12e4  nsiproxy - ok
11:49:11.0817 0x12e4  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:49:11.0848 0x12e4  Ntfs - ok
11:49:11.0879 0x12e4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:49:11.0879 0x12e4  Null - ok
11:49:11.0973 0x12e4  [ 9A33100AC62A0463C49E47EE8E77083A, A4DD5329448A684E4EC83AEC229DA468E074D54BCBDBB6D938274B46202CDA18 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
11:49:11.0989 0x12e4  nusb3hub - ok
11:49:12.0020 0x12e4  [ 87C321F7BEE646B7EC6EEDD6EB725741, C21067F40656588203B8C938857B5598D201C59BD69F47715EF21EEE536BB882 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:49:12.0020 0x12e4  nusb3xhc - ok
11:49:12.0067 0x12e4  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
11:49:12.0067 0x12e4  NVENETFD - ok
11:49:12.0113 0x12e4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:49:12.0129 0x12e4  nvraid - ok
11:49:12.0160 0x12e4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:49:12.0160 0x12e4  nvstor - ok
11:49:12.0191 0x12e4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:49:12.0207 0x12e4  nv_agp - ok
11:49:12.0223 0x12e4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:49:12.0238 0x12e4  ohci1394 - ok
11:49:12.0269 0x12e4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:49:12.0285 0x12e4  p2pimsvc - ok
11:49:12.0332 0x12e4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:49:12.0347 0x12e4  p2psvc - ok
11:49:12.0363 0x12e4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
11:49:12.0379 0x12e4  Parport - ok
11:49:12.0410 0x12e4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:49:12.0410 0x12e4  partmgr - ok
11:49:12.0472 0x12e4  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:49:12.0488 0x12e4  PcaSvc - ok
11:49:12.0503 0x12e4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:49:12.0519 0x12e4  pci - ok
11:49:12.0566 0x12e4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:49:12.0581 0x12e4  pciide - ok
11:49:12.0613 0x12e4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:49:12.0628 0x12e4  pcmcia - ok
11:49:12.0644 0x12e4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:49:12.0644 0x12e4  pcw - ok
11:49:12.0691 0x12e4  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:49:12.0706 0x12e4  PEAUTH - ok
11:49:12.0722 0x12e4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:49:12.0737 0x12e4  PerfHost - ok
11:49:12.0784 0x12e4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:49:12.0815 0x12e4  pla - ok
11:49:12.0893 0x12e4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:49:12.0909 0x12e4  PlugPlay - ok
11:49:12.0987 0x12e4  [ 64CA1485214340CACC315FFDFDED73EF, 3FFF06E313622D3633B4235C1E1B8857DBA8DFA19A6A1E5C3D6D88AE6C6DDCC5 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:49:13.0003 0x12e4  Pml Driver HPZ12 - ok
11:49:13.0034 0x12e4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:49:13.0049 0x12e4  PNRPAutoReg - ok
11:49:13.0065 0x12e4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:49:13.0081 0x12e4  PNRPsvc - ok
11:49:13.0159 0x12e4  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:49:13.0174 0x12e4  PolicyAgent - ok
11:49:13.0190 0x12e4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:49:13.0205 0x12e4  Power - ok
11:49:13.0221 0x12e4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:49:13.0221 0x12e4  PptpMiniport - ok
11:49:13.0237 0x12e4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:49:13.0237 0x12e4  Processor - ok
11:49:13.0315 0x12e4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:49:13.0330 0x12e4  ProfSvc - ok
11:49:13.0330 0x12e4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] ProtectedStorage C:\Windows\system32\lsass.exe
11:49:13.0346 0x12e4  ProtectedStorage - ok
11:49:13.0377 0x12e4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:49:13.0393 0x12e4  Psched - ok
11:49:13.0471 0x12e4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:49:13.0502 0x12e4  ql2300 - ok
11:49:13.0533 0x12e4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:49:13.0533 0x12e4  ql40xx - ok
11:49:13.0564 0x12e4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:49:13.0580 0x12e4  QWAVE - ok
11:49:13.0595 0x12e4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:49:13.0595 0x12e4  QWAVEdrv - ok
11:49:13.0595 0x12e4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:49:13.0611 0x12e4  RasAcd - ok
11:49:13.0627 0x12e4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:49:13.0627 0x12e4  RasAgileVpn - ok
11:49:13.0658 0x12e4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:49:13.0673 0x12e4  RasAuto - ok
11:49:13.0705 0x12e4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:49:13.0705 0x12e4  Rasl2tp - ok
11:49:13.0751 0x12e4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:49:13.0767 0x12e4  RasMan - ok
11:49:13.0767 0x12e4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:49:13.0783 0x12e4  RasPppoe - ok
11:49:13.0798 0x12e4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:49:13.0798 0x12e4  RasSstp - ok
11:49:13.0814 0x12e4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:49:13.0829 0x12e4  rdbss - ok
11:49:13.0845 0x12e4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:49:13.0861 0x12e4  rdpbus - ok
11:49:13.0907 0x12e4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:49:13.0907 0x12e4  RDPCDD - ok
11:49:13.0939 0x12e4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:49:13.0939 0x12e4  RDPENCDD - ok
11:49:13.0985 0x12e4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:49:13.0985 0x12e4  RDPREFMP - ok
11:49:14.0032 0x12e4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:49:14.0048 0x12e4  RDPWD - ok
11:49:14.0079 0x12e4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:49:14.0079 0x12e4  rdyboost - ok
11:49:14.0219 0x12e4  [ FD11C1287D38A46FB72353E14D50089C, C787EE22583ADF1E19E5ADAC5B949750890D1FA5062B5DD2C6B35667D005FECF ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:49:14.0251 0x12e4  RegSrvc - ok
11:49:14.0266 0x12e4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:49:14.0282 0x12e4  RemoteAccess - ok
11:49:14.0313 0x12e4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:49:14.0313 0x12e4  RemoteRegistry - ok
11:49:14.0360 0x12e4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:49:14.0360 0x12e4  RpcEptMapper - ok
11:49:14.0391 0x12e4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:49:14.0391 0x12e4  RpcLocator - ok
11:49:14.0453 0x12e4  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
11:49:14.0469 0x12e4  RpcSs - ok
11:49:14.0531 0x12e4  [ 1F5E7AF59B390261A85F5BEDB1BB88B3, 8A0B23EED74475E6790EF03E54B53BB964A0EC08ADF28BD6AAFA9CF6BE6F20DA ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
11:49:14.0563 0x12e4  RSPCIESTOR - ok
11:49:14.0594 0x12e4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:49:14.0609 0x12e4  rspndr - ok
11:49:14.0672 0x12e4  [ ED5873F7DFB2F96D37F13322211B6BDC, 26CAE8FD1CFDB568D6A881CDE973F9929013EB0403347E5D19CABAA215012381 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:49:14.0703 0x12e4  RTL8167 - ok
11:49:14.0719 0x12e4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] SamSs           C:\Windows\system32\lsass.exe
11:49:14.0719 0x12e4  SamSs - ok
11:49:14.0812 0x12e4  [ 347D5333ADA148459FD30BBCC4DD04D6, 36C25E50FC18398C2637CA57B362D20A52ECF7DFB93D943BE139DB718F2692C8 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
11:49:14.0812 0x12e4  SbieDrv - ok
11:49:14.0843 0x12e4  [ FD4BCA0C24A675E49526B3983C07F6C2, D3192D1E95A80C823E5647C3EBC50389DCBA5CB2913529F80F9F4E9959CB9A0A ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
11:49:14.0843 0x12e4  SbieSvc - ok
11:49:14.0859 0x12e4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:49:14.0859 0x12e4  sbp2port - ok
11:49:14.0921 0x12e4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:49:14.0937 0x12e4  SCardSvr - ok
11:49:14.0953 0x12e4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:49:14.0953 0x12e4  scfilter - ok
11:49:15.0046 0x12e4  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
11:49:15.0077 0x12e4  Schedule - ok
11:49:15.0093 0x12e4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:49:15.0093 0x12e4  SCPolicySvc - ok
11:49:15.0124 0x12e4  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
11:49:15.0124 0x12e4  sdbus - ok
11:49:15.0155 0x12e4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:49:15.0171 0x12e4  SDRSVC - ok
11:49:15.0187 0x12e4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:49:15.0187 0x12e4  secdrv - ok
11:49:15.0233 0x12e4  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
11:49:15.0249 0x12e4  seclogon - ok
11:49:15.0280 0x12e4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:49:15.0296 0x12e4  SENS - ok
11:49:15.0327 0x12e4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:49:15.0343 0x12e4  SensrSvc - ok
11:49:15.0358 0x12e4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:49:15.0374 0x12e4  Serenum - ok
11:49:15.0405 0x12e4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
11:49:15.0405 0x12e4  Serial - ok
11:49:15.0436 0x12e4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:49:15.0436 0x12e4  sermouse - ok
11:49:15.0483 0x12e4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:49:15.0483 0x12e4  SessionEnv - ok
11:49:15.0499 0x12e4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:49:15.0499 0x12e4  sffdisk - ok
11:49:15.0499 0x12e4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:49:15.0499 0x12e4  sffp_mmc - ok
11:49:15.0530 0x12e4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:49:15.0530 0x12e4  sffp_sd - ok
11:49:15.0530 0x12e4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:49:15.0530 0x12e4  sfloppy - ok
11:49:15.0577 0x12e4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:49:15.0592 0x12e4  SharedAccess - ok
11:49:15.0623 0x12e4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:49:15.0639 0x12e4  ShellHWDetection - ok
11:49:15.0655 0x12e4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:49:15.0655 0x12e4  SiSRaid2 - ok
11:49:15.0670 0x12e4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:49:15.0670 0x12e4  SiSRaid4 - ok
11:49:15.0764 0x12e4  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:49:15.0779 0x12e4  SkypeUpdate - ok
11:49:15.0795 0x12e4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:49:15.0811 0x12e4  Smb - ok
11:49:15.0842 0x12e4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:49:15.0842 0x12e4  SNMPTRAP - ok
11:49:15.0857 0x12e4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:49:15.0857 0x12e4  spldr - ok
11:49:15.0951 0x12e4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:49:15.0967 0x12e4  Spooler - ok
11:49:16.0107 0x12e4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:49:16.0247 0x12e4  sppsvc - ok
11:49:16.0263 0x12e4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:49:16.0263 0x12e4  sppuinotify - ok
11:49:16.0325 0x12e4  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:49:16.0357 0x12e4  srv - ok
11:49:16.0388 0x12e4  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:49:16.0403 0x12e4  srv2 - ok
11:49:16.0450 0x12e4  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:49:16.0466 0x12e4  SrvHsfHDA - ok
11:49:16.0528 0x12e4  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:49:16.0559 0x12e4  SrvHsfV92 - ok
11:49:16.0591 0x12e4  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:49:16.0606 0x12e4  SrvHsfWinac - ok
11:49:16.0653 0x12e4  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:49:16.0653 0x12e4  srvnet - ok
11:49:16.0684 0x12e4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:49:16.0684 0x12e4  SSDPSRV - ok
11:49:16.0700 0x12e4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:49:16.0715 0x12e4  SstpSvc - ok
11:49:16.0793 0x12e4  [ 20E27AA5BCC01C2149830C05FE22F675, F4A8154229B5EB07B379064047EEDDA54A9396421E1FEEFA2FF3077091D3870F ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
11:49:16.0793 0x12e4  STacSV - ok
11:49:16.0825 0x12e4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:49:16.0825 0x12e4  stexstor - ok
11:49:16.0887 0x12e4  [ BEB37CE4E7456F5EFA52D783D1E06D8C, A6E202412FB904CCA86A1D9EDD600EC247460B1A31243325FC8747D39A456B79 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
11:49:16.0903 0x12e4  STHDA - ok
11:49:16.0981 0x12e4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:49:16.0996 0x12e4  stisvc - ok
11:49:17.0012 0x12e4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:49:17.0012 0x12e4  swenum - ok
11:49:17.0074 0x12e4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:49:17.0105 0x12e4  swprv - ok
11:49:17.0168 0x12e4  [ C447977ED2A4AE9346FE3A0579A34D7C, 35A8F13AAB57549BBC1457AD86F44FEF2394E55841A1D6D6C5E029310E02F377 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:49:17.0199 0x12e4  SynTP - ok
11:49:17.0308 0x12e4  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
11:49:17.0339 0x12e4  SysMain - ok
11:49:17.0371 0x12e4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:49:17.0386 0x12e4  TabletInputService - ok
11:49:17.0402 0x12e4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:49:17.0402 0x12e4  TapiSrv - ok
11:49:17.0480 0x12e4  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:49:17.0527 0x12e4  Tcpip - ok
11:49:17.0620 0x12e4  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:49:17.0651 0x12e4  TCPIP6 - ok
11:49:17.0683 0x12e4  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:49:17.0698 0x12e4  tcpipreg - ok
11:49:17.0729 0x12e4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:49:17.0729 0x12e4  TDPIPE - ok
11:49:17.0761 0x12e4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:49:17.0761 0x12e4  TDTCP - ok
11:49:17.0807 0x12e4  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:49:17.0807 0x12e4  tdx - ok
11:49:17.0854 0x12e4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:49:17.0854 0x12e4  TermDD - ok
11:49:17.0932 0x12e4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:49:17.0963 0x12e4  TermService - ok
11:49:17.0979 0x12e4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:49:17.0995 0x12e4  Themes - ok
11:49:18.0026 0x12e4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:49:18.0041 0x12e4  THREADORDER - ok
11:49:18.0073 0x12e4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:49:18.0088 0x12e4  TrkWks - ok
11:49:18.0151 0x12e4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:49:18.0151 0x12e4  TrustedInstaller - ok
11:49:18.0197 0x12e4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:49:18.0197 0x12e4  tssecsrv - ok
11:49:18.0244 0x12e4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:49:18.0260 0x12e4  TsUsbFlt - ok
11:49:18.0275 0x12e4  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:49:18.0275 0x12e4  TsUsbGD - ok
11:49:18.0307 0x12e4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:49:18.0322 0x12e4  tunnel - ok
11:49:18.0338 0x12e4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:49:18.0338 0x12e4  uagp35 - ok
11:49:18.0385 0x12e4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:49:18.0400 0x12e4  udfs - ok
11:49:18.0416 0x12e4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:49:18.0431 0x12e4  UI0Detect - ok
11:49:18.0463 0x12e4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:49:18.0463 0x12e4  uliagpkx - ok
11:49:18.0478 0x12e4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:49:18.0494 0x12e4  umbus - ok
11:49:18.0525 0x12e4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:49:18.0541 0x12e4  UmPass - ok
11:49:18.0775 0x12e4  [ 1B71370AEC1115F80D9A4A209317C968, C6886F556E87C1750991C27EF818B3A2CAB5DD84A26290457A005CFDECBEF884 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:49:18.0821 0x12e4  UNS - ok
11:49:18.0853 0x12e4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:49:18.0868 0x12e4  upnphost - ok
11:49:18.0915 0x12e4  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:49:18.0915 0x12e4  usbccgp - ok
11:49:18.0977 0x12e4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:49:18.0993 0x12e4  usbcir - ok
11:49:19.0040 0x12e4  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:49:19.0055 0x12e4  usbehci - ok
11:49:19.0118 0x12e4  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
11:49:19.0133 0x12e4  usbhub - ok
11:49:19.0165 0x12e4  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:49:19.0180 0x12e4  usbohci - ok
11:49:19.0211 0x12e4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:49:19.0211 0x12e4  usbprint - ok
11:49:19.0258 0x12e4  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:49:19.0258 0x12e4  USBSTOR - ok
11:49:19.0305 0x12e4  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:49:19.0321 0x12e4  usbuhci - ok
11:49:19.0383 0x12e4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:49:19.0399 0x12e4  usbvideo - ok
11:49:19.0445 0x12e4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:49:19.0461 0x12e4  UxSms - ok
11:49:19.0477 0x12e4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] VaultSvc        C:\Windows\system32\lsass.exe
11:49:19.0492 0x12e4  VaultSvc - ok
11:49:19.0508 0x12e4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:49:19.0508 0x12e4  vdrvroot - ok
11:49:19.0555 0x12e4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:49:19.0570 0x12e4  vds - ok
11:49:19.0601 0x12e4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:49:19.0601 0x12e4  vga - ok
11:49:19.0617 0x12e4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:49:19.0633 0x12e4  VgaSave - ok
11:49:19.0648 0x12e4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:49:19.0648 0x12e4  vhdmp - ok
11:49:19.0679 0x12e4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:49:19.0695 0x12e4  viaide - ok
11:49:19.0726 0x12e4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:49:19.0742 0x12e4  volmgr - ok
11:49:19.0773 0x12e4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:49:19.0789 0x12e4  volmgrx - ok
11:49:19.0804 0x12e4  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:49:19.0804 0x12e4  volsnap - ok
11:49:19.0835 0x12e4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:49:19.0851 0x12e4  vsmraid - ok
11:49:19.0960 0x12e4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:49:19.0991 0x12e4  VSS - ok
11:49:20.0054 0x12e4  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64     C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe
11:49:20.0069 0x12e4  vssbrigde64 - ok
11:49:20.0085 0x12e4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:49:20.0085 0x12e4  vwifibus - ok
11:49:20.0116 0x12e4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:49:20.0116 0x12e4  vwififlt - ok
11:49:20.0132 0x12e4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:49:20.0132 0x12e4  vwifimp - ok
11:49:20.0179 0x12e4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:49:20.0210 0x12e4  W32Time - ok
11:49:20.0225 0x12e4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:49:20.0225 0x12e4  WacomPen - ok
11:49:20.0288 0x12e4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:49:20.0288 0x12e4  WANARP - ok
11:49:20.0303 0x12e4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:49:20.0303 0x12e4  Wanarpv6 - ok
11:49:20.0444 0x12e4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:49:20.0475 0x12e4  WatAdminSvc - ok
11:49:20.0553 0x12e4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:49:20.0600 0x12e4  wbengine - ok
11:49:20.0631 0x12e4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:49:20.0662 0x12e4  WbioSrvc - ok
11:49:20.0693 0x12e4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:49:20.0709 0x12e4  wcncsvc - ok
11:49:20.0709 0x12e4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:49:20.0725 0x12e4  WcsPlugInService - ok
11:49:20.0740 0x12e4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:49:20.0740 0x12e4  Wd - ok
11:49:20.0818 0x12e4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:49:20.0834 0x12e4  Wdf01000 - ok
11:49:20.0881 0x12e4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:49:20.0896 0x12e4  WdiServiceHost - ok
11:49:20.0896 0x12e4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:49:20.0896 0x12e4  WdiSystemHost - ok
11:49:20.0943 0x12e4  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
11:49:20.0959 0x12e4  WebClient - ok
11:49:20.0990 0x12e4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:49:21.0005 0x12e4  Wecsvc - ok
11:49:21.0021 0x12e4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:49:21.0021 0x12e4  wercplsupport - ok
11:49:21.0052 0x12e4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:49:21.0068 0x12e4  WerSvc - ok
11:49:21.0115 0x12e4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:49:21.0115 0x12e4  WfpLwf - ok
11:49:21.0208 0x12e4  [ 245EA6A2CFAE7B183EE9A14A4673B1F1, EED4B8FBB3B0802F64FE68018AA46F7326F851F26B05ABEAA40B59394B02C15F ] WiMAXAppSrv     C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
11:49:21.0239 0x12e4  WiMAXAppSrv - ok
11:49:21.0255 0x12e4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:49:21.0271 0x12e4  WIMMount - ok
11:49:21.0286 0x12e4  WinDefend - ok
11:49:21.0380 0x12e4  [ 32140C0E7EE19ABB2ACEA0085B75AFA6, 2FDE10BBA27BD10AEF5F092F7DBABA531252067D2B9817D7720E6976EE33A825 ] WinFLAdrv       C:\Windows\syswow64\WinFLAdrv.sys
11:49:21.0395 0x12e4  WinFLAdrv - ok
11:49:21.0411 0x12e4  WinHttpAutoProxySvc - ok
11:49:21.0473 0x12e4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:49:21.0489 0x12e4  Winmgmt - ok
11:49:21.0614 0x12e4  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:49:21.0661 0x12e4  WinRM - ok
11:49:21.0707 0x12e4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:49:21.0723 0x12e4  WinUsb - ok
11:49:21.0754 0x12e4  [ 3CC985A4E7D90F5B6D9FF1FD5CD486D7, DA141F52C181407B43D95C63DCCB5E358E7DB26EFC476393D11A1BB2D2708E89 ] WinVDEDrv       C:\Windows\SysWow64\WinVDEdrv.sys
11:49:21.0770 0x12e4  WinVDEDrv - ok
11:49:21.0817 0x12e4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:49:21.0848 0x12e4  Wlansvc - ok
11:49:22.0051 0x12e4  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:49:22.0097 0x12e4  wlidsvc - ok
11:49:22.0113 0x12e4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:49:22.0113 0x12e4  WmiAcpi - ok
11:49:22.0144 0x12e4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:49:22.0144 0x12e4  wmiApSrv - ok
11:49:22.0175 0x12e4  WMPNetworkSvc - ok
11:49:22.0253 0x12e4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:49:22.0269 0x12e4  WPCSvc - ok
11:49:22.0331 0x12e4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:49:22.0347 0x12e4  WPDBusEnum - ok
11:49:22.0363 0x12e4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:49:22.0363 0x12e4  ws2ifsl - ok
11:49:22.0394 0x12e4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:49:22.0409 0x12e4  wscsvc - ok
11:49:22.0409 0x12e4  WSearch - ok
11:49:22.0550 0x12e4  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:49:22.0612 0x12e4  wuauserv - ok
11:49:22.0643 0x12e4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:49:22.0643 0x12e4  WudfPf - ok
11:49:22.0721 0x12e4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:49:22.0737 0x12e4  WUDFRd - ok
11:49:22.0784 0x12e4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:49:22.0799 0x12e4  wudfsvc - ok
11:49:22.0862 0x12e4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:49:22.0877 0x12e4  WwanSvc - ok
11:49:22.0909 0x12e4  ================ Scan global ===============================
11:49:22.0940 0x12e4  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:49:23.0002 0x12e4  [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
11:49:23.0033 0x12e4  [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
11:49:23.0049 0x12e4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:49:23.0111 0x12e4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:49:23.0143 0x12e4  [ Global ] - ok
11:49:23.0143 0x12e4  ================ Scan MBR ==================================
11:49:23.0158 0x12e4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:49:23.0517 0x12e4  \Device\Harddisk0\DR0 - ok
11:49:23.0517 0x12e4  ================ Scan VBR ==================================
11:49:23.0517 0x12e4  [ A8C11DBC863A15074337071BCBD11EA6 ] \Device\Harddisk0\DR0\Partition1
11:49:23.0517 0x12e4  \Device\Harddisk0\DR0\Partition1 - ok
11:49:23.0533 0x12e4  [ 565A75C7D90F515F868194D41E8AF133 ] \Device\Harddisk0\DR0\Partition2
11:49:23.0533 0x12e4  \Device\Harddisk0\DR0\Partition2 - ok
11:49:23.0564 0x12e4  [ 8385CDE9BEAD4F1E96652258BFDFBAAE ] \Device\Harddisk0\DR0\Partition3
11:49:23.0564 0x12e4  \Device\Harddisk0\DR0\Partition3 - ok
11:49:23.0579 0x12e4  [ DEA9C0373F735D8D845D8255E718373A ] \Device\Harddisk0\DR0\Partition4
11:49:23.0579 0x12e4  \Device\Harddisk0\DR0\Partition4 - ok
11:49:23.0579 0x12e4  ================ Scan generic autorun ======================
11:49:23.0704 0x12e4  [ 96655903769E4996A0988769837E39FD, EDF69C3187F3111F58433159B475E572D5DDDA223E81AFD2A3061593959E7B19 ] C:\Program Files\IDT\WDM\sttray64.exe
11:49:23.0735 0x12e4  SysTrayApp - ok
11:49:23.0735 0x12e4  SynTPEnh - ok
11:49:23.0798 0x12e4  [ C50911A387912D1397E777E24EFD36EB, 53583D2B225833BAA2D8869FE7A078B0E292D501E06D648FCD1EAF3BC1B9C5A5 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
11:49:23.0798 0x12e4  SetDefault - ok
11:49:23.0845 0x12e4  [ 5C6F09C6A44B276EFB27361869E24892, 2DB36FF89AFE34E88C24C2010367E9171482978533D713A40DF6B820A6D02F44 ] C:\Windows\system32\igfxpers.exe
11:49:23.0876 0x12e4  Persistence - ok
11:49:23.0891 0x12e4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
11:49:23.0891 0x12e4  Logitech Download Assistant - ok
11:49:24.0032 0x12e4  [ 1D0F1F7A17293ED2AC88FC356EA4FDB4, FA722A8F7ACE0DACEE5360370CA2F9CA3FC19C0ED172B7A743AAACC050E2460B ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
11:49:24.0063 0x12e4  IntelPAN - ok
11:49:24.0079 0x12e4  [ 8D0560407B5307085ADE8948D7E38894, F16259FDD6EC4C0123E0A0D5514EE4CE6A9D62DACF3C71AB705EEAB46889F0CE ] C:\Windows\system32\igfxtray.exe
11:49:24.0094 0x12e4  IgfxTray - ok
11:49:24.0110 0x12e4  [ 01C9F34EC8416DFECFD0AB72784F1B08, 3831B07A32387AEE607BE805B80044611B2C960E45F81A3D4CB4111695B4E505 ] C:\Windows\system32\hkcmd.exe
11:49:24.0110 0x12e4  HotKeysCmds - ok
11:49:24.0235 0x12e4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:49:24.0281 0x12e4  Sidebar - ok
11:49:24.0297 0x12e4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:49:24.0328 0x12e4  mctadmin - ok
11:49:24.0406 0x12e4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:49:24.0422 0x12e4  Sidebar - ok
11:49:24.0437 0x12e4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:49:24.0437 0x12e4  mctadmin - ok
11:49:24.0469 0x12e4  [ 0732975BCC894FB170B9C8D8F0F23B67, 72E19B20EFE52994C11C7CA8768892986D0A5EFF0C91B8D30C4EF5C8C5AE9D03 ] C:\Windows\SysWow64\WinFLTray.exe
11:49:24.0484 0x12e4  WinFLTray - ok
11:49:24.0547 0x12e4  [ 13D19DBE4A376FED44886FDB4A3D0E74, EA02749DB2882FE02E51793AF5441351B5BFF17FD2AF432097033ADD6F9CA6C3 ] C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
11:49:24.0562 0x12e4  FLBackup - ok
11:49:24.0578 0x12e4  [ 0732975BCC894FB170B9C8D8F0F23B67, 72E19B20EFE52994C11C7CA8768892986D0A5EFF0C91B8D30C4EF5C8C5AE9D03 ] C:\Windows\SysWow64\WinFLTray.exe
11:49:24.0578 0x12e4  WinFLTray - ok
11:49:24.0593 0x12e4  [ 13D19DBE4A376FED44886FDB4A3D0E74, EA02749DB2882FE02E51793AF5441351B5BFF17FD2AF432097033ADD6F9CA6C3 ] C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
11:49:24.0593 0x12e4  FLBackup - ok
11:49:24.0890 0x12e4  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\[deleted]\AppData\Local\Akamai\netsession_win.exe
11:49:25.0046 0x12e4  Akamai NetSession Interface - ok
11:49:25.0171 0x12e4  [ 8D636AAD14D28CA493863DEFC739BC6E, DE871DCF0A463487DAC2964BE2CD2E9A73A2EFF28D8C5C7BC01440B2881CE68B ] C:\Program Files\Sandboxie\SbieCtrl.exe
11:49:25.0186 0x12e4  SandboxieControl - ok
11:49:25.0249 0x12e4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
11:49:25.0280 0x12e4  Sidebar - ok
11:49:25.0545 0x12e4  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\[deleted]\AppData\Local\Akamai\netsession_win.exe
11:49:25.0717 0x12e4  Akamai NetSession Interface - ok
11:49:25.0763 0x12e4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
11:49:25.0795 0x12e4  Sidebar - ok
11:49:25.0795 0x12e4  Waiting for KSN requests completion. In queue: 138
11:49:26.0855 0x12e4  AV detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
11:49:26.0855 0x12e4  FW detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
11:49:27.0245 0x12e4  ============================================================
11:49:27.0245 0x12e4  Scan finished
11:49:27.0245 0x12e4  ============================================================
11:49:27.0261 0x1dd8  Detected object count: 0
11:49:27.0261 0x1dd8  Actual detected object count: 0
 



#11 RaulMcCai

RaulMcCai
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 15 December 2016 - 05:18 PM

Malware bytes found nothing

----------------------------------------



#12 RaulMcCai

RaulMcCai
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 17 December 2016 - 03:54 PM

bump



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:06 AM

Posted 19 December 2016 - 02:14 PM

Sorry was away.. this looks clean now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 RaulMcCai

RaulMcCai
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 19 December 2016 - 03:57 PM

Why, thank you very much.

 

I don't see a pay pal  or other link where I can contribute.  Is there one?



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:06 AM

Posted 19 December 2016 - 04:37 PM

You're welcome!!

Thanks for the offer... I do not accept donations nor does BC.. But I will recommend, if you'd like to contribute to something that would be very much appreciated..
Make a donation to some people here that would appreciate it. They help or developed some of the tools we use here to clean computers or are ajust hard workers.

Click on a name below, say JSntgRvr, Now scroll down their post and you will see a PayPal link.

I am still adding to this list.

farbar
fireman4it
JSntgRvr
m0le
myrti
sempai
Thunder
SweetTech
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users